docs: improve README clarity and completeness

- Update the README table formatting to include an additional column separator
- Add documentation for the SSH protocol version option in the README table

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

.github/FUNDING.yml

@@ -0,0 +1,13 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: ssh-action
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+custom: ['https://www.paypal.me/appleboy46']

.github/main.workflow

@@ -1,45 +0,0 @@
-workflow "Remote ssh commands" {
-  on = "push"
-  resolves = [
-    "Executing remote ssh commands",
-    "Support Private Key",
-    "Multiple Commands",
-  ]
-}
-
-action "Executing remote ssh commands" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "HOST",
-    "PASSWORD",
-  ]
-  args = [
-    "--user", "actions",
-    "--script", "whoami",
-  ]
-}
-
-action "Support Private Key" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "HOST",
-    "KEY",
-  ]
-  args = [
-    "--user", "actions",
-    "--script", "'ls -al'",
-  ]
-}
-
-action "Multiple Commands" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "HOST",
-    "KEY",
-  ]
-  args = [
-    "--user", "actions",
-    "--script", "'whoami'",
-    "--script", "'ls -al'",
-  ]
-}

.github/workflows/ci.yml

@@ -0,0 +1,312 @@
+name: remote ssh command
+on: [push]
+
+env:
+  FOO: "BAR"
+  BAR: "FOO"
+
+jobs:
+  testing01:
+    name: default flag testing
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v1
+
+      - name: correct password but wrong key
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.PASSWORD }}
+          key: "1234"
+          port: ${{ secrets.PORT }}
+          script: whoami
+
+      - name: wrong password but correct key
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          password: "abcdef"
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script: whoami
+
+      - name: executing remote ssh commands using password
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.PASSWORD }}
+          port: ${{ secrets.PORT }}
+          script: whoami
+
+      - name: executing remote ssh commands using ssh key
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script: whoami
+
+      - name: multiple command
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script: |
+            whoami
+            ls -al
+
+      - name: stop script if command error
+        uses: ./
+        continue-on-error: true
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script_stop: true
+          sync: true
+          debug: true
+          script: |
+            mkdir abc/def
+            ls -al
+
+      - name: ssh key passphrase
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.SSH2 }}
+          port: ${{ secrets.PORT }}
+          passphrase: ${{ secrets.PASSPHRASE }}
+          script: |
+            whoami
+            ls -al
+
+      - name: use insecure cipher
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.PASSWORD }}
+          port: ${{ secrets.PORT }}
+          script: |
+            ls \
+              -lah
+          use_insecure_cipher: true
+
+      # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
+      - name: Multiline SSH commands interpreted as single lines
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.PASSWORD }}
+          port: ${{ secrets.PORT }}
+          script_stop: true
+          script: |
+            ls \
+              -lah
+          use_insecure_cipher: true
+
+      # https://github.com/appleboy/ssh-action/issues/85
+      - name: Deployment to multiple hosts with different ports
+        uses: ./
+        with:
+          host: "${{ secrets.HOST }}:${{ secrets.PORT }}"
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.PASSWORD }}
+          port: 1024
+          script_stop: true
+          script: |
+            ls \
+              -lah
+          use_insecure_cipher: true
+
+    # - name: SSH ED25519 Private Key
+    #   uses: ./
+    #   with:
+    #     host: ${{ secrets.TUNNEL_HOST }}
+    #     username: ${{ secrets.TUNNEL_USERNAME }}
+    #     key: ${{ secrets.ID_ED25519 }}
+    #     port: ${{ secrets.TUNNEL_PORT }}
+    #     script: whoami
+
+  testing02:
+    name: testing with envs
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v1
+
+      - name: pass environment
+        uses: ./
+        env:
+          FOO: "BAR"
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          envs: FOO
+          script: |
+            echo "I am $FOO, thanks"
+            echo "I am $BAR, thanks"
+
+      - name: pass multiple environment
+        uses: ./
+        env:
+          FOO: "BAR"
+          BAR: "FOO"
+          SHA: ${{ github.sha }}
+          PORT: ${{ secrets.PORT }}
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          envs: FOO,BAR,SHA,PORT
+          script: |
+            echo "I am $FOO, thanks"
+            echo "I am $BAR, thanks"
+            echo "sha: $SHA"
+            echo "port: $PORT"
+            sh test.sh
+
+      - name: custom envs format
+        uses: ./
+        env:
+          FOO: "BAR"
+          AAA: "BBB"
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          envs: FOO,BAR,AAA
+          envs_format: export TEST_{NAME}={VALUE}
+          script: |
+            echo "I am $TEST_FOO, thanks"
+            echo "I am $TEST_BAR, thanks"
+            echo "I am $BAR, thanks"
+            echo "I am $TEST_AAA, thanks"
+
+      - name: pass all ENV variables to script
+        uses: ./
+        env:
+          INPUT_FOO: "BAR"
+          INPUT_AAA: "BBB"
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          allenvs: true
+          script: |
+            echo "I am $INPUT_FOO, thanks"
+            echo "I am $INPUT_AAA, thanks"
+            echo "$GITHUB_BASE_REF"
+            echo "$GITHUB_REF"
+
+  testing03:
+    name: git clone and pull
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v1
+
+      - name: clone private repository
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script_stop: true
+          script: |
+            git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository
+            rm -rf test_repository
+
+  testing04:
+    name: docker login and pull
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v1
+
+      - name: login GitHub Container Registry
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script_stop: true
+          script: |
+            echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin
+
+      - name: login DockerHub Container Registry
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script_stop: true
+          script: |
+            echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
+
+  testing05:
+    name: switch user
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v1
+
+      - name: switch to root user
+        uses: ./
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: ${{ secrets.PORT }}
+          script_stop: true
+          request_pty: true
+          command_timeout: 30s
+          script: |
+            whoami && echo 'hello world' && touch todo.txt
+            sudo whoami
+
+  testing06:
+    name: testing ipv6
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v1
+
+      - name: Set up WARP
+        uses: fscarmen/warp-on-actions@v1.1
+        with:
+          stack: dual
+
+      - name: testing ipv6 for command
+        run: |
+          curl -m 9 --ipv6 --verbose https://google.com
+
+      - name: testing ipv6
+        uses: ./
+        with:
+          host: 2402:1f00:8000:800::2628
+          username: ubuntu
+          password: ${{ secrets.OVH_PASSWORD }}
+          protocol: tcp6
+          port: 22
+          command_timeout: 30s
+          script: |
+            whoami

Dockerfile

@@ -1,16 +1,5 @@
-FROM appleboy/drone-ssh:1.5.1-linux-amd64
+FROM ghcr.io/appleboy/drone-ssh:1.7.4
 
-# Github labels
-LABEL "com.github.actions.name"="SSH Commands"
-LABEL "com.github.actions.description"="Executing remote ssh commands"
-LABEL "com.github.actions.icon"="terminal"
-LABEL "com.github.actions.color"="gray-dark"
+COPY entrypoint.sh /bin/entrypoint.sh
 
-LABEL "repository"="https://github.com/appleboy/ssh-action"
-LABEL "homepage"="https://github.com/appleboy"
-LABEL "maintainer"="Bo-Yi Wu <appleboy.tw@gmail.com>"
-LABEL "version"="0.0.2"
-
-ADD entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/bin/entrypoint.sh"]

README.md

@@ -1,132 +1,404 @@
 # 🚀 SSH for GitHub Actions
 
-[GitHub Action](https://developer.github.com/actions/) for executing remote ssh commands.
+[繁體中文](./README.zh-tw.md)
 
-<img src="./images/ssh-workflow.png">
+[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
+
+![ssh workflow](./images/ssh-workflow.png)
+
+[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
+
+**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
+
+This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
+
+## Input variables
+
+See [action.yml](./action.yml) for more detailed information.
+
+| Input Parameter           | Description                                                                              | Default Value |
+|---------------------------|------------------------------------------------------------------------------------------|---------------|
+| host                      | SSH host address                                                                         |               |
+| port                      | SSH port number                                                                          | 22            |
+| passphrase                | SSH key passphrase                                                                       |               |
+| username                  | SSH username                                                                             |               |
+| password                  | SSH password                                                                             |               |
+| protocol                  | SSH protocol version (tcp, tcp4, tcp6)                                                   | tcp           |
+| sync                      | Enable synchronous execution if multiple hosts                                           | false         |
+| use_insecure_cipher       | Include more ciphers with use_insecure_cipher                                            | false         |
+| cipher                    | Allowed cipher algorithms. If unspecified, a sensible default                            |               |
+| timeout                   | Timeout duration for SSH to host                                                         | 30s           |
+| command_timeout           | Timeout duration for SSH command                                                         | 10m           |
+| key                       | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa                           |               |
+| key_path                  | Path of SSH private key                                                                  |               |
+| fingerprint               | SHA256 fingerprint of the host public key                                                |               |
+| proxy_host                | SSH proxy host                                                                           |               |
+| proxy_port                | SSH proxy port                                                                           | 22            |
+| proxy_username            | SSH proxy username                                                                       |               |
+| proxy_password            | SSH proxy password                                                                       |               |
+| proxy_passphrase          | SSH proxy key passphrase                                                                 |               |
+| proxy_timeout             | Timeout for SSH to proxy host                                                            | 30s           |
+| proxy_key                 | Content of SSH proxy private key                                                         |               |
+| proxy_key_path            | Path of SSH proxy private key                                                            |               |
+| proxy_fingerprint         | SHA256 fingerprint of the proxy host public key                                          |               |
+| proxy_cipher              | Allowed cipher algorithms for the proxy                                                  |               |
+| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy                              | false         |
+| script                    | Execute commands                                                                         |               |
+| script_stop               | Stop script after first failure                                                          | false         |
+| envs                      | Pass environment variables to shell script                                               |               |
+| envs_format               | Flexible configuration of environment value transfer                                     |               |
+| debug                     | Enable debug mode                                                                        | false         |
+| allenvs                   | pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false         |
+| request_pty               | Request a pseudo-terminal from the server                                                | false         |
 
 ## Usage
 
 Executing remote ssh commands.
 
-```
-action "Executing remote ssh commands" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "HOST",
-    "PASSWORD",
-  ]
-  args = [
-    "--user", "actions",
-    "--script", "whoami",
-  ]
-}
+```yaml
+name: remote ssh command
+on: [push]
+jobs:
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+    - name: executing remote ssh commands using password
+      uses: appleboy/ssh-action@v1.0.3
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        port: ${{ secrets.PORT }}
+        script: whoami
 ```
 
-## Environment variables
+output:
 
-* HOST - ssh server host
-* PORT - ssh server port
-* USERNAME - ssh server username
-* PASSWORD - ssh server password
-* KEY - ssh server private key
-* SCRIPT - execute the scripts
+```sh
+======CMD======
+whoami
+======END======
+out: ***
+==============================================
+✅ Successfully executed commands to all host.
+==============================================
+```
+
+### Setting up a SSH Key
+
+Make sure to follow the below steps while creating SSH Keys and using them.
+The best practice is create the SSH Keys on local machine not remote machine.
+Login with username specified in Github Secrets. Generate a RSA Key-Pair:
+
+### Generate rsa key
+
+```bash
+ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
+```
+
+### Generate ed25519 key
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
+Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
+
+### Add rsa key into Authorized keys
+
+```bash
+cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+### Add ed25519 key into Authorized keys
+
+```bash
+cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+Copy Private Key content and paste in Github Secrets.
+
+### Copy rsa Private key
+
+```bash
+clip < ~/.ssh/id_rsa
+```
+
+### Copy ed25519 Private key
+
+```bash
+clip < ~/.ssh/id_ed25519
+```
+
+See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
+
+**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
+
+* Put the public key in `.ssh/authorized_keys2`
+* Change the permissions of `.ssh` to 700
+* Change the permissions of `.ssh/authorized_keys2` to 640
+
+### If you are using OpenSSH
+
+If you are currently using OpenSSH and are getting the following error:
+
+```bash
+ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
+```
+
+Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
+
+```bash
+CASignatureAlgorithms +ssh-rsa
+```
+
+Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
 
 ### Example
 
-Executing remote ssh commands.
+#### Executing remote ssh commands using password
 
-```
-action "Executing remote ssh commands" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "PASSWORD",
-  ]
-  args = [
-    "--host", "foo.com"
-    "--user", "bar",
-    "--script", "whoami",
-  ]
-}
+```yaml
+- name: executing remote ssh commands using password
+  uses: appleboy/ssh-action@v1.0.3
+  with:
+    host: ${{ secrets.HOST }}
+    username: ${{ secrets.USERNAME }}
+    password: ${{ secrets.PASSWORD }}
+    port: ${{ secrets.PORT }}
+    script: whoami
 ```
 
-Using private key
+#### Using private key
 
-```
-action "Support Private Key" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "HOST",
-    "KEY",
-  ]
-  args = [
-    "--user", "actions",
-    "--script", "'ls -al'",
-  ]
-}
+```yaml
+- name: executing remote ssh commands using ssh key
+  uses: appleboy/ssh-action@v1.0.3
+  with:
+    host: ${{ secrets.HOST }}
+    username: ${{ secrets.USERNAME }}
+    key: ${{ secrets.KEY }}
+    port: ${{ secrets.PORT }}
+    script: whoami
 ```
 
-Multiple Commands
+#### Multiple Commands
 
-```
-action "Multiple Commands" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "HOST",
-    "KEY",
-  ]
-  args = [
-    "--user", "actions",
-    "--script", "'whoami'",
-    "--script", "'ls -al'",
-  ]
-}
+```yaml
+- name: multiple command
+  uses: appleboy/ssh-action@v1.0.3
+  with:
+    host: ${{ secrets.HOST }}
+    username: ${{ secrets.USERNAME }}
+    key: ${{ secrets.KEY }}
+    port: ${{ secrets.PORT }}
+    script: |
+      whoami
+      ls -al
 ```
 
-<img src="./images/multiple-command-result.png">
+![result](./images/output-result.png)
 
-Multiple Hosts
+#### Multiple Hosts
 
-```
-action "Multiple Hosts" {
-  uses = "appleboy/ssh-action@master"
-  secrets = [
-    "KEY",
-  ]
-  args = [
-    "--host", "foo.com",
-    "--host", "bar.com",
-    "--user", "actions",
-    "--script", "'whoami'",
-    "--script", "'ls -al'",
-    "--script", "'cat test.txt'",
-  ]
-}
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+-     host: "foo.com"
++     host: "foo.com,bar.com"
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
+      script: |
+        whoami
+        ls -al
 ```
 
-see the detail of `drone-ssh` command
+#### Multiple hosts with different port
 
-```
-   --ssh-key value                           private ssh key [$PLUGIN_SSH_KEY, $PLUGIN_KEY, $SSH_KEY, $KEY]
-   --key-path value, -i value                ssh private key path [$PLUGIN_KEY_PATH, $SSH_KEY_PATH, $PATH]
-   --username value, --user value, -u value  connect as user (default: "root") [$PLUGIN_USERNAME, $PLUGIN_USER, $SSH_USERNAME, $USERNAME]
-   --password value, -P value                user password [$PLUGIN_PASSWORD, $SSH_PASSWORD, $PASSWORD]
-   --host value, -H value                    connect to host [$PLUGIN_HOST, $SSH_HOST, $HOST]
-   --port value, -p value                    connect to port (default: 22) [$PLUGIN_PORT, $SSH_PORT, $PORT]
-   --sync                                    sync mode [$PLUGIN_SYNC, $SYNC]
-   --timeout value, -t value                 connection timeout (default: 0s) [$PLUGIN_TIMEOUT, $SSH_TIMEOUT, $TIMEOUT]
-   --command.timeout value, -T value         command timeout (default: 1m0s) [$PLUGIN_COMMAND_TIMEOUT, $SSH_COMMAND_TIMEOUT, $COMMAND_TIMEOUT]
-   --script value, -s value                  execute commands [$PLUGIN_SCRIPT, $SSH_SCRIPT, $SCRIPT]
-   --script.stop                             stop script after first failure [$PLUGIN_SCRIPT_STOP, $STOP]
-   --proxy.ssh-key value                     private ssh key of proxy [$PLUGIN_PROXY_SSH_KEY, $PLUGIN_PROXY_KEY, $PROXY_SSH_KEY]
-   --proxy.key-path value                    ssh private key path of proxy [$PLUGIN_PROXY_KEY_PATH, $PROXY_SSH_KEY_PATH]
-   --proxy.username value                    connect as user of proxy (default: "root") [$PLUGIN_PROXY_USERNAME, $PLUGIN_PROXY_USER, $PROXY_SSH_USERNAME]
-   --proxy.password value                    user password of proxy [$PLUGIN_PROXY_PASSWORD, $PROXY_SSH_PASSWORD]
-   --proxy.host value                        connect to host of proxy [$PLUGIN_PROXY_HOST, $PROXY_SSH_HOST]
-   --proxy.port value                        connect to port of proxy (default: "22") [$PLUGIN_PROXY_PORT, $PROXY_SSH_PORT]
-   --proxy.timeout value                     proxy connection timeout (default: 0s) [$PLUGIN_PROXY_TIMEOUT, $PROXY_SSH_TIMEOUT]
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+-     host: "foo.com"
++     host: "foo.com:1234,bar.com:5678"
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      script: |
+        whoami
+        ls -al
 ```
 
-## Secrets
+#### Synchronous execution on multiple hosts
 
-* `PASSWORD` - ssh server password
-* `KEY` - ssh server private key
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: "foo.com,bar.com"
++     sync: true
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
+      script: |
+        whoami
+        ls -al
+```
+
+#### Pass environment variable to shell script
+
+```diff
+  - name: pass environment
+    uses: appleboy/ssh-action@v1.0.3
++   env:
++     FOO: "BAR"
++     BAR: "FOO"
++     SHA: ${{ github.sha }}
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     envs: FOO,BAR,SHA
+      script: |
+        echo "I am $FOO"
+        echo "I am $BAR"
+        echo "sha: $SHA"
+```
+
+_Inside `env` object, you need to pass every environment variable as a string, passing `Integer` data type or any other may output unexpected results._
+
+#### Stop script after first failure
+
+> ex: missing `abc` folder
+
+```diff
+  - name: stop script if command error
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     script_stop: true
+      script: |
+        mkdir abc/def
+        ls -al
+```
+
+output:
+
+```sh
+======CMD======
+mkdir abc/def
+ls -al
+
+======END======
+2019/11/21 01:16:21 Process exited with status 1
+err: mkdir: cannot create directory ‘abc/def’: No such file or directory
+##[error]Docker run failed with exit code 1
+```
+
+#### How to connect remote server using `ProxyCommand`?
+
+```bash
++--------+       +----------+      +-----------+
+| Laptop | <-->  | Jumphost | <--> | FooServer |
++--------+       +----------+      +-----------+
+```
+
+in your `~/.ssh/config`, you will see the following.
+
+```bash
+Host Jumphost
+  HostName Jumphost
+  User ubuntu
+  Port 22
+  IdentityFile ~/.ssh/keys/jump_host.pem
+
+Host FooServer
+  HostName FooServer
+  User ubuntu
+  Port 22
+  ProxyCommand ssh -q -W %h:%p Jumphost
+```
+
+#### How to convert to YAML format of GitHubActions
+
+```diff
+  - name: ssh proxy command
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     proxy_host: ${{ secrets.PROXY_HOST }}
++     proxy_username: ${{ secrets.PROXY_USERNAME }}
++     proxy_key: ${{ secrets.PROXY_KEY }}
++     proxy_port: ${{ secrets.PROXY_PORT }}
+      script: |
+        mkdir abc/def
+        ls -al
+```
+
+#### Protecting a Private Key
+
+The purpose of the passphrase is usually to encrypt the private key.
+This makes the key file by itself useless to an attacker.
+It is not uncommon for files to leak from backups or decommissioned hardware, and hackers commonly exfiltrate files from compromised systems.
+
+```diff
+  - name: ssh key passphrase
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     passphrase: ${{ secrets.PASSPHRASE }}
+      script: |
+        whoami
+        ls -al
+```
+
+#### Using host fingerprint verification
+
+Setting up SSH host fingerprint verification can help to prevent Person-in-the-Middle attacks. Before setting this up, run the command below to get your SSH host fingerprint. Remember to replace `ed25519` with your appropriate key type (`rsa`, `dsa`, etc.) that your server is using and `example.com` with your host.
+
+In modern OpenSSH releases, the _default_ key types to be fetched are `rsa` (since version 5.1), `ecdsa` (since version 6.0), and `ed25519` (since version 6.7).
+
+```sh
+ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
+```
+
+Now you can adjust you config:
+
+```diff
+  - name: ssh key passphrase
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     fingerprint: ${{ secrets.FINGERPRINT }}
+      script: |
+        whoami
+        ls -al
+```
+
+## Contributing
+
+We would love for you to contribute to `appleboy/ssh-action`, pull requests are welcome!
+
+## License
+
+The scripts and documentation in this project are released under the [MIT License](LICENSE)

README.zh-tw.md

@@ -0,0 +1,393 @@
+# 🚀 用於 GitHub Actions 的 SSH
+
+[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
+
+![ssh workflow](./images/ssh-workflow.png)
+
+[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
+
+**注意**： 只支援在 **Linux** [docker](https://www.docker.com/) 容器上執行。
+
+## 輸入變數
+
+更詳細的資訊，請參閱 [action.yml](./action.yml)。
+
+* `host` - SSH 主機
+* `port` - SSH 連接埠，預設為 `22`
+* `username` - SSH 使用者名稱
+* `password` - SSH 密碼
+* `passphrase` - 通常用於加密私鑰的 passphrase
+* `sync` - 同步執行多個主機上的命令，預設為 false
+* `timeout` - SSH 連接到遠端主機的超時時間，預設為 `30s`
+* `command_timeout` - SSH 命令超時時間，預設為 10m
+* `key` - SSH 私鑰的內容，例如 ~/.ssh/id_rsa 的原始內容，請記得包含 BEGIN 和 END 行
+* `key_path` - SSH 私鑰的路徑
+* `fingerprint` - 主機公鑰的 SHA256 指紋，預設為略過驗證
+* `script` - 執行命令
+* `script_stop` - 當出現第一個錯誤時停止執行命令
+* `envs` - 傳遞環境變數到 shell script
+* `debug` - 啟用偵錯模式
+* `use_insecure_cipher` - 使用不安全的密碼（ciphers）進行加密，參見 [#56](https://github.com/appleboy/ssh-action/issues/56)
+* `cipher` - 允許使用的密碼（ciphers）演算法。如果未指定，則使用適當的演算法
+
+SSH 代理設置:
+
+* `proxy_host` - 代理主機
+* `proxy_port` - 代理端口，預設為 `22`
+* `proxy_username` - 代理使用者名稱
+* `proxy_password` - 代理密碼
+* `proxy_passphrase` - 密碼通常用於加密私有金鑰
+* `proxy_timeout` - SSH 連線至代理主機的逾時時間，預設為 `30s`
+* `proxy_key` - SSH 代理私有金鑰內容
+* `proxy_key_path` - SSH 代理私有金鑰路徑
+* `proxy_fingerprint` - 代理主機公鑰的 SHA256 指紋，預設為跳過驗證
+* `proxy_use_insecure_cipher` - 使用不安全的加密方式，請參閱 [#56](https://github.com/appleboy/ssh-action/issues/56)
+* `proxy_cipher` - 允許的加密算法。如果未指定，則使用合理的算法
+
+## 使用方式
+
+執行遠端 SSH 命令
+
+```yaml
+name: remote ssh command
+on: [push]
+jobs:
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+    - name: executing remote ssh commands using password
+      uses: appleboy/ssh-action@v1.0.3
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        port: ${{ secrets.PORT }}
+        script: whoami
+```
+
+畫面輸出
+
+```sh
+======CMD======
+whoami
+======END======
+out: ***
+==============================================
+✅ Successfully executed commands to all host.
+==============================================
+```
+
+### 設置 SSH 金鑰
+
+請在創建 SSH 金鑰並使用 SSH 金鑰時遵循以下步驟。最佳做法是在本地機器上創建 SSH 金鑰而不是遠端機器上。請使用 Github Secrets 中指定的用戶名登錄。生成 RSA 金鑰：
+
+### 生成 RSA 金鑰
+
+```bash
+ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
+```
+
+### 生成 ed25519 金鑰
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
+將新生成的金鑰添加到已授權的金鑰中。詳細了解已授權的金鑰請點擊[此處](https://www.ssh.com/ssh/authorized_keys/).
+
+### 將 RSA 金鑰添加到已授權金鑰中
+
+```bash
+cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+### 將 ed25519 金鑰添加到已授權金鑰中
+
+```bash
+cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+複製私鑰內容，然後將其粘貼到 Github Secrets 中。
+
+### 複製 rsa 私鑰內容
+
+```bash
+clip < ~/.ssh/id_rsa
+```
+
+### 複製 ed25519 私鑰內容
+
+```bash
+clip < ~/.ssh/id_ed25519
+```
+
+有關無需密碼登錄 SSH 的詳細信息，請[參見該網站](http://www.linuxproblem.org/art_9.html)。
+
+**來自讀者的注意事項**： 根據您的 SSH 版本，您可能還需要進行以下更改：
+
+* 將公鑰放在 `.ssh/authorized_keys2` 中
+* 將 `.ssh` 的權限更改為700
+* 將 `.ssh/authorized_keys2` 的權限更改為640
+
+### 如果你使用的是 OpenSSH
+
+如果您正在使用 OpenSSH，並出現以下錯誤：
+
+```bash
+ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
+```
+
+請確保您所選擇的密鑰演算法得到支援。在 Ubuntu 20.04 或更高版本上，您必須明確允許使用 SSH-RSA 演算法。請在 OpenSSH 守護進程文件中添加以下行（它可以是 `/etc/ssh/sshd_config` 或 `/etc/ssh/sshd_config.d/` 中的一個附著文件）：
+
+```bash
+CASignatureAlgorithms +ssh-rsa
+```
+
+或者，`Ed25519` 密鑰在 OpenSSH 中默認被接受。如果需要，您可以使用它來替代 RSA。
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
+### Example
+
+#### 使用密碼執行遠端 SSH 命令
+
+```yaml
+- name: executing remote ssh commands using password
+  uses: appleboy/ssh-action@v1.0.3
+  with:
+    host: ${{ secrets.HOST }}
+    username: ${{ secrets.USERNAME }}
+    password: ${{ secrets.PASSWORD }}
+    port: ${{ secrets.PORT }}
+    script: whoami
+```
+
+#### 使用私鑰
+
+```yaml
+- name: executing remote ssh commands using ssh key
+  uses: appleboy/ssh-action@v1.0.3
+  with:
+    host: ${{ secrets.HOST }}
+    username: ${{ secrets.USERNAME }}
+    key: ${{ secrets.KEY }}
+    port: ${{ secrets.PORT }}
+    script: whoami
+```
+
+#### 多個命令
+
+```yaml
+- name: multiple command
+  uses: appleboy/ssh-action@v1.0.3
+  with:
+    host: ${{ secrets.HOST }}
+    username: ${{ secrets.USERNAME }}
+    key: ${{ secrets.KEY }}
+    port: ${{ secrets.PORT }}
+    script: |
+      whoami
+      ls -al
+```
+
+![result](./images/output-result.png)
+
+#### 多台主機
+
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+-     host: "foo.com"
++     host: "foo.com,bar.com"
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
+      script: |
+        whoami
+        ls -al
+```
+
+#### 多個不同端口的主機
+
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+-     host: "foo.com"
++     host: "foo.com:1234,bar.com:5678"
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      script: |
+        whoami
+        ls -al
+```
+
+#### 在多個主機上同步執行
+
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: "foo.com,bar.com"
++     sync: true
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
+      script: |
+        whoami
+        ls -al
+```
+
+#### 將環境變量傳遞到 Shell 腳本
+
+```diff
+  - name: pass environment
+    uses: appleboy/ssh-action@v1.0.3
++   env:
++     FOO: "BAR"
++     BAR: "FOO"
++     SHA: ${{ github.sha }}
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     envs: FOO,BAR,SHA
+      script: |
+        echo "I am $FOO"
+        echo "I am $BAR"
+        echo "sha: $SHA"
+```
+
+_在 `env` 對象中，您需要將每個環境變量作為字符串傳遞，傳遞 `Integer` 數據類型或任何其他類型可能會產生意外結果。_
+
+#### 在第一次失敗後停止腳本
+
+> ex: missing `abc` folder
+
+```diff
+  - name: stop script if command error
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     script_stop: true
+      script: |
+        mkdir abc/def
+        ls -al
+```
+
+畫面輸出:
+
+```sh
+======CMD======
+mkdir abc/def
+ls -al
+
+======END======
+2019/11/21 01:16:21 Process exited with status 1
+err: mkdir: cannot create directory ‘abc/def’: No such file or directory
+##[error]Docker run failed with exit code 1
+```
+
+#### 如何使用 `ProxyCommand` 連接遠程服務器？
+
+```bash
++--------+       +----------+      +-----------+
+| Laptop | <-->  | Jumphost | <--> | FooServer |
++--------+       +----------+      +-----------+
+```
+
+在您的 `~/.ssh/config` 文件中，您會看到以下內容。
+
+```bash
+Host Jumphost
+  HostName Jumphost
+  User ubuntu
+  Port 22
+  IdentityFile ~/.ssh/keys/jump_host.pem
+
+Host FooServer
+  HostName FooServer
+  User ubuntu
+  Port 22
+  ProxyCommand ssh -q -W %h:%p Jumphost
+```
+
+#### 如何將其轉換為 GitHubActions 的 YAML 格式？
+
+```diff
+  - name: ssh proxy command
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     proxy_host: ${{ secrets.PROXY_HOST }}
++     proxy_username: ${{ secrets.PROXY_USERNAME }}
++     proxy_key: ${{ secrets.PROXY_KEY }}
++     proxy_port: ${{ secrets.PROXY_PORT }}
+      script: |
+        mkdir abc/def
+        ls -al
+```
+
+#### 如何保護私鑰？
+
+密碼短語通常用於加密私鑰。這使得攻擊者無法單獨使用密鑰文件。文件泄露可能來自備份或停用的硬件，黑客通常可以從受攻擊系統中洩露文件。因此，保護私鑰非常重要。
+
+```diff
+  - name: ssh key passphrase
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     passphrase: ${{ secrets.PASSPHRASE }}
+      script: |
+        whoami
+        ls -al
+```
+
+#### 使用主機指紋驗證
+
+設置 SSH 主機指紋驗證可以幫助防止中間人攻擊。在設置之前，運行以下命令以獲取 SSH 主機指紋。請記得將 `ed25519` 替換為您的適當金鑰類型（`rsa`、 `dsa`等），而 `example.com` 則替換為您的主機。
+
+現代 OpenSSH 版本中，需要提取的_默認金鑰_類型是 `rsa`（從版本 5.1 開始）、`ecdsa`（從版本 6.0 開始）和 `ed25519`（從版本 6.7 開始）。
+
+```sh
+ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
+```
+
+現在您可以調整您的配置：
+
+```diff
+  - name: ssh key passphrase
+    uses: appleboy/ssh-action@v1.0.3
+    with:
+      host: ${{ secrets.HOST }}
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
++     fingerprint: ${{ secrets.FINGERPRINT }}
+      script: |
+        whoami
+        ls -al
+```
+
+## 貢獻
+
+我們非常希望您為 `appleboy/ssh-action` 做出貢獻，歡迎提交請求！
+
+## 授權方式
+
+本項目中的腳本和文檔采用 [MIT](LICENSE) 許可證 發布。

action.yml

@@ -0,0 +1,124 @@
+name: "SSH Remote Commands"
+description: "Executing remote ssh commands"
+author: "Bo-Yi Wu"
+inputs:
+  host:
+    description: "SSH host address."
+  port:
+    description: "SSH port number."
+    default: "22"
+  passphrase:
+    description: "Passphrase for the SSH key."
+  username:
+    description: "SSH username."
+  password:
+    description: "SSH password."
+  protocol:
+    description: 'The IP protocol to use. Valid values are "tcp". "tcp4" or "tcp6". Default to tcp.'
+    default: "tcp"
+  sync:
+    description: "Enable synchronous execution if multiple hosts are involved."
+  use_insecure_cipher:
+    description: "Include more ciphers by using insecure ciphers."
+  cipher:
+    description: "Allowed cipher algorithms. If unspecified, a sensible default is used."
+  timeout:
+    description: "Timeout duration for establishing SSH connection to the host."
+    default: "30s"
+  command_timeout:
+    description: "Timeout duration for SSH commands execution."
+    default: "10m"
+  key:
+    description: "Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa."
+  key_path:
+    description: "Path to the SSH private key file."
+  fingerprint:
+    description: "SHA256 fingerprint of the host public key."
+  proxy_host:
+    description: "SSH proxy host address."
+  proxy_port:
+    description: "SSH proxy port number."
+    default: "22"
+  proxy_username:
+    description: "SSH proxy username."
+  proxy_password:
+    description: "SSH proxy password."
+  proxy_passphrase:
+    description: "SSH proxy key passphrase."
+  proxy_timeout:
+    description: "Timeout duration for establishing SSH connection to the proxy host."
+    default: "30s"
+  proxy_key:
+    description: "Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa."
+  proxy_key_path:
+    description: "Path to the SSH proxy private key file."
+  proxy_fingerprint:
+    description: "SHA256 fingerprint of the proxy host public key."
+  proxy_cipher:
+    description: "Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used."
+  proxy_use_insecure_cipher:
+    description: "Include more ciphers for the proxy by using insecure ciphers."
+  script:
+    description: "Commands to be executed."
+  script_stop:
+    description: "Stop the script after the first failure."
+  envs:
+    description: "Environment variables to be passed to the shell script."
+  envs_format:
+    description: "Flexible configuration for environment value transfer."
+  debug:
+    description: "Enable debug mode."
+  allenvs:
+    description: "pass all environment variable to shell script."
+  request_pty:
+    description: "Request a pseudo-terminal from the server."
+
+runs:
+  using: "composite"
+  steps:
+    - name: Set GitHub Path
+      run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
+      shell: bash
+      env:
+        GITHUB_ACTION_PATH: ${{ github.action_path }}
+    - name: Run entrypoint.sh
+      run: entrypoint.sh
+      shell: bash
+      env:
+        GITHUB_ACTION_PATH: ${{ github.action_path }}
+        INPUT_HOST: ${{ inputs.host }}
+        INPUT_PORT: ${{ inputs.port }}
+        INPUT_PROTOCOL: ${{ inputs.protocol }}
+        INPUT_USERNAME: ${{ inputs.username }}
+        INPUT_PASSWORD: ${{ inputs.password }}
+        INPUT_PASSPHRASE: ${{ inputs.passphrase }}
+        INPUT_KEY: ${{ inputs.key }}
+        INPUT_KEY_PATH: ${{ inputs.key_path }}
+        INPUT_FINGERPRINT: ${{ inputs.fingerprint }}
+        INPUT_PROXY_HOST: ${{ inputs.proxy_host }}
+        INPUT_PROXY_PORT: ${{ inputs.proxy_port }}
+        INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }}
+        INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }}
+        INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
+        INPUT_PROXY_KEY: ${{ inputs.proxy_key }}
+        INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
+        INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
+        INPUT_TIMEOUT: ${{ inputs.timeout }}
+        INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
+        INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
+        INPUT_SCRIPT: ${{ inputs.script }}
+        INPUT_SCRIPT_STOP: ${{ inputs.script_stop }}
+        INPUT_ENVS: ${{ inputs.envs }}
+        INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
+        INPUT_DEBUG: ${{ inputs.debug }}
+        INPUT_ALL_ENVS: ${{ inputs.allenvs }}
+        INPUT_REQUEST_PTY: ${{ inputs.request_pty }}
+        INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
+        INPUT_CIPHER: ${{ inputs.cipher }}
+        INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
+        INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
+        INPUT_SYNC: ${{ inputs.sync }}
+
+branding:
+  icon: "terminal"
+  color: "gray-dark"

entrypoint.sh

@@ -1,7 +1,66 @@
-#!/bin/sh
+#!/usr/bin/env bash
 
-set -eu
+set -o errexit
+set -o nounset
+set -o pipefail
 
 export GITHUB="true"
 
-sh -c "/bin/drone-ssh $*"
+GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
+DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
+DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.7.4}"
+
+function detect_client_info() {
+  if [ -n "${SSH_CLIENT_OS-}" ]; then
+    CLIENT_PLATFORM="${SSH_CLIENT_OS}"
+  else
+    local kernel
+    kernel="$(uname -s)"
+    case "${kernel}" in
+      Darwin)
+        CLIENT_PLATFORM="darwin"
+        ;;
+      Linux)
+        CLIENT_PLATFORM="linux"
+        ;;
+      Windows)
+        CLIENT_PLATFORM="windows"
+        ;;
+      *)
+        echo "Unknown, unsupported platform: ${kernel}." >&2
+        echo "Supported platforms: Linux, Darwin and Windows." >&2
+        echo "Bailing out." >&2
+        exit 2
+    esac
+  fi
+
+  if [ -n "${SSH_CLIENT_ARCH-}" ]; then
+    CLIENT_ARCH="${SSH_CLIENT_ARCH}"
+  else
+    local machine
+    machine="$(uname -m)"
+    case "${machine}" in
+      x86_64*|i?86_64*|amd64*)
+        CLIENT_ARCH="amd64"
+        ;;
+      aarch64*|arm64*)
+        CLIENT_ARCH="arm64"
+        ;;
+      *)
+        echo "Unknown, unsupported architecture (${machine})." >&2
+        echo "Supported architectures x86_64, i686, arm64." >&2
+        echo "Bailing out." >&2
+        exit 3
+        ;;
+    esac
+  fi
+}
+
+detect_client_info
+DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
+CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
+TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
+echo "Will download ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
+curl -fL --retry 3 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o ${TARGET}
+chmod +x ${TARGET}
+sh -c "${TARGET} $*"