38 Commits

Author SHA1 Message Date
Bo-Yi Wu
8a92fcdb1e chore: upgrade drone-scp to v1.6.7 version. (#101)
Some checks failed
scp files / test scp action (push) Failing after 2s
scp files / deploy artifact (push) Failing after 5s
scp files / test changed-files (push) Failing after 9s
2023-04-09 18:26:09 +08:00
Bo-Yi Wu
6cd4f0cace ci: add automated deployment for changed files (#105)
- Add a new job `changes` to the `ci.yml` file
- Copy changed files to a server in the `changes` job
- Add a YAML code block to the `README.md` file

fix https://github.com/appleboy/scp-action/issues/73
2023-04-09 18:10:17 +08:00
Bo-Yi Wu
43abfa778d ci: add tests for incorrect scp-action authentication (#104)
- Add two jobs to `.github/workflows/ci.yml` for testing scp-action with incorrect passwords and keys

fix https://github.com/appleboy/scp-action/issues/86
2023-04-09 17:13:24 +08:00
Bo-Yi Wu
c8e0cef94a ci: add deployment workflow for artifact delivery (#103)
- Add a deployment job to the CI workflow
- Upload `world.txt` as an artifact
- Download the artifact to the `distfiles` directory
- Add a step to copy files to a server using SSH

fix https://github.com/appleboy/scp-action/issues/35
2023-04-09 16:49:19 +08:00
Bo-Yi.Wu
d47875703f docs: update target and source fields in README and action.yml descriptions
- Change in README.md: Updated required fields for `target` and `source`
- Change in action.yml: Updated description for `target` input field

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
2023-04-09 16:38:43 +08:00
Bo-Yi.Wu
a4e63f0f1a docs: add README configuration for custom file exclusions
- Add configuration example for excluding custom files in README.md

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
2023-04-09 16:10:11 +08:00
Bo-Yi.Wu
7cc0f645c7 docs: improve README.md explanations of tar flags
- Update the `README.md` file with more details about tar flags
- Replace `use --overwrite` with `overwrite existing files when extracting` in the `README.md` file
- Replace `use --dereference` with `follow symlinks; archive and dump the files they point to` in the `README.md` file

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
2023-04-09 15:55:16 +08:00
Bo-Yi.Wu
dcb457bb6f chore: add option to dereference symlinks in tar command
- Add a flag to use `--dereference` with tar command

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
2023-04-09 15:53:02 +08:00
Bo-Yi.Wu
11c56b52d3 feat: update action.yml with new flags and descriptions
- Update the `description` of `--overwrite` flag in `action.yml`
- Add a new input `tar_dereference` with `--dereference` flag in `action.yml`

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
2023-04-09 15:53:02 +08:00
Bo-Yi Wu
51b937b31f feat: add new input for tar executable path (#102)
- Add new input `tar_exec` with description and default value

fix https://github.com/appleboy/drone-scp/issues/137
fix https://github.com/appleboy/scp-action/issues/83
2023-04-09 11:57:45 +08:00
Bo-Yi Wu
98930d398c docs: fix format
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2022-07-30 10:29:28 +08:00
Bo-Yi Wu
9ec0623f29 docs: fix format
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2022-07-30 10:28:44 +08:00
Bo-Yi Wu
7f8a7c1019 docs: add new section: Setting up a SSH Key
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2022-07-30 10:23:52 +08:00
Bo-Yi Wu
2ce642f289 chore: enable funding button 2022-06-15 22:13:32 +08:00
dependabot[bot]
6291b9e86b chore(deps): bump actions/checkout from 1 to 3 (#81)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-15 22:11:02 +08:00
Bo-Yi Wu
6d1fc191a8 chore: add dependabot
Some checks failed
scp files / Build (push) Failing after 2s
2022-06-15 22:08:26 +08:00
Bo-Yi Wu
233f762873 fix(ssh): OpenSSH 8.8+ RSA keys incompatibility
See: https://github.com/appleboy/drone-scp/issues/130
2022-06-15 22:06:41 +08:00
Bo-Yi Wu
b3f8d37ead Update README.md 2022-02-24 11:13:59 +08:00
Bo-Yi Wu
f57f59fba9 chore(drone-scp): upgrade to 1.6.3
Some checks failed
scp files / Build (push) Failing after 2s
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2021-10-23 18:49:52 +08:00
Bo-Yi Wu
8a54b39459 chore: replace ADD with COPY 2021-02-13 10:57:10 +08:00
Dan Tsekhanskiy
eb319b796f Minor typo/grammar fixes (#48)
Thanks for making this action! Noticed a few grammar/typos when going through the README.
2021-02-01 11:41:29 +08:00
Bjørn Wikkeling
3c3575eb49 fixed typo (#44) 2020-12-26 06:35:19 +08:00
Bo-Yi Wu
edc8ec9139 chore: bump drone-scp to v1.6.2
Some checks failed
scp files / Build (push) Failing after 2s
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2020-06-15 16:04:17 +08:00
Bo-Yi Wu
167d6d7ff4 try the latest version
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2020-06-15 16:00:17 +08:00
Bo-Yi Wu
ecd6a3623b Create .env 2020-06-15 15:33:59 +08:00
Bo-Yi Wu
31b514c281 fix typo 2020-06-05 09:06:01 +08:00
Bo-Yi Wu
5924b2b6d4 Merge pull request #25 from appleboy/use_insecure_cipher
Some checks failed
scp files / Build (push) Failing after 2s
2020-05-24 14:33:16 +08:00
Bo-Yi Wu
a2fea1040d chore: bump drone-scp to v1.6.1 2020-05-24 14:26:07 +08:00
Bo-Yi Wu
8535291767 chore: add use insecure cipher flag
fix server offered: [diffie-hellman-group-exchange-sha256] error

See https://github.com/appleboy/scp-action/issues/15
2020-05-24 14:24:45 +08:00
Bo-Yi Wu
faff4f4218 chore: bump drone-scp to 1.6.0
Some checks failed
scp files / Build (push) Failing after 2s
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2020-05-22 09:47:12 +08:00
Bo-Yi Wu
ddd9176502 remove unused flag
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2020-05-22 09:45:56 +08:00
Bo-Yi Wu
326e14ddd1 docs: add fingerprint flag
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2020-05-22 09:44:56 +08:00
Bo-Yi Wu
0329cffdaa chore: remove fail job 2020-05-22 00:47:08 +08:00
Bo-Yi Wu
6df9245376 chore: add debug 2020-05-21 23:33:05 +08:00
Bo-Yi Wu
4df1959b05 chore: add debug 2020-05-21 23:30:27 +08:00
Bo-Yi Wu
1c43a9662a chore: test 2020-05-21 23:24:36 +08:00
Bo-Yi Wu
2949c755a2 Merge pull request #22 from appleboy/docs 2020-05-08 19:04:41 +08:00
Bo-Yi Wu
aefa39daef chore: Add limitation in readme 2020-05-08 19:04:16 +08:00
11 changed files with 300 additions and 23 deletions

13
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,13 @@
# These are supported funding model platforms
github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username
open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
liberapay: # Replace with a single Liberapay username
issuehunt: # Replace with a single IssueHunt username
otechie: # Replace with a single Otechie username
lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
custom: ['https://www.paypal.me/appleboy46']

10
.github/dependabot.yml vendored Normal file
View File

@@ -0,0 +1,10 @@
version: 2
updates:
- package-ecosystem: github-actions
directory: /
schedule:
interval: weekly
- package-ecosystem: gomod
directory: /
schedule:
interval: weekly

View File

@@ -2,12 +2,12 @@ name: scp files
on: [push]
jobs:
build:
name: Build
testing:
name: test scp action
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
uses: actions/checkout@v3
- name: copy file via ssh password
uses: ./
@@ -50,3 +50,90 @@ jobs:
port: ${{ secrets.PORT }}
source: "tests/a.txt,tests/b.txt"
target: "test"
- name: use insecure cipher
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH2 }}
passphrase: ${{ secrets.PASSPHRASE }}
port: ${{ secrets.PORT }}
source: "tests/a.txt,tests/b.txt"
target: "test"
use_insecure_cipher: true
- name: correct key but wrong password
uses: appleboy/scp-action@7af00892de6f8397c5c3393cfb3b32ae7f91b94b
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
password: abcdefg
port: ${{ secrets.PORT }}
source: "tests/a.txt,tests/b.txt"
target: "test"
- name: correct password but wrong key
uses: appleboy/scp-action@7af00892de6f8397c5c3393cfb3b32ae7f91b94b
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: abcdefg
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
source: "tests/a.txt,tests/b.txt"
target: "test"
deploy:
name: deploy artifact
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3
- run: echo hello > world.txt
- uses: actions/upload-artifact@v3
with:
name: my-artifact
path: world.txt
- uses: actions/download-artifact@v2
with:
name: my-artifact
path: distfiles
- name: copy file to server
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
source: distfiles/*
target: test
changes:
name: test changed-files
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v35
with:
since_last_remote_commit: true
separator: ","
- name: copy file to server
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
source: ${{ steps.changed-files.outputs.all_changed_files }}
target: test

View File

@@ -1,5 +1,5 @@
FROM appleboy/drone-scp:1.5.9-linux-amd64
FROM ghcr.io/appleboy/drone-scp:1.6.7
ADD entrypoint.sh /entrypoint.sh
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]

172
README.md
View File

@@ -2,13 +2,13 @@
[GitHub Action](https://github.com/features/actions) for copying files and artifacts via SSH.
![ssh key](./images/copy-multiple-file.png)
[![Actions Status](https://github.com/appleboy/scp-action/workflows/scp%20files/badge.svg)](https://github.com/appleboy/scp-action/actions)
**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
## Usage
copy files and artifacts via SSH as blow.
Copy files and artifacts via SSH:
```yaml
name: scp files
@@ -33,23 +33,27 @@ jobs:
## Input variables
see the [action.yml](./action.yml) file for more detail imformation.
See the [action.yml](./action.yml) file for more detail information.
* host - scp remote host
* port - scp remote port, default is `22`
* username - scp username
* password - scp password
* passphrase - the passphrase is usually to encrypt the private key
* fingerprint - fingerprint SHA256 of the host public key, default is to skip verification
* timeout - timeout for ssh to remote host, default is `30s`
* command_timeout - timeout for scp command, default is `10m`
* key - content of ssh private key. ex raw content of ~/.ssh/id_rsa
* key_path - path of ssh private key
* target - target path on the server
* source - scp file list
* target - target path on the server, must be a directory (**required**)
* source - scp file list (**required**)
* rm - remove target folder before upload data, default is `false`
* strip_components - remove the specified number of leading path elements.
* overwrite - use `--overwrite` flag with tar
* overwrite - use `--overwrite` flag with tar, overwrite existing files when extracting
* tar_tmp_path - temporary path for tar file on the dest host
* tar_exec - path to tar executable on the dest host. default is `tar`
* tar_dereference - use `--dereference` flag with tar, follow symlinks; archive and dump the files they point to
* use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#15](https://github.com/appleboy/scp-action/issues/15))
SSH Proxy Setting:
@@ -61,10 +65,75 @@ SSH Proxy Setting:
* proxy_timeout - timeout for ssh to proxy host, default is `30s`
* proxy_key - content of ssh proxy private key.
* proxy_key_path - path of ssh proxy private key
* proxy_fingerprint - fingerprint SHA256 of the host public key, default is to skip verification
* proxy_use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#15](https://github.com/appleboy/scp-action/issues/15))
### Example
## Setting up a SSH Key
Copy file via ssh password
Make sure to follow the below steps while creating SSH Keys and using them.
The best practice is create the SSH Keys on local machine not remote machine.
Login with username specified in Github Secrets. Generate a RSA Key-Pair:
```bash
# rsa
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
# ed25519
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
```bash
# rsa
cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
# d25519
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
Copy Private Key content and paste in Github Secrets.
```bash
# rsa
clip < ~/.ssh/id_rsa
# ed25519
clip < ~/.ssh/id_ed25519
```
See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
* Put the public key in `.ssh/authorized_keys2`
* Change the permissions of `.ssh` to 700
* Change the permissions of `.ssh/authorized_keys2` to 640
### If you are using OpenSSH
If you are currently using OpenSSH and are getting the following error:
```bash
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
```
Make sure that your key algorithm of choice is supported.
On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
```bash
CASignatureAlgorithms +ssh-rsa
```
Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
## Example
Copy file via a SSH password:
```yaml
- name: copy file via ssh password
@@ -78,7 +147,7 @@ Copy file via ssh password
target: "test"
```
Copy file via ssh key
Copy file via a SSH key:
```yaml
- name: copy file via ssh key
@@ -106,7 +175,7 @@ Example configuration for ignore list:
target: "test"
```
Example configuration for multiple server
Example configuration for multiple servers:
```diff
uses: appleboy/scp-action@master
@@ -120,7 +189,54 @@ Example configuration for multiple server
target: "test"
```
remove the specified number of leading path elements
Example configuration for exclude custom files:
```yaml
uses: appleboy/scp-action@master
with:
host: "example.com"
username: foo
password: bar
port: 22
- source: "tests/*.txt"
+ source: "tests/*.txt,!tests/a.txt,!tests/b.txt"
target: "test"
```
Upload artifact files to remote server:
```yaml
deploy:
name: deploy artifact
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3
- run: echo hello > world.txt
- uses: actions/upload-artifact@v3
with:
name: my-artifact
path: world.txt
- uses: actions/download-artifact@v2
with:
name: my-artifact
path: distfiles
- name: copy file to server
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
source: distfiles/*
target: test
```
Remove the specified number of leading path elements:
```yaml
- name: remove the specified number of leading path elements
@@ -135,7 +251,35 @@ remove the specified number of leading path elements
strip_components: 1
```
old target structure:
Only copy files that are newer than the corresponding destination files:
```yaml
changes:
name: test changed-files
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v35
with:
since_last_remote_commit: true
separator: ","
- name: copy file to server
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
source: ${{ steps.changed-files.outputs.all_changed_files }}
target: test
```
Old target structure:
```sh
foobar
@@ -144,7 +288,7 @@ foobar
└── b.txt
```
new target structure:
New target structure:
```sh
foobar

View File

@@ -23,21 +23,35 @@ inputs:
description: 'path of ssh private key'
passphrase:
description: 'ssh key passphrase'
fingerprint:
description: 'fingerprint SHA256 of the host public key, default is to skip verification'
use_insecure_cipher:
description: 'include more ciphers with use_insecure_cipher'
default: false
target:
description: 'target path on the server'
description: 'target path on the server, must be a directory path.'
source:
description: 'scp file list'
rm:
description: 'remove target folder before upload data'
default: false
debug:
description: 'enable debug message'
default: false
strip_components:
description: 'remove the specified number of leading path elements'
default: 0
overwrite:
description: 'use `--overwrite` flag with tar'
description: 'use --overwrite flag with tar'
default: false
tar_dereference:
description: 'use --dereference flag with tar'
default: false
tar_tmp_path:
description: 'temporary path for tar file on the dest host'
tar_exec:
description: 'temporary path for tar file on the dest host'
default: 'tar'
proxy_host:
description: 'ssh proxy remote host'
proxy_port:
@@ -56,6 +70,11 @@ inputs:
description: 'content of ssh proxy private key. ex raw content of ~/.ssh/id_rsa'
proxy_key_path:
description: 'path of ssh proxy private key'
proxy_fingerprint:
description: 'fingerprint SHA256 of the host public key, default is to skip verification'
proxy_use_insecure_cipher:
description: 'include more ciphers with use_insecure_cipher'
default: false
runs:
using: 'docker'
image: 'Dockerfile'

View File

@@ -2,8 +2,6 @@
set -eu
export GITHUB="true"
[ -n "$INPUT_STRIP_COMPONENTS" ] && export INPUT_STRIP_COMPONENTS=$((INPUT_STRIP_COMPONENTS + 0))
sh -c "/bin/drone-scp $*"

View File

@@ -1 +1,2 @@
foo
foobar

View File

@@ -1 +1,2 @@
bar
foobar

View File

@@ -1 +1,3 @@
c
foobar
test1234

View File

@@ -1 +1,3 @@
d
foobar
foobar