gitea/ssh-action
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: gitea:v1.0.0
Branches Tags
gitea:master gitea:346 gitea:testing
gitea:v1.2.2 gitea:v1 gitea:v1.2.1 gitea:v1.2.0 gitea:v1.1.0 gitea:v1.0.3 gitea:v1.0.2 gitea:v1.0.1 gitea:v1.0.0 gitea:v0.1.10 gitea:v0.1.9 gitea:v0.1.8 gitea:v0.1.7 gitea:v0.1.6 gitea:v0.1.5 gitea:v0.1.4 gitea:v0.1.3 gitea:v0.1.2 gitea:v0.1.1 gitea:v0.1.0 gitea:v0.0.9 gitea:v0.0.8 gitea:v0.0.7 gitea:v0.0.6 gitea:v0.0.5 gitea:v0.0.4 gitea:v0.0.3 gitea:v0.0.2 gitea:v0.0.1
..
compare: gitea:v1
Branches Tags
gitea:master gitea:346 gitea:testing
gitea:v1.2.2 gitea:v1 gitea:v1.2.1 gitea:v1.2.0 gitea:v1.1.0 gitea:v1.0.3 gitea:v1.0.2 gitea:v1.0.1 gitea:v1.0.0 gitea:v0.1.10 gitea:v0.1.9 gitea:v0.1.8 gitea:v0.1.7 gitea:v0.1.6 gitea:v0.1.5 gitea:v0.1.4 gitea:v0.1.3 gitea:v0.1.2 gitea:v0.1.1 gitea:v0.1.0 gitea:v0.0.9 gitea:v0.0.8 gitea:v0.0.7 gitea:v0.0.6 gitea:v0.0.5 gitea:v0.0.4 gitea:v0.0.3 gitea:v0.0.2 gitea:v0.0.1

86 Commits
v1.0.0 ... v1

Author SHA1 Message Date
appleboy
2ead5e3657 chore: update action version across workflows and documentation
Some checks failed
testing stable version / default-user-name-password (push) Has been cancelled
testing stable version / check-ssh-key (push) Has been cancelled
testing stable version / support-key-passphrase (push) Has been cancelled
testing stable version / multiple-server (push) Has been cancelled
testing stable version / support-ed25519-key (push) Has been cancelled
testing stable version / testing-with-env (push) Has been cancelled
testing main branch / default-user-name-password (push) Has been cancelled
testing main branch / check-ssh-key (push) Has been cancelled
testing main branch / support-key-passphrase (push) Has been cancelled
testing main branch / multiple-server (push) Has been cancelled
testing main branch / support-ed25519-key (push) Has been cancelled
testing main branch / testing-with-env (push) Has been cancelled
testing main branch / testing ipv6 (push) Has been cancelled
testing main branch / some special character (push) Has been cancelled
testing main branch / testing-capturing-output (push) Has been cancelled
testing main branch / testing-script-stop (push) Has been cancelled
testing main branch / testing-script-error (push) Has been cancelled
Goreleaser / goreleaser (push) Has been cancelled
- Update the version of `appleboy/ssh-action` from `v1.2.1` to `v1.2.2` in multiple files
- Modify the bug report template to reflect the updated action version
- Change the action version in the stable workflow file
- Adjust the action version in the README files for consistency across documentation
- Ensure the action version is updated in both Chinese language README files

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-09 22:08:40 +08:00
appleboy
a0a0326939 docs: clarify parameter descriptions for improved documentation 
- Update descriptions for various input parameters to provide clearer guidance on their usage.
- Enhance the description for the `capture_stdout` parameter to specify its effect on action output.
- Modify the description for the `stdout` output to clarify its relation to the `capture_stdout` setting.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-09 22:02:08 +08:00
appleboy
b0a8f324e1 chore: bump DRONE_SSH version to 1.8.1 
- Update the default version of DRONE_SSH from 1.8.0 to 1.8.1

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-09 21:54:21 +08:00
appleboy
039c9e07bb docs: update README with private key instructions in multiple languages 
- Add instructions for copying the private key to GitHub Secrets in English, Chinese (Simplified), and Chinese (Traditional) versions of the README.

ref: https://github.com/appleboy/ssh-action/issues/6#issuecomment-922368411
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-08 15:55:34 +08:00
appleboy
48992f2e2c docs: prioritize English in language selection options 
- Change the language options to include English as the first option.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-08 15:50:53 +08:00
appleboy
01a53594eb docs: enhance language support and improve documentation clarity 
- Add Simplified Chinese as an option in the language selection
- Improve the phrasing of sentences for clarity in the GitHub Action description
- Update instructions for enabling synchronous execution for multiple hosts
- Clarify the default behavior for the cipher option
- Change the wording for SSH command execution to enhance readability
- Update the username in the example to a specific value
- Revise instructions for copying SSH keys to include installation steps for the `clip` command
- Adjust the phrasing for security practices regarding private key protection
- Update the license statement to specify the MIT license more clearly
- Change section titles for better consistency and clarity across languages

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-08 15:47:51 +08:00
appleboy
d99ccf8c09 docs: improve documentation clarity and consistency 
- Change "GitHub Action" to "A GitHub Action" for clarity.
- Update phrasing from "built using" to "built with" for consistency.
- Revise "Make sure to follow the below steps" to "Follow the steps below" for improved readability.
- Modify "best practice is create" to "It is best practice to create" for grammatical correctness.
- Change "Add newly generated key into Authorized keys" to "Add the newly generated key to the Authorized keys" for clarity.
- Update "Copy Private Key content and paste in Github Secrets" to "Copy the Private Key content and paste it into GitHub Secrets" for consistency.
- Change "install `clip` command" to "install the `clip` command" for grammatical correctness.
- Revise "See the detail information about" to "See detailed information about" for improved readability.
- Update "A note from one of our readers" to "Note: Depending on your version of SSH" for clarity.
- Change "Make sure that your key algorithm of choice is supported" to "Ensure that your chosen key algorithm is supported" for conciseness.
- Revise "Alternatively, `ed25519` keys are accepted by default" to "Alternatively, `ed25519` keys are accepted by default in OpenSSH" for clarity.
- Update "if you are running a command in a non interactive shell" to "If you are running a command in a non-interactive shell" for grammatical correctness.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2025-03-08 15:42:40 +08:00
Bo-Yi Wu
92737056c0 docs: improve documentation and defaults for execution and security 
- Clarify that synchronous execution is enabled if multiple hosts are specified
- Specify that sensible defaults are used for allowed cipher algorithms if unspecified
- Clarify that environment variables are passed to the shell script

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-03-07 08:10:39 +08:00
Seth Landry
9817ef4a17 docs(readme): set -e for script_stop functionality (#368) 
Fixes #367

Add a note in the "Input variables" section of `README.md` to mention that users can add `set -e` in their shell script to achieve similar functionality to the removed `script_stop` option.

Add a note in the "输入变量" section of `README.zh-cn.md` to mention that users can add `set -e` in their shell script to achieve similar functionality to the removed `script_stop` option.

Add a note in the "輸入變數" section of `README.zh-tw.md` to mention that users can add `set -e` in their shell script to achieve similar functionality to the removed `script_stop` option.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/appleboy/ssh-action/issues/367?shareId=XXXX-XXXX-XXXX-XXXX).
 2025-02-24 20:31:51 +08:00
Bo-Yi Wu
8faa84277b chore: standardize formatting and update dependencies in workflows
Some checks failed
testing stable version / default-user-name-password (push) Has been cancelled
testing stable version / check-ssh-key (push) Has been cancelled
testing stable version / support-key-passphrase (push) Has been cancelled
testing stable version / multiple-server (push) Has been cancelled
testing stable version / support-ed25519-key (push) Has been cancelled
testing stable version / testing-with-env (push) Has been cancelled
testing main branch / default-user-name-password (push) Has been cancelled
testing main branch / check-ssh-key (push) Has been cancelled
testing main branch / support-key-passphrase (push) Has been cancelled
testing main branch / multiple-server (push) Has been cancelled
testing main branch / support-ed25519-key (push) Has been cancelled
testing main branch / testing-with-env (push) Has been cancelled
testing main branch / testing ipv6 (push) Has been cancelled
testing main branch / some special character (push) Has been cancelled
testing main branch / testing-capturing-output (push) Has been cancelled
testing main branch / testing-script-stop (push) Has been cancelled
testing main branch / testing-script-error (push) Has been cancelled
Goreleaser / goreleaser (push) Has been cancelled
- Change the title format in the bug report template from single quotes to double quotes
- Update `appleboy/ssh-action` version from `v1.2.0` to `v1.2.1` in multiple workflow files
- Remove unnecessary blank lines in the bug report template

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-02-19 17:50:00 +08:00
Bo-Yi Wu
49751ff516 docs: standardize script_file naming to script_path in documentation (#360) 
- Rename `script_file` to `script_path` in README.md
- Rename `script_file` to `script_path` in README.zh-cn.md
- Rename `script_file` to `script_path` in README.zh-tw.md

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-01-03 10:17:01 +08:00
Bo-Yi Wu
86aa40ddb7 ci: add SSH server testing to GitHub Actions workflow 
- Add a new job `testing-script-error` to the GitHub Actions workflow
- Use `actions/checkout@v4` to check out the code
- Create and run a new SSH server container using `lscr.io/linuxserver/openssh-server:latest`
- Capture the container's IP address and set it as an environment variable
- Add a step to test script errors with `continue-on-error: true`
- Configure the test script to connect to the SSH server and run a command that will fail (`ls /nonexistent`)

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-01-03 09:31:39 +08:00
Bo-Yi Wu
66aa4d343b ci: add SSH testing job to GitHub Actions workflow (#355) 
* ci: add SSH testing job to GitHub Actions workflow

https://github.com/appleboy/ssh-action/issues/335#issuecomment-2372414496

- Add a new job `testing-script-stop` to the GitHub Actions workflow
- Set up an SSH server using a Docker container within the new job
- Capture the container's IP address and store it in the GitHub environment
- Add a step to run an SSH command with stdout capture
- Include a script to test conditional logic within the SSH command
- Add a step to check and print the captured stdout from the SSH command

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: improve GitHub Actions workflow with conditional checks

- Add conditional checks in GitHub Actions workflow to handle 'True' and 'False' outputs

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: standardize naming and validation of stdout steps

- Rename `stdout` step to `stdout01` in the GitHub Actions workflow
- Rename `check stdout` step to `check stdout 01`
- Update references to `stdout` to `stdout01` in echo and grep commands
- Add a new step `stdout02` for SSH command execution with stdout capture
- Add a new step `check stdout 02` to validate the output of `stdout02` step

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-12-05 16:23:32 +08:00
Jesse
102c0d2e5f feat: capture stdout and store as output (#287) 2024-12-04 09:49:35 +08:00
Bo-Yi Wu
e13c387332 ci(action): display an environment variable with special characters (#351) 
- Add a new job `testing07` with steps to set environment variables and create an SSH server container
- Set a special character password in environment variables
- Run a Docker container for an OpenSSH server and capture its IP address
- Add steps to SSH into the server using username and password authentication

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-02 23:19:33 +08:00
Bo-Yi Wu
1c1ad10f6d ci(action): remove script stop functionality from project (#350) 
- Remove the `stop script if command error` step from GitHub workflows
- Remove the `script_stop` option from the README and its translations
- Remove the `script_stop` input from `action.yml`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-02 21:25:26 +08:00
appleboy
48531853a7 docs(readme): refactor README files to improve language link structure 
- Combine language links into a single line in `README.md`
- Add links to English and Traditional Chinese README in `README.zh-cn.md`
- Combine language links into a single line in `README.zh-tw.md`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-01 10:12:22 +08:00
appleboy
b76e6173e8 docs(readme): standardize and format README files across languages 
- Remove an empty line in `README.md`
- Replace underscores with bold formatting for default key types in `README.zh-cn.md` and `README.zh-tw.md`
- Standardize list formatting in `README.md`, `README.zh-cn.md`, and `README.zh-tw.md`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-01 10:10:43 +08:00
appleboy
6137f733fb docs: improve project documentation and organization 
- Add a project description mentioning the use of Golang and drone-ssh
- Replace the list of input variables with a table format for better readability and organization

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-23 23:30:59 +08:00
Kyle Leonhard
43d4ebbb72 chore: Add test to stable workflow for script_path (#347) 2024-11-18 08:57:32 +08:00
appleboy
a9e2fdf08d docs(readme): improve README structure and add new input variables 
- Update title to remove redundant "用於"
- Add links to English and Simplified Chinese versions of the README
- Add a note about the project using Golang and drone-ssh
- Replace detailed input variable descriptions with a table format
- Add new input variables `protocol`, `proxy_protocol`, `envs_format`, `allenvs`, and `request_pty`
- Update usage section to refer to `action.yml` for detailed information

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 16:00:24 +08:00
appleboy
cec69ef231 docs(readme): standardize terminology and capitalization across project 
- Capitalize "SSH" in multiple instances for consistency
- Change "This thing" to "This project" for clarity and professionalism
- Capitalize "Pass" in the description of the `allenvs` option

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:53:54 +08:00
appleboy
a8952ebe2a docs(readme): update documentation for GitHub Actions and Docker support 
- Update README badges to reflect the new GitHub Actions workflow
- Remove outdated information about Linux Docker container support in README files

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:51:42 +08:00
appleboy
8fdfeb034e chore(github): update appleboy/ssh-action to version v1.2.0 across workflows 
- Update `appleboy/ssh-action` from version `v1.0.3` to `v1.2.0` in bug report template
- Update `appleboy/ssh-action` from version `v1.0.3` to `v1.2.0` in stable workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:17:02 +08:00
appleboy
7eaf76671a docs(readme): update SSH action and enhance Chinese README files
Some checks failed
testing stable version / default-user-name-password (push) Has been cancelled
testing stable version / check-ssh-key (push) Has been cancelled
testing stable version / support-key-passphrase (push) Has been cancelled
testing stable version / multiple-server (push) Has been cancelled
testing stable version / support-ed25519-key (push) Has been cancelled
testing stable version / testing-with-env (push) Has been cancelled
testing main branch / default-user-name-password (push) Has been cancelled
testing main branch / check-ssh-key (push) Has been cancelled
testing main branch / support-key-passphrase (push) Has been cancelled
testing main branch / multiple-server (push) Has been cancelled
testing main branch / support-ed25519-key (push) Has been cancelled
testing main branch / testing-with-env (push) Has been cancelled
testing main branch / testing ipv6 (push) Has been cancelled
Goreleaser / goreleaser (push) Has been cancelled
- Update `appleboy/ssh-action` from version `v1.1.0` to `v1.2.0` in multiple instances
- Add `script_file` option to the Chinese (Simplified) and Chinese (Traditional) README files
- Add example for executing commands from a file in the Chinese (Simplified) and Chinese (Traditional) README files

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:08:23 +08:00
appleboy
176437b548 chore: refactor codebase for improved consistency and performance 
- Change the username from `${{ secrets.USERNAME }}` to `linuxserver.io`
- Update the output from `***` to `linuxserver.io`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:05:56 +08:00
appleboy
25259c3d50 fix: refactor and enhance API and testing infrastructure 
- Update DRONE_SSH_VERSION from 1.7.7 to 1.8.0
- Add missing case statement terminator in detect_client_info function

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:02:20 +08:00
appleboy
bf84378588 refactor: refactor codebase and improve API performance 
-

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:00:26 +08:00
Kyle Leonhard
362a7f1677 chore: support running commands from a file (#341) 2024-11-17 14:57:46 +08:00
appleboy
ab698e59d8 docs(readme): enhance network protocol support and testing 
- Add `proxy_protocol` option to the README with possible values `tcp`, `tcp4`, `tcp6` and default `tcp`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-28 22:37:55 +08:00
appleboy
703ffa3c1e feat(actions): enhance system performance and API integration 
- Add `proxy_protocol` input with description and default value "tcp"

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-28 22:36:36 +08:00
appleboy
8b84eaec3a ci(script): improve CI robustness and coverage across environments 
- Change single-line script to multi-line bash script with error handling in GitHub Actions workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-24 01:27:03 +08:00
appleboy
2763143a97 ci(script): enhance CI workflows and API integration 
- Change script execution to a multi-line bash script with error handling in GitHub workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-24 01:25:46 +08:00
Lukáš Tesař
3f1416813d fix: typo in success message (#340) 
Reflects changes made by [drone-ssh#283](https://github.com/appleboy/drone-ssh/pull/283)
 2024-10-13 09:00:02 +08:00
appleboy
bb32884d53 chore: enhance CI/CD workflows and documentation formatting 
- Update `appleboy/ssh-action` from version `v1.0.3` to `v1.1.0` in multiple instances
- Fix table formatting in `README.md`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-06 21:19:31 +08:00
appleboy
25ce8cbbcb ci: implement automated release workflow with GoReleaser
Some checks failed
testing stable version / default-user-name-password (push) Has been cancelled
testing stable version / check-ssh-key (push) Has been cancelled
testing stable version / support-key-passphrase (push) Has been cancelled
testing stable version / multiple-server (push) Has been cancelled
testing stable version / support-ed25519-key (push) Has been cancelled
testing stable version / testing-with-env (push) Has been cancelled
testing main branch / default-user-name-password (push) Has been cancelled
testing main branch / check-ssh-key (push) Has been cancelled
testing main branch / support-key-passphrase (push) Has been cancelled
testing main branch / multiple-server (push) Has been cancelled
testing main branch / support-ed25519-key (push) Has been cancelled
testing main branch / testing-with-env (push) Has been cancelled
testing main branch / testing ipv6 (push) Has been cancelled
Goreleaser / goreleaser (push) Has been cancelled
- Add GitHub Actions workflow for GoReleaser
- Configure GoReleaser to skip builds
- Set up changelog groups for features, bug fixes, enhancements, refactors, build process updates, and documentation updates

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-06 21:15:22 +08:00
appleboy
58164d0dc2 chore: remove Dockerfile and related configurations 
- Remove Dockerfile and its associated configurations

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-09-22 08:12:49 +08:00
archiguru
d732991ab0 docs(lang): README.zh-cn Document (#332) 
* feat: add README.zh-cn Document

* feat: add zh-cn superlink
 2024-09-07 15:36:08 +08:00
Bo-Yi Wu
b4a07ca594 ci: enhance GitHub Actions with secret variable support (#330) 
* ci: enhance GitHub Actions with secret variable support

- Add a step to pass secret variables in the shell within the GitHub Actions workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>

* ci: enhance CI workflow and API integration

- Add `continue-on-error: true` to the GitHub Actions workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>

* ci: improve GitHub Actions workflow reliability

- Add `continue-on-error: true` to the GitHub Actions workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>

---------

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-07-20 13:32:11 +08:00
Bo-Yi Wu
eaeb06998d chore(cli): enhance curl command with silent mode and redirects 
- Add silent mode and follow redirects to curl command in entrypoint.sh

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-07-14 20:55:52 +08:00
Bo-Yi Wu
06fa62e61c ci: rename the workflow files. 
- Rename `ci.yml` to `main.yml`
- Rename `ssh-server.yml` to `stable.yml`

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-07-14 17:19:13 +08:00
Bo-Yi Wu
28428a13f5 docs: improve cross-platform clipboard support for key copying 
- Add instructions to install `xclip` on Ubuntu before copying the private key
- Replace `clip` command with platform-specific commands (`pbcopy` for macOS and `xclip` for Ubuntu) for copying the private key

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-07-14 16:59:55 +08:00
Bo-Yi Wu
5ade826485 chore: improve CLI reliability and version visibility 
- Increase curl retry attempts from 3 to 5
- Add echo statements to display CLI version before and after running the version command

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-07-14 16:42:46 +08:00
Bo-Yi Wu
8b6078208d chore(cli): enhance version handling and testing mechanisms 
- Add a command to print the version of the target before running the main command

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-07-14 16:21:41 +08:00
Bo-Yi Wu
036cad7df7 chore: update drone-ssh to version 1.7.7 
- Update drone-ssh Docker image version from `1.7.4` to `1.7.7`
- Update DRONE_SSH_VERSION environment variable default from `1.7.4` to `1.7.7`

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-07-14 16:17:12 +08:00
Bo-Yi Wu
71d43ea0f7 docs: improve documentation and testing configurations 
- Add note about the default value of `port` being `22` in the README

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-06 08:30:06 +08:00
appleboy
43895f2cd5 ci: refactor SSH testing workflows and job configurations 
- Rename workflow from "remote ssh command" to "testing main branch"
- Remove environment variables `FOO` and `BAR`
- Rename job `testing01` to `default-user-name-password`
- Rename step "checkout" to "Checkout code"
- Replace step "correct password but wrong key" with "create new ssh server" using Docker
- Update SSH connection details to use environment variables for host, username, password, and port
- Add new job `check-ssh-key` with steps to add public key to environment and create a new SSH server
- Add new job `support-key-passphrase` with steps to add public key to environment and create a new SSH server
- Add new job `multiple-server` to create and manage multiple SSH servers
- Add new job `support-ed25519-key` with steps to add public key to environment and create a new SSH server
- Add new job `testing-with-env` with steps to add public key to environment and create a new SSH server
- Remove jobs `testing02`, `testing03`, `testing04`, and `testing05`
- Rename workflow in `ssh-server.yml` from "openssh-server" to "testing stable version"

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:55:28 +08:00
appleboy
b6941ae5d5 ci: refactor codebase and optimize performance 
- Delete the GitHub Actions workflow file `version.yml`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:38:35 +08:00
appleboy
0c7561b1a3 fix: switch to SSH key authentication for security 
- Remove hardcoded user password from environment variables
- Replace hardcoded password with a private key for SSH authentication

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:35:45 +08:00
appleboy
5a8776fd15 ci: switch to password authentication in GitHub workflow 
- Replace SSH key authentication with password authentication in GitHub workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:30:47 +08:00
appleboy
97f8d752b5 ci: enable root access in CI pipeline 
- Change `SUDO_ACCESS` environment variable from `false` to `true`
- Add a step to switch to root user using `appleboy/ssh-action@v1.0.3` with specified parameters and commands

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:18:46 +08:00
appleboy
9c32aa61f8 ci: refactor workflows and API integrations 
- Remove the execution of `test.sh` from the SSH server workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:07:39 +08:00
appleboy
f0e5a23d53 ci: add environment variable handling in GitHub Actions 
- Add a new job `testing-with-env` to the GitHub Actions workflow
- Add steps to set up environment variables for public and private SSH keys
- Add a step to create a new SSH server using Docker
- Add a step to test the SSH connection using the `id_ed25519` key
- Add a step to pass a single environment variable to the SSH action
- Add a step to pass multiple environment variables to the SSH action
- Add a step to use a custom format for environment variables
- Add a step to pass all environment variables to the SSH action

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:04:07 +08:00
appleboy
fc1c1fce51 ci: add GitHub Actions job for ed25519 key support 
- Add a new job `support-ed25519-key` to the GitHub Actions workflow
- Add steps to the new job for checking out code, adding public and private keys to the environment, and creating a new SSH server
- Add steps to the new job for testing the `id_ed25519` key using `appleboy/ssh-action`
- Add a new private SSH key file `testdata/.ssh/id_ed25519`
- Add a new public SSH key file `testdata/.ssh/id_ed25519.pub`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-05 21:01:23 +08:00
Bo-Yi Wu
aa293c24bb chore: optimize system configuration and API integration 
- Change port for REMOTE_HOST_02 from `2223` to `2222`

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 19:22:24 +08:00
Bo-Yi Wu
378323e4c8 ci: add multi-server support to CI workflow 
- Add a new job `multiple-server` to the GitHub Actions workflow
- Configure the job to run on `ubuntu-latest`
- Add steps to checkout code, add public and private keys to environment variables, and create two new SSH servers using Docker
- Update the `host` configuration to include both new SSH servers
- Remove the `port` configuration
- Replace the command `ls -lah` with `whoami`
- Remove the `use_insecure_cipher` configuration

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 19:07:07 +08:00
Bo-Yi Wu
815c5743ac ci: enhance deployment with multi-host SSH action 
- Add deployment step for multiple hosts with different ports using `appleboy/ssh-action@v1.0.3`

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 17:01:56 +08:00
Bo-Yi Wu
a39b3cce7d ci: enhance CI/CD pipeline with SSH command execution 
- Add a step to execute multiline SSH commands using `appleboy/ssh-action@v1.0.3`

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 17:00:36 +08:00
Bo-Yi Wu
15b64dc891 ci: enhance CI pipeline with SSH key handling improvements 
- Add a job to handle missing SSH key passphrase with `appleboy/ssh-action` and `continue-on-error` set to true

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 16:16:59 +08:00
Bo-Yi Wu
e40b597081 ci: add GitHub Actions job for SSH key passphrase support 
- Add a new job `support-key-passphrase` to the GitHub Actions workflow
- Add steps to the new job for checking out code, adding public and private keys to the environment, and creating a new SSH server
- Add a step to the new job for running an SSH command with a passphrase
- Add a new private SSH key file `id_passphrase` to the test data
- Add a new public SSH key file `id_passphrase.pub` to the test data

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 16:13:42 +08:00
Bo-Yi Wu
f05aefe351 ci: enhance SSH action configuration and error handling 
- Add a step to stop the script if a command error occurs using `appleboy/ssh-action@v1.0.3`
- Configure SSH action with host, username, password, key, port, and other parameters
- Add script to create a directory and list its contents

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 15:59:32 +08:00
Bo-Yi Wu
acd41e5091 ci: enhance SSH job testing with varied key/password scenarios 
- Correct the name of the SSH job from "ssh by private" to "ssh by private key"
- Add a job to test SSH with the correct key but wrong password
- Add a job to test SSH with the correct password but wrong key

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 15:57:27 +08:00
Bo-Yi Wu
da612c8015 refactor: optimize CI pipeline for faster execution 
- Reduce sleep duration from 3 seconds to 2 seconds
- Rename SSH job steps for clarity
- Change port mapping from 2223 to 2222

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 15:54:35 +08:00
Bo-Yi Wu
2eeab5bdba ci: refactor GitHub Actions key management 
- Add steps to set public and private keys in GitHub Actions environment
- Replace inline public key assignment with environment variable reference
- Remove redundant steps for setting private key in GitHub Actions environment

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 15:53:33 +08:00
Bo-Yi Wu
977b74a12d ci: enhance CI workflow with SSH job and optimizations 
- Remove an empty line in the jobs section
- Reduce sleep duration from 5 seconds to 3 seconds
- Add a new job `check-ssh-key` to the workflow
- Add steps to create a new SSH server using Docker
- Add steps to set environment variables for remote host and private key
- Add a step to execute remote SSH commands using the `appleboy/ssh-action` GitHub Action

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 14:54:29 +08:00
Bo-Yi Wu
0b0e77098a ci: optimize and enhance SSH server workflow 
- Add a 5-second sleep command to the SSH server workflow

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 13:54:09 +08:00
Bo-Yi Wu
40aad53c5a ci: add SSH authentication setup for GitHub Actions 
- Add a GitHub Action workflow to set up an OpenSSH server using Docker
- Add RSA private key for SSH authentication in test data
- Add RSA public key for SSH authentication in test data
- Add OpenSSH private key for SSH authentication in test data
- Add OpenSSH public key for SSH authentication in test data

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-06-05 13:34:57 +08:00
appleboy
c8594ae37d ci: implement GitHub Actions for remote SSH execution 
- Add example GitHub Actions workflow for executing remote SSH commands using password authentication

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-06-01 14:22:37 +08:00
Bo-Yi Wu
aabaf1254d ci: add bug report template 2024-06-01 14:20:58 +08:00
Bo-Yi Wu
f916346256 ci: refactor CI workflow and improve robustness (#320) 
* ci: refactor CI workflow and improve robustness

- Update GitHub Actions checkout step from version 1 to version 4 in multiple jobs within the CI workflow

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* docs: improve non-interactive shell command handling

- Add a Q&A section to the README with information on resolving 'command not found' errors for non-interactive shells
- Provide a solution involving editing `/etc/bash.bashrc` to ensure commands are added to the path in non-interactive shells

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* docs: improve documentation and CI robustness

- Update acknowledgment for the interactive shell solution in the README.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-05-04 19:52:33 +08:00
Bo-Yi Wu
551964ebda ci: optimize GitHub Actions workflow configuration 
- Remove the `testing06` job related to testing IPv6 from the GitHub Actions workflow.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-22 13:21:33 +08:00
appleboy
d2d6858859 ci: enhance GitHub workflow for SSH actions and deployments 
- Add a new GitHub workflow file `version.yml`
- Define environment variables `FOO` and `BAR`
- Add multiple jobs for testing different scenarios
- Include steps for SSH actions using different authentication methods
- Implement scripts for executing remote SSH commands
- Configure SSH key passphrase authentication
- Add a job for using insecure cipher
- Include a job for executing multiline SSH commands
- Implement a job for deployment to multiple hosts with different ports
- Add jobs for passing environment variables to scripts
- Configure custom environment variables format
- Implement a job for passing all ENV variables to a script
- Include jobs for cloning private repositories and logging into container registries
- Implement a job for switching users and testing IPv6 connectivity

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-21 21:38:55 +08:00
Bo-Yi Wu
dd0f09ca07 docs: improve README clarity and completeness 
- Update the README table formatting to include an additional column separator
- Add documentation for the SSH protocol version option in the README table

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 16:04:59 +08:00
appleboy
1991c553ec chore(file): update target file 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-16 15:59:42 +08:00
Bo-Yi Wu
fe44be0b96 docs: improve documentation and CI robustness 
- Add backticks around `GITHUB_` and `INPUT_` in the README for clarity

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 15:47:10 +08:00
Bo-Yi Wu
c78141851a ci: enhance GitHub Actions for IPv6 and flexibility (#303) 
* ci: enhance GitHub Actions for IPv6 and flexibility

- Add a new CI job for testing IPv6 in GitHub Actions workflow
- Update the Docker image version from `1.7.3` to `1.7.4`
- Add a new `protocol` input parameter to the GitHub action with a default value of `tcp`
- Change the GitHub action to use a composite run steps action instead of a Docker container
- Update the `entrypoint.sh` script to use `bash` instead of `sh`, set stricter error handling, and add a function to detect client platform and architecture
- Modify the `entrypoint.sh` script to download a specific version of `drone-ssh` based on the detected client info and execute it

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: refactor CI workflow and Docker setup

- Remove IPv6 ping command from CI workflow
- Uncomment Docker run configuration in action.yml

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 15:45:28 +08:00
Kushal Dhakal
8a779a5b1a docs: describe true usage of allenvs parameter (#301) 2024-03-16 09:43:37 +08:00
Bo-Yi Wu
9b978f09f2 chore: update SSH action version in README files 
- Update the version of the `appleboy/ssh-action` from `v1.0.2` to `v1.0.3` in the README.md file
- Update the version of the `appleboy/ssh-action` from `v1.0.2` to `v1.0.3` in the README.zh-tw.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:48:12 +08:00
Bo-Yi Wu
029f5b4aee docs: update README.md and improve code documentation
Some checks failed
remote ssh command / default flag testing (push) Has been cancelled
remote ssh command / testing with envs (push) Has been cancelled
remote ssh command / git clone and pull (push) Has been cancelled
remote ssh command / docker login and pull (push) Has been cancelled
remote ssh command / switch user (push) Has been cancelled
- Add a new entry for `request_pty` in the README.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:40:43 +08:00
Bo-Yi Wu
d134a26a1f fix(sudo): support request_pty to execute sudo command (#288) 
- Add a new job called `testing05` to the CI workflow
- Update the base image in the Dockerfile from `1.7.2` to `1.7.3`
- Update the action name, description, and author in the action.yml file
- Update the descriptions for various inputs in the action.yml file
- Add a new input `request_pty` with a description in the action.yml file
- Update the `using` and `image` fields in the action.yml file
- Update the `using` and `image` fields in the runs section of the action.yml file
- Update the `icon` and `color` fields in the branding section of the action.yml file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:39:23 +08:00
Bo-Yi Wu
2451745138 chore: update SSH action version in README files
Some checks failed
remote ssh command / default flag testing (push) Has been cancelled
remote ssh command / testing with envs (push) Has been cancelled
remote ssh command / git clone and pull (push) Has been cancelled
remote ssh command / docker login and pull (push) Has been cancelled
- Update the version of the `appleboy/ssh-action` to `v1.0.2` in the `README.md` and `README.zh-tw.md` files.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-01 14:23:27 +08:00
Bo-Yi Wu
1f3c338936 chore: update base image to 1.7.2 in Dockerfile 
- Update the base image from `1.7.1` to `1.7.2` in the Dockerfile

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-01 14:22:41 +08:00
Bo-Yi Wu
8f94919856 chore: update appleboy/ssh-action to v1.0.1 in documentation
Some checks failed
remote ssh command / default flag testing (push) Has been cancelled
remote ssh command / testing with envs (push) Has been cancelled
remote ssh command / git clone and pull (push) Has been cancelled
remote ssh command / docker login and pull (push) Has been cancelled
- Update appleboy/ssh-action from v1.0.0 to v1.0.1 in README.md
- Update appleboy/ssh-action from v0.1.10 to v1.0.1 in README.zh-tw.md

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:13:15 +08:00
Bo-Yi Wu
2344d97573 chore(security): update drone-ssh to v1.7.1 (#286) 
- Update the base image in Dockerfile from `1.7.0` to `1.7.1`
- Change the location of `entrypoint.sh` from root to `/bin/` directory in Dockerfile
- Remove the explicit `chmod +x` command for `entrypoint.sh` in Dockerfile

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:11:53 +08:00
Bo-Yi Wu
b9f6bf6223 style: refine CI Workflow and Test Configurations 
- Remove empty lines from the GitHub Actions CI workflow file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:07:39 +08:00
appleboy
4330a1ea48 docs: update appleboy/ssh-action version in README 
- Update the version of `appleboy/ssh-action` from `v0.2.0` to `v1.0.0` in multiple places in the README.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2023-07-23 10:05:56 +08:00
21 changed files with 2235 additions and 516 deletions
Expand all files Collapse all files

41
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View File

@@ -0,0 +1,41 @@
---
name: Bug report
about: Create a report to help us improve
title: ""
labels: bug
assignees: appleboy
---
## Describe the bug
A clear and concise description of what the bug is. If applicable, add screenshots to help explain your problem.
## Yaml Config
Please post your Yaml configuration file along with the output results.
```yaml
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
## Related environment
Please provide the following information:
1. Your hosting provider information, such as DigitalOcean, Linode, AWS, or GCP.
2. The version information of your host's SSH service.
3. The information from your host's SSH configuration file.

265
.github/workflows/ci.yml vendored
View File

@@ -1,265 +0,0 @@
name: remote ssh command
on: [push]
env:
FOO: "BAR"
BAR: "FOO"
jobs:
testing01:
name: default flag testing
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: correct password but wrong key
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
key: "1234"
port: ${{ secrets.PORT }}
script: whoami
- name: wrong password but correct key
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: "abcdef"
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using ssh key
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: whoami
- name: multiple command
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
- name: stop script if command error
uses: ./
continue-on-error: true
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
sync: true
debug: true
script: |
mkdir abc/def
ls -al
- name: ssh key passphrase
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH2 }}
port: ${{ secrets.PORT }}
passphrase: ${{ secrets.PASSPHRASE }}
script: |
whoami
ls -al
- name: use insecure cipher
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: |
ls \
-lah
use_insecure_cipher: true
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
ls \
-lah
use_insecure_cipher: true
# https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports
uses: ./
with:
host: "${{ secrets.HOST }}:${{ secrets.PORT }}"
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: 1024
script_stop: true
script: |
ls \
-lah
use_insecure_cipher: true
# - name: SSH ED25519 Private Key
# uses: ./
# with:
# host: ${{ secrets.TUNNEL_HOST }}
# username: ${{ secrets.TUNNEL_USERNAME }}
# key: ${{ secrets.ID_ED25519 }}
# port: ${{ secrets.TUNNEL_PORT }}
# script: whoami
testing02:
name: testing with envs
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: pass environment
uses: ./
env:
FOO: "BAR"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: ./
env:
FOO: "BAR"
BAR: "FOO"
SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }}
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
sh test.sh
- name: custom envs format
uses: ./
env:
FOO: "BAR"
AAA: "BBB"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,AAA
envs_format: export TEST_{NAME}={VALUE}
script: |
echo "I am $TEST_FOO, thanks"
echo "I am $TEST_BAR, thanks"
echo "I am $BAR, thanks"
echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script
uses: ./
env:
INPUT_FOO: "BAR"
INPUT_AAA: "BBB"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
allenvs: true
script: |
echo "I am $INPUT_FOO, thanks"
echo "I am $INPUT_AAA, thanks"
echo "$GITHUB_BASE_REF"
echo "$GITHUB_REF"
testing03:
name: git clone and pull
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: clone private repository
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository
rm -rf test_repository
testing04:
name: docker login and pull
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: login GitHub Container Registry
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin
- name: login DockerHub Container Registry
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin

33
.github/workflows/goreleaser.yml vendored Normal file
View File

@@ -0,0 +1,33 @@
name: Goreleaser
on:
push:
tags:
- "*"
permissions:
contents: write
jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: "^1"
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
# either 'goreleaser' (default) or 'goreleaser-pro'
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

724
.github/workflows/main.yml vendored Normal file
View File

@@ -0,0 +1,724 @@
name: testing main branch
on: [push]
jobs:
default-user-name-password:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh by username and password
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script: |
#!/usr/bin/env bash
set -e
whoami
- name: ssh commands from a file
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script_path: testdata/test.sh
check-ssh-key:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_rsa.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_rsa.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_rsa >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_rsa
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh by private key
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: whoami
- name: wrong password but correct key
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: "abcdef"
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: whoami
- name: correct password but wrong key
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
key: password
port: 2222
script: whoami
support-key-passphrase:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_passphrase.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_passphrase
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh key passphrase
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
passphrase: 1234
script: |
whoami
ls -al
- name: missing ssh key passphrase
uses: ./
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: |
whoami
ls -al
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
passphrase: 1234
script: |
ls \
-lah
use_insecure_cipher: true
multiple-server:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_passphrase.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_passphrase
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server-01 \
--hostname=openssh-server-01 \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server-01 sh -c "hostname -i" > ip01.txt
echo "REMOTE_HOST_01<<EOF" >> $GITHUB_ENV
cat ip01.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip01.txt
echo "======================================"
docker run -d \
--name=openssh-server-02 \
--hostname=openssh-server-02 \
-p 2223:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server-02 sh -c "hostname -i" > ip02.txt
echo "REMOTE_HOST_02<<EOF" >> $GITHUB_ENV
cat ip02.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip02.txt
echo "======================================"
sleep 2
# https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports
uses: ./
with:
host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222"
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
passphrase: 1234
script: |
whoami
support-ed25519-key:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_ed25519.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_ed25519
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: testing id_ed25519 key
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: |
whoami
ls -al
testing-with-env:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_ed25519.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_ed25519
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=true \
-e PASSWORD_ACCESS=true \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: testing id_ed25519 key
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: |
whoami
ls -al
- name: pass environment
uses: ./
env:
FOO: "BAR"
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
envs: FOO
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: ./
env:
FOO: "BAR"
BAR: "FOO"
SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }}
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
- name: custom envs format
uses: ./
env:
FOO: "BAR"
AAA: "BBB"
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
envs: FOO,BAR,AAA
envs_format: export TEST_{NAME}={VALUE}
script: |
echo "I am $TEST_FOO, thanks"
echo "I am $TEST_BAR, thanks"
echo "I am $BAR, thanks"
echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script
uses: ./
env:
INPUT_FOO: "BAR"
INPUT_AAA: "BBB"
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
allenvs: true
script: |
echo "I am $INPUT_FOO, thanks"
echo "I am $INPUT_AAA, thanks"
echo "$GITHUB_BASE_REF"
echo "$GITHUB_REF"
- name: pass secret variable in shell
uses: ./
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: cd ${{ secrets.PORT }}
- name: switch to root user
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
request_pty: true
command_timeout: 30s
script: |
whoami && echo 'hello world' && touch todo.txt
sudo whoami
testing06:
name: testing ipv6
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Set up WARP
uses: fscarmen/warp-on-actions@v1.1
with:
stack: dual
- name: testing ipv6 for command
run: |
curl -m 9 --ipv6 --verbose https://google.com
- name: testing ipv6
uses: ./
continue-on-error: true
with:
host: 2402:1f00:8000:800::2628
username: ubuntu
password: ${{ secrets.OVH_PASSWORD }}
protocol: tcp6
port: 22
command_timeout: 30s
script: |
whoami
testing07:
name: some special character
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Set Environment Variables
run: |
PASS='3HUS$?8kLu)}'
printf "PASS=${PASS}" >> $GITHUB_ENV
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD='${{ env.PASS }}' \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh by username and password
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: ${{ env.PASS }}
port: 2222
script: |
#!/usr/bin/env bash
set -e
whoami
testing-capturing-output:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- id: stdout
name: ssh command with stdout
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
whoami
- name: check stdout
run: |
echo "stdout: ${{ steps.stdout.outputs.stdout }}"
testing-script-stop:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- id: stdout01
name: ssh command with stdout 01
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
echo "TMP TESTING IF"
if [[ "2" == "1" ]]; then
echo "True"
else
echo "False"
fi
- name: check stdout 01
run: |
echo "stdout: ${{ steps.stdout01.outputs.stdout }}"
if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "True"; then
echo "Output contains 'True'"
exit 1
fi
if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "False"; then
echo "Output contains 'False'"
fi
- id: stdout02
name: ssh command with stdout 01
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
echo "TMP TESTING IF"
if [[ "1" == "1" ]]; then
echo "True"
else
echo "False"
fi
- name: check stdout 02
run: |
echo "stdout: ${{ steps.stdout02.outputs.stdout }}"
if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "False"; then
echo "Output contains 'False'"
exit 1
fi
if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "True"; then
echo "Output contains 'True'"
fi
testing-script-error:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: test script error
uses: ./
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
ls /nonexistent

467
.github/workflows/stable.yml vendored Normal file
View File

@@ -0,0 +1,467 @@
name: testing stable version
on: [push]
jobs:
default-user-name-password:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh by username and password
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script: |
#!/usr/bin/env bash
set -e
whoami
- name: ssh commands from a file
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script_path: testdata/test.sh
check-ssh-key:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_rsa.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_rsa.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_rsa >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_rsa
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh by private key
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: whoami
- name: wrong password but correct key
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: "abcdef"
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: whoami
- name: correct password but wrong key
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
key: password
port: 2222
script: whoami
support-key-passphrase:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_passphrase.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_passphrase
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
passphrase: 1234
script: |
whoami
ls -al
- name: missing ssh key passphrase
uses: appleboy/ssh-action@v1.2.2
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: |
whoami
ls -al
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
passphrase: 1234
script: |
ls \
-lah
use_insecure_cipher: true
multiple-server:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_passphrase.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_passphrase
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server-01 \
--hostname=openssh-server-01 \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server-01 sh -c "hostname -i" > ip01.txt
echo "REMOTE_HOST_01<<EOF" >> $GITHUB_ENV
cat ip01.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip01.txt
echo "======================================"
docker run -d \
--name=openssh-server-02 \
--hostname=openssh-server-02 \
-p 2223:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server-02 sh -c "hostname -i" > ip02.txt
echo "REMOTE_HOST_02<<EOF" >> $GITHUB_ENV
cat ip02.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip02.txt
echo "======================================"
sleep 2
# https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports
uses: appleboy/ssh-action@v1.2.2
with:
host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222"
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
passphrase: 1234
script: |
whoami
support-ed25519-key:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_ed25519.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_ed25519
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: testing id_ed25519 key
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: |
whoami
ls -al
testing-with-env:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: add public key to env
run: |
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= public key ========="
cat testdata/.ssh/id_ed25519.pub
echo "============================"
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= private key ========="
cat testdata/.ssh/id_ed25519
echo "============================"
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
-e SUDO_ACCESS=true \
-e PASSWORD_ACCESS=true \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: testing id_ed25519 key
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script: |
whoami
ls -al
- name: pass environment
uses: appleboy/ssh-action@v1.2.2
env:
FOO: "BAR"
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
envs: FOO
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: appleboy/ssh-action@v1.2.2
env:
FOO: "BAR"
BAR: "FOO"
SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }}
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
- name: custom envs format
uses: appleboy/ssh-action@v1.2.2
env:
FOO: "BAR"
AAA: "BBB"
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
envs: FOO,BAR,AAA
envs_format: export TEST_{NAME}={VALUE}
script: |
echo "I am $TEST_FOO, thanks"
echo "I am $TEST_BAR, thanks"
echo "I am $BAR, thanks"
echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script
uses: appleboy/ssh-action@v1.2.2
env:
INPUT_FOO: "BAR"
INPUT_AAA: "BBB"
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
allenvs: true
script: |
echo "I am $INPUT_FOO, thanks"
echo "I am $INPUT_AAA, thanks"
echo "$GITHUB_BASE_REF"
echo "$GITHUB_REF"
- name: switch to root user
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
request_pty: true
command_timeout: 30s
script: |
whoami && echo 'hello world' && touch todo.txt
sudo whoami

28
.goreleaser.yaml Normal file
View File

@@ -0,0 +1,28 @@
builds:
- # If true, skip the build.
# Useful for library projects.
# Default is false
skip: true
changelog:
use: github
groups:
- title: Features
regexp: "^.*feat[(\\w)]*:+.*$"
order: 0
- title: "Bug fixes"
regexp: "^.*fix[(\\w)]*:+.*$"
order: 1
- title: "Enhancements"
regexp: "^.*chore[(\\w)]*:+.*$"
order: 2
- title: "Refactor"
regexp: "^.*refactor[(\\w)]*:+.*$"
order: 3
- title: "Build process updates"
regexp: ^.*?(build|ci)(\(.+\))??!?:.+$
order: 4
- title: "Documentation updates"
regexp: ^.*?docs?(\(.+\))??!?:.+$
order: 4
- title: Others

5
Dockerfile
View File

@@ -1,5 +0,0 @@
FROM ghcr.io/appleboy/drone-ssh:1.7.0
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]

242
README.md
View File

@@ -1,75 +1,77 @@
# 🚀 SSH for GitHub Actions
[繁體中文](./README.zh-tw.md)
English | [繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
A [GitHub Action](https://github.com/features/actions) for executing remote SSH commands.
![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
[![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
This project is built with [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
## Input variables
See [action.yml](./action.yml) for more detailed information.
Refer to [action.yml](./action.yml) for more detailed information.
| Input Parameter | Description | Default Value |
|-------------------------|-----------------------------------------------------------------|---------------|
| host | SSH host address | |
| port | SSH port number | 22 |
| passphrase | SSH key passphrase | |
| username | SSH username | |
| password | SSH password | |
| sync | Enable synchronous execution if multiple hosts | false |
| use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
| cipher | Allowed cipher algorithms. If unspecified, a sensible default | |
| timeout | Timeout duration for SSH to host | 30s |
| command_timeout | Timeout duration for SSH command | 10m |
| key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | |
| key_path | Path of SSH private key | |
| fingerprint | SHA256 fingerprint of the host public key | |
| proxy_host | SSH proxy host | |
| proxy_port | SSH proxy port | 22 |
| proxy_username | SSH proxy username | |
| proxy_password | SSH proxy password | |
| proxy_passphrase | SSH proxy key passphrase | |
| proxy_timeout | Timeout for SSH to proxy host | 30s |
| proxy_key | Content of SSH proxy private key | |
| proxy_key_path | Path of SSH proxy private key | |
| proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
| proxy_cipher | Allowed cipher algorithms for the proxy | |
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
| script | Execute commands | |
| script_stop | Stop script after first failure | false |
| envs | Pass environment variables to shell script | |
| envs_format | Flexible configuration of environment value transfer | |
| debug | Enable debug mode | false |
| allenvs | Pass all environment variables to shell script | false |
| Input Parameter | Description | Default Value |
| ------------------------- | ---------------------------------------------------------------------------------------- | ------------- |
| host | SSH host address | |
| port | SSH port number | 22 |
| passphrase | SSH key passphrase | |
| username | SSH username | |
| password | SSH password | |
| protocol | SSH protocol version (tcp, tcp4, tcp6) | tcp |
| sync | Enable synchronous execution if multiple hosts are specified | false |
| use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
| cipher | Allowed cipher algorithms. If unspecified, sensible defaults are used | |
| timeout | Timeout duration for SSH to host | 30s |
| command_timeout | Timeout duration for SSH command | 10m |
| key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | |
| key_path | Path of SSH private key | |
| fingerprint | SHA256 fingerprint of the host public key | |
| proxy_host | SSH proxy host | |
| proxy_port | SSH proxy port | 22 |
| proxy_protocol | SSH proxy protocol version (tcp, tcp4, tcp6) | tcp |
| proxy_username | SSH proxy username | |
| proxy_password | SSH proxy password | |
| proxy_passphrase | SSH proxy key passphrase | |
| proxy_timeout | Timeout for SSH to proxy host | 30s |
| proxy_key | Content of SSH proxy private key | |
| proxy_key_path | Path of SSH proxy private key | |
| proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
| proxy_cipher | Allowed cipher algorithms for the proxy | |
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
| script | Execute commands | |
| script_path | Execute commands from a file | |
| envs | Pass environment variables to the shell script | |
| envs_format | Flexible configuration of environment value transfer | |
| debug | Enable debug mode | false |
| allenvs | Pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
| request_pty | Request a pseudo-terminal from the server | false |
**Note:** Users can add `set -e` in their shell script to achieve similar functionality to the removed `script_stop` option.
## Usage
Executing remote ssh commands.
Executing remote SSH commands.
```yaml
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.2.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: linuxserver.io
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
output:
@@ -78,17 +80,17 @@ output:
======CMD======
whoami
======END======
out: ***
==============================================
✅ Successfully executed commands to all host.
==============================================
linuxserver.io
===============================================
✅ Successfully executed commands to all hosts.
===============================================
```
### Setting up a SSH Key
Make sure to follow the below steps while creating SSH Keys and using them.
The best practice is create the SSH Keys on local machine not remote machine.
Login with username specified in Github Secrets. Generate a RSA Key-Pair:
Follow the steps below to create and use SSH Keys.
It is best practice to create SSH Keys on your local machine, not on a remote machine.
Log in with the username specified in GitHub Secrets and generate an RSA Key-Pair:
### Generate rsa key
@@ -102,7 +104,7 @@ ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
Add the newly generated key to the Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
### Add rsa key into Authorized keys
@@ -116,27 +118,44 @@ cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
Copy Private Key content and paste in Github Secrets.
Copy the Private Key content and paste it into GitHub Secrets.
### Copy rsa Private key
Before copying the private key, install the `clip` command as shown below:
```bash
clip < ~/.ssh/id_rsa
# Ubuntu
sudo apt-get install xclip
```
Copy the private key:
```bash
# macOS
pbcopy < ~/.ssh/id_rsa
# Ubuntu
xclip < ~/.ssh/id_rsa
```
Starting from and including the comment section `-----BEGIN OPENSSH PRIVATE KEY-----` and ending at and including the comment section `-----END OPENSSH PRIVATE KEY-----`, copy the private key and paste it into GitHub Secrets.
### Copy ed25519 Private key
```bash
clip < ~/.ssh/id_ed25519
# macOS
pbcopy < ~/.ssh/id_ed25519
# Ubuntu
xclip < ~/.ssh/id_ed25519
```
See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
See detailed information about [SSH login without a password](http://www.linuxproblem.org/art_9.html).
**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
**Note**: Depending on your version of SSH, you might also need to make the following changes:
* Put the public key in `.ssh/authorized_keys2`
* Change the permissions of `.ssh` to 700
* Change the permissions of `.ssh/authorized_keys2` to 640
- Put the public key in `.ssh/authorized_keys2`
- Change the permissions of `.ssh` to 700
- Change the permissions of `.ssh/authorized_keys2` to 640
### If you are using OpenSSH
@@ -146,13 +165,13 @@ If you are currently using OpenSSH and are getting the following error:
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
```
Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
Ensure that your chosen key algorithm is supported. On Ubuntu 20.04 or later, you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
```bash
CASignatureAlgorithms +ssh-rsa
```
Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
Alternatively, `ed25519` keys are accepted by default in OpenSSH. You can use this instead of rsa if needed:
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
@@ -164,7 +183,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -177,7 +196,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -190,7 +209,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: multiple command
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -203,11 +222,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
![result](./images/output-result.png)
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### Multiple Hosts
```diff
- name: multiple host
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
@@ -219,11 +251,13 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
ls -al
```
The default value of `port` is `22`.
#### Multiple hosts with different port
```diff
- name: multiple host
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
@@ -238,7 +272,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: "foo.com,bar.com"
+ sync: true
@@ -254,7 +288,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: pass environment
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
@@ -273,37 +307,6 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
_Inside `env` object, you need to pass every environment variable as a string, passing `Integer` data type or any other may output unexpected results._
#### Stop script after first failure
> ex: missing `abc` folder
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v0.2.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ script_stop: true
script: |
mkdir abc/def
ls -al
```
output:
```sh
======CMD======
mkdir abc/def
ls -al
======END======
2019/11/21 01:16:21 Process exited with status 1
err: mkdir: cannot create directory abc/def: No such file or directory
##[error]Docker run failed with exit code 1
```
#### How to connect remote server using `ProxyCommand`?
```bash
@@ -332,7 +335,7 @@ Host FooServer
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -355,7 +358,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -381,7 +384,7 @@ Now you can adjust you config:
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v0.2.0
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -393,6 +396,29 @@ Now you can adjust you config:
ls -al
```
## Q&A
### Command not found (npm or other command)
See the [issue comment](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) about interactive vs non interactive shell. Thanks @kocyigityunus for the solution.
If you are running a command in a non-interactive shell, like ssh-action, on many Linux distros,
`/etc/bash.bashrc` file has a specific command that returns only, so some of the files didn't run and some specific commands doesn't add to path,
```sh
# /etc/bash.bashrc
# System-wide .bashrc file for interactive bash(1) shells.
# To enable the settings / commands in this file for login shells as well,
# this file has to be sourced in /etc/profile.
# If not running interactively, don't do anything
[ -z "$PS1" ] && return`
```
comment out the line that returns early, and everything should work fine. Alternatively, you can use the real paths of the commands you want to use.
## Contributing
We would love for you to contribute to `appleboy/ssh-action`, pull requests are welcome!

403
README.zh-cn.md Normal file
View File

@@ -0,0 +1,403 @@
# 🚀 用于 GitHub Actions 的 SSH
[English](./README.md) | [繁體中文](./README.zh-tw.md) | 简体中文
一个用于执行远程 SSH 命令的 [GitHub Action](https://github.com/features/actions)。
![ssh workflow](./images/ssh-workflow.png)
[![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
该项目使用 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 构建。🚀
## 输入变量
有关更详细的信息,请参阅 [action.yml](./action.yml)。
| 输入参数 | 描述 | 默认值 |
| ------------------------- | ----------------------------------------------------- | ------ |
| host | SSH 主机地址 | |
| port | SSH 端口号 | 22 |
| passphrase | SSH 密钥密码短语 | |
| username | SSH 用户名 | |
| password | SSH 密码 | |
| protocol | SSH 协议版本tcp, tcp4, tcp6 | tcp |
| sync | 如果指定了多个主机,则启用同步执行 | false |
| use_insecure_cipher | 使用不安全的密码算法 | false |
| cipher | 允许的密码算法。如果未指定,则使用适当的默认值 | |
| timeout | SSH 连接到主机的超时时间 | 30s |
| command_timeout | SSH 命令的超时时间 | 10m |
| key | SSH 私钥的内容,例如 ~/.ssh/id_rsa 的原始内容 | |
| key_path | SSH 私钥的路径 | |
| fingerprint | 主机公钥的 SHA256 指纹 | |
| proxy_host | SSH 代理主机 | |
| proxy_port | SSH 代理端口 | 22 |
| proxy_protocol | SSH 代理协议版本tcp, tcp4, tcp6 | tcp |
| proxy_username | SSH 代理用户名 | |
| proxy_password | SSH 代理密码 | |
| proxy_passphrase | SSH 代理密钥密码短语 | |
| proxy_timeout | SSH 连接到代理主机的超时时间 | 30s |
| proxy_key | SSH 代理私钥的内容 | |
| proxy_key_path | SSH 代理私钥的路径 | |
| proxy_fingerprint | 代理主机公钥的 SHA256 指纹 | |
| proxy_cipher | 代理允许的密码算法 | |
| proxy_use_insecure_cipher | 使用不安全的密码算法 | false |
| script | 执行命令 | |
| script_path | 从文件执行命令 | |
| envs | 传递环境变量到 shell 脚本 | |
| envs_format | 环境变量传递的灵活配置 | |
| debug | 启用调试模式 | false |
| allenvs | 将带有 `GITHUB_``INPUT_` 前缀的环境变量传递给脚本 | false |
| request_pty | 请求伪终端 | false |
**注意:** 用户可以在他们的 shell 脚本中添加 `set -e` 以实现类似于已删除的 `script_stop` 选项的功能。
## 使用方法
执行远程 SSH 命令。
```yaml
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: linuxserver.io
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
输出:
```sh
======CMD======
whoami
======END======
linuxserver.io
===============================================
✅ Successfully executed commands to all hosts.
===============================================
```
### 设置 SSH 密钥
请按照以下步骤创建和使用 SSH 密钥。
最佳做法是在本地机器上创建 SSH 密钥,而不是在远程机器上。
使用 GitHub Secrets 中指定的用户名登录并生成 RSA 密钥对:
### 生成 RSA 密钥
```bash
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
```
### 生成 ed25519 密钥
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
将新生成的密钥添加到已授权的密钥中。详细了解已授权的密钥请点[此处](https://www.ssh.com/ssh/authorized_keys/)。
### 将 RSA 密钥添加到已授权密钥中
```bash
cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
### 将 ed25519 密钥添加到已授权密钥中
```bash
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
```
复制私钥内容,然后将其粘贴到 GitHub Secrets 中。
### 复制 RSA 私钥内容
在复制私钥之前,按照以下步骤安装 `clip` 命令:
```bash
# Ubuntu
sudo apt-get install xclip
```
复制私钥:
```bash
# macOS
pbcopy < ~/.ssh/id_rsa
# Ubuntu
xclip < ~/.ssh/id_rsa
```
从包含注释部分 `-----BEGIN OPENSSH PRIVATE KEY-----` 开始,到包含注释部分 `-----END OPENSSH PRIVATE KEY-----` 结束,复制私钥并将其粘贴到 GitHub Secrets 中。
### 复制 ed25519 私钥内容
```bash
# macOS
pbcopy < ~/.ssh/id_ed25519
# Ubuntu
xclip < ~/.ssh/id_ed25519
```
有关无需密码登录 SSH 的详细信息,请[见该网站](http://www.linuxproblem.org/art_9.html)。
**注意**:根据您的 SSH 版本,您可能还需要进行以下更改:
- 将公钥放在 `.ssh/authorized_keys2`
-`.ssh` 的权限更改为 700
-`.ssh/authorized_keys2` 的权限更改为 640
### 如果你使用的是 OpenSSH
如果您正在使用 OpenSSH并出现以下错误
```bash
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
```
请确保您所选择的密钥算法得到支持。在 Ubuntu 20.04 或更高版本上,您必须明确允许使用 ssh-rsa 算法。请在 OpenSSH 守护进程文件中添加以下行(它可以是 `/etc/ssh/sshd_config``/etc/ssh/sshd_config.d/` 中的一个附加文件):
```bash
CASignatureAlgorithms +ssh-rsa
```
或者,`ed25519` 密钥在 OpenSSH 中默认被接受。如果需要,您可以使用它来替代 RSA
```bash
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```
### 示例
#### 使用密码执行远程 SSH 命令
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
#### 使用私钥
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: whoami
```
#### 多个命令
```yaml
- name: multiple command
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
```
![result](./images/output-result.png)
#### 从文件执行命令
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### 多台主机
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.2.2
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
```
默认的 `port` 值是 `22`
#### 多个不同端口的主机
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.2.2
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
script: |
whoami
ls -al
```
#### 在多台主机上同步执行
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.2.2
with:
host: "foo.com,bar.com"
+ sync: true
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script: |
whoami
ls -al
```
#### 将环境变量传递到 shell 脚本
```diff
- name: pass environment
uses: appleboy/ssh-action@v1.2.2
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
+ SHA: ${{ github.sha }}
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ envs: FOO,BAR,SHA
script: |
echo "I am $FOO"
echo "I am $BAR"
echo "sha: $SHA"
```
_在 `env` 对象中,您需要将每个环境变量作为字符串传递,传递 `Integer` 数据类型或任何其他类型可能会产生意外结果。_
#### 如何使用 `ProxyCommand` 连接远程服务器?
```bash
+--------+ +----------+ +-----------+
| Laptop | <--> | Jumphost | <--> | FooServer |
+--------+ +----------+ +-----------+
```
在您的 `~/.ssh/config` 文件中,您会看到以下内容。
```bash
Host Jumphost
HostName Jumphost
User ubuntu
Port 22
IdentityFile ~/.ssh/keys/jump_host.pem
Host FooServer
HostName FooServer
User ubuntu
Port 22
ProxyCommand ssh -q -W %h:%p Jumphost
```
#### 如何将其转换为 GitHubActions 的 YAML 格式?
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ proxy_host: ${{ secrets.PROXY_HOST }}
+ proxy_username: ${{ secrets.PROXY_USERNAME }}
+ proxy_key: ${{ secrets.PROXY_KEY }}
+ proxy_port: ${{ secrets.PROXY_PORT }}
script: |
mkdir abc/def
ls -al
```
#### 保护私钥
密码短语通常用于加密私钥。这使得密钥文件本身对攻击者无用。文件泄露可能来自备份或停用的硬件,黑客通常可以从受攻击系统中泄露文件。
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ passphrase: ${{ secrets.PASSPHRASE }}
script: |
whoami
ls -al
```
#### 使用主机指纹验证
设置 SSH 主机指纹验证可以帮助防止中间人攻击。在设置之前,运行以下命令以获取 SSH 主机指纹。请记得将 `ed25519` 替换为您适当的密钥类型(`rsa``dsa`等),而 `example.com` 则替换为您的主机。
在现代 OpenSSH 版本中,默认提取的密钥类型是 `rsa`(从版本 5.1 开始)、`ecdsa`(从版本 6.0 开始)和 `ed25519`(从版本 6.7 开始)。
```sh
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
```
现在您可以调整您的配置:
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ fingerprint: ${{ secrets.FINGERPRINT }}
script: |
whoami
ls -al
```
## 贡献
我们非常希望您为 `appleboy/ssh-action` 做出贡献,欢迎提交请求!
## 授权方式
本项目中的脚本和文档采用 [MIT 许可证](LICENSE) 发布。

200
README.zh-tw.md
View File

@@ -1,50 +1,58 @@
# 🚀 用於 GitHub Actions 的 SSH
# 🚀 GitHub Actions 的 SSH
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
[English](./README.md) | 繁體中文 | [简体中文](./README.zh-cn.md)
[GitHub Action](https://github.com/features/actions) 用於執行遠端 SSH 命令。
![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
[![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**注意** 只支援在 **Linux** [docker](https://www.docker.com/) 容器上執行。
此專案使用 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 建立。🚀
## 輸入變數
更詳細的資訊,請參閱 [action.yml](./action.yml)。
請參閱 [action.yml](./action.yml) 以獲取更詳細的信息
* `host` - SSH 主機
* `port` - SSH 連接埠,預設為 `22`
* `username` - SSH 使用者名稱
* `password` - SSH 密碼
* `passphrase` - 通常用於加密私鑰的 passphrase
* `sync` - 同步執行多個主機上的命令,預設為 false
* `timeout` - SSH 連接到遠端主機的超時時間,預設為 `30s`
* `command_timeout` - SSH 命令超時時間,預設為 10m
* `key` - SSH 私鑰的內容,例如 ~/.ssh/id_rsa 的原始內容,請記得包含 BEGIN 和 END 行
* `key_path` - SSH 私鑰的路徑
* `fingerprint` - 主機公鑰的 SHA256 指紋,預設為略過驗證
* `script` - 執行命令
* `script_stop` - 當出現第一個錯誤時停止執行命令
* `envs` - 傳遞環境變數到 shell script
* `debug` - 啟用偵錯模式
* `use_insecure_cipher` - 使用不安全的密碼ciphers進行加密參見 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `cipher` - 允許使用的密碼ciphers演算法。如果未指定則使用適當的演算法
| 輸入參數 | 描述 | 預設值 |
| ------------------------- | ----------------------------------------------------- | ------ |
| host | SSH 主機地址 | |
| port | SSH 埠號 | 22 |
| passphrase | SSH 金鑰密碼 | |
| username | SSH 使用者名稱 | |
| password | SSH 密碼 | |
| protocol | SSH 協議版本 (tcp, tcp4, tcp6) | tcp |
| sync | 如果有多個主機,啟用同步執行 | false |
| use_insecure_cipher | 包含更多不安全的加密算法 | false |
| cipher | 允許的加密算法。如果未指定,則使用合理的預設值 | |
| timeout | SSH 連接主機的超時時間 | 30s |
| command_timeout | SSH 命令的超時時間 | 10m |
| key | SSH 私鑰的內容。例如,~/.ssh/id_rsa 的原始內容 | |
| key_path | SSH 私鑰的路徑 | |
| fingerprint | 主機公鑰的 SHA256 指紋 | |
| proxy_host | SSH 代理主機 | |
| proxy_port | SSH 代理埠號 | 22 |
| proxy_protocol | SSH 代理協議版本 (tcp, tcp4, tcp6) | tcp |
| proxy_username | SSH 代理使用者名稱 | |
| proxy_password | SSH 代理密碼 | |
| proxy_passphrase | SSH 代理金鑰密碼 | |
| proxy_timeout | SSH 連接代理主機的超時時間 | 30s |
| proxy_key | SSH 代理私鑰的內容 | |
| proxy_key_path | SSH 代理私鑰的路徑 | |
| proxy_fingerprint | 代理主機公鑰的 SHA256 指紋 | |
| proxy_cipher | 代理允許的加密算法 | |
| proxy_use_insecure_cipher | 包含更多不安全的加密算法 | false |
| script | 執行命令 | |
| script_path | 從文件中執行命令 | |
| envs | 將環境變數傳遞給 shell 腳本 | |
| envs_format | 環境值傳遞的靈活配置 | |
| debug | 啟用調試模式 | false |
| allenvs | 將帶有 `GITHUB_``INPUT_` 前綴的環境變數傳遞給腳本 | false |
| request_pty | 從伺服器請求偽終端 | false |
SSH 代理設置:
**注意:** 用戶可以在他們的 shell 腳本中添加 `set -e` 以實現類似於已刪除的 `script_stop` 選項的功能。
* `proxy_host` - 代理主機
* `proxy_port` - 代理端口,預設為 `22`
* `proxy_username` - 代理使用者名稱
* `proxy_password` - 代理密碼
* `proxy_passphrase` - 密碼通常用於加密私有金鑰
* `proxy_timeout` - SSH 連線至代理主機的逾時時間,預設為 `30s`
* `proxy_key` - SSH 代理私有金鑰內容
* `proxy_key_path` - SSH 代理私有金鑰路徑
* `proxy_fingerprint` - 代理主機公鑰的 SHA256 指紋,預設為跳過驗證
* `proxy_use_insecure_cipher` - 使用不安全的加密方式,請參閱 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `proxy_cipher` - 允許的加密算法。如果未指定,則使用合理的算法
## 使用方式
## 用法
執行遠端 SSH 命令
@@ -52,19 +60,18 @@ SSH 代理設置:
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.10
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: linuxserver.io
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
畫面輸出
@@ -73,10 +80,10 @@ jobs:
======CMD======
whoami
======END======
out: ***
==============================================
✅ Successfully executed commands to all host.
==============================================
linuxserver.io
===============================================
✅ Successfully executed commands to all hosts.
===============================================
```
### 設置 SSH 金鑰
@@ -113,23 +120,40 @@ cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
### 複製 rsa 私鑰內容
在複製私鑰之前,請按照以下說明安裝 `clip` 命令:
```bash
clip < ~/.ssh/id_rsa
# Ubuntu
sudo apt-get install xclip
```
複製私鑰:
```bash
# macOS
pbcopy < ~/.ssh/id_rsa
# Ubuntu
xclip < ~/.ssh/id_rsa
```
從包含註釋部分 `-----BEGIN OPENSSH PRIVATE KEY-----` 開始,到包含註釋部分 `-----END OPENSSH PRIVATE KEY-----` 結束,複製私鑰並將其粘貼到 GitHub Secrets 中。
### 複製 ed25519 私鑰內容
```bash
clip < ~/.ssh/id_ed25519
# macOS
pbcopy < ~/.ssh/id_ed25519
# Ubuntu
xclip < ~/.ssh/id_ed25519
```
有關無需密碼登錄 SSH 的詳細信息,請[參見該網站](http://www.linuxproblem.org/art_9.html)。
**來自讀者的注意事項** 根據您的 SSH 版本,您可能還需要進行以下更改:
**注意**:根據您的 SSH 版本,您可能還需要進行以下更改:
* 將公鑰放在 `.ssh/authorized_keys2`
*`.ssh` 的權限更改為700
*`.ssh/authorized_keys2` 的權限更改為640
- 將公鑰放在 `.ssh/authorized_keys2`
-`.ssh` 的權限更改為 700
-`.ssh/authorized_keys2` 的權限更改為 640
### 如果你使用的是 OpenSSH
@@ -157,7 +181,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -170,7 +194,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -183,7 +207,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: multiple command
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -196,11 +220,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
![result](./images/output-result.png)
#### 從文件中執行命令
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### 多台主機
```diff
- name: multiple host
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
@@ -216,7 +253,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
@@ -231,7 +268,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: "foo.com,bar.com"
+ sync: true
@@ -247,7 +284,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: pass environment
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
@@ -266,37 +303,6 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
_在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳遞 `Integer` 數據類型或任何其他類型可能會產生意外結果。_
#### 在第一次失敗後停止腳本
> ex: missing `abc` folder
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v0.1.10
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ script_stop: true
script: |
mkdir abc/def
ls -al
```
畫面輸出:
```sh
======CMD======
mkdir abc/def
ls -al
======END======
2019/11/21 01:16:21 Process exited with status 1
err: mkdir: cannot create directory abc/def: No such file or directory
##[error]Docker run failed with exit code 1
```
#### 如何使用 `ProxyCommand` 連接遠程服務器?
```bash
@@ -325,7 +331,7 @@ Host FooServer
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -346,7 +352,7 @@ Host FooServer
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -362,7 +368,7 @@ Host FooServer
設置 SSH 主機指紋驗證可以幫助防止中間人攻擊。在設置之前,運行以下命令以獲取 SSH 主機指紋。請記得將 `ed25519` 替換為您的適當金鑰類型(`rsa``dsa`等),而 `example.com` 則替換為您的主機。
現代 OpenSSH 版本中,需要提取的_默認金鑰_類型是 `rsa`(從版本 5.1 開始)、`ecdsa`(從版本 6.0 開始)和 `ed25519`(從版本 6.7 開始)。
現代 OpenSSH 版本中,需要提取的**默認金鑰**類型是 `rsa`(從版本 5.1 開始)、`ecdsa`(從版本 6.0 開始)和 `ed25519`(從版本 6.7 開始)。
```sh
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
@@ -372,7 +378,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.10
uses: appleboy/ssh-action@v1.2.2
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}

137
action.yml
View File

@@ -1,76 +1,137 @@
name: 'SSH Remote Commands'
description: 'Executing remote ssh commands'
author: 'Bo-Yi Wu'
name: "SSH Remote Commands"
description: "Executing remote ssh commands"
author: "Bo-Yi Wu"
inputs:
host:
description: 'SSH host address.'
description: "SSH host address or IP to connect to."
port:
description: 'SSH port number.'
description: "SSH port number for the connection."
default: "22"
passphrase:
description: 'Passphrase for the SSH key.'
description: "Passphrase to decrypt the SSH private key if protected."
username:
description: 'SSH username.'
description: "SSH username for authentication on the remote server."
password:
description: 'SSH password.'
description: "SSH password for authentication (use secrets for sensitive data)."
protocol:
description: 'IP protocol version to use. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).'
default: "tcp"
sync:
description: 'Enable synchronous execution if multiple hosts are involved.'
description: "When true, executes commands synchronously across multiple hosts (one after another)."
use_insecure_cipher:
description: 'Include more ciphers by using insecure ciphers.'
description: "Enable additional legacy ciphers that might be less secure but more compatible with older systems."
cipher:
description: 'Allowed cipher algorithms. If unspecified, a sensible default is used.'
description: "Specify custom cipher algorithms for encryption. Leave empty to use secure defaults."
timeout:
description: 'Timeout duration for establishing SSH connection to the host.'
description: "Maximum time to wait when establishing the SSH connection, e.g., '30s', '1m'."
default: "30s"
command_timeout:
description: 'Timeout duration for SSH commands execution.'
description: "Maximum execution time for the remote commands before terminating, e.g., '10m', '1h'."
default: "10m"
key:
description: 'Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa.'
description: "Raw content of the SSH private key for authentication (use secrets for sensitive data)."
key_path:
description: 'Path to the SSH private key file.'
description: "Path to the SSH private key file on the runner."
fingerprint:
description: 'SHA256 fingerprint of the host public key.'
description: "SHA256 fingerprint of the host public key for verification to prevent MITM attacks."
proxy_host:
description: 'SSH proxy host address.'
description: "Proxy server hostname or IP if connecting through an SSH jump host."
proxy_port:
description: 'SSH proxy port number.'
description: "SSH port number for the proxy connection."
default: "22"
proxy_username:
description: 'SSH proxy username.'
description: "Username for authentication on the proxy server."
proxy_password:
description: 'SSH proxy password.'
description: "Password for authentication on the proxy server (use secrets for sensitive data)."
proxy_protocol:
description: 'IP protocol version for proxy. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).'
default: "tcp"
proxy_passphrase:
description: 'SSH proxy key passphrase.'
description: "Passphrase to decrypt the proxy SSH private key if protected."
proxy_timeout:
description: 'Timeout duration for establishing SSH connection to the proxy host.'
description: "Maximum time to wait when establishing the proxy SSH connection, e.g., '30s', '1m'."
default: "30s"
proxy_key:
description: 'Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa.'
description: "Raw content of the SSH proxy private key for authentication (use secrets for sensitive data)."
proxy_key_path:
description: 'Path to the SSH proxy private key file.'
description: "Path to the SSH proxy private key file on the runner."
proxy_fingerprint:
description: 'SHA256 fingerprint of the proxy host public key.'
description: "SHA256 fingerprint of the proxy host public key for verification."
proxy_cipher:
description: 'Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used.'
description: "Specify custom cipher algorithms for proxy connection encryption."
proxy_use_insecure_cipher:
description: 'Include more ciphers for the proxy by using insecure ciphers.'
description: "Enable additional legacy ciphers for proxy connections (less secure but more compatible)."
script:
description: 'Commands to be executed.'
script_stop:
description: 'Stop the script after the first failure.'
description: "Commands to execute on the remote server (inline script string)."
script_path:
description: "Path to a local file containing commands to execute on the remote server."
envs:
description: 'Environment variables to be passed to the shell script.'
description: "Environment variables to expose to the remote script, format: key=value,key2=value2."
envs_format:
description: 'Flexible configuration for environment value transfer.'
description: "Format specification for environment variable transfer (for advanced usage)."
debug:
description: 'Enable debug mode.'
description: "Set to true to enable verbose logging for troubleshooting connection issues."
allenvs:
description: 'pass all environment variable to shell script.'
description: "When true, passes all GitHub Actions environment variables to the remote script."
request_pty:
description: "Request a pseudo-terminal from the server (required for interactive commands or sudo)."
capture_stdout:
description: "When true, captures and returns standard output from the commands as action output."
default: "false"
outputs:
stdout:
description: "Standard output of the executed commands when capture_stdout is enabled."
value: ${{ steps.entrypoint.outputs.stdout }}
runs:
using: 'docker'
image: 'Dockerfile'
using: "composite"
steps:
- name: Set GitHub Path
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
- id: entrypoint
name: Run entrypoint.sh
run: entrypoint.sh
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
INPUT_HOST: ${{ inputs.host }}
INPUT_PORT: ${{ inputs.port }}
INPUT_PROTOCOL: ${{ inputs.protocol }}
INPUT_USERNAME: ${{ inputs.username }}
INPUT_PASSWORD: ${{ inputs.password }}
INPUT_PASSPHRASE: ${{ inputs.passphrase }}
INPUT_KEY: ${{ inputs.key }}
INPUT_KEY_PATH: ${{ inputs.key_path }}
INPUT_FINGERPRINT: ${{ inputs.fingerprint }}
INPUT_PROXY_HOST: ${{ inputs.proxy_host }}
INPUT_PROXY_PORT: ${{ inputs.proxy_port }}
INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }}
INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }}
INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
INPUT_PROXY_KEY: ${{ inputs.proxy_key }}
INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
INPUT_TIMEOUT: ${{ inputs.timeout }}
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
INPUT_SCRIPT: ${{ inputs.script }}
INPUT_SCRIPT_FILE: ${{ inputs.script_path }}
INPUT_ENVS: ${{ inputs.envs }}
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
INPUT_DEBUG: ${{ inputs.debug }}
INPUT_ALL_ENVS: ${{ inputs.allenvs }}
INPUT_REQUEST_PTY: ${{ inputs.request_pty }}
INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
INPUT_CIPHER: ${{ inputs.cipher }}
INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
INPUT_SYNC: ${{ inputs.sync }}
INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }}
branding:
icon: 'terminal'
color: 'gray-dark'
icon: "terminal"
color: "gray-dark"

76
entrypoint.sh
View File

@@ -1,7 +1,77 @@
#!/bin/sh
#!/usr/bin/env bash
set -eu
set -o errexit
set -o nounset
set -o pipefail
export GITHUB="true"
sh -c "/bin/drone-ssh $*"
GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.8.1}"
function detect_client_info() {
if [ -n "${SSH_CLIENT_OS-}" ]; then
CLIENT_PLATFORM="${SSH_CLIENT_OS}"
else
local kernel
kernel="$(uname -s)"
case "${kernel}" in
Darwin)
CLIENT_PLATFORM="darwin"
;;
Linux)
CLIENT_PLATFORM="linux"
;;
Windows)
CLIENT_PLATFORM="windows"
;;
*)
echo "Unknown, unsupported platform: ${kernel}." >&2
echo "Supported platforms: Linux, Darwin and Windows." >&2
echo "Bailing out." >&2
exit 2
;;
esac
fi
if [ -n "${SSH_CLIENT_ARCH-}" ]; then
CLIENT_ARCH="${SSH_CLIENT_ARCH}"
else
local machine
machine="$(uname -m)"
case "${machine}" in
x86_64* | i?86_64* | amd64*)
CLIENT_ARCH="amd64"
;;
aarch64* | arm64*)
CLIENT_ARCH="arm64"
;;
*)
echo "Unknown, unsupported architecture (${machine})." >&2
echo "Supported architectures x86_64, i686, arm64." >&2
echo "Bailing out." >&2
exit 3
;;
esac
fi
}
detect_client_info
DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
echo "Will download ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
curl -fsSL --retry 5 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o ${TARGET}
chmod +x ${TARGET}
echo "======= CLI Version ======="
sh -c "${TARGET} --version" # print version
echo "==========================="
if [[ "$INPUT_CAPTURE_STDOUT" == 'true' ]]; then
echo 'stdout<<EOF' >>$GITHUB_OUTPUT # use heredoc for multiline output
sh -c "${TARGET} $*" | tee -a $GITHUB_OUTPUT # run the command
echo 'EOF' >>$GITHUB_OUTPUT
else
sh -c "${TARGET} $*" # run the command
fi

7
testdata/.ssh/id_ed25519 vendored Normal file
View File

@@ -0,0 +1,7 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACDoi7FltQCqpWporKh61nJUPIeazUYdzdstncoeU5XS2AAAAKBF5e2SReXt
kgAAAAtzc2gtZWQyNTUxOQAAACDoi7FltQCqpWporKh61nJUPIeazUYdzdstncoeU5XS2A
AAAEBrsLG1vSg08yaQgYM46KQW93Lz2ZikS1tTMH35gfHhpOiLsWW1AKqlamisqHrWclQ8
h5rNRh3N2y2dyh5TldLYAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH
-----END OPENSSH PRIVATE KEY-----

1
testdata/.ssh/id_ed25519.pub vendored Normal file
View File

@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiLsWW1AKqlamisqHrWclQ8h5rNRh3N2y2dyh5TldLY your_email@example.com

39
testdata/.ssh/id_passphrase vendored Normal file
View File

@@ -0,0 +1,39 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA5p9eRXu
BJantF5ARnBfnqAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQCuWKQh09Vl
v3IRu/+oK18ws72VQS7PCXJaIEp1L+7HqC/6+plizaVgd9SjAg0UJSqvp+WfpU5I53hevE
0Ip3s71Tsoeu1azWoi2Mbq3ycZ5ysh4htZZklKBkYsyW+2EdITPcmhA8rF+KiDRyuvk7fD
o08G3YWgbCScY6VkLA06ReThCehAY54WNvgbx7lyvCWj1qYG0XjM7mTQHr3QN0JHJNdFaG
3MCi1rTG2hK/owOlzcesIbzfM1VMIQG5HT4vNg/ULP0BTZ7pGtdvWlvR/660KQwc1tBxLq
xI1dYoCgiS/gMyPxhOtNKTvhR/NR7e2sp/StkXURIxTHhj0KjKbnpXTQ2IndnesHAG9kDJ
7c31SXastWpbXWhCIdRZk+KQsnmwobZlw3w1vfx2Dm7M2ZCcCgG/ArUPjY44nGOWO5Nz98
QHyz3IocsKJXrGVo/3YpNNu72jkw7UGVMqh1dAe3ZMaCAC5pAAa0HKvkid7jdXawL2b//+
vsAPSHdnEjP58AAAWQCUj9ajDO6N0sI5jzkRxiMIaeDvP7Ns+cJtE1uxzrm7Ecgf7kBL2V
9Ru0gW1+ii3U/hPLkxwBwd3xvoc1Xy+n+c7D6bQVviv1lsbY1uPzxGR3fUfRCu2M1D8OEH
vol7jvFAZmtrpgy3gY45k2lbsY368bIJ+hYIqeHRqFsD+SyM/xSnj5/bZNvNrc+kHikiA3
uVSvXe9oWVNm3hxLDppYPEYkORERHx9EWh5sruLwoM2NW6qwE+wGw0Vx1AuA7cNszDdmMs
qJFq0n5cQ78E3q0V49e0FOBjMoSJBxdQRHRz2al9MzJlcVVs5LGwmgVH0ur0V9QR8zv2Pv
ZV6r+H9mMo2eCtUDlKUXlCnfgwDP0ghXysFKSDLzXNEPrddmvzQeWA973fcguniLLq7Gbw
gpHSuP/vqVqtQQbXEdozgUl666SXC7GdPqaA5YsfGIJ4Ank3/Vjb3hc0/hElx4O0fEn18E
TWbd9o6v70mNbu3LjeJPNDwODMGn9GC3kRtSc5bU0A8YAM+gFaeytrz2W/vCe3EST8VBcQ
UtvYqGG/zGJhV8+OYoIZZQQkyCmTt0i4nTCJAMUnZ+pgY6YJk+UdBGhLvwNBtl4Z1nQKSA
hcBBo6T08bQfe/HmVs4dcwBO956qiOX/QjHDLew81MfpvjZ2kGD5Hp/qhieUdJ3IiUEsOC
FQC01JeEJlkEqd2jqBR/9RDnK7O8gTR0AA858L+MftN4nN2h2UkGjWMWSbkmwGMqyRGfRa
TJeg5njxYJVcRlWZ/KvNPxis8wIuCaRMbPT2WpHsRr1lY3s4IzFn+EMCkybHZArQVYtl1O
iGXYjpxe+cOc02PM1aKlUfCQfsr0CrXwwGzIQ73uXVSQgP5pQdV3iN/57+5aiH8F9D7X3n
p5QJzBuLGvhUDWqqwbwWy+81k3Y8rHXNfhVSlRmtGJXAPqpw0PCyquySJNwogi4rBkg0jF
xuqvimvhNcWzF7yf+fnYa6H+N8PavH32HRM50AYyWPyKWBp3Syri0P54cnkBjKTjTKGYA6
4KwizazsbOMY5kp0UAmgX6XyM5OSROtxUp4P6T20okjKaSzamgMBKZULP/b768l4UYRgFe
uohg2/9A1fwYB/K8I+V7Qw9079JvAG05eIOgce3Dd+bXoH6j/Ylmk5Gj7LzhEXtMz3NEpj
LCg8tx0YFpuyoCaRlqOnsZCpc1EnL0UyMguCh9ADTG9h6V3Xf2j2Q94rKvAc4ZrBtj6qXT
BIfGsBIA7vA1KnKHB9oOFQZ26iRU7oTAunAQvSKF7/7luTqONoni6U/RpvERT/KeeIDSxz
uzFQ+apy/PTESSUtutpnTug6rexwrPb6ugJipag8ebNWVdOgaNBUL8wciW4lN8YkzjhXMw
xHB0PUuSXcBuuPDQuYZk84dpXxM10fWwuCTMlH1bXatSQhtRVbjVJIDXnnYpQKtuURiwMm
j4WLEt10hvu6t4aNJzzVY80/iLMb4ZGQgHotrjFfx9nzwe3SioINPaxRIb3m2gTsi8Nr/p
Y5zNjV9NOjONktUjLznRpfY/yBxOtPe9lxnaKfniRTK5HjBbi8hmei9G8lIHV9qyhpURYM
1EdZB86uZWJOaRA8/fpwt8z2stmpKpuGFQOSgr7W5JQWSFeTAMYPoafsm0PD1zSyw7j1wE
DWlmUAzpMirSnPUQndR8IcF7fZmI8J1g30eIFTQpoTDCyoiegkOXHa9HyWwmEAwws1PCWZ
a5Viw6XLJI3tahSNhZzdY/UNFikuO8AuIDXykBM7riaqK4PADtmGY88QGWXQbw5xxWtH6r
Wwk4KzDL9UFeCMSiQo//e+kg/mPLml6Sa4THOzP3iOmx810JoMDmF/jvtpC+ew5HpPPtg4
h55pSap77CEhEhE5FPZKuH9f7/E=
-----END OPENSSH PRIVATE KEY-----

1
testdata/.ssh/id_passphrase.pub vendored Normal file
View File

@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuWKQh09Vlv3IRu/+oK18ws72VQS7PCXJaIEp1L+7HqC/6+plizaVgd9SjAg0UJSqvp+WfpU5I53hevE0Ip3s71Tsoeu1azWoi2Mbq3ycZ5ysh4htZZklKBkYsyW+2EdITPcmhA8rF+KiDRyuvk7fDo08G3YWgbCScY6VkLA06ReThCehAY54WNvgbx7lyvCWj1qYG0XjM7mTQHr3QN0JHJNdFaG3MCi1rTG2hK/owOlzcesIbzfM1VMIQG5HT4vNg/ULP0BTZ7pGtdvWlvR/660KQwc1tBxLqxI1dYoCgiS/gMyPxhOtNKTvhR/NR7e2sp/StkXURIxTHhj0KjKbnpXTQ2IndnesHAG9kDJ7c31SXastWpbXWhCIdRZk+KQsnmwobZlw3w1vfx2Dm7M2ZCcCgG/ArUPjY44nGOWO5Nz98QHyz3IocsKJXrGVo/3YpNNu72jkw7UGVMqh1dAe3ZMaCAC5pAAa0HKvkid7jdXawL2b//+vsAPSHdnEjP58= mtk10671@NB22040567

27
testdata/.ssh/id_rsa vendored Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26
VbfAF0hIJji7ltvnYnqCU9oFfvEM33cTn7T96+od8ib/Vz25YU8ZbstqtIskPuwC
bv3K0mAHgsviJyRD7yM+QKTbBQEgbGuW6gtbMKhiYfiIB4Dyj7AdS/fk3v26wDgz
7SHI5OBqu9bv1KhxQYdFEnU3PAtAqeccgzNpbH3eYLyGzuUxEIJlhpZ/uU2G9ppj
/cSrONVPiI8Ahi4RrlZjmP5l57/sq1ClGulyLpFcMw68kP5FikyqHpHJHRBNgU57
1y0Ph33SjBbs0haCIAcmreWEhGe+/OXnJe6VUQIDAQABAoIBAH97emORIm9DaVSD
7mD6DqA7c5m5Tmpgd6eszU08YC/Vkz9oVuBPUwDQNIX8tT0m0KVs42VVPIyoj874
bgZMJoucC1G8V5Bur9AMxhkShx9g9A7dNXJTmsKilRpk2TOk7wBdLp9jZoKoZBdJ
jlp6FfaazQjjKD6zsCsMATwAoRCBpBNsmT6QDN0n0bIgY0tE6YGQaDdka0dAv68G
R0VZrcJ9voT6+f+rgJLoojn2DAu6iXaM99Gv8FK91YCymbQlXXgrk6CyS0IHexN7
V7a3k767KnRbrkqd3o6JyNun/CrUjQwHs1IQH34tvkWScbseRaFehcAm6mLT93RP
muauvMECgYEA9AXGtfDMse0FhvDPZx4mx8x+vcfsLvDHcDLkf/lbyPpu97C27b/z
ia07bu5TAXesUZrWZtKA5KeRE5doQSdTOv1N28BEr8ZwzDJwfn0DPUYUOxsN2iIy
MheO5A45Ko7bjKJVkZ61Mb1UxtqCTF9mqu9R3PBdJGthWOd+HUvF460CgYEA7QRf
Z8+vpGA+eSuu29e0xgRKnRzed5zXYpcI4aERc3JzBgO4Z0er9G8l66OWVGdMfpe6
CBajC5ToIiT8zqoYxXwqJgN+glir4gJe3mm8J703QfArZiQrdk0NTi5bY7+vLLG/
knTrtpdsKih6r3kjhuPPaAsIwmMxIydFvATKjLUCgYEAh/y4EihRSk5WKC8GxeZt
oiZ58vT4z+fqnMIfyJmD5up48JuQNcokw/LADj/ODiFM7GUnWkGxBrvDA3H67WQm
49bJjs8E+BfUQFdTjYnJRlpJZ+7Zt1gbNQMf5ENw5CCchTDqEq6pN0DVf8PBnSIF
KvkXW9KvdV5J76uCAn15mDkCgYA1y8dHzbjlCz9Cy2pt1aDfTPwOew33gi7U3skS
RTerx29aDyAcuQTLfyrROBkX4TZYiWGdEl5Bc7PYhCKpWawzrsH2TNa7CRtCOh2E
R+V/84+GNNf04ALJYCXD9/ugQVKmR1XfDRCvKeFQFE38Y/dvV2etCswbKt5tRy2p
xkCe/QKBgQCkLqafD4S20YHf6WTp3jp/4H/qEy2X2a8gdVVBi1uKkGDXr0n+AoVU
ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1
7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA==
-----END RSA PRIVATE KEY-----

1
testdata/.ssh/id_rsa.pub vendored Normal file
View File

@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDh7YP+o83TynNNpz5rxmaU/XOIk5eTjkLKcw+29rSu0r9EHbpVt8AXSEgmOLuW2+dieoJT2gV+8QzfdxOftP3r6h3yJv9XPblhTxluy2q0iyQ+7AJu/crSYAeCy+InJEPvIz5ApNsFASBsa5bqC1swqGJh+IgHgPKPsB1L9+Te/brAODPtIcjk4Gq71u/UqHFBh0USdTc8C0Cp5xyDM2lsfd5gvIbO5TEQgmWGln+5TYb2mmP9xKs41U+IjwCGLhGuVmOY/mXnv+yrUKUa6XIukVwzDryQ/kWKTKoekckdEE2BTnvXLQ+HfdKMFuzSFoIgByat5YSEZ7785ecl7pVR drone-scp@localhost

50
testdata/.ssh/test vendored Normal file
View File

@@ -0,0 +1,50 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAZka7A7i
FscMeJBPyPteclAAAAEAAAAAEAAAIXAAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2o
nnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mh
HBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+
rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMG
vX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv
9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOr
b93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mr
D2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jI
NHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE
3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpv
jwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQAAB1CnEMQGwAKZbd3F1DJqwfPf
KWjoUJKbTRiav6h5pQr65JaqDe/7YE2ZHYo5917AC2vPLwPxAnoHFMsbObd5mWcmpATg/0
K/qkN5Z4Ml5U3bwr51wfSPh1MiAP21Aickt09BDstIJzNNwwgcY31O3k/d6VBjqyM6Ezop
66LI4s/IIni1BI+cALyEfzE4Qu16GfzIeM+JVxildP4VImhvNBESmmbBL8rNmSzlQ+FTuF
JVmowUbcon1O0CppM1MRVPeG805XDwjxHXKwOp5O7MdTz7H8JeORoe8D6+4rNfJE0eQGY7
Nm4+Wa97HzAFbT9IS433rxoGx9Qps3LAySFONso2JWSOEfo8rxnqO04DrfVHQhY3DkkwQt
FsDnMtkthJa+ZzUYc75fnS0DBPGuF9DZUCqrev5oAUHP6C4Vc4b33JJQD4FZJ+ehk3Xsci
cwJQsmgLyc5Jdh543Dm7kZoM9ku7HDNrB4H/1p45Vo6aBZMAY50x+fTdBeTgCzzhzzTbf+
0IF8W3yW3/BYD+S2Byo3JKp6NH0Q8cgPJrGTl6GltGfpVuc6kLjMZ5zvxRbyWaqtIygM46
W1izbA+9jwbHhitCtOk42e/ff6iEB1MVC13LqPty3gPNR8Pv0rDUDjJS4KiVwXqUY+bMr0
C8l/hx93euHjLUJ49Ru6uy/2fBlHZEj6GmEAJhu/i6t2c1Rq0HBLis9X356oQT+YZnIai2
ym0MknPxjeYBAItOV3zhRd1cYnk7CDcl1XALcnh0tqP712x24IJ+Ytqg7nvB2NZV8T469I
8Fp254Nr89HOMAXaZD0UcIPm7D2rfWV+YJFI3ZcJ/8DM99H3tpXe2j4oHMdmAbBd++09sx
KBRdFLcvnBfd1lqwxpA7hbxzrxi/yehYCqzh5KQGaf2UXej6TPiVzBWVYbp34cMZtsT6mF
K8SS3l5TXoNK2DNEk30o8K3q+vngQpfC9GZ/id4B7LS/3ybellxemZHXQoU4PxDkLKt7jd
AAsd5WO13dv3n/qgyu8iBRiFU+W66NX0RJGkp+lZMnta0YzukafM2n6GDn/r/Cx/y21PAi
ah8i41ByI1QLI4m1r+bRHdUxAarS/XJw4tTSFiZu3zddMYrlzeG9O3VUX9zBvBtfQbSmeJ
omml0zlr/qD7TMsORiujy7XIn7sMW+Ls/NA8TvX8oRnACjXe/MYNEZ8WDu2rkZuY/Dfc+o
NyYWO7kZ3kcejQZ1NusJSA7MG0FFGYSIaC9T9CWqYd5IcRSJW4dZnCt9z8CIJ6TSUFqMb/
H1Y5Rmi0IIX+8qbGGXVBDIBk5y9xtS43+nz1nsdXwDmkTiXN9+ZX+GDsLxCWoHGryrWDbk
EuOAlqpvxFKzEkNsx+AC5wae6i/hBeiEce9bm4nZp+hFv1ic1Z9WS8B37YOFgJ4utGeOjB
6hnywUUJ3aH0LnCQNB3UzeFR7BmEaxmYD/phJodmjA5SD3CWpeizdXfrUjtqXGhYlr2jzq
vBAeeYEO4uaHIGxg8GqoqtaseqVcIdtouHxrVAxxXkjShV2ji7oJ/AtrLZNlkKYxMk0TpX
fFiKqL/uKfS78FfvVOhOkHZTD6ZeMgmdL/uOghEAtrf08ChyRvdp7QLjA802aio9eUVIQm
lHb1ltPEbIZNuvQ5kTIwk2eM6EAkOh0MBMoAYOxOpIb00XHNRDGJYuLewByjMQa8EoT6VM
NoiFIzJU9lLAXE6yz6JswctpTpLHK9Aq5vY7ObaOvrmpCQqsXfOuVUo2nR/FyEes97zuXG
E4aKaHK4IAW4UY/oGYk7pU/yRpudhiNRMXzmcQXfVmBEHuvDrh2chg8lDYn++07F7RWqkI
nfMAOWR8UEl4xp4zJtThDjRxNW6QLl8E1ADjndA9wVaKNSzv2i1TLXKBr5luFqY9MSJ2rm
yBR5EwairH/Qn9TUxaDD+0p6J+E9iz1l8UPTJa/cjtwiySljahY/6tHHnr9YQVnox92yfU
UXpfINGjYrpqh6EFwmyRw9fryIMvMhgZYo6ZoCRBCK2GfGAB0VTzJy2FGs4GecZK5ptXKu
sOX8BgGX/Q/nAJ7PWf9hgYlX2YyjmLjQZDMWECp05VFx9znEETNKlwF1FX5/E/37ISyz4d
I1LVSKOEccJX7jCR32LzvRW1UBX47Z+q3LVE4sa0QAV/JoISq6Qn6zAsVIV0yEPmVbd/xx
aX2uBUGHhmd99YJDh81xJIoYEMRzoGVfp0JjfYcDUc+2I6JdrOMF9/KmMA5wsZl4OKiu/F
cTRGjUkgw/cF2EFRGWknee2esYRB7tOr4y56qZ4gxqw8q9rYXhyB42jbdTvt5xcCm/ynid
sn4InokRRoIiMIPL5Ur7FZQHOP+915MWUBsrTJtkCWQuqJheYUi3mCzh/7NadAKplRpaKb
rS/DJIOOkjnGni/sDxJzPq7STDBVy4WStwQl6NI5hq+/c+JvN9GI4Vu/kz0z8qUcdShLaH
l4njcaMpg4tpQMHtCBOicGyV0=
-----END OPENSSH PRIVATE KEY-----

1
testdata/.ssh/test.pub vendored Normal file
View File

@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2onnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mhHBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMGvX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOrb93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mrD2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jINHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpvjwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQ== deploy@easyssh

3
testdata/test.sh vendored Normal file
View File

@@ -0,0 +1,3 @@
#!/usr/bin/env bash
set -e
whoami