mirror of
https://github.com/appleboy/ssh-action.git
synced 2025-07-07 15:13:04 +00:00
Compare commits
9 Commits
Author | SHA1 | Date | |
---|---|---|---|
0d16b0bcd8 | |||
2988f59e6a | |||
da1f1537f1 | |||
dd0f09ca07 | |||
1991c553ec | |||
fe44be0b96 | |||
c78141851a | |||
8a779a5b1a | |||
9b978f09f2 |
28
.github/workflows/ci.yml
vendored
28
.github/workflows/ci.yml
vendored
@ -282,3 +282,31 @@ jobs:
|
||||
script: |
|
||||
whoami && echo 'hello world' && touch todo.txt
|
||||
sudo whoami
|
||||
|
||||
testing06:
|
||||
name: testing ipv6
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: checkout
|
||||
uses: actions/checkout@v1
|
||||
|
||||
- name: Set up WARP
|
||||
uses: fscarmen/warp-on-actions@v1.1
|
||||
with:
|
||||
stack: dual
|
||||
|
||||
- name: testing ipv6 for command
|
||||
run: |
|
||||
curl -m 9 --ipv6 --verbose https://google.com
|
||||
|
||||
- name: testing ipv6
|
||||
uses: ./
|
||||
with:
|
||||
host: 2402:1f00:8000:800::2628
|
||||
username: ubuntu
|
||||
password: ${{ secrets.OVH_PASSWORD }}
|
||||
protocol: tcp6
|
||||
port: 22
|
||||
command_timeout: 30s
|
||||
script: |
|
||||
whoami
|
||||
|
26
.github/workflows/testing.yml
vendored
Normal file
26
.github/workflows/testing.yml
vendored
Normal file
@ -0,0 +1,26 @@
|
||||
name: testing master
|
||||
on: [push]
|
||||
|
||||
env:
|
||||
FOO: "BAR"
|
||||
BAR: "FOO"
|
||||
|
||||
jobs:
|
||||
testing01:
|
||||
name: testing new bash flow
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: checkout
|
||||
uses: actions/checkout@v1
|
||||
|
||||
- name: try bash script
|
||||
uses: appleboy/ssh-action@master
|
||||
with:
|
||||
host: 2402:1f00:8000:800::2628
|
||||
username: ubuntu
|
||||
password: ${{ secrets.OVH_PASSWORD }}
|
||||
protocol: tcp6
|
||||
port: 22
|
||||
command_timeout: 30s
|
||||
script: |
|
||||
whoami
|
@ -1,4 +1,4 @@
|
||||
FROM ghcr.io/appleboy/drone-ssh:1.7.3
|
||||
FROM ghcr.io/appleboy/drone-ssh:1.7.4
|
||||
|
||||
COPY entrypoint.sh /bin/entrypoint.sh
|
||||
|
||||
|
29
README.md
29
README.md
@ -17,12 +17,13 @@ This thing is built using [Golang](https://go.dev) and [drone-ssh](https://githu
|
||||
See [action.yml](./action.yml) for more detailed information.
|
||||
|
||||
| Input Parameter | Description | Default Value |
|
||||
|-------------------------|-----------------------------------------------------------------|---------------|
|
||||
|---------------------------|------------------------------------------------------------------------------------------|---------------|
|
||||
| host | SSH host address | |
|
||||
| port | SSH port number | 22 |
|
||||
| passphrase | SSH key passphrase | |
|
||||
| username | SSH username | |
|
||||
| password | SSH password | |
|
||||
| protocol | SSH protocol version (tcp, tcp4, tcp6) | tcp |
|
||||
| sync | Enable synchronous execution if multiple hosts | false |
|
||||
| use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
|
||||
| cipher | Allowed cipher algorithms. If unspecified, a sensible default | |
|
||||
@ -47,7 +48,7 @@ See [action.yml](./action.yml) for more detailed information.
|
||||
| envs | Pass environment variables to shell script | |
|
||||
| envs_format | Flexible configuration of environment value transfer | |
|
||||
| debug | Enable debug mode | false |
|
||||
| allenvs | Pass all environment variables to shell script | false |
|
||||
| allenvs | pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
|
||||
| request_pty | Request a pseudo-terminal from the server | false |
|
||||
|
||||
## Usage
|
||||
@ -64,7 +65,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: executing remote ssh commands using password
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -165,7 +166,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```yaml
|
||||
- name: executing remote ssh commands using password
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -178,7 +179,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```yaml
|
||||
- name: executing remote ssh commands using ssh key
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -191,7 +192,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```yaml
|
||||
- name: multiple command
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -208,7 +209,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: multiple host
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
- host: "foo.com"
|
||||
+ host: "foo.com,bar.com"
|
||||
@ -224,7 +225,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: multiple host
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
- host: "foo.com"
|
||||
+ host: "foo.com:1234,bar.com:5678"
|
||||
@ -239,7 +240,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: multiple host
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: "foo.com,bar.com"
|
||||
+ sync: true
|
||||
@ -255,7 +256,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: pass environment
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
+ env:
|
||||
+ FOO: "BAR"
|
||||
+ BAR: "FOO"
|
||||
@ -280,7 +281,7 @@ _Inside `env` object, you need to pass every environment variable as a string, p
|
||||
|
||||
```diff
|
||||
- name: stop script if command error
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -333,7 +334,7 @@ Host FooServer
|
||||
|
||||
```diff
|
||||
- name: ssh proxy command
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -356,7 +357,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
|
||||
|
||||
```diff
|
||||
- name: ssh key passphrase
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -382,7 +383,7 @@ Now you can adjust you config:
|
||||
|
||||
```diff
|
||||
- name: ssh key passphrase
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
|
@ -58,7 +58,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: executing remote ssh commands using password
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -157,7 +157,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```yaml
|
||||
- name: executing remote ssh commands using password
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -170,7 +170,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```yaml
|
||||
- name: executing remote ssh commands using ssh key
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -183,7 +183,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```yaml
|
||||
- name: multiple command
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -200,7 +200,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: multiple host
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
- host: "foo.com"
|
||||
+ host: "foo.com,bar.com"
|
||||
@ -216,7 +216,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: multiple host
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
- host: "foo.com"
|
||||
+ host: "foo.com:1234,bar.com:5678"
|
||||
@ -231,7 +231,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: multiple host
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: "foo.com,bar.com"
|
||||
+ sync: true
|
||||
@ -247,7 +247,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||
|
||||
```diff
|
||||
- name: pass environment
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
+ env:
|
||||
+ FOO: "BAR"
|
||||
+ BAR: "FOO"
|
||||
@ -272,7 +272,7 @@ _在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳
|
||||
|
||||
```diff
|
||||
- name: stop script if command error
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -325,7 +325,7 @@ Host FooServer
|
||||
|
||||
```diff
|
||||
- name: ssh proxy command
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -346,7 +346,7 @@ Host FooServer
|
||||
|
||||
```diff
|
||||
- name: ssh key passphrase
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
@ -372,7 +372,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
|
||||
|
||||
```diff
|
||||
- name: ssh key passphrase
|
||||
uses: appleboy/ssh-action@v1.0.2
|
||||
uses: appleboy/ssh-action@v1.0.3
|
||||
with:
|
||||
host: ${{ secrets.HOST }}
|
||||
username: ${{ secrets.USERNAME }}
|
||||
|
50
action.yml
50
action.yml
@ -13,6 +13,9 @@ inputs:
|
||||
description: "SSH username."
|
||||
password:
|
||||
description: "SSH password."
|
||||
protocol:
|
||||
description: 'The IP protocol to use. Valid values are "tcp". "tcp4" or "tcp6". Default to tcp.'
|
||||
default: "tcp"
|
||||
sync:
|
||||
description: "Enable synchronous execution if multiple hosts are involved."
|
||||
use_insecure_cipher:
|
||||
@ -69,9 +72,52 @@ inputs:
|
||||
description: "pass all environment variable to shell script."
|
||||
request_pty:
|
||||
description: "Request a pseudo-terminal from the server."
|
||||
|
||||
runs:
|
||||
using: "docker"
|
||||
image: "Dockerfile"
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Set GitHub Path
|
||||
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
|
||||
shell: bash
|
||||
env:
|
||||
GITHUB_ACTION_PATH: ${{ github.action_path }}
|
||||
- name: Run entrypoint.sh
|
||||
run: entrypoint.sh
|
||||
shell: bash
|
||||
env:
|
||||
GITHUB_ACTION_PATH: ${{ github.action_path }}
|
||||
INPUT_HOST: ${{ inputs.host }}
|
||||
INPUT_PORT: ${{ inputs.port }}
|
||||
INPUT_PROTOCOL: ${{ inputs.protocol }}
|
||||
INPUT_USERNAME: ${{ inputs.username }}
|
||||
INPUT_PASSWORD: ${{ inputs.password }}
|
||||
INPUT_PASSPHRASE: ${{ inputs.passphrase }}
|
||||
INPUT_KEY: ${{ inputs.key }}
|
||||
INPUT_KEY_PATH: ${{ inputs.key_path }}
|
||||
INPUT_FINGERPRINT: ${{ inputs.fingerprint }}
|
||||
INPUT_PROXY_HOST: ${{ inputs.proxy_host }}
|
||||
INPUT_PROXY_PORT: ${{ inputs.proxy_port }}
|
||||
INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }}
|
||||
INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }}
|
||||
INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
|
||||
INPUT_PROXY_KEY: ${{ inputs.proxy_key }}
|
||||
INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
|
||||
INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
|
||||
INPUT_TIMEOUT: ${{ inputs.timeout }}
|
||||
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
|
||||
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
|
||||
INPUT_SCRIPT: ${{ inputs.script }}
|
||||
INPUT_SCRIPT_STOP: ${{ inputs.script_stop }}
|
||||
INPUT_ENVS: ${{ inputs.envs }}
|
||||
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
|
||||
INPUT_DEBUG: ${{ inputs.debug }}
|
||||
INPUT_ALL_ENVS: ${{ inputs.allenvs }}
|
||||
INPUT_REQUEST_PTY: ${{ inputs.request_pty }}
|
||||
INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
|
||||
INPUT_CIPHER: ${{ inputs.cipher }}
|
||||
INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
|
||||
INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
|
||||
INPUT_SYNC: ${{ inputs.sync }}
|
||||
|
||||
branding:
|
||||
icon: "terminal"
|
||||
|
@ -1,7 +1,66 @@
|
||||
#!/bin/sh
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -eu
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
export GITHUB="true"
|
||||
|
||||
sh -c "/bin/drone-ssh $*"
|
||||
GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
|
||||
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
|
||||
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.7.4}"
|
||||
|
||||
function detect_client_info() {
|
||||
if [ -n "${SSH_CLIENT_OS-}" ]; then
|
||||
CLIENT_PLATFORM="${SSH_CLIENT_OS}"
|
||||
else
|
||||
local kernel
|
||||
kernel="$(uname -s)"
|
||||
case "${kernel}" in
|
||||
Darwin)
|
||||
CLIENT_PLATFORM="darwin"
|
||||
;;
|
||||
Linux)
|
||||
CLIENT_PLATFORM="linux"
|
||||
;;
|
||||
Windows)
|
||||
CLIENT_PLATFORM="windows"
|
||||
;;
|
||||
*)
|
||||
echo "Unknown, unsupported platform: ${kernel}." >&2
|
||||
echo "Supported platforms: Linux, Darwin and Windows." >&2
|
||||
echo "Bailing out." >&2
|
||||
exit 2
|
||||
esac
|
||||
fi
|
||||
|
||||
if [ -n "${SSH_CLIENT_ARCH-}" ]; then
|
||||
CLIENT_ARCH="${SSH_CLIENT_ARCH}"
|
||||
else
|
||||
local machine
|
||||
machine="$(uname -m)"
|
||||
case "${machine}" in
|
||||
x86_64*|i?86_64*|amd64*)
|
||||
CLIENT_ARCH="amd64"
|
||||
;;
|
||||
aarch64*|arm64*)
|
||||
CLIENT_ARCH="arm64"
|
||||
;;
|
||||
*)
|
||||
echo "Unknown, unsupported architecture (${machine})." >&2
|
||||
echo "Supported architectures x86_64, i686, arm64." >&2
|
||||
echo "Bailing out." >&2
|
||||
exit 3
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
}
|
||||
|
||||
detect_client_info
|
||||
DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
|
||||
CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
|
||||
TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
|
||||
echo "Will download ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
|
||||
curl -fL --retry 3 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o ${TARGET}
|
||||
chmod +x ${TARGET}
|
||||
sh -c "${TARGET} $*"
|
||||
|
Reference in New Issue
Block a user