mirror of
https://gitea.com/actions/appleboy-ssh-action.git
synced 2025-06-10 07:06:36 +00:00
Compare commits
No commits in common. "master" and "v1.0.1" have entirely different histories.
41
.github/ISSUE_TEMPLATE/bug_report.md
vendored
41
.github/ISSUE_TEMPLATE/bug_report.md
vendored
@ -1,41 +0,0 @@
|
|||||||
---
|
|
||||||
name: Bug report
|
|
||||||
about: Create a report to help us improve
|
|
||||||
title: ""
|
|
||||||
labels: bug
|
|
||||||
assignees: appleboy
|
|
||||||
---
|
|
||||||
|
|
||||||
## Describe the bug
|
|
||||||
|
|
||||||
A clear and concise description of what the bug is. If applicable, add screenshots to help explain your problem.
|
|
||||||
|
|
||||||
## Yaml Config
|
|
||||||
|
|
||||||
Please post your Yaml configuration file along with the output results.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
name: remote ssh command
|
|
||||||
on: [push]
|
|
||||||
jobs:
|
|
||||||
build:
|
|
||||||
name: Build
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: executing remote ssh commands using password
|
|
||||||
uses: appleboy/ssh-action@v1.2.2
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
password: ${{ secrets.PASSWORD }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: whoami
|
|
||||||
```
|
|
||||||
|
|
||||||
## Related environment
|
|
||||||
|
|
||||||
Please provide the following information:
|
|
||||||
|
|
||||||
1. Your hosting provider information, such as DigitalOcean, Linode, AWS, or GCP.
|
|
||||||
2. The version information of your host's SSH service.
|
|
||||||
3. The information from your host's SSH configuration file.
|
|
263
.github/workflows/ci.yml
vendored
Normal file
263
.github/workflows/ci.yml
vendored
Normal file
@ -0,0 +1,263 @@
|
|||||||
|
name: remote ssh command
|
||||||
|
on: [push]
|
||||||
|
|
||||||
|
env:
|
||||||
|
FOO: "BAR"
|
||||||
|
BAR: "FOO"
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
testing01:
|
||||||
|
name: default flag testing
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: checkout
|
||||||
|
uses: actions/checkout@v1
|
||||||
|
|
||||||
|
- name: correct password but wrong key
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
password: ${{ secrets.PASSWORD }}
|
||||||
|
key: "1234"
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script: whoami
|
||||||
|
|
||||||
|
- name: wrong password but correct key
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
password: "abcdef"
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script: whoami
|
||||||
|
|
||||||
|
- name: executing remote ssh commands using password
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
password: ${{ secrets.PASSWORD }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script: whoami
|
||||||
|
|
||||||
|
- name: executing remote ssh commands using ssh key
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script: whoami
|
||||||
|
|
||||||
|
- name: multiple command
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script: |
|
||||||
|
whoami
|
||||||
|
ls -al
|
||||||
|
|
||||||
|
- name: stop script if command error
|
||||||
|
uses: ./
|
||||||
|
continue-on-error: true
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script_stop: true
|
||||||
|
sync: true
|
||||||
|
debug: true
|
||||||
|
script: |
|
||||||
|
mkdir abc/def
|
||||||
|
ls -al
|
||||||
|
|
||||||
|
- name: ssh key passphrase
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.SSH2 }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
passphrase: ${{ secrets.PASSPHRASE }}
|
||||||
|
script: |
|
||||||
|
whoami
|
||||||
|
ls -al
|
||||||
|
|
||||||
|
- name: use insecure cipher
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
password: ${{ secrets.PASSWORD }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script: |
|
||||||
|
ls \
|
||||||
|
-lah
|
||||||
|
use_insecure_cipher: true
|
||||||
|
|
||||||
|
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
|
||||||
|
- name: Multiline SSH commands interpreted as single lines
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
password: ${{ secrets.PASSWORD }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script_stop: true
|
||||||
|
script: |
|
||||||
|
ls \
|
||||||
|
-lah
|
||||||
|
use_insecure_cipher: true
|
||||||
|
|
||||||
|
# https://github.com/appleboy/ssh-action/issues/85
|
||||||
|
- name: Deployment to multiple hosts with different ports
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: "${{ secrets.HOST }}:${{ secrets.PORT }}"
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
password: ${{ secrets.PASSWORD }}
|
||||||
|
port: 1024
|
||||||
|
script_stop: true
|
||||||
|
script: |
|
||||||
|
ls \
|
||||||
|
-lah
|
||||||
|
use_insecure_cipher: true
|
||||||
|
|
||||||
|
# - name: SSH ED25519 Private Key
|
||||||
|
# uses: ./
|
||||||
|
# with:
|
||||||
|
# host: ${{ secrets.TUNNEL_HOST }}
|
||||||
|
# username: ${{ secrets.TUNNEL_USERNAME }}
|
||||||
|
# key: ${{ secrets.ID_ED25519 }}
|
||||||
|
# port: ${{ secrets.TUNNEL_PORT }}
|
||||||
|
# script: whoami
|
||||||
|
|
||||||
|
testing02:
|
||||||
|
name: testing with envs
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: checkout
|
||||||
|
uses: actions/checkout@v1
|
||||||
|
|
||||||
|
- name: pass environment
|
||||||
|
uses: ./
|
||||||
|
env:
|
||||||
|
FOO: "BAR"
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
envs: FOO
|
||||||
|
script: |
|
||||||
|
echo "I am $FOO, thanks"
|
||||||
|
echo "I am $BAR, thanks"
|
||||||
|
|
||||||
|
- name: pass multiple environment
|
||||||
|
uses: ./
|
||||||
|
env:
|
||||||
|
FOO: "BAR"
|
||||||
|
BAR: "FOO"
|
||||||
|
SHA: ${{ github.sha }}
|
||||||
|
PORT: ${{ secrets.PORT }}
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
envs: FOO,BAR,SHA,PORT
|
||||||
|
script: |
|
||||||
|
echo "I am $FOO, thanks"
|
||||||
|
echo "I am $BAR, thanks"
|
||||||
|
echo "sha: $SHA"
|
||||||
|
echo "port: $PORT"
|
||||||
|
sh test.sh
|
||||||
|
|
||||||
|
- name: custom envs format
|
||||||
|
uses: ./
|
||||||
|
env:
|
||||||
|
FOO: "BAR"
|
||||||
|
AAA: "BBB"
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
envs: FOO,BAR,AAA
|
||||||
|
envs_format: export TEST_{NAME}={VALUE}
|
||||||
|
script: |
|
||||||
|
echo "I am $TEST_FOO, thanks"
|
||||||
|
echo "I am $TEST_BAR, thanks"
|
||||||
|
echo "I am $BAR, thanks"
|
||||||
|
echo "I am $TEST_AAA, thanks"
|
||||||
|
|
||||||
|
- name: pass all ENV variables to script
|
||||||
|
uses: ./
|
||||||
|
env:
|
||||||
|
INPUT_FOO: "BAR"
|
||||||
|
INPUT_AAA: "BBB"
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
allenvs: true
|
||||||
|
script: |
|
||||||
|
echo "I am $INPUT_FOO, thanks"
|
||||||
|
echo "I am $INPUT_AAA, thanks"
|
||||||
|
echo "$GITHUB_BASE_REF"
|
||||||
|
echo "$GITHUB_REF"
|
||||||
|
|
||||||
|
testing03:
|
||||||
|
name: git clone and pull
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: checkout
|
||||||
|
uses: actions/checkout@v1
|
||||||
|
|
||||||
|
- name: clone private repository
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script_stop: true
|
||||||
|
script: |
|
||||||
|
git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository
|
||||||
|
rm -rf test_repository
|
||||||
|
|
||||||
|
testing04:
|
||||||
|
name: docker login and pull
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: checkout
|
||||||
|
uses: actions/checkout@v1
|
||||||
|
|
||||||
|
- name: login GitHub Container Registry
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script_stop: true
|
||||||
|
script: |
|
||||||
|
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin
|
||||||
|
|
||||||
|
- name: login DockerHub Container Registry
|
||||||
|
uses: ./
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
script_stop: true
|
||||||
|
script: |
|
||||||
|
echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
|
33
.github/workflows/goreleaser.yml
vendored
33
.github/workflows/goreleaser.yml
vendored
@ -1,33 +0,0 @@
|
|||||||
name: Goreleaser
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
tags:
|
|
||||||
- "*"
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
contents: write
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
goreleaser:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Setup go
|
|
||||||
uses: actions/setup-go@v5
|
|
||||||
with:
|
|
||||||
go-version: "^1"
|
|
||||||
|
|
||||||
- name: Run GoReleaser
|
|
||||||
uses: goreleaser/goreleaser-action@v6
|
|
||||||
with:
|
|
||||||
# either 'goreleaser' (default) or 'goreleaser-pro'
|
|
||||||
distribution: goreleaser
|
|
||||||
version: latest
|
|
||||||
args: release --clean
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
739
.github/workflows/main.yml
vendored
739
.github/workflows/main.yml
vendored
@ -1,739 +0,0 @@
|
|||||||
name: testing main branch
|
|
||||||
|
|
||||||
on: [push]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
default-user-name-password:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh by username and password
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
whoami
|
|
||||||
|
|
||||||
- name: ssh commands from a file
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
script_path: testdata/test.sh
|
|
||||||
|
|
||||||
# https://github.com/appleboy/ssh-action/issues/377
|
|
||||||
- name: multiple commands
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
mkdir -p /tmp/test
|
|
||||||
echo "hello world" > /tmp/test/hello.txt
|
|
||||||
cd /tmp/test
|
|
||||||
ls -al
|
|
||||||
cat /tmp/test/hello.txt
|
|
||||||
|
|
||||||
check-ssh-key:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_rsa.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_rsa.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_rsa >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_rsa
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh by private key
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: whoami
|
|
||||||
|
|
||||||
- name: wrong password but correct key
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: "abcdef"
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: whoami
|
|
||||||
|
|
||||||
- name: correct password but wrong key
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
key: password
|
|
||||||
port: 2222
|
|
||||||
script: whoami
|
|
||||||
|
|
||||||
support-key-passphrase:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh key passphrase
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
passphrase: 1234
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
- name: missing ssh key passphrase
|
|
||||||
uses: ./
|
|
||||||
continue-on-error: true
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
|
|
||||||
- name: Multiline SSH commands interpreted as single lines
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
passphrase: 1234
|
|
||||||
script: |
|
|
||||||
ls \
|
|
||||||
-lah
|
|
||||||
use_insecure_cipher: true
|
|
||||||
|
|
||||||
multiple-server:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server-01 \
|
|
||||||
--hostname=openssh-server-01 \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server-01 sh -c "hostname -i" > ip01.txt
|
|
||||||
echo "REMOTE_HOST_01<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip01.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip01.txt
|
|
||||||
echo "======================================"
|
|
||||||
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server-02 \
|
|
||||||
--hostname=openssh-server-02 \
|
|
||||||
-p 2223:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server-02 sh -c "hostname -i" > ip02.txt
|
|
||||||
echo "REMOTE_HOST_02<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip02.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip02.txt
|
|
||||||
echo "======================================"
|
|
||||||
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
# https://github.com/appleboy/ssh-action/issues/85
|
|
||||||
- name: Deployment to multiple hosts with different ports
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222"
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
passphrase: 1234
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
|
|
||||||
support-ed25519-key:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: testing id_ed25519 key
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
testing-with-env:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=true \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: testing id_ed25519 key
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
- name: pass environment
|
|
||||||
uses: ./
|
|
||||||
env:
|
|
||||||
FOO: "BAR"
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
envs: FOO
|
|
||||||
script: |
|
|
||||||
echo "I am $FOO, thanks"
|
|
||||||
echo "I am $BAR, thanks"
|
|
||||||
|
|
||||||
- name: pass multiple environment
|
|
||||||
uses: ./
|
|
||||||
env:
|
|
||||||
FOO: "BAR"
|
|
||||||
BAR: "FOO"
|
|
||||||
SHA: ${{ github.sha }}
|
|
||||||
PORT: ${{ secrets.PORT }}
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
envs: FOO,BAR,SHA,PORT
|
|
||||||
script: |
|
|
||||||
echo "I am $FOO, thanks"
|
|
||||||
echo "I am $BAR, thanks"
|
|
||||||
echo "sha: $SHA"
|
|
||||||
echo "port: $PORT"
|
|
||||||
|
|
||||||
- name: custom envs format
|
|
||||||
uses: ./
|
|
||||||
env:
|
|
||||||
FOO: "BAR"
|
|
||||||
AAA: "BBB"
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
envs: FOO,BAR,AAA
|
|
||||||
envs_format: export TEST_{NAME}={VALUE}
|
|
||||||
script: |
|
|
||||||
echo "I am $TEST_FOO, thanks"
|
|
||||||
echo "I am $TEST_BAR, thanks"
|
|
||||||
echo "I am $BAR, thanks"
|
|
||||||
echo "I am $TEST_AAA, thanks"
|
|
||||||
|
|
||||||
- name: pass all ENV variables to script
|
|
||||||
uses: ./
|
|
||||||
env:
|
|
||||||
INPUT_FOO: "BAR"
|
|
||||||
INPUT_AAA: "BBB"
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
allenvs: true
|
|
||||||
script: |
|
|
||||||
echo "I am $INPUT_FOO, thanks"
|
|
||||||
echo "I am $INPUT_AAA, thanks"
|
|
||||||
echo "$GITHUB_BASE_REF"
|
|
||||||
echo "$GITHUB_REF"
|
|
||||||
|
|
||||||
- name: pass secret variable in shell
|
|
||||||
uses: ./
|
|
||||||
continue-on-error: true
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: cd ${{ secrets.PORT }}
|
|
||||||
|
|
||||||
- name: switch to root user
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
request_pty: true
|
|
||||||
command_timeout: 30s
|
|
||||||
script: |
|
|
||||||
whoami && echo 'hello world' && touch todo.txt
|
|
||||||
sudo whoami
|
|
||||||
|
|
||||||
testing06:
|
|
||||||
name: testing ipv6
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Set up WARP
|
|
||||||
uses: fscarmen/warp-on-actions@v1.1
|
|
||||||
with:
|
|
||||||
stack: dual
|
|
||||||
|
|
||||||
- name: testing ipv6 for command
|
|
||||||
run: |
|
|
||||||
curl -m 9 --ipv6 --verbose https://google.com
|
|
||||||
|
|
||||||
- name: testing ipv6
|
|
||||||
uses: ./
|
|
||||||
continue-on-error: true
|
|
||||||
with:
|
|
||||||
host: 2402:1f00:8000:800::2628
|
|
||||||
username: ubuntu
|
|
||||||
password: ${{ secrets.OVH_PASSWORD }}
|
|
||||||
protocol: tcp6
|
|
||||||
port: 22
|
|
||||||
command_timeout: 30s
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
|
|
||||||
testing07:
|
|
||||||
name: some special character
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Set Environment Variables
|
|
||||||
run: |
|
|
||||||
PASS='3HUS$?8kLu)}'
|
|
||||||
printf "PASS=${PASS}" >> $GITHUB_ENV
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD='${{ env.PASS }}' \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh by username and password
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: ${{ env.PASS }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
whoami
|
|
||||||
|
|
||||||
testing-capturing-output:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- id: stdout
|
|
||||||
name: ssh command with stdout
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
capture_stdout: true
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
whoami
|
|
||||||
|
|
||||||
- name: check stdout
|
|
||||||
run: |
|
|
||||||
echo "stdout: ${{ steps.stdout.outputs.stdout }}"
|
|
||||||
|
|
||||||
testing-script-stop:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- id: stdout01
|
|
||||||
name: ssh command with stdout 01
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
capture_stdout: true
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
echo "TMP TESTING IF"
|
|
||||||
if [[ "2" == "1" ]]; then
|
|
||||||
echo "True"
|
|
||||||
else
|
|
||||||
echo "False"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: check stdout 01
|
|
||||||
run: |
|
|
||||||
echo "stdout: ${{ steps.stdout01.outputs.stdout }}"
|
|
||||||
if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "True"; then
|
|
||||||
echo "Output contains 'True'"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "False"; then
|
|
||||||
echo "Output contains 'False'"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- id: stdout02
|
|
||||||
name: ssh command with stdout 01
|
|
||||||
uses: ./
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
capture_stdout: true
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
echo "TMP TESTING IF"
|
|
||||||
if [[ "1" == "1" ]]; then
|
|
||||||
echo "True"
|
|
||||||
else
|
|
||||||
echo "False"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: check stdout 02
|
|
||||||
run: |
|
|
||||||
echo "stdout: ${{ steps.stdout02.outputs.stdout }}"
|
|
||||||
if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "False"; then
|
|
||||||
echo "Output contains 'False'"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "True"; then
|
|
||||||
echo "Output contains 'True'"
|
|
||||||
fi
|
|
||||||
|
|
||||||
testing-script-error:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: test script error
|
|
||||||
uses: ./
|
|
||||||
continue-on-error: true
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
capture_stdout: true
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
ls /nonexistent
|
|
467
.github/workflows/stable.yml
vendored
467
.github/workflows/stable.yml
vendored
@ -1,467 +0,0 @@
|
|||||||
name: testing stable version
|
|
||||||
|
|
||||||
on: [push]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
default-user-name-password:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh by username and password
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
whoami
|
|
||||||
|
|
||||||
- name: ssh commands from a file
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
port: 2222
|
|
||||||
script_path: testdata/test.sh
|
|
||||||
|
|
||||||
check-ssh-key:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_rsa.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_rsa.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_rsa >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_rsa
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh by private key
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: whoami
|
|
||||||
|
|
||||||
- name: wrong password but correct key
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: "abcdef"
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: whoami
|
|
||||||
|
|
||||||
- name: correct password but wrong key
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: password
|
|
||||||
key: password
|
|
||||||
port: 2222
|
|
||||||
script: whoami
|
|
||||||
|
|
||||||
support-key-passphrase:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: ssh key passphrase
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
passphrase: 1234
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
- name: missing ssh key passphrase
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
continue-on-error: true
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
|
|
||||||
- name: Multiline SSH commands interpreted as single lines
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
passphrase: 1234
|
|
||||||
script: |
|
|
||||||
ls \
|
|
||||||
-lah
|
|
||||||
use_insecure_cipher: true
|
|
||||||
|
|
||||||
multiple-server:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_passphrase >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_passphrase
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server-01 \
|
|
||||||
--hostname=openssh-server-01 \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server-01 sh -c "hostname -i" > ip01.txt
|
|
||||||
echo "REMOTE_HOST_01<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip01.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip01.txt
|
|
||||||
echo "======================================"
|
|
||||||
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server-02 \
|
|
||||||
--hostname=openssh-server-02 \
|
|
||||||
-p 2223:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server-02 sh -c "hostname -i" > ip02.txt
|
|
||||||
echo "REMOTE_HOST_02<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip02.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip02.txt
|
|
||||||
echo "======================================"
|
|
||||||
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
# https://github.com/appleboy/ssh-action/issues/85
|
|
||||||
- name: Deployment to multiple hosts with different ports
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222"
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
passphrase: 1234
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
|
|
||||||
support-ed25519-key:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=false \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_PASSWORD=password \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: testing id_ed25519 key
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
testing-with-env:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: add public key to env
|
|
||||||
run: |
|
|
||||||
echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= public key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519.pub
|
|
||||||
echo "============================"
|
|
||||||
echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV
|
|
||||||
cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= private key ========="
|
|
||||||
cat testdata/.ssh/id_ed25519
|
|
||||||
echo "============================"
|
|
||||||
|
|
||||||
- name: create new ssh server
|
|
||||||
run: |
|
|
||||||
docker run -d \
|
|
||||||
--name=openssh-server \
|
|
||||||
--hostname=openssh-server \
|
|
||||||
-p 2222:2222 \
|
|
||||||
-e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \
|
|
||||||
-e SUDO_ACCESS=true \
|
|
||||||
-e PASSWORD_ACCESS=true \
|
|
||||||
-e USER_NAME=linuxserver.io \
|
|
||||||
--restart unless-stopped \
|
|
||||||
lscr.io/linuxserver/openssh-server:latest
|
|
||||||
docker exec openssh-server sh -c "hostname -i" > ip.txt
|
|
||||||
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
|
|
||||||
cat ip.txt >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
echo "======= container ip address ========="
|
|
||||||
cat ip.txt
|
|
||||||
echo "======================================"
|
|
||||||
sleep 2
|
|
||||||
|
|
||||||
- name: testing id_ed25519 key
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
|
|
||||||
- name: pass environment
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
env:
|
|
||||||
FOO: "BAR"
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
envs: FOO
|
|
||||||
script: |
|
|
||||||
echo "I am $FOO, thanks"
|
|
||||||
echo "I am $BAR, thanks"
|
|
||||||
|
|
||||||
- name: pass multiple environment
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
env:
|
|
||||||
FOO: "BAR"
|
|
||||||
BAR: "FOO"
|
|
||||||
SHA: ${{ github.sha }}
|
|
||||||
PORT: ${{ secrets.PORT }}
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
envs: FOO,BAR,SHA,PORT
|
|
||||||
script: |
|
|
||||||
echo "I am $FOO, thanks"
|
|
||||||
echo "I am $BAR, thanks"
|
|
||||||
echo "sha: $SHA"
|
|
||||||
echo "port: $PORT"
|
|
||||||
|
|
||||||
- name: custom envs format
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
env:
|
|
||||||
FOO: "BAR"
|
|
||||||
AAA: "BBB"
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
envs: FOO,BAR,AAA
|
|
||||||
envs_format: export TEST_{NAME}={VALUE}
|
|
||||||
script: |
|
|
||||||
echo "I am $TEST_FOO, thanks"
|
|
||||||
echo "I am $TEST_BAR, thanks"
|
|
||||||
echo "I am $BAR, thanks"
|
|
||||||
echo "I am $TEST_AAA, thanks"
|
|
||||||
|
|
||||||
- name: pass all ENV variables to script
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
env:
|
|
||||||
INPUT_FOO: "BAR"
|
|
||||||
INPUT_AAA: "BBB"
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
allenvs: true
|
|
||||||
script: |
|
|
||||||
echo "I am $INPUT_FOO, thanks"
|
|
||||||
echo "I am $INPUT_AAA, thanks"
|
|
||||||
echo "$GITHUB_BASE_REF"
|
|
||||||
echo "$GITHUB_REF"
|
|
||||||
|
|
||||||
- name: switch to root user
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ env.REMOTE_HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
key: ${{ env.PRIVATE_KEY }}
|
|
||||||
port: 2222
|
|
||||||
request_pty: true
|
|
||||||
command_timeout: 30s
|
|
||||||
script: |
|
|
||||||
whoami && echo 'hello world' && touch todo.txt
|
|
||||||
sudo whoami
|
|
@ -1,28 +0,0 @@
|
|||||||
builds:
|
|
||||||
- # If true, skip the build.
|
|
||||||
# Useful for library projects.
|
|
||||||
# Default is false
|
|
||||||
skip: true
|
|
||||||
|
|
||||||
changelog:
|
|
||||||
use: github
|
|
||||||
groups:
|
|
||||||
- title: Features
|
|
||||||
regexp: "^.*feat[(\\w)]*:+.*$"
|
|
||||||
order: 0
|
|
||||||
- title: "Bug fixes"
|
|
||||||
regexp: "^.*fix[(\\w)]*:+.*$"
|
|
||||||
order: 1
|
|
||||||
- title: "Enhancements"
|
|
||||||
regexp: "^.*chore[(\\w)]*:+.*$"
|
|
||||||
order: 2
|
|
||||||
- title: "Refactor"
|
|
||||||
regexp: "^.*refactor[(\\w)]*:+.*$"
|
|
||||||
order: 3
|
|
||||||
- title: "Build process updates"
|
|
||||||
regexp: ^.*?(build|ci)(\(.+\))??!?:.+$
|
|
||||||
order: 4
|
|
||||||
- title: "Documentation updates"
|
|
||||||
regexp: ^.*?docs?(\(.+\))??!?:.+$
|
|
||||||
order: 5
|
|
||||||
- title: Others
|
|
5
Dockerfile
Normal file
5
Dockerfile
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
FROM ghcr.io/appleboy/drone-ssh:1.7.1
|
||||||
|
|
||||||
|
COPY entrypoint.sh /bin/entrypoint.sh
|
||||||
|
|
||||||
|
ENTRYPOINT ["/bin/entrypoint.sh"]
|
410
README.md
410
README.md
@ -1,247 +1,170 @@
|
|||||||
# 🚀 SSH for GitHub Actions
|
# 🚀 SSH for GitHub Actions
|
||||||
|
|
||||||
English | [繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
|
[繁體中文](./README.zh-tw.md)
|
||||||
|
|
||||||
## Table of Contents
|
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
|
||||||
|
|
||||||
- [🚀 SSH for GitHub Actions](#-ssh-for-github-actions)
|
|
||||||
- [Table of Contents](#table-of-contents)
|
|
||||||
- [📖 Introduction](#-introduction)
|
|
||||||
- [🧩 Core Concepts \& Input Parameters](#-core-concepts--input-parameters)
|
|
||||||
- [🔌 Connection Settings](#-connection-settings)
|
|
||||||
- [🛠️ SSH Command Settings](#️-ssh-command-settings)
|
|
||||||
- [🌐 Proxy Settings](#-proxy-settings)
|
|
||||||
- [⚡ Quick Start](#-quick-start)
|
|
||||||
- [🔑 SSH Key Setup \& OpenSSH Compatibility](#-ssh-key-setup--openssh-compatibility)
|
|
||||||
- [Setting Up SSH Keys](#setting-up-ssh-keys)
|
|
||||||
- [Generate RSA key](#generate-rsa-key)
|
|
||||||
- [Generate ED25519 key](#generate-ed25519-key)
|
|
||||||
- [OpenSSH Compatibility](#openssh-compatibility)
|
|
||||||
- [🛠️ Usage Scenarios \& Advanced Examples](#️-usage-scenarios--advanced-examples)
|
|
||||||
- [Using password authentication](#using-password-authentication)
|
|
||||||
- [Using private key authentication](#using-private-key-authentication)
|
|
||||||
- [Multiple commands](#multiple-commands)
|
|
||||||
- [Run commands from a file](#run-commands-from-a-file)
|
|
||||||
- [Multiple hosts](#multiple-hosts)
|
|
||||||
- [Multiple hosts with different ports](#multiple-hosts-with-different-ports)
|
|
||||||
- [Synchronous execution on multiple hosts](#synchronous-execution-on-multiple-hosts)
|
|
||||||
- [Pass environment variables to shell script](#pass-environment-variables-to-shell-script)
|
|
||||||
- [🌐 Proxy \& Jump Host Usage](#-proxy--jump-host-usage)
|
|
||||||
- [🛡️ Security Best Practices](#️-security-best-practices)
|
|
||||||
- [Protecting Your Private Key](#protecting-your-private-key)
|
|
||||||
- [Host Fingerprint Verification](#host-fingerprint-verification)
|
|
||||||
- [🚨 Error Handling \& Troubleshooting](#-error-handling--troubleshooting)
|
|
||||||
- [Q\&A](#qa)
|
|
||||||
- [Command not found (npm or other command)](#command-not-found-npm-or-other-command)
|
|
||||||
- [🤝 Contributing](#-contributing)
|
|
||||||
- [📝 License](#-license)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 📖 Introduction
|
|
||||||
|
|
||||||
**SSH for GitHub Actions** is a powerful [GitHub Action](https://github.com/features/actions) for executing remote SSH commands easily and securely in your CI/CD workflows.
|
|
||||||
Built with [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh), it supports a wide range of SSH scenarios, including multi-host, proxy, and advanced authentication.
|
|
||||||
|
|
||||||

|

|
||||||
|
|
||||||
[](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
|
[](https://github.com/appleboy/ssh-action/actions)
|
||||||
|
|
||||||
---
|
**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
|
||||||
|
|
||||||
## 🧩 Core Concepts & Input Parameters
|
This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
|
||||||
|
|
||||||
This action provides flexible SSH command execution with a rich set of configuration options.
|
## Input variables
|
||||||
|
|
||||||
For full details, see [action.yml](./action.yml).
|
See [action.yml](./action.yml) for more detailed information.
|
||||||
|
|
||||||
### 🔌 Connection Settings
|
| Input Parameter | Description | Default Value |
|
||||||
|
|-------------------------|-----------------------------------------------------------------|---------------|
|
||||||
|
| host | SSH host address | |
|
||||||
|
| port | SSH port number | 22 |
|
||||||
|
| passphrase | SSH key passphrase | |
|
||||||
|
| username | SSH username | |
|
||||||
|
| password | SSH password | |
|
||||||
|
| sync | Enable synchronous execution if multiple hosts | false |
|
||||||
|
| use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
|
||||||
|
| cipher | Allowed cipher algorithms. If unspecified, a sensible default | |
|
||||||
|
| timeout | Timeout duration for SSH to host | 30s |
|
||||||
|
| command_timeout | Timeout duration for SSH command | 10m |
|
||||||
|
| key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | |
|
||||||
|
| key_path | Path of SSH private key | |
|
||||||
|
| fingerprint | SHA256 fingerprint of the host public key | |
|
||||||
|
| proxy_host | SSH proxy host | |
|
||||||
|
| proxy_port | SSH proxy port | 22 |
|
||||||
|
| proxy_username | SSH proxy username | |
|
||||||
|
| proxy_password | SSH proxy password | |
|
||||||
|
| proxy_passphrase | SSH proxy key passphrase | |
|
||||||
|
| proxy_timeout | Timeout for SSH to proxy host | 30s |
|
||||||
|
| proxy_key | Content of SSH proxy private key | |
|
||||||
|
| proxy_key_path | Path of SSH proxy private key | |
|
||||||
|
| proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
|
||||||
|
| proxy_cipher | Allowed cipher algorithms for the proxy | |
|
||||||
|
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
|
||||||
|
| script | Execute commands | |
|
||||||
|
| script_stop | Stop script after first failure | false |
|
||||||
|
| envs | Pass environment variables to shell script | |
|
||||||
|
| envs_format | Flexible configuration of environment value transfer | |
|
||||||
|
| debug | Enable debug mode | false |
|
||||||
|
| allenvs | Pass all environment variables to shell script | false |
|
||||||
|
|
||||||
These parameters control how the action connects to your remote host.
|
## Usage
|
||||||
|
|
||||||
| Parameter | Description | Default |
|
Executing remote ssh commands.
|
||||||
| ------------------- | ----------------------------------------------------------------- | ------- |
|
|
||||||
| host | SSH host address | |
|
|
||||||
| port | SSH port number | 22 |
|
|
||||||
| username | SSH username | |
|
|
||||||
| password | SSH password | |
|
|
||||||
| protocol | SSH protocol version (`tcp`, `tcp4`, `tcp6`) | tcp |
|
|
||||||
| sync | Run synchronously if multiple hosts are specified | false |
|
|
||||||
| timeout | Timeout for SSH connection to host | 30s |
|
|
||||||
| key | Content of SSH private key (e.g., raw content of `~/.ssh/id_rsa`) | |
|
|
||||||
| key_path | Path to SSH private key | |
|
|
||||||
| passphrase | Passphrase for the SSH private key | |
|
|
||||||
| fingerprint | SHA256 fingerprint of the host public key | |
|
|
||||||
| use_insecure_cipher | Allow additional (less secure) ciphers | false |
|
|
||||||
| cipher | Allowed cipher algorithms. Uses sensible defaults if unspecified | |
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
### 🛠️ SSH Command Settings
|
|
||||||
|
|
||||||
These parameters control the commands executed on the remote host and related behaviors.
|
|
||||||
|
|
||||||
| Parameter | Description | Default |
|
|
||||||
| --------------- | --------------------------------------------------------------------------------- | ------- |
|
|
||||||
| script | Commands to execute remotely | |
|
|
||||||
| script_path | Path to a file containing commands to execute | |
|
|
||||||
| envs | Environment variables to pass to the shell script | |
|
|
||||||
| envs_format | Flexible configuration for environment variable transfer | |
|
|
||||||
| allenvs | Pass all environment variables with `GITHUB_` and `INPUT_` prefixes to the script | false |
|
|
||||||
| command_timeout | Timeout for SSH command execution | 10m |
|
|
||||||
| debug | Enable debug mode | false |
|
|
||||||
| request_pty | Request a pseudo-terminal from the server | false |
|
|
||||||
| curl_insecure | Allow curl to connect to SSL sites without certificates | false |
|
|
||||||
| version | drone-ssh binary version. If not specified, the latest version will be used. | |
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
### 🌐 Proxy Settings
|
|
||||||
|
|
||||||
These parameters control the use of a proxy (jump host) for connecting to your target host.
|
|
||||||
|
|
||||||
| Parameter | Description | Default |
|
|
||||||
| ------------------------- | ----------------------------------------------- | ------- |
|
|
||||||
| proxy_host | SSH proxy host | |
|
|
||||||
| proxy_port | SSH proxy port | 22 |
|
|
||||||
| proxy_username | SSH proxy username | |
|
|
||||||
| proxy_password | SSH proxy password | |
|
|
||||||
| proxy_passphrase | SSH proxy key passphrase | |
|
|
||||||
| proxy_protocol | SSH proxy protocol version | tcp |
|
|
||||||
| proxy_timeout | Timeout for SSH connection to proxy host | 30s |
|
|
||||||
| proxy_key | Content of SSH proxy private key | |
|
|
||||||
| proxy_key_path | Path to SSH proxy private key | |
|
|
||||||
| proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
|
|
||||||
| proxy_cipher | Allowed cipher algorithms for the proxy | |
|
|
||||||
| proxy_use_insecure_cipher | Allow insecure ciphers for the proxy | false |
|
|
||||||
|
|
||||||
> **Note:** To mimic the removed `script_stop` option, add `set -e` at the top of your shell script.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## ⚡ Quick Start
|
|
||||||
|
|
||||||
Run remote SSH commands in your workflow with minimal configuration:
|
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
name: Remote SSH Command
|
name: remote ssh command
|
||||||
on: [push]
|
on: [push]
|
||||||
jobs:
|
jobs:
|
||||||
|
|
||||||
build:
|
build:
|
||||||
name: Build
|
name: Build
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Execute remote SSH commands using password
|
- name: executing remote ssh commands using password
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: linuxserver.io
|
username: ${{ secrets.USERNAME }}
|
||||||
password: ${{ secrets.PASSWORD }}
|
password: ${{ secrets.PASSWORD }}
|
||||||
port: ${{ secrets.PORT }}
|
port: ${{ secrets.PORT }}
|
||||||
script: whoami
|
script: whoami
|
||||||
```
|
```
|
||||||
|
|
||||||
**Output:**
|
output:
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
======CMD======
|
======CMD======
|
||||||
whoami
|
whoami
|
||||||
======END======
|
======END======
|
||||||
linuxserver.io
|
out: ***
|
||||||
===============================================
|
==============================================
|
||||||
✅ Successfully executed commands to all hosts.
|
✅ Successfully executed commands to all host.
|
||||||
===============================================
|
==============================================
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
### Setting up a SSH Key
|
||||||
|
|
||||||
## 🔑 SSH Key Setup & OpenSSH Compatibility
|
Make sure to follow the below steps while creating SSH Keys and using them.
|
||||||
|
The best practice is create the SSH Keys on local machine not remote machine.
|
||||||
|
Login with username specified in Github Secrets. Generate a RSA Key-Pair:
|
||||||
|
|
||||||
### Setting Up SSH Keys
|
### Generate rsa key
|
||||||
|
|
||||||
It is best practice to create SSH keys on your local machine (not on a remote server). Log in with the username specified in GitHub Secrets and generate a key pair:
|
|
||||||
|
|
||||||
#### Generate RSA key
|
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
|
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Generate ED25519 key
|
### Generate ed25519 key
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
Add the new public key to the authorized keys on your server. [Learn more about authorized keys.](https://www.ssh.com/ssh/authorized_keys/)
|
Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
|
||||||
|
|
||||||
|
### Add rsa key into Authorized keys
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Add RSA key
|
cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
|
||||||
cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys'
|
|
||||||
|
|
||||||
# Add ED25519 key
|
|
||||||
cat .ssh/id_ed25519.pub | ssh user@host 'cat >> .ssh/authorized_keys'
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Copy the private key content and paste it into GitHub Secrets.
|
### Add ed25519 key into Authorized keys
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# macOS
|
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
|
||||||
pbcopy < ~/.ssh/id_rsa
|
|
||||||
# Ubuntu
|
|
||||||
xclip < ~/.ssh/id_rsa
|
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Tip:** Copy from `-----BEGIN OPENSSH PRIVATE KEY-----` to `-----END OPENSSH PRIVATE KEY-----` (inclusive).
|
Copy Private Key content and paste in Github Secrets.
|
||||||
|
|
||||||
For ED25519:
|
### Copy rsa Private key
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# macOS
|
clip < ~/.ssh/id_rsa
|
||||||
pbcopy < ~/.ssh/id_ed25519
|
|
||||||
# Ubuntu
|
|
||||||
xclip < ~/.ssh/id_ed25519
|
|
||||||
```
|
```
|
||||||
|
|
||||||
See more: [SSH login without a password](http://www.linuxproblem.org/art_9.html).
|
### Copy ed25519 Private key
|
||||||
|
|
||||||
> **Note:** Depending on your SSH version, you may also need to:
|
```bash
|
||||||
>
|
clip < ~/.ssh/id_ed25519
|
||||||
> - Place the public key in `.ssh/authorized_keys2`
|
```
|
||||||
> - Set `.ssh` permissions to 700
|
|
||||||
> - Set `.ssh/authorized_keys2` permissions to 640
|
|
||||||
|
|
||||||
### OpenSSH Compatibility
|
See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
|
||||||
|
|
||||||
If you see this error:
|
**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
|
||||||
|
|
||||||
|
* Put the public key in `.ssh/authorized_keys2`
|
||||||
|
* Change the permissions of `.ssh` to 700
|
||||||
|
* Change the permissions of `.ssh/authorized_keys2` to 640
|
||||||
|
|
||||||
|
### If you are using OpenSSH
|
||||||
|
|
||||||
|
If you are currently using OpenSSH and are getting the following error:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
|
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
|
||||||
```
|
```
|
||||||
|
|
||||||
On Ubuntu 20.04+ you may need to explicitly allow the `ssh-rsa` algorithm. Add this to your OpenSSH daemon config (`/etc/ssh/sshd_config` or a drop-in under `/etc/ssh/sshd_config.d/`):
|
Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
CASignatureAlgorithms +ssh-rsa
|
CASignatureAlgorithms +ssh-rsa
|
||||||
```
|
```
|
||||||
|
|
||||||
Alternatively, use ED25519 keys (supported by default):
|
Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
### Example
|
||||||
|
|
||||||
## 🛠️ Usage Scenarios & Advanced Examples
|
#### Executing remote ssh commands using password
|
||||||
|
|
||||||
This section covers common and advanced usage patterns, including multi-host, proxy, and environment variable passing.
|
|
||||||
|
|
||||||
### Using password authentication
|
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
- name: Execute remote SSH commands using password
|
- name: executing remote ssh commands using password
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -250,11 +173,11 @@ This section covers common and advanced usage patterns, including multi-host, pr
|
|||||||
script: whoami
|
script: whoami
|
||||||
```
|
```
|
||||||
|
|
||||||
### Using private key authentication
|
#### Using private key
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
- name: Execute remote SSH commands using SSH key
|
- name: executing remote ssh commands using ssh key
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -263,11 +186,11 @@ This section covers common and advanced usage patterns, including multi-host, pr
|
|||||||
script: whoami
|
script: whoami
|
||||||
```
|
```
|
||||||
|
|
||||||
### Multiple commands
|
#### Multiple Commands
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
- name: Multiple commands
|
- name: multiple command
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -280,24 +203,11 @@ This section covers common and advanced usage patterns, including multi-host, pr
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
### Run commands from a file
|
#### Multiple Hosts
|
||||||
|
|
||||||
```yaml
|
|
||||||
- name: File commands
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script_path: scripts/script.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
### Multiple hosts
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: Multiple hosts
|
- name: multiple host
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
- host: "foo.com"
|
- host: "foo.com"
|
||||||
+ host: "foo.com,bar.com"
|
+ host: "foo.com,bar.com"
|
||||||
@ -309,13 +219,11 @@ This section covers common and advanced usage patterns, including multi-host, pr
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
Default `port` is `22`.
|
#### Multiple hosts with different port
|
||||||
|
|
||||||
### Multiple hosts with different ports
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: Multiple hosts
|
- name: multiple host
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
- host: "foo.com"
|
- host: "foo.com"
|
||||||
+ host: "foo.com:1234,bar.com:5678"
|
+ host: "foo.com:1234,bar.com:5678"
|
||||||
@ -326,11 +234,11 @@ Default `port` is `22`.
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
### Synchronous execution on multiple hosts
|
#### Synchronous execution on multiple hosts
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: Multiple hosts
|
- name: multiple host
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: "foo.com,bar.com"
|
host: "foo.com,bar.com"
|
||||||
+ sync: true
|
+ sync: true
|
||||||
@ -342,11 +250,11 @@ Default `port` is `22`.
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
### Pass environment variables to shell script
|
#### Pass environment variable to shell script
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: Pass environment
|
- name: pass environment
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
+ env:
|
+ env:
|
||||||
+ FOO: "BAR"
|
+ FOO: "BAR"
|
||||||
+ BAR: "FOO"
|
+ BAR: "FOO"
|
||||||
@ -363,13 +271,40 @@ Default `port` is `22`.
|
|||||||
echo "sha: $SHA"
|
echo "sha: $SHA"
|
||||||
```
|
```
|
||||||
|
|
||||||
> _All environment variables in the `env` object must be strings. Using integers or other types may cause unexpected results._
|
_Inside `env` object, you need to pass every environment variable as a string, passing `Integer` data type or any other may output unexpected results._
|
||||||
|
|
||||||
---
|
#### Stop script after first failure
|
||||||
|
|
||||||
## 🌐 Proxy & Jump Host Usage
|
> ex: missing `abc` folder
|
||||||
|
|
||||||
You can connect to remote hosts via a proxy (jump host) for advanced network topologies.
|
```diff
|
||||||
|
- name: stop script if command error
|
||||||
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
+ script_stop: true
|
||||||
|
script: |
|
||||||
|
mkdir abc/def
|
||||||
|
ls -al
|
||||||
|
```
|
||||||
|
|
||||||
|
output:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
======CMD======
|
||||||
|
mkdir abc/def
|
||||||
|
ls -al
|
||||||
|
|
||||||
|
======END======
|
||||||
|
2019/11/21 01:16:21 Process exited with status 1
|
||||||
|
err: mkdir: cannot create directory ‘abc/def’: No such file or directory
|
||||||
|
##[error]Docker run failed with exit code 1
|
||||||
|
```
|
||||||
|
|
||||||
|
#### How to connect remote server using `ProxyCommand`?
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
+--------+ +----------+ +-----------+
|
+--------+ +----------+ +-----------+
|
||||||
@ -377,7 +312,7 @@ You can connect to remote hosts via a proxy (jump host) for advanced network top
|
|||||||
+--------+ +----------+ +-----------+
|
+--------+ +----------+ +-----------+
|
||||||
```
|
```
|
||||||
|
|
||||||
Example `~/.ssh/config`:
|
in your `~/.ssh/config`, you will see the following.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
Host Jumphost
|
Host Jumphost
|
||||||
@ -393,11 +328,11 @@ Host FooServer
|
|||||||
ProxyCommand ssh -q -W %h:%p Jumphost
|
ProxyCommand ssh -q -W %h:%p Jumphost
|
||||||
```
|
```
|
||||||
|
|
||||||
**GitHub Actions YAML:**
|
#### How to convert to YAML format of GitHubActions
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: SSH proxy command
|
- name: ssh proxy command
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -412,17 +347,15 @@ Host FooServer
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
#### Protecting a Private Key
|
||||||
|
|
||||||
## 🛡️ Security Best Practices
|
The purpose of the passphrase is usually to encrypt the private key.
|
||||||
|
This makes the key file by itself useless to an attacker.
|
||||||
### Protecting Your Private Key
|
It is not uncommon for files to leak from backups or decommissioned hardware, and hackers commonly exfiltrate files from compromised systems.
|
||||||
|
|
||||||
A passphrase encrypts your private key, making it useless to attackers if leaked. Always store your private key securely.
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: SSH key passphrase
|
- name: ssh key passphrase
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -434,19 +367,21 @@ A passphrase encrypts your private key, making it useless to attackers if leaked
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
### Host Fingerprint Verification
|
#### Using host fingerprint verification
|
||||||
|
|
||||||
Verifying the SSH host fingerprint helps prevent man-in-the-middle attacks. To get your host's fingerprint (replace `ed25519` with your key type and `example.com` with your host):
|
Setting up SSH host fingerprint verification can help to prevent Person-in-the-Middle attacks. Before setting this up, run the command below to get your SSH host fingerprint. Remember to replace `ed25519` with your appropriate key type (`rsa`, `dsa`, etc.) that your server is using and `example.com` with your host.
|
||||||
|
|
||||||
|
In modern OpenSSH releases, the _default_ key types to be fetched are `rsa` (since version 5.1), `ecdsa` (since version 6.0), and `ed25519` (since version 6.7).
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
|
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
|
||||||
```
|
```
|
||||||
|
|
||||||
Update your config:
|
Now you can adjust you config:
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: SSH key passphrase
|
- name: ssh key passphrase
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -458,33 +393,10 @@ Update your config:
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
## Contributing
|
||||||
|
|
||||||
## 🚨 Error Handling & Troubleshooting
|
We would love for you to contribute to `appleboy/ssh-action`, pull requests are welcome!
|
||||||
|
|
||||||
### Q&A
|
## License
|
||||||
|
|
||||||
#### Command not found (npm or other command)
|
The scripts and documentation in this project are released under the [MIT License](LICENSE)
|
||||||
|
|
||||||
If you encounter "command not found" errors, see [this issue comment](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) about interactive vs non-interactive shells.
|
|
||||||
|
|
||||||
On many Linux distros, `/etc/bash.bashrc` contains:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
# If not running interactively, don't do anything
|
|
||||||
[ -z "$PS1" ] && return
|
|
||||||
```
|
|
||||||
|
|
||||||
Comment out this line or use absolute paths for your commands.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🤝 Contributing
|
|
||||||
|
|
||||||
Contributions are welcome! Please submit a pull request to help improve `appleboy/ssh-action`.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 📝 License
|
|
||||||
|
|
||||||
This project is licensed under the [MIT License](LICENSE).
|
|
||||||
|
490
README.zh-cn.md
490
README.zh-cn.md
@ -1,490 +0,0 @@
|
|||||||
# 🚀 用于 GitHub Actions 的 SSH
|
|
||||||
|
|
||||||
[English](./README.md) | [繁體中文](./README.zh-tw.md) | 简体中文
|
|
||||||
|
|
||||||
## 目录
|
|
||||||
|
|
||||||
- [🚀 用于 GitHub Actions 的 SSH](#-用于-github-actions-的-ssh)
|
|
||||||
- [目录](#目录)
|
|
||||||
- [📖 简介](#-简介)
|
|
||||||
- [🧩 核心概念与输入参数](#-核心概念与输入参数)
|
|
||||||
- [🔌 连接设置](#-连接设置)
|
|
||||||
- [🛠️ 指令设置](#️-指令设置)
|
|
||||||
- [🌐 代理设置](#-代理设置)
|
|
||||||
- [⚡ 快速开始](#-快速开始)
|
|
||||||
- [🔑 SSH 密钥配置与 OpenSSH 兼容性](#-ssh-密钥配置与-openssh-兼容性)
|
|
||||||
- [配置 SSH 密钥](#配置-ssh-密钥)
|
|
||||||
- [生成 RSA 密钥](#生成-rsa-密钥)
|
|
||||||
- [生成 ED25519 密钥](#生成-ed25519-密钥)
|
|
||||||
- [OpenSSH 兼容性](#openssh-兼容性)
|
|
||||||
- [🛠️ 用法场景与进阶示例](#️-用法场景与进阶示例)
|
|
||||||
- [使用密码认证](#使用密码认证)
|
|
||||||
- [使用私钥认证](#使用私钥认证)
|
|
||||||
- [多条命令](#多条命令)
|
|
||||||
- [从文件执行命令](#从文件执行命令)
|
|
||||||
- [多主机](#多主机)
|
|
||||||
- [多主机不同端口](#多主机不同端口)
|
|
||||||
- [多主机同步执行](#多主机同步执行)
|
|
||||||
- [传递环境变量到 shell 脚本](#传递环境变量到-shell-脚本)
|
|
||||||
- [🌐 代理与跳板机用法](#-代理与跳板机用法)
|
|
||||||
- [🛡️ 安全最佳实践](#️-安全最佳实践)
|
|
||||||
- [保护你的私钥](#保护你的私钥)
|
|
||||||
- [主机指纹验证](#主机指纹验证)
|
|
||||||
- [🚨 错误处理与疑难解答](#-错误处理与疑难解答)
|
|
||||||
- [常见问题](#常见问题)
|
|
||||||
- [命令未找到(npm 或其他命令)](#命令未找到npm-或其他命令)
|
|
||||||
- [🤝 贡献](#-贡献)
|
|
||||||
- [📝 许可证](#-许可证)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 📖 简介
|
|
||||||
|
|
||||||
**SSH for GitHub Actions** 是一个强大的 [GitHub Action](https://github.com/features/actions),可让你在 CI/CD 工作流中轻松且安全地执行远程 SSH 命令。
|
|
||||||
本项目基于 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 构建,支持多主机、代理、高级认证等多种 SSH 场景。
|
|
||||||
|
|
||||||

|
|
||||||
|
|
||||||
[](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🧩 核心概念与输入参数
|
|
||||||
|
|
||||||
本 Action 提供灵活的 SSH 命令执行能力,并具备丰富的配置选项。
|
|
||||||
|
|
||||||
详细参数请参阅 [action.yml](./action.yml)。
|
|
||||||
|
|
||||||
### 🔌 连接设置
|
|
||||||
|
|
||||||
这些参数用于控制如何连接到远程主机。
|
|
||||||
|
|
||||||
| 参数 | 描述 | 默认值 |
|
|
||||||
| ------------------- | --------------------------------------------- | ------ |
|
|
||||||
| host | SSH 主机地址 | |
|
|
||||||
| port | SSH 端口号 | 22 |
|
|
||||||
| username | SSH 用户名 | |
|
|
||||||
| password | SSH 密码 | |
|
|
||||||
| protocol | SSH 协议版本(`tcp`、`tcp4`、`tcp6`) | tcp |
|
|
||||||
| sync | 指定多个主机时同步执行 | false |
|
|
||||||
| timeout | SSH 连接主机的超时时间 | 30s |
|
|
||||||
| key | SSH 私钥内容(如 `~/.ssh/id_rsa` 的原始内容) | |
|
|
||||||
| key_path | SSH 私钥路径 | |
|
|
||||||
| passphrase | SSH 私钥密码短语 | |
|
|
||||||
| fingerprint | 主机公钥的 SHA256 指纹 | |
|
|
||||||
| use_insecure_cipher | 允许额外(不安全)的加密算法 | false |
|
|
||||||
| cipher | 允许的加密算法,未指定时使用默认值 | |
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
### 🛠️ 指令设置
|
|
||||||
|
|
||||||
这些参数用于控制在远程主机上执行的命令及相关行为。
|
|
||||||
|
|
||||||
| 参数 | 描述 | 默认值 |
|
|
||||||
| --------------- | ----------------------------------------------------- | ------ |
|
|
||||||
| script | 远程执行的命令 | |
|
|
||||||
| script_path | 包含要执行命令的文件路径 | |
|
|
||||||
| envs | 传递给 shell 脚本的环境变量 | |
|
|
||||||
| envs_format | 环境变量传递的灵活配置 | |
|
|
||||||
| allenvs | 传递所有带 `GITHUB_` 和 `INPUT_` 前缀的环境变量到脚本 | false |
|
|
||||||
| command_timeout | SSH 命令执行超时时间 | 10m |
|
|
||||||
| debug | 启用调试模式 | false |
|
|
||||||
| request_pty | 向服务器请求伪终端 | false |
|
|
||||||
| curl_insecure | 允许 curl 连接无证书的 SSL 站点 | false |
|
|
||||||
| version | drone-ssh 二进制版本,未指定时使用最新版本 | |
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
### 🌐 代理设置
|
|
||||||
|
|
||||||
这些参数用于通过代理(跳板机)连接到目标主机。
|
|
||||||
|
|
||||||
| 参数 | 描述 | 默认值 |
|
|
||||||
| ------------------------- | ----------------------------------------- | ------ |
|
|
||||||
| proxy_host | SSH 代理主机 | |
|
|
||||||
| proxy_port | SSH 代理端口 | 22 |
|
|
||||||
| proxy_username | SSH 代理用户名 | |
|
|
||||||
| proxy_password | SSH 代理密码 | |
|
|
||||||
| proxy_passphrase | SSH 代理私钥密码短语 | |
|
|
||||||
| proxy_protocol | SSH 代理协议版本(`tcp`、`tcp4`、`tcp6`) | tcp |
|
|
||||||
| proxy_timeout | SSH 连接代理主机的超时时间 | 30s |
|
|
||||||
| proxy_key | SSH 代理私钥内容 | |
|
|
||||||
| proxy_key_path | SSH 代理私钥路径 | |
|
|
||||||
| proxy_fingerprint | 代理主机公钥的 SHA256 指纹 | |
|
|
||||||
| proxy_cipher | 代理允许的加密算法 | |
|
|
||||||
| proxy_use_insecure_cipher | 代理允许额外(不安全)的加密算法 | false |
|
|
||||||
|
|
||||||
> **注意:** 如需实现已移除的 `script_stop` 功能,请在 shell 脚本顶部添加 `set -e`。
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## ⚡ 快速开始
|
|
||||||
|
|
||||||
只需简单配置,即可在工作流中执行远程 SSH 命令:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
name: Remote SSH Command
|
|
||||||
on: [push]
|
|
||||||
jobs:
|
|
||||||
build:
|
|
||||||
name: Build
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: 执行远程 SSH 命令(密码认证)
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: linuxserver.io
|
|
||||||
password: ${{ secrets.PASSWORD }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: whoami
|
|
||||||
```
|
|
||||||
|
|
||||||
**输出:**
|
|
||||||
|
|
||||||
```sh
|
|
||||||
======CMD======
|
|
||||||
whoami
|
|
||||||
======END======
|
|
||||||
linuxserver.io
|
|
||||||
===============================================
|
|
||||||
✅ Successfully executed commands to all hosts.
|
|
||||||
===============================================
|
|
||||||
```
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🔑 SSH 密钥配置与 OpenSSH 兼容性
|
|
||||||
|
|
||||||
### 配置 SSH 密钥
|
|
||||||
|
|
||||||
建议在本地机器(而非远程服务器)上创建 SSH 密钥。请使用 GitHub Secrets 中指定的用户名登录并生成密钥对:
|
|
||||||
|
|
||||||
#### 生成 RSA 密钥
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
|
|
||||||
```
|
|
||||||
|
|
||||||
#### 生成 ED25519 密钥
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|
||||||
```
|
|
||||||
|
|
||||||
将新生成的公钥添加到服务器的 authorized_keys。 [了解更多 authorized_keys](https://www.ssh.com/ssh/authorized_keys/)
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# 添加 RSA 公钥
|
|
||||||
cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys'
|
|
||||||
|
|
||||||
# 添加 ED25519 公钥
|
|
||||||
cat .ssh/id_ed25519.pub | ssh user@host 'cat >> .ssh/authorized_keys'
|
|
||||||
```
|
|
||||||
|
|
||||||
复制私钥内容并粘贴到 GitHub Secrets。
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# macOS
|
|
||||||
pbcopy < ~/.ssh/id_rsa
|
|
||||||
# Ubuntu
|
|
||||||
xclip < ~/.ssh/id_rsa
|
|
||||||
```
|
|
||||||
|
|
||||||
> **提示:** 复制内容需包含 `-----BEGIN OPENSSH PRIVATE KEY-----` 到 `-----END OPENSSH PRIVATE KEY-----`(含)。
|
|
||||||
|
|
||||||
ED25519 同理:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# macOS
|
|
||||||
pbcopy < ~/.ssh/id_ed25519
|
|
||||||
# Ubuntu
|
|
||||||
xclip < ~/.ssh/id_ed25519
|
|
||||||
```
|
|
||||||
|
|
||||||
更多信息:[SSH 无密码登录](http://www.linuxproblem.org/art_9.html)。
|
|
||||||
|
|
||||||
> **注意:** 根据 SSH 版本,可能还需:
|
|
||||||
>
|
|
||||||
> - 将公钥放入 `.ssh/authorized_keys2`
|
|
||||||
> - 设置 `.ssh` 权限为 700
|
|
||||||
> - 设置 `.ssh/authorized_keys2` 权限为 640
|
|
||||||
|
|
||||||
### OpenSSH 兼容性
|
|
||||||
|
|
||||||
如果出现如下错误:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
|
|
||||||
```
|
|
||||||
|
|
||||||
在 Ubuntu 20.04+,你可能需要显式允许 `ssh-rsa` 算法。请在 OpenSSH 配置文件(`/etc/ssh/sshd_config` 或 `/etc/ssh/sshd_config.d/` 下的 drop-in 文件)中添加:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
CASignatureAlgorithms +ssh-rsa
|
|
||||||
```
|
|
||||||
|
|
||||||
或者,直接使用默认支持的 ED25519 密钥:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|
||||||
```
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🛠️ 用法场景与进阶示例
|
|
||||||
|
|
||||||
本节涵盖常见与进阶用法,包括多主机、代理、环境变量传递等。
|
|
||||||
|
|
||||||
### 使用密码认证
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- name: 执行远程 SSH 命令(密码认证)
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
password: ${{ secrets.PASSWORD }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: whoami
|
|
||||||
```
|
|
||||||
|
|
||||||
### 使用私钥认证
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- name: 执行远程 SSH 命令(密钥认证)
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: whoami
|
|
||||||
```
|
|
||||||
|
|
||||||
### 多条命令
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- name: 多条命令
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||

|
|
||||||
|
|
||||||
### 从文件执行命令
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
- name: 文件命令
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script_path: scripts/script.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
### 多主机
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: 多主机
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
- host: "foo.com"
|
|
||||||
+ host: "foo.com,bar.com"
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||
默认 `port` 为 `22`。
|
|
||||||
|
|
||||||
### 多主机不同端口
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: 多主机
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
- host: "foo.com"
|
|
||||||
+ host: "foo.com:1234,bar.com:5678"
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||
### 多主机同步执行
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: 多主机
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: "foo.com,bar.com"
|
|
||||||
+ sync: true
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||
### 传递环境变量到 shell 脚本
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: 传递环境变量
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
+ env:
|
|
||||||
+ FOO: "BAR"
|
|
||||||
+ BAR: "FOO"
|
|
||||||
+ SHA: ${{ github.sha }}
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
+ envs: FOO,BAR,SHA
|
|
||||||
script: |
|
|
||||||
echo "I am $FOO"
|
|
||||||
echo "I am $BAR"
|
|
||||||
echo "sha: $SHA"
|
|
||||||
```
|
|
||||||
|
|
||||||
> _`env` 对象中的所有环境变量必须为字符串。传递整数或其他类型可能导致意外结果。_
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🌐 代理与跳板机用法
|
|
||||||
|
|
||||||
你可以通过代理(跳板机)连接到远程主机,适用于进阶网络拓扑。
|
|
||||||
|
|
||||||
```bash
|
|
||||||
+--------+ +----------+ +-----------+
|
|
||||||
| Laptop | <--> | Jumphost | <--> | FooServer |
|
|
||||||
+--------+ +----------+ +-----------+
|
|
||||||
```
|
|
||||||
|
|
||||||
示例 `~/.ssh/config`:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
Host Jumphost
|
|
||||||
HostName Jumphost
|
|
||||||
User ubuntu
|
|
||||||
Port 22
|
|
||||||
IdentityFile ~/.ssh/keys/jump_host.pem
|
|
||||||
|
|
||||||
Host FooServer
|
|
||||||
HostName FooServer
|
|
||||||
User ubuntu
|
|
||||||
Port 22
|
|
||||||
ProxyCommand ssh -q -W %h:%p Jumphost
|
|
||||||
```
|
|
||||||
|
|
||||||
**GitHub Actions YAML:**
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: SSH 代理命令
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
+ proxy_host: ${{ secrets.PROXY_HOST }}
|
|
||||||
+ proxy_username: ${{ secrets.PROXY_USERNAME }}
|
|
||||||
+ proxy_key: ${{ secrets.PROXY_KEY }}
|
|
||||||
+ proxy_port: ${{ secrets.PROXY_PORT }}
|
|
||||||
script: |
|
|
||||||
mkdir abc/def
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🛡️ 安全最佳实践
|
|
||||||
|
|
||||||
### 保护你的私钥
|
|
||||||
|
|
||||||
密码短语会加密你的私钥,即使泄露也无法被攻击者直接利用。请务必妥善保管私钥。
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: SSH 密钥密码短语
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
+ passphrase: ${{ secrets.PASSPHRASE }}
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||
### 主机指纹验证
|
|
||||||
|
|
||||||
验证 SSH 主机指纹有助于防止中间人攻击。获取主机指纹(将 `ed25519` 替换为你的密钥类型,`example.com` 替换为你的主机):
|
|
||||||
|
|
||||||
```sh
|
|
||||||
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
|
|
||||||
```
|
|
||||||
|
|
||||||
更新配置:
|
|
||||||
|
|
||||||
```diff
|
|
||||||
- name: SSH 密钥密码短语
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
+ fingerprint: ${{ secrets.FINGERPRINT }}
|
|
||||||
script: |
|
|
||||||
whoami
|
|
||||||
ls -al
|
|
||||||
```
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🚨 错误处理与疑难解答
|
|
||||||
|
|
||||||
### 常见问题
|
|
||||||
|
|
||||||
#### 命令未找到(npm 或其他命令)
|
|
||||||
|
|
||||||
如果遇到 "command not found" 错误,请参考 [此评论](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) 了解交互式与非交互式 shell 的区别。
|
|
||||||
|
|
||||||
许多 Linux 发行版的 `/etc/bash.bashrc` 包含如下内容:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
# If not running interactively, don't do anything
|
|
||||||
[ -z "$PS1" ] && return
|
|
||||||
```
|
|
||||||
|
|
||||||
注释掉该行或使用命令的绝对路径。
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🤝 贡献
|
|
||||||
|
|
||||||
欢迎贡献!请提交 Pull Request 改进 `appleboy/ssh-action`。
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 📝 许可证
|
|
||||||
|
|
||||||
本项目采用 [MIT License](LICENSE) 授权。
|
|
403
README.zh-tw.md
403
README.zh-tw.md
@ -1,247 +1,163 @@
|
|||||||
# 🚀 GitHub Actions 的 SSH
|
# 🚀 用於 GitHub Actions 的 SSH
|
||||||
|
|
||||||
[English](./README.md) | 繁體中文 | [简体中文](./README.zh-cn.md)
|
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
|
||||||
|
|
||||||
## 目錄
|
|
||||||
|
|
||||||
- [🚀 GitHub Actions 的 SSH](#-github-actions-的-ssh)
|
|
||||||
- [目錄](#目錄)
|
|
||||||
- [📖 簡介](#-簡介)
|
|
||||||
- [🧩 核心概念與輸入參數](#-核心概念與輸入參數)
|
|
||||||
- [🔌 連線設定](#-連線設定)
|
|
||||||
- [🛠️ 指令設定](#️-指令設定)
|
|
||||||
- [🌐 代理設定](#-代理設定)
|
|
||||||
- [⚡ 快速開始](#-快速開始)
|
|
||||||
- [🔑 SSH 金鑰設定與 OpenSSH 相容性](#-ssh-金鑰設定與-openssh-相容性)
|
|
||||||
- [設定 SSH 金鑰](#設定-ssh-金鑰)
|
|
||||||
- [產生 RSA 金鑰](#產生-rsa-金鑰)
|
|
||||||
- [產生 ED25519 金鑰](#產生-ed25519-金鑰)
|
|
||||||
- [OpenSSH 相容性](#openssh-相容性)
|
|
||||||
- [🛠️ 用法場景與進階範例](#️-用法場景與進階範例)
|
|
||||||
- [使用密碼認證](#使用密碼認證)
|
|
||||||
- [使用私鑰認證](#使用私鑰認證)
|
|
||||||
- [多條指令](#多條指令)
|
|
||||||
- [從檔案執行指令](#從檔案執行指令)
|
|
||||||
- [多主機](#多主機)
|
|
||||||
- [多主機不同埠號](#多主機不同埠號)
|
|
||||||
- [多主機同步執行](#多主機同步執行)
|
|
||||||
- [傳遞環境變數到 shell 腳本](#傳遞環境變數到-shell-腳本)
|
|
||||||
- [🌐 代理與跳板機用法](#-代理與跳板機用法)
|
|
||||||
- [🛡️ 安全最佳實踐](#️-安全最佳實踐)
|
|
||||||
- [保護你的私鑰](#保護你的私鑰)
|
|
||||||
- [主機指紋驗證](#主機指紋驗證)
|
|
||||||
- [🚨 錯誤處理與疑難排解](#-錯誤處理與疑難排解)
|
|
||||||
- [常見問題](#常見問題)
|
|
||||||
- [指令找不到(npm 或其他指令)](#指令找不到npm-或其他指令)
|
|
||||||
- [🤝 貢獻](#-貢獻)
|
|
||||||
- [📝 授權](#-授權)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 📖 簡介
|
|
||||||
|
|
||||||
**SSH for GitHub Actions** 是一個強大的 [GitHub Action](https://github.com/features/actions),可讓你在 CI/CD 工作流程中輕鬆且安全地執行遠端 SSH 指令。
|
|
||||||
本專案以 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 建立,支援多主機、代理、進階認證等多種 SSH 場景。
|
|
||||||
|
|
||||||

|

|
||||||
|
|
||||||
[](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
|
[](https://github.com/appleboy/ssh-action/actions)
|
||||||
|
|
||||||
---
|
**注意**: 只支援在 **Linux** [docker](https://www.docker.com/) 容器上執行。
|
||||||
|
|
||||||
## 🧩 核心概念與輸入參數
|
## 輸入變數
|
||||||
|
|
||||||
本 Action 提供彈性的 SSH 指令執行能力,並具備豐富的設定選項。
|
更詳細的資訊,請參閱 [action.yml](./action.yml)。
|
||||||
|
|
||||||
完整參數請參閱 [action.yml](./action.yml)。
|
* `host` - SSH 主機
|
||||||
|
* `port` - SSH 連接埠,預設為 `22`
|
||||||
|
* `username` - SSH 使用者名稱
|
||||||
|
* `password` - SSH 密碼
|
||||||
|
* `passphrase` - 通常用於加密私鑰的 passphrase
|
||||||
|
* `sync` - 同步執行多個主機上的命令,預設為 false
|
||||||
|
* `timeout` - SSH 連接到遠端主機的超時時間,預設為 `30s`
|
||||||
|
* `command_timeout` - SSH 命令超時時間,預設為 10m
|
||||||
|
* `key` - SSH 私鑰的內容,例如 ~/.ssh/id_rsa 的原始內容,請記得包含 BEGIN 和 END 行
|
||||||
|
* `key_path` - SSH 私鑰的路徑
|
||||||
|
* `fingerprint` - 主機公鑰的 SHA256 指紋,預設為略過驗證
|
||||||
|
* `script` - 執行命令
|
||||||
|
* `script_stop` - 當出現第一個錯誤時停止執行命令
|
||||||
|
* `envs` - 傳遞環境變數到 shell script
|
||||||
|
* `debug` - 啟用偵錯模式
|
||||||
|
* `use_insecure_cipher` - 使用不安全的密碼(ciphers)進行加密,參見 [#56](https://github.com/appleboy/ssh-action/issues/56)
|
||||||
|
* `cipher` - 允許使用的密碼(ciphers)演算法。如果未指定,則使用適當的演算法
|
||||||
|
|
||||||
### 🔌 連線設定
|
SSH 代理設置:
|
||||||
|
|
||||||
這些參數用於控制如何連線到遠端主機。
|
* `proxy_host` - 代理主機
|
||||||
|
* `proxy_port` - 代理端口,預設為 `22`
|
||||||
|
* `proxy_username` - 代理使用者名稱
|
||||||
|
* `proxy_password` - 代理密碼
|
||||||
|
* `proxy_passphrase` - 密碼通常用於加密私有金鑰
|
||||||
|
* `proxy_timeout` - SSH 連線至代理主機的逾時時間,預設為 `30s`
|
||||||
|
* `proxy_key` - SSH 代理私有金鑰內容
|
||||||
|
* `proxy_key_path` - SSH 代理私有金鑰路徑
|
||||||
|
* `proxy_fingerprint` - 代理主機公鑰的 SHA256 指紋,預設為跳過驗證
|
||||||
|
* `proxy_use_insecure_cipher` - 使用不安全的加密方式,請參閱 [#56](https://github.com/appleboy/ssh-action/issues/56)
|
||||||
|
* `proxy_cipher` - 允許的加密算法。如果未指定,則使用合理的算法
|
||||||
|
|
||||||
| 參數 | 說明 | 預設值 |
|
## 使用方式
|
||||||
| ------------------- | --------------------------------------------- | ------ |
|
|
||||||
| host | SSH 主機位址 | |
|
|
||||||
| port | SSH 埠號 | 22 |
|
|
||||||
| username | SSH 使用者名稱 | |
|
|
||||||
| password | SSH 密碼 | |
|
|
||||||
| protocol | SSH 協議版本(`tcp`、`tcp4`、`tcp6`) | tcp |
|
|
||||||
| sync | 指定多個主機時同步執行 | false |
|
|
||||||
| timeout | SSH 連線主機的逾時時間 | 30s |
|
|
||||||
| key | SSH 私鑰內容(如 `~/.ssh/id_rsa` 的原始內容) | |
|
|
||||||
| key_path | SSH 私鑰路徑 | |
|
|
||||||
| passphrase | SSH 私鑰密碼 | |
|
|
||||||
| fingerprint | 主機公鑰的 SHA256 指紋 | |
|
|
||||||
| use_insecure_cipher | 允許額外(不安全)的加密演算法 | false |
|
|
||||||
| cipher | 允許的加密演算法,未指定時使用預設值 | |
|
|
||||||
|
|
||||||
---
|
執行遠端 SSH 命令
|
||||||
|
|
||||||
### 🛠️ 指令設定
|
|
||||||
|
|
||||||
這些參數用於控制在遠端主機上執行的指令及相關行為。
|
|
||||||
|
|
||||||
| 參數 | 說明 | 預設值 |
|
|
||||||
| --------------- | ----------------------------------------------------- | ------ |
|
|
||||||
| script | 遠端執行的指令 | |
|
|
||||||
| script_path | 包含要執行指令的檔案路徑 | |
|
|
||||||
| envs | 傳遞給 shell 腳本的環境變數 | |
|
|
||||||
| envs_format | 環境變數傳遞的彈性設定 | |
|
|
||||||
| allenvs | 傳遞所有帶 `GITHUB_` 和 `INPUT_` 前綴的環境變數到腳本 | false |
|
|
||||||
| command_timeout | SSH 指令執行逾時時間 | 10m |
|
|
||||||
| debug | 啟用除錯模式 | false |
|
|
||||||
| request_pty | 向伺服器請求偽終端 | false |
|
|
||||||
| curl_insecure | 允許 curl 連線無憑證的 SSL 網站 | false |
|
|
||||||
| version | drone-ssh 執行檔版本,未指定時使用最新版本 | |
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
### 🌐 代理設定
|
|
||||||
|
|
||||||
這些參數用於透過代理(跳板機)連線到目標主機。
|
|
||||||
|
|
||||||
| 參數 | 說明 | 預設值 |
|
|
||||||
| ------------------------- | ----------------------------------------- | ------ |
|
|
||||||
| proxy_host | SSH 代理主機 | |
|
|
||||||
| proxy_port | SSH 代理埠號 | 22 |
|
|
||||||
| proxy_username | SSH 代理使用者名稱 | |
|
|
||||||
| proxy_password | SSH 代理密碼 | |
|
|
||||||
| proxy_passphrase | SSH 代理私鑰密碼 | |
|
|
||||||
| proxy_protocol | SSH 代理協議版本(`tcp`、`tcp4`、`tcp6`) | tcp |
|
|
||||||
| proxy_timeout | SSH 連線代理主機的逾時時間 | 30s |
|
|
||||||
| proxy_key | SSH 代理私鑰內容 | |
|
|
||||||
| proxy_key_path | SSH 代理私鑰路徑 | |
|
|
||||||
| proxy_fingerprint | 代理主機公鑰的 SHA256 指紋 | |
|
|
||||||
| proxy_cipher | 代理允許的加密演算法 | |
|
|
||||||
| proxy_use_insecure_cipher | 代理允許額外(不安全)的加密演算法 | false |
|
|
||||||
|
|
||||||
> **注意:** 如需實現已移除的 `script_stop` 功能,請在 shell 腳本最上方加上 `set -e`。
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## ⚡ 快速開始
|
|
||||||
|
|
||||||
只需簡單設定,即可在工作流程中執行遠端 SSH 指令:
|
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
name: Remote SSH Command
|
name: remote ssh command
|
||||||
on: [push]
|
on: [push]
|
||||||
jobs:
|
jobs:
|
||||||
|
|
||||||
build:
|
build:
|
||||||
name: Build
|
name: Build
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: 執行遠端 SSH 指令(密碼認證)
|
- name: executing remote ssh commands using password
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: linuxserver.io
|
username: ${{ secrets.USERNAME }}
|
||||||
password: ${{ secrets.PASSWORD }}
|
password: ${{ secrets.PASSWORD }}
|
||||||
port: ${{ secrets.PORT }}
|
port: ${{ secrets.PORT }}
|
||||||
script: whoami
|
script: whoami
|
||||||
```
|
```
|
||||||
|
|
||||||
**輸出:**
|
畫面輸出
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
======CMD======
|
======CMD======
|
||||||
whoami
|
whoami
|
||||||
======END======
|
======END======
|
||||||
linuxserver.io
|
out: ***
|
||||||
===============================================
|
==============================================
|
||||||
✅ Successfully executed commands to all hosts.
|
✅ Successfully executed commands to all host.
|
||||||
===============================================
|
==============================================
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
### 設置 SSH 金鑰
|
||||||
|
|
||||||
## 🔑 SSH 金鑰設定與 OpenSSH 相容性
|
請在創建 SSH 金鑰並使用 SSH 金鑰時遵循以下步驟。最佳做法是在本地機器上創建 SSH 金鑰而不是遠端機器上。請使用 Github Secrets 中指定的用戶名登錄。生成 RSA 金鑰:
|
||||||
|
|
||||||
### 設定 SSH 金鑰
|
### 生成 RSA 金鑰
|
||||||
|
|
||||||
建議於本地端(非遠端伺服器)產生 SSH 金鑰。請以 GitHub Secrets 指定的使用者名稱登入並產生金鑰對:
|
|
||||||
|
|
||||||
#### 產生 RSA 金鑰
|
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
|
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
#### 產生 ED25519 金鑰
|
### 生成 ed25519 金鑰
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
將新產生的公鑰加入伺服器的 authorized_keys。 [了解更多 authorized_keys](https://www.ssh.com/ssh/authorized_keys/)
|
將新生成的金鑰添加到已授權的金鑰中。詳細了解已授權的金鑰請點擊[此處](https://www.ssh.com/ssh/authorized_keys/).
|
||||||
|
|
||||||
|
### 將 RSA 金鑰添加到已授權金鑰中
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# 加入 RSA 公鑰
|
cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
|
||||||
cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys'
|
|
||||||
|
|
||||||
# 加入 ED25519 公鑰
|
|
||||||
cat .ssh/id_ed25519.pub | ssh user@host 'cat >> .ssh/authorized_keys'
|
|
||||||
```
|
```
|
||||||
|
|
||||||
複製私鑰內容並貼到 GitHub Secrets。
|
### 將 ed25519 金鑰添加到已授權金鑰中
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# macOS
|
cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
|
||||||
pbcopy < ~/.ssh/id_rsa
|
|
||||||
# Ubuntu
|
|
||||||
xclip < ~/.ssh/id_rsa
|
|
||||||
```
|
```
|
||||||
|
|
||||||
> **提示:** 複製內容需包含 `-----BEGIN OPENSSH PRIVATE KEY-----` 到 `-----END OPENSSH PRIVATE KEY-----`(含)。
|
複製私鑰內容,然後將其粘貼到 Github Secrets 中。
|
||||||
|
|
||||||
ED25519 同理:
|
### 複製 rsa 私鑰內容
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# macOS
|
clip < ~/.ssh/id_rsa
|
||||||
pbcopy < ~/.ssh/id_ed25519
|
|
||||||
# Ubuntu
|
|
||||||
xclip < ~/.ssh/id_ed25519
|
|
||||||
```
|
```
|
||||||
|
|
||||||
更多資訊:[SSH 免密碼登入](http://www.linuxproblem.org/art_9.html)。
|
### 複製 ed25519 私鑰內容
|
||||||
|
|
||||||
> **注意:** 根據 SSH 版本,可能還需:
|
```bash
|
||||||
>
|
clip < ~/.ssh/id_ed25519
|
||||||
> - 將公鑰放入 `.ssh/authorized_keys2`
|
```
|
||||||
> - 設定 `.ssh` 權限為 700
|
|
||||||
> - 設定 `.ssh/authorized_keys2` 權限為 640
|
|
||||||
|
|
||||||
### OpenSSH 相容性
|
有關無需密碼登錄 SSH 的詳細信息,請[參見該網站](http://www.linuxproblem.org/art_9.html)。
|
||||||
|
|
||||||
若出現以下錯誤:
|
**來自讀者的注意事項**: 根據您的 SSH 版本,您可能還需要進行以下更改:
|
||||||
|
|
||||||
|
* 將公鑰放在 `.ssh/authorized_keys2` 中
|
||||||
|
* 將 `.ssh` 的權限更改為700
|
||||||
|
* 將 `.ssh/authorized_keys2` 的權限更改為640
|
||||||
|
|
||||||
|
### 如果你使用的是 OpenSSH
|
||||||
|
|
||||||
|
如果您正在使用 OpenSSH,並出現以下錯誤:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
|
ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
|
||||||
```
|
```
|
||||||
|
|
||||||
在 Ubuntu 20.04+,你可能需明確允許 `ssh-rsa` 演算法。請於 OpenSSH 設定檔(`/etc/ssh/sshd_config` 或 `/etc/ssh/sshd_config.d/` 下的 drop-in 檔案)加入:
|
請確保您所選擇的密鑰演算法得到支援。在 Ubuntu 20.04 或更高版本上,您必須明確允許使用 SSH-RSA 演算法。請在 OpenSSH 守護進程文件中添加以下行(它可以是 `/etc/ssh/sshd_config` 或 `/etc/ssh/sshd_config.d/` 中的一個附著文件):
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
CASignatureAlgorithms +ssh-rsa
|
CASignatureAlgorithms +ssh-rsa
|
||||||
```
|
```
|
||||||
|
|
||||||
或直接使用預設支援的 ED25519 金鑰:
|
或者,`Ed25519` 密鑰在 OpenSSH 中默認被接受。如果需要,您可以使用它來替代 RSA。
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
### Example
|
||||||
|
|
||||||
## 🛠️ 用法場景與進階範例
|
#### 使用密碼執行遠端 SSH 命令
|
||||||
|
|
||||||
本節涵蓋常見與進階用法,包括多主機、代理、環境變數傳遞等。
|
|
||||||
|
|
||||||
### 使用密碼認證
|
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
- name: 執行遠端 SSH 指令(密碼認證)
|
- name: executing remote ssh commands using password
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -250,11 +166,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
script: whoami
|
script: whoami
|
||||||
```
|
```
|
||||||
|
|
||||||
### 使用私鑰認證
|
#### 使用私鑰
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
- name: 執行遠端 SSH 指令(私鑰認證)
|
- name: executing remote ssh commands using ssh key
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -263,11 +179,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
script: whoami
|
script: whoami
|
||||||
```
|
```
|
||||||
|
|
||||||
### 多條指令
|
#### 多個命令
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
- name: 多條指令
|
- name: multiple command
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -280,24 +196,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
### 從檔案執行指令
|
#### 多台主機
|
||||||
|
|
||||||
```yaml
|
|
||||||
- name: 檔案指令
|
|
||||||
uses: appleboy/ssh-action@v1
|
|
||||||
with:
|
|
||||||
host: ${{ secrets.HOST }}
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
key: ${{ secrets.KEY }}
|
|
||||||
port: ${{ secrets.PORT }}
|
|
||||||
script_path: scripts/script.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
### 多主機
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: 多主機
|
- name: multiple host
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
- host: "foo.com"
|
- host: "foo.com"
|
||||||
+ host: "foo.com,bar.com"
|
+ host: "foo.com,bar.com"
|
||||||
@ -309,13 +212,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
預設 `port` 為 `22`。
|
#### 多個不同端口的主機
|
||||||
|
|
||||||
### 多主機不同埠號
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: 多主機
|
- name: multiple host
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
- host: "foo.com"
|
- host: "foo.com"
|
||||||
+ host: "foo.com:1234,bar.com:5678"
|
+ host: "foo.com:1234,bar.com:5678"
|
||||||
@ -326,11 +227,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
### 多主機同步執行
|
#### 在多個主機上同步執行
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: 多主機
|
- name: multiple host
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: "foo.com,bar.com"
|
host: "foo.com,bar.com"
|
||||||
+ sync: true
|
+ sync: true
|
||||||
@ -342,11 +243,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
### 傳遞環境變數到 shell 腳本
|
#### 將環境變量傳遞到 Shell 腳本
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: 傳遞環境變數
|
- name: pass environment
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
+ env:
|
+ env:
|
||||||
+ FOO: "BAR"
|
+ FOO: "BAR"
|
||||||
+ BAR: "FOO"
|
+ BAR: "FOO"
|
||||||
@ -363,13 +264,40 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
echo "sha: $SHA"
|
echo "sha: $SHA"
|
||||||
```
|
```
|
||||||
|
|
||||||
> _`env` 物件中的所有環境變數必須為字串。傳遞整數或其他型別可能導致非預期結果。_
|
_在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳遞 `Integer` 數據類型或任何其他類型可能會產生意外結果。_
|
||||||
|
|
||||||
---
|
#### 在第一次失敗後停止腳本
|
||||||
|
|
||||||
## 🌐 代理與跳板機用法
|
> ex: missing `abc` folder
|
||||||
|
|
||||||
你可以透過代理(跳板機)連線到遠端主機,適用於進階網路拓撲。
|
```diff
|
||||||
|
- name: stop script if command error
|
||||||
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.HOST }}
|
||||||
|
username: ${{ secrets.USERNAME }}
|
||||||
|
key: ${{ secrets.KEY }}
|
||||||
|
port: ${{ secrets.PORT }}
|
||||||
|
+ script_stop: true
|
||||||
|
script: |
|
||||||
|
mkdir abc/def
|
||||||
|
ls -al
|
||||||
|
```
|
||||||
|
|
||||||
|
畫面輸出:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
======CMD======
|
||||||
|
mkdir abc/def
|
||||||
|
ls -al
|
||||||
|
|
||||||
|
======END======
|
||||||
|
2019/11/21 01:16:21 Process exited with status 1
|
||||||
|
err: mkdir: cannot create directory ‘abc/def’: No such file or directory
|
||||||
|
##[error]Docker run failed with exit code 1
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 如何使用 `ProxyCommand` 連接遠程服務器?
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
+--------+ +----------+ +-----------+
|
+--------+ +----------+ +-----------+
|
||||||
@ -377,7 +305,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
|
|||||||
+--------+ +----------+ +-----------+
|
+--------+ +----------+ +-----------+
|
||||||
```
|
```
|
||||||
|
|
||||||
範例 `~/.ssh/config`:
|
在您的 `~/.ssh/config` 文件中,您會看到以下內容。
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
Host Jumphost
|
Host Jumphost
|
||||||
@ -393,11 +321,11 @@ Host FooServer
|
|||||||
ProxyCommand ssh -q -W %h:%p Jumphost
|
ProxyCommand ssh -q -W %h:%p Jumphost
|
||||||
```
|
```
|
||||||
|
|
||||||
**GitHub Actions YAML:**
|
#### 如何將其轉換為 GitHubActions 的 YAML 格式?
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: SSH 代理指令
|
- name: ssh proxy command
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -412,17 +340,13 @@ Host FooServer
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
#### 如何保護私鑰?
|
||||||
|
|
||||||
## 🛡️ 安全最佳實踐
|
密碼短語通常用於加密私鑰。這使得攻擊者無法單獨使用密鑰文件。文件泄露可能來自備份或停用的硬件,黑客通常可以從受攻擊系統中洩露文件。因此,保護私鑰非常重要。
|
||||||
|
|
||||||
### 保護你的私鑰
|
|
||||||
|
|
||||||
密碼短語會加密你的私鑰,即使外洩也無法被攻擊者直接利用。請務必妥善保管私鑰。
|
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: SSH 私鑰密碼
|
- name: ssh key passphrase
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -434,19 +358,21 @@ Host FooServer
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
### 主機指紋驗證
|
#### 使用主機指紋驗證
|
||||||
|
|
||||||
驗證 SSH 主機指紋有助於防止中間人攻擊。取得主機指紋(將 `ed25519` 換成你的金鑰型別,`example.com` 換成你的主機):
|
設置 SSH 主機指紋驗證可以幫助防止中間人攻擊。在設置之前,運行以下命令以獲取 SSH 主機指紋。請記得將 `ed25519` 替換為您的適當金鑰類型(`rsa`、 `dsa`等),而 `example.com` 則替換為您的主機。
|
||||||
|
|
||||||
|
現代 OpenSSH 版本中,需要提取的_默認金鑰_類型是 `rsa`(從版本 5.1 開始)、`ecdsa`(從版本 6.0 開始)和 `ed25519`(從版本 6.7 開始)。
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
|
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
|
||||||
```
|
```
|
||||||
|
|
||||||
更新設定:
|
現在您可以調整您的配置:
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
- name: SSH 私鑰密碼
|
- name: ssh key passphrase
|
||||||
uses: appleboy/ssh-action@v1
|
uses: appleboy/ssh-action@v1.0.1
|
||||||
with:
|
with:
|
||||||
host: ${{ secrets.HOST }}
|
host: ${{ secrets.HOST }}
|
||||||
username: ${{ secrets.USERNAME }}
|
username: ${{ secrets.USERNAME }}
|
||||||
@ -458,33 +384,10 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
|
|||||||
ls -al
|
ls -al
|
||||||
```
|
```
|
||||||
|
|
||||||
---
|
## 貢獻
|
||||||
|
|
||||||
## 🚨 錯誤處理與疑難排解
|
我們非常希望您為 `appleboy/ssh-action` 做出貢獻,歡迎提交請求!
|
||||||
|
|
||||||
### 常見問題
|
## 授權方式
|
||||||
|
|
||||||
#### 指令找不到(npm 或其他指令)
|
本項目中的腳本和文檔采用 [MIT](LICENSE) 許可證 發布。
|
||||||
|
|
||||||
若遇到 "command not found" 錯誤,請參考 [此討論](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) 了解互動式與非互動式 shell 差異。
|
|
||||||
|
|
||||||
許多 Linux 發行版的 `/etc/bash.bashrc` 包含如下內容:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
# If not running interactively, don't do anything
|
|
||||||
[ -z "$PS1" ] && return
|
|
||||||
```
|
|
||||||
|
|
||||||
請將該行註解掉或使用指令的絕對路徑。
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 🤝 貢獻
|
|
||||||
|
|
||||||
歡迎貢獻!請提交 Pull Request 改善 `appleboy/ssh-action`。
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## 📝 授權
|
|
||||||
|
|
||||||
本專案採用 [MIT License](LICENSE) 授權。
|
|
||||||
|
145
action.yml
145
action.yml
@ -1,145 +1,76 @@
|
|||||||
name: "SSH Remote Commands"
|
name: 'SSH Remote Commands'
|
||||||
description: "Executing remote ssh commands"
|
description: 'Executing remote ssh commands'
|
||||||
author: "Bo-Yi Wu"
|
author: 'Bo-Yi Wu'
|
||||||
inputs:
|
inputs:
|
||||||
host:
|
host:
|
||||||
description: "SSH host address or IP to connect to."
|
description: 'SSH host address.'
|
||||||
port:
|
port:
|
||||||
description: "SSH port number for the connection."
|
description: 'SSH port number.'
|
||||||
default: "22"
|
default: "22"
|
||||||
passphrase:
|
passphrase:
|
||||||
description: "Passphrase to decrypt the SSH private key if protected."
|
description: 'Passphrase for the SSH key.'
|
||||||
username:
|
username:
|
||||||
description: "SSH username for authentication on the remote server."
|
description: 'SSH username.'
|
||||||
password:
|
password:
|
||||||
description: "SSH password for authentication (use secrets for sensitive data)."
|
description: 'SSH password.'
|
||||||
protocol:
|
|
||||||
description: 'IP protocol version to use. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).'
|
|
||||||
default: "tcp"
|
|
||||||
sync:
|
sync:
|
||||||
description: "When true, executes commands synchronously across multiple hosts (one after another)."
|
description: 'Enable synchronous execution if multiple hosts are involved.'
|
||||||
use_insecure_cipher:
|
use_insecure_cipher:
|
||||||
description: "Enable additional legacy ciphers that might be less secure but more compatible with older systems."
|
description: 'Include more ciphers by using insecure ciphers.'
|
||||||
cipher:
|
cipher:
|
||||||
description: "Specify custom cipher algorithms for encryption. Leave empty to use secure defaults."
|
description: 'Allowed cipher algorithms. If unspecified, a sensible default is used.'
|
||||||
timeout:
|
timeout:
|
||||||
description: "Maximum time to wait when establishing the SSH connection, e.g., '30s', '1m'."
|
description: 'Timeout duration for establishing SSH connection to the host.'
|
||||||
default: "30s"
|
default: "30s"
|
||||||
command_timeout:
|
command_timeout:
|
||||||
description: "Maximum execution time for the remote commands before terminating, e.g., '10m', '1h'."
|
description: 'Timeout duration for SSH commands execution.'
|
||||||
default: "10m"
|
default: "10m"
|
||||||
key:
|
key:
|
||||||
description: "Raw content of the SSH private key for authentication (use secrets for sensitive data)."
|
description: 'Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa.'
|
||||||
key_path:
|
key_path:
|
||||||
description: "Path to the SSH private key file on the runner."
|
description: 'Path to the SSH private key file.'
|
||||||
fingerprint:
|
fingerprint:
|
||||||
description: "SHA256 fingerprint of the host public key for verification to prevent MITM attacks."
|
description: 'SHA256 fingerprint of the host public key.'
|
||||||
proxy_host:
|
proxy_host:
|
||||||
description: "Proxy server hostname or IP if connecting through an SSH jump host."
|
description: 'SSH proxy host address.'
|
||||||
proxy_port:
|
proxy_port:
|
||||||
description: "SSH port number for the proxy connection."
|
description: 'SSH proxy port number.'
|
||||||
default: "22"
|
default: "22"
|
||||||
proxy_username:
|
proxy_username:
|
||||||
description: "Username for authentication on the proxy server."
|
description: 'SSH proxy username.'
|
||||||
proxy_password:
|
proxy_password:
|
||||||
description: "Password for authentication on the proxy server (use secrets for sensitive data)."
|
description: 'SSH proxy password.'
|
||||||
proxy_protocol:
|
|
||||||
description: 'IP protocol version for proxy. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).'
|
|
||||||
default: "tcp"
|
|
||||||
proxy_passphrase:
|
proxy_passphrase:
|
||||||
description: "Passphrase to decrypt the proxy SSH private key if protected."
|
description: 'SSH proxy key passphrase.'
|
||||||
proxy_timeout:
|
proxy_timeout:
|
||||||
description: "Maximum time to wait when establishing the proxy SSH connection, e.g., '30s', '1m'."
|
description: 'Timeout duration for establishing SSH connection to the proxy host.'
|
||||||
default: "30s"
|
default: "30s"
|
||||||
proxy_key:
|
proxy_key:
|
||||||
description: "Raw content of the SSH proxy private key for authentication (use secrets for sensitive data)."
|
description: 'Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa.'
|
||||||
proxy_key_path:
|
proxy_key_path:
|
||||||
description: "Path to the SSH proxy private key file on the runner."
|
description: 'Path to the SSH proxy private key file.'
|
||||||
proxy_fingerprint:
|
proxy_fingerprint:
|
||||||
description: "SHA256 fingerprint of the proxy host public key for verification."
|
description: 'SHA256 fingerprint of the proxy host public key.'
|
||||||
proxy_cipher:
|
proxy_cipher:
|
||||||
description: "Specify custom cipher algorithms for proxy connection encryption."
|
description: 'Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used.'
|
||||||
proxy_use_insecure_cipher:
|
proxy_use_insecure_cipher:
|
||||||
description: "Enable additional legacy ciphers for proxy connections (less secure but more compatible)."
|
description: 'Include more ciphers for the proxy by using insecure ciphers.'
|
||||||
script:
|
script:
|
||||||
description: "Commands to execute on the remote server (inline script string)."
|
description: 'Commands to be executed.'
|
||||||
script_path:
|
script_stop:
|
||||||
description: "Path to a local file containing commands to execute on the remote server."
|
description: 'Stop the script after the first failure.'
|
||||||
envs:
|
envs:
|
||||||
description: "Environment variables to expose to the remote script, format: key=value,key2=value2."
|
description: 'Environment variables to be passed to the shell script.'
|
||||||
envs_format:
|
envs_format:
|
||||||
description: "Format specification for environment variable transfer (for advanced usage)."
|
description: 'Flexible configuration for environment value transfer.'
|
||||||
debug:
|
debug:
|
||||||
description: "Set to true to enable verbose logging for troubleshooting connection issues."
|
description: 'Enable debug mode.'
|
||||||
allenvs:
|
allenvs:
|
||||||
description: "When true, passes all GitHub Actions environment variables to the remote script."
|
description: 'pass all environment variable to shell script.'
|
||||||
request_pty:
|
|
||||||
description: "Request a pseudo-terminal from the server (required for interactive commands or sudo)."
|
|
||||||
curl_insecure:
|
|
||||||
description: "When true, uses the --insecure option with curl for insecure downloads."
|
|
||||||
default: "false"
|
|
||||||
capture_stdout:
|
|
||||||
description: "When true, captures and returns standard output from the commands as action output."
|
|
||||||
default: "false"
|
|
||||||
version:
|
|
||||||
description: |
|
|
||||||
The version of drone-ssh to use.
|
|
||||||
|
|
||||||
outputs:
|
|
||||||
stdout:
|
|
||||||
description: "Standard output of the executed commands when capture_stdout is enabled."
|
|
||||||
value: ${{ steps.entrypoint.outputs.stdout }}
|
|
||||||
|
|
||||||
runs:
|
runs:
|
||||||
using: "composite"
|
using: 'docker'
|
||||||
steps:
|
image: 'Dockerfile'
|
||||||
- name: Set GitHub Path
|
|
||||||
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
|
|
||||||
shell: bash
|
|
||||||
env:
|
|
||||||
GITHUB_ACTION_PATH: ${{ github.action_path }}
|
|
||||||
- id: entrypoint
|
|
||||||
name: Run entrypoint.sh
|
|
||||||
run: entrypoint.sh
|
|
||||||
shell: bash
|
|
||||||
env:
|
|
||||||
GITHUB_ACTION_PATH: ${{ github.action_path }}
|
|
||||||
INPUT_HOST: ${{ inputs.host }}
|
|
||||||
INPUT_PORT: ${{ inputs.port }}
|
|
||||||
INPUT_PROTOCOL: ${{ inputs.protocol }}
|
|
||||||
INPUT_USERNAME: ${{ inputs.username }}
|
|
||||||
INPUT_PASSWORD: ${{ inputs.password }}
|
|
||||||
INPUT_PASSPHRASE: ${{ inputs.passphrase }}
|
|
||||||
INPUT_KEY: ${{ inputs.key }}
|
|
||||||
INPUT_KEY_PATH: ${{ inputs.key_path }}
|
|
||||||
INPUT_FINGERPRINT: ${{ inputs.fingerprint }}
|
|
||||||
INPUT_PROXY_HOST: ${{ inputs.proxy_host }}
|
|
||||||
INPUT_PROXY_PORT: ${{ inputs.proxy_port }}
|
|
||||||
INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }}
|
|
||||||
INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }}
|
|
||||||
INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
|
|
||||||
INPUT_PROXY_KEY: ${{ inputs.proxy_key }}
|
|
||||||
INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
|
|
||||||
INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
|
|
||||||
INPUT_TIMEOUT: ${{ inputs.timeout }}
|
|
||||||
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
|
|
||||||
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
|
|
||||||
INPUT_SCRIPT: ${{ inputs.script }}
|
|
||||||
INPUT_SCRIPT_FILE: ${{ inputs.script_path }}
|
|
||||||
INPUT_ENVS: ${{ inputs.envs }}
|
|
||||||
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
|
|
||||||
INPUT_DEBUG: ${{ inputs.debug }}
|
|
||||||
INPUT_ALL_ENVS: ${{ inputs.allenvs }}
|
|
||||||
INPUT_REQUEST_PTY: ${{ inputs.request_pty }}
|
|
||||||
INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
|
|
||||||
INPUT_CIPHER: ${{ inputs.cipher }}
|
|
||||||
INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
|
|
||||||
INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
|
|
||||||
INPUT_SYNC: ${{ inputs.sync }}
|
|
||||||
INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }}
|
|
||||||
INPUT_CURL_INSECURE: ${{ inputs.curl_insecure }}
|
|
||||||
DRONE_SSH_VERSION: ${{ inputs.version }}
|
|
||||||
|
|
||||||
branding:
|
branding:
|
||||||
icon: "terminal"
|
icon: 'terminal'
|
||||||
color: "gray-dark"
|
color: 'gray-dark'
|
||||||
|
@ -1,56 +1,7 @@
|
|||||||
#!/usr/bin/env bash
|
#!/bin/sh
|
||||||
|
|
||||||
set -euo pipefail
|
set -eu
|
||||||
|
|
||||||
export GITHUB="true"
|
export GITHUB="true"
|
||||||
|
|
||||||
GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
|
sh -c "/bin/drone-ssh $*"
|
||||||
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
|
|
||||||
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.8.1}"
|
|
||||||
|
|
||||||
function log_error() {
|
|
||||||
echo "$1" >&2
|
|
||||||
exit "$2"
|
|
||||||
}
|
|
||||||
|
|
||||||
function detect_client_info() {
|
|
||||||
CLIENT_PLATFORM="${SSH_CLIENT_OS:-$(uname -s | tr '[:upper:]' '[:lower:]')}"
|
|
||||||
CLIENT_ARCH="${SSH_CLIENT_ARCH:-$(uname -m)}"
|
|
||||||
|
|
||||||
case "${CLIENT_PLATFORM}" in
|
|
||||||
darwin | linux | windows) ;;
|
|
||||||
*) log_error "Unknown or unsupported platform: ${CLIENT_PLATFORM}. Supported platforms are Linux, Darwin, and Windows." 2 ;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
case "${CLIENT_ARCH}" in
|
|
||||||
x86_64* | i?86_64* | amd64*) CLIENT_ARCH="amd64" ;;
|
|
||||||
aarch64* | arm64*) CLIENT_ARCH="arm64" ;;
|
|
||||||
*) log_error "Unknown or unsupported architecture: ${CLIENT_ARCH}. Supported architectures are x86_64, i686, and arm64." 3 ;;
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
|
|
||||||
detect_client_info
|
|
||||||
DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
|
|
||||||
CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
|
|
||||||
TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
|
|
||||||
echo "Downloading ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
|
|
||||||
INSECURE_OPTION=""
|
|
||||||
if [[ "${INPUT_CURL_INSECURE}" == 'true' ]]; then
|
|
||||||
INSECURE_OPTION="--insecure"
|
|
||||||
fi
|
|
||||||
|
|
||||||
curl -fsSL --retry 5 --keepalive-time 2 ${INSECURE_OPTION} "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}"
|
|
||||||
chmod +x "${TARGET}"
|
|
||||||
|
|
||||||
echo "======= CLI Version Information ======="
|
|
||||||
"${TARGET}" --version
|
|
||||||
echo "======================================="
|
|
||||||
if [[ "${INPUT_CAPTURE_STDOUT}" == 'true' ]]; then
|
|
||||||
{
|
|
||||||
echo 'stdout<<EOF'
|
|
||||||
"${TARGET}" "$@" | tee -a "${GITHUB_OUTPUT}"
|
|
||||||
echo 'EOF'
|
|
||||||
} >>"${GITHUB_OUTPUT}"
|
|
||||||
else
|
|
||||||
"${TARGET}" "$@"
|
|
||||||
fi
|
|
||||||
|
7
testdata/.ssh/id_ed25519
vendored
7
testdata/.ssh/id_ed25519
vendored
@ -1,7 +0,0 @@
|
|||||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
||||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
|
|
||||||
QyNTUxOQAAACDoi7FltQCqpWporKh61nJUPIeazUYdzdstncoeU5XS2AAAAKBF5e2SReXt
|
|
||||||
kgAAAAtzc2gtZWQyNTUxOQAAACDoi7FltQCqpWporKh61nJUPIeazUYdzdstncoeU5XS2A
|
|
||||||
AAAEBrsLG1vSg08yaQgYM46KQW93Lz2ZikS1tTMH35gfHhpOiLsWW1AKqlamisqHrWclQ8
|
|
||||||
h5rNRh3N2y2dyh5TldLYAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
|
1
testdata/.ssh/id_ed25519.pub
vendored
1
testdata/.ssh/id_ed25519.pub
vendored
@ -1 +0,0 @@
|
|||||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiLsWW1AKqlamisqHrWclQ8h5rNRh3N2y2dyh5TldLY your_email@example.com
|
|
39
testdata/.ssh/id_passphrase
vendored
39
testdata/.ssh/id_passphrase
vendored
@ -1,39 +0,0 @@
|
|||||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
||||||
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA5p9eRXu
|
|
||||||
BJantF5ARnBfnqAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQCuWKQh09Vl
|
|
||||||
v3IRu/+oK18ws72VQS7PCXJaIEp1L+7HqC/6+plizaVgd9SjAg0UJSqvp+WfpU5I53hevE
|
|
||||||
0Ip3s71Tsoeu1azWoi2Mbq3ycZ5ysh4htZZklKBkYsyW+2EdITPcmhA8rF+KiDRyuvk7fD
|
|
||||||
o08G3YWgbCScY6VkLA06ReThCehAY54WNvgbx7lyvCWj1qYG0XjM7mTQHr3QN0JHJNdFaG
|
|
||||||
3MCi1rTG2hK/owOlzcesIbzfM1VMIQG5HT4vNg/ULP0BTZ7pGtdvWlvR/660KQwc1tBxLq
|
|
||||||
xI1dYoCgiS/gMyPxhOtNKTvhR/NR7e2sp/StkXURIxTHhj0KjKbnpXTQ2IndnesHAG9kDJ
|
|
||||||
7c31SXastWpbXWhCIdRZk+KQsnmwobZlw3w1vfx2Dm7M2ZCcCgG/ArUPjY44nGOWO5Nz98
|
|
||||||
QHyz3IocsKJXrGVo/3YpNNu72jkw7UGVMqh1dAe3ZMaCAC5pAAa0HKvkid7jdXawL2b//+
|
|
||||||
vsAPSHdnEjP58AAAWQCUj9ajDO6N0sI5jzkRxiMIaeDvP7Ns+cJtE1uxzrm7Ecgf7kBL2V
|
|
||||||
9Ru0gW1+ii3U/hPLkxwBwd3xvoc1Xy+n+c7D6bQVviv1lsbY1uPzxGR3fUfRCu2M1D8OEH
|
|
||||||
vol7jvFAZmtrpgy3gY45k2lbsY368bIJ+hYIqeHRqFsD+SyM/xSnj5/bZNvNrc+kHikiA3
|
|
||||||
uVSvXe9oWVNm3hxLDppYPEYkORERHx9EWh5sruLwoM2NW6qwE+wGw0Vx1AuA7cNszDdmMs
|
|
||||||
qJFq0n5cQ78E3q0V49e0FOBjMoSJBxdQRHRz2al9MzJlcVVs5LGwmgVH0ur0V9QR8zv2Pv
|
|
||||||
ZV6r+H9mMo2eCtUDlKUXlCnfgwDP0ghXysFKSDLzXNEPrddmvzQeWA973fcguniLLq7Gbw
|
|
||||||
gpHSuP/vqVqtQQbXEdozgUl666SXC7GdPqaA5YsfGIJ4Ank3/Vjb3hc0/hElx4O0fEn18E
|
|
||||||
TWbd9o6v70mNbu3LjeJPNDwODMGn9GC3kRtSc5bU0A8YAM+gFaeytrz2W/vCe3EST8VBcQ
|
|
||||||
UtvYqGG/zGJhV8+OYoIZZQQkyCmTt0i4nTCJAMUnZ+pgY6YJk+UdBGhLvwNBtl4Z1nQKSA
|
|
||||||
hcBBo6T08bQfe/HmVs4dcwBO956qiOX/QjHDLew81MfpvjZ2kGD5Hp/qhieUdJ3IiUEsOC
|
|
||||||
FQC01JeEJlkEqd2jqBR/9RDnK7O8gTR0AA858L+MftN4nN2h2UkGjWMWSbkmwGMqyRGfRa
|
|
||||||
TJeg5njxYJVcRlWZ/KvNPxis8wIuCaRMbPT2WpHsRr1lY3s4IzFn+EMCkybHZArQVYtl1O
|
|
||||||
iGXYjpxe+cOc02PM1aKlUfCQfsr0CrXwwGzIQ73uXVSQgP5pQdV3iN/57+5aiH8F9D7X3n
|
|
||||||
p5QJzBuLGvhUDWqqwbwWy+81k3Y8rHXNfhVSlRmtGJXAPqpw0PCyquySJNwogi4rBkg0jF
|
|
||||||
xuqvimvhNcWzF7yf+fnYa6H+N8PavH32HRM50AYyWPyKWBp3Syri0P54cnkBjKTjTKGYA6
|
|
||||||
4KwizazsbOMY5kp0UAmgX6XyM5OSROtxUp4P6T20okjKaSzamgMBKZULP/b768l4UYRgFe
|
|
||||||
uohg2/9A1fwYB/K8I+V7Qw9079JvAG05eIOgce3Dd+bXoH6j/Ylmk5Gj7LzhEXtMz3NEpj
|
|
||||||
LCg8tx0YFpuyoCaRlqOnsZCpc1EnL0UyMguCh9ADTG9h6V3Xf2j2Q94rKvAc4ZrBtj6qXT
|
|
||||||
BIfGsBIA7vA1KnKHB9oOFQZ26iRU7oTAunAQvSKF7/7luTqONoni6U/RpvERT/KeeIDSxz
|
|
||||||
uzFQ+apy/PTESSUtutpnTug6rexwrPb6ugJipag8ebNWVdOgaNBUL8wciW4lN8YkzjhXMw
|
|
||||||
xHB0PUuSXcBuuPDQuYZk84dpXxM10fWwuCTMlH1bXatSQhtRVbjVJIDXnnYpQKtuURiwMm
|
|
||||||
j4WLEt10hvu6t4aNJzzVY80/iLMb4ZGQgHotrjFfx9nzwe3SioINPaxRIb3m2gTsi8Nr/p
|
|
||||||
Y5zNjV9NOjONktUjLznRpfY/yBxOtPe9lxnaKfniRTK5HjBbi8hmei9G8lIHV9qyhpURYM
|
|
||||||
1EdZB86uZWJOaRA8/fpwt8z2stmpKpuGFQOSgr7W5JQWSFeTAMYPoafsm0PD1zSyw7j1wE
|
|
||||||
DWlmUAzpMirSnPUQndR8IcF7fZmI8J1g30eIFTQpoTDCyoiegkOXHa9HyWwmEAwws1PCWZ
|
|
||||||
a5Viw6XLJI3tahSNhZzdY/UNFikuO8AuIDXykBM7riaqK4PADtmGY88QGWXQbw5xxWtH6r
|
|
||||||
Wwk4KzDL9UFeCMSiQo//e+kg/mPLml6Sa4THOzP3iOmx810JoMDmF/jvtpC+ew5HpPPtg4
|
|
||||||
h55pSap77CEhEhE5FPZKuH9f7/E=
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
|
1
testdata/.ssh/id_passphrase.pub
vendored
1
testdata/.ssh/id_passphrase.pub
vendored
@ -1 +0,0 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuWKQh09Vlv3IRu/+oK18ws72VQS7PCXJaIEp1L+7HqC/6+plizaVgd9SjAg0UJSqvp+WfpU5I53hevE0Ip3s71Tsoeu1azWoi2Mbq3ycZ5ysh4htZZklKBkYsyW+2EdITPcmhA8rF+KiDRyuvk7fDo08G3YWgbCScY6VkLA06ReThCehAY54WNvgbx7lyvCWj1qYG0XjM7mTQHr3QN0JHJNdFaG3MCi1rTG2hK/owOlzcesIbzfM1VMIQG5HT4vNg/ULP0BTZ7pGtdvWlvR/660KQwc1tBxLqxI1dYoCgiS/gMyPxhOtNKTvhR/NR7e2sp/StkXURIxTHhj0KjKbnpXTQ2IndnesHAG9kDJ7c31SXastWpbXWhCIdRZk+KQsnmwobZlw3w1vfx2Dm7M2ZCcCgG/ArUPjY44nGOWO5Nz98QHyz3IocsKJXrGVo/3YpNNu72jkw7UGVMqh1dAe3ZMaCAC5pAAa0HKvkid7jdXawL2b//+vsAPSHdnEjP58= mtk10671@NB22040567
|
|
27
testdata/.ssh/id_rsa
vendored
27
testdata/.ssh/id_rsa
vendored
@ -1,27 +0,0 @@
|
|||||||
-----BEGIN RSA PRIVATE KEY-----
|
|
||||||
MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26
|
|
||||||
VbfAF0hIJji7ltvnYnqCU9oFfvEM33cTn7T96+od8ib/Vz25YU8ZbstqtIskPuwC
|
|
||||||
bv3K0mAHgsviJyRD7yM+QKTbBQEgbGuW6gtbMKhiYfiIB4Dyj7AdS/fk3v26wDgz
|
|
||||||
7SHI5OBqu9bv1KhxQYdFEnU3PAtAqeccgzNpbH3eYLyGzuUxEIJlhpZ/uU2G9ppj
|
|
||||||
/cSrONVPiI8Ahi4RrlZjmP5l57/sq1ClGulyLpFcMw68kP5FikyqHpHJHRBNgU57
|
|
||||||
1y0Ph33SjBbs0haCIAcmreWEhGe+/OXnJe6VUQIDAQABAoIBAH97emORIm9DaVSD
|
|
||||||
7mD6DqA7c5m5Tmpgd6eszU08YC/Vkz9oVuBPUwDQNIX8tT0m0KVs42VVPIyoj874
|
|
||||||
bgZMJoucC1G8V5Bur9AMxhkShx9g9A7dNXJTmsKilRpk2TOk7wBdLp9jZoKoZBdJ
|
|
||||||
jlp6FfaazQjjKD6zsCsMATwAoRCBpBNsmT6QDN0n0bIgY0tE6YGQaDdka0dAv68G
|
|
||||||
R0VZrcJ9voT6+f+rgJLoojn2DAu6iXaM99Gv8FK91YCymbQlXXgrk6CyS0IHexN7
|
|
||||||
V7a3k767KnRbrkqd3o6JyNun/CrUjQwHs1IQH34tvkWScbseRaFehcAm6mLT93RP
|
|
||||||
muauvMECgYEA9AXGtfDMse0FhvDPZx4mx8x+vcfsLvDHcDLkf/lbyPpu97C27b/z
|
|
||||||
ia07bu5TAXesUZrWZtKA5KeRE5doQSdTOv1N28BEr8ZwzDJwfn0DPUYUOxsN2iIy
|
|
||||||
MheO5A45Ko7bjKJVkZ61Mb1UxtqCTF9mqu9R3PBdJGthWOd+HUvF460CgYEA7QRf
|
|
||||||
Z8+vpGA+eSuu29e0xgRKnRzed5zXYpcI4aERc3JzBgO4Z0er9G8l66OWVGdMfpe6
|
|
||||||
CBajC5ToIiT8zqoYxXwqJgN+glir4gJe3mm8J703QfArZiQrdk0NTi5bY7+vLLG/
|
|
||||||
knTrtpdsKih6r3kjhuPPaAsIwmMxIydFvATKjLUCgYEAh/y4EihRSk5WKC8GxeZt
|
|
||||||
oiZ58vT4z+fqnMIfyJmD5up48JuQNcokw/LADj/ODiFM7GUnWkGxBrvDA3H67WQm
|
|
||||||
49bJjs8E+BfUQFdTjYnJRlpJZ+7Zt1gbNQMf5ENw5CCchTDqEq6pN0DVf8PBnSIF
|
|
||||||
KvkXW9KvdV5J76uCAn15mDkCgYA1y8dHzbjlCz9Cy2pt1aDfTPwOew33gi7U3skS
|
|
||||||
RTerx29aDyAcuQTLfyrROBkX4TZYiWGdEl5Bc7PYhCKpWawzrsH2TNa7CRtCOh2E
|
|
||||||
R+V/84+GNNf04ALJYCXD9/ugQVKmR1XfDRCvKeFQFE38Y/dvV2etCswbKt5tRy2p
|
|
||||||
xkCe/QKBgQCkLqafD4S20YHf6WTp3jp/4H/qEy2X2a8gdVVBi1uKkGDXr0n+AoVU
|
|
||||||
ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1
|
|
||||||
7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA==
|
|
||||||
-----END RSA PRIVATE KEY-----
|
|
1
testdata/.ssh/id_rsa.pub
vendored
1
testdata/.ssh/id_rsa.pub
vendored
@ -1 +0,0 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDh7YP+o83TynNNpz5rxmaU/XOIk5eTjkLKcw+29rSu0r9EHbpVt8AXSEgmOLuW2+dieoJT2gV+8QzfdxOftP3r6h3yJv9XPblhTxluy2q0iyQ+7AJu/crSYAeCy+InJEPvIz5ApNsFASBsa5bqC1swqGJh+IgHgPKPsB1L9+Te/brAODPtIcjk4Gq71u/UqHFBh0USdTc8C0Cp5xyDM2lsfd5gvIbO5TEQgmWGln+5TYb2mmP9xKs41U+IjwCGLhGuVmOY/mXnv+yrUKUa6XIukVwzDryQ/kWKTKoekckdEE2BTnvXLQ+HfdKMFuzSFoIgByat5YSEZ7785ecl7pVR drone-scp@localhost
|
|
50
testdata/.ssh/test
vendored
50
testdata/.ssh/test
vendored
@ -1,50 +0,0 @@
|
|||||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
||||||
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAZka7A7i
|
|
||||||
FscMeJBPyPteclAAAAEAAAAAEAAAIXAAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2o
|
|
||||||
nnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mh
|
|
||||||
HBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+
|
|
||||||
rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMG
|
|
||||||
vX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv
|
|
||||||
9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOr
|
|
||||||
b93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mr
|
|
||||||
D2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jI
|
|
||||||
NHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE
|
|
||||||
3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpv
|
|
||||||
jwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQAAB1CnEMQGwAKZbd3F1DJqwfPf
|
|
||||||
KWjoUJKbTRiav6h5pQr65JaqDe/7YE2ZHYo5917AC2vPLwPxAnoHFMsbObd5mWcmpATg/0
|
|
||||||
K/qkN5Z4Ml5U3bwr51wfSPh1MiAP21Aickt09BDstIJzNNwwgcY31O3k/d6VBjqyM6Ezop
|
|
||||||
66LI4s/IIni1BI+cALyEfzE4Qu16GfzIeM+JVxildP4VImhvNBESmmbBL8rNmSzlQ+FTuF
|
|
||||||
JVmowUbcon1O0CppM1MRVPeG805XDwjxHXKwOp5O7MdTz7H8JeORoe8D6+4rNfJE0eQGY7
|
|
||||||
Nm4+Wa97HzAFbT9IS433rxoGx9Qps3LAySFONso2JWSOEfo8rxnqO04DrfVHQhY3DkkwQt
|
|
||||||
FsDnMtkthJa+ZzUYc75fnS0DBPGuF9DZUCqrev5oAUHP6C4Vc4b33JJQD4FZJ+ehk3Xsci
|
|
||||||
cwJQsmgLyc5Jdh543Dm7kZoM9ku7HDNrB4H/1p45Vo6aBZMAY50x+fTdBeTgCzzhzzTbf+
|
|
||||||
0IF8W3yW3/BYD+S2Byo3JKp6NH0Q8cgPJrGTl6GltGfpVuc6kLjMZ5zvxRbyWaqtIygM46
|
|
||||||
W1izbA+9jwbHhitCtOk42e/ff6iEB1MVC13LqPty3gPNR8Pv0rDUDjJS4KiVwXqUY+bMr0
|
|
||||||
C8l/hx93euHjLUJ49Ru6uy/2fBlHZEj6GmEAJhu/i6t2c1Rq0HBLis9X356oQT+YZnIai2
|
|
||||||
ym0MknPxjeYBAItOV3zhRd1cYnk7CDcl1XALcnh0tqP712x24IJ+Ytqg7nvB2NZV8T469I
|
|
||||||
8Fp254Nr89HOMAXaZD0UcIPm7D2rfWV+YJFI3ZcJ/8DM99H3tpXe2j4oHMdmAbBd++09sx
|
|
||||||
KBRdFLcvnBfd1lqwxpA7hbxzrxi/yehYCqzh5KQGaf2UXej6TPiVzBWVYbp34cMZtsT6mF
|
|
||||||
K8SS3l5TXoNK2DNEk30o8K3q+vngQpfC9GZ/id4B7LS/3ybellxemZHXQoU4PxDkLKt7jd
|
|
||||||
AAsd5WO13dv3n/qgyu8iBRiFU+W66NX0RJGkp+lZMnta0YzukafM2n6GDn/r/Cx/y21PAi
|
|
||||||
ah8i41ByI1QLI4m1r+bRHdUxAarS/XJw4tTSFiZu3zddMYrlzeG9O3VUX9zBvBtfQbSmeJ
|
|
||||||
omml0zlr/qD7TMsORiujy7XIn7sMW+Ls/NA8TvX8oRnACjXe/MYNEZ8WDu2rkZuY/Dfc+o
|
|
||||||
NyYWO7kZ3kcejQZ1NusJSA7MG0FFGYSIaC9T9CWqYd5IcRSJW4dZnCt9z8CIJ6TSUFqMb/
|
|
||||||
H1Y5Rmi0IIX+8qbGGXVBDIBk5y9xtS43+nz1nsdXwDmkTiXN9+ZX+GDsLxCWoHGryrWDbk
|
|
||||||
EuOAlqpvxFKzEkNsx+AC5wae6i/hBeiEce9bm4nZp+hFv1ic1Z9WS8B37YOFgJ4utGeOjB
|
|
||||||
6hnywUUJ3aH0LnCQNB3UzeFR7BmEaxmYD/phJodmjA5SD3CWpeizdXfrUjtqXGhYlr2jzq
|
|
||||||
vBAeeYEO4uaHIGxg8GqoqtaseqVcIdtouHxrVAxxXkjShV2ji7oJ/AtrLZNlkKYxMk0TpX
|
|
||||||
fFiKqL/uKfS78FfvVOhOkHZTD6ZeMgmdL/uOghEAtrf08ChyRvdp7QLjA802aio9eUVIQm
|
|
||||||
lHb1ltPEbIZNuvQ5kTIwk2eM6EAkOh0MBMoAYOxOpIb00XHNRDGJYuLewByjMQa8EoT6VM
|
|
||||||
NoiFIzJU9lLAXE6yz6JswctpTpLHK9Aq5vY7ObaOvrmpCQqsXfOuVUo2nR/FyEes97zuXG
|
|
||||||
E4aKaHK4IAW4UY/oGYk7pU/yRpudhiNRMXzmcQXfVmBEHuvDrh2chg8lDYn++07F7RWqkI
|
|
||||||
nfMAOWR8UEl4xp4zJtThDjRxNW6QLl8E1ADjndA9wVaKNSzv2i1TLXKBr5luFqY9MSJ2rm
|
|
||||||
yBR5EwairH/Qn9TUxaDD+0p6J+E9iz1l8UPTJa/cjtwiySljahY/6tHHnr9YQVnox92yfU
|
|
||||||
UXpfINGjYrpqh6EFwmyRw9fryIMvMhgZYo6ZoCRBCK2GfGAB0VTzJy2FGs4GecZK5ptXKu
|
|
||||||
sOX8BgGX/Q/nAJ7PWf9hgYlX2YyjmLjQZDMWECp05VFx9znEETNKlwF1FX5/E/37ISyz4d
|
|
||||||
I1LVSKOEccJX7jCR32LzvRW1UBX47Z+q3LVE4sa0QAV/JoISq6Qn6zAsVIV0yEPmVbd/xx
|
|
||||||
aX2uBUGHhmd99YJDh81xJIoYEMRzoGVfp0JjfYcDUc+2I6JdrOMF9/KmMA5wsZl4OKiu/F
|
|
||||||
cTRGjUkgw/cF2EFRGWknee2esYRB7tOr4y56qZ4gxqw8q9rYXhyB42jbdTvt5xcCm/ynid
|
|
||||||
sn4InokRRoIiMIPL5Ur7FZQHOP+915MWUBsrTJtkCWQuqJheYUi3mCzh/7NadAKplRpaKb
|
|
||||||
rS/DJIOOkjnGni/sDxJzPq7STDBVy4WStwQl6NI5hq+/c+JvN9GI4Vu/kz0z8qUcdShLaH
|
|
||||||
l4njcaMpg4tpQMHtCBOicGyV0=
|
|
||||||
-----END OPENSSH PRIVATE KEY-----
|
|
1
testdata/.ssh/test.pub
vendored
1
testdata/.ssh/test.pub
vendored
@ -1 +0,0 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2onnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mhHBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMGvX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOrb93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mrD2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jINHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpvjwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQ== deploy@easyssh
|
|
3
testdata/test.sh
vendored
3
testdata/test.sh
vendored
@ -1,3 +0,0 @@
|
|||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
whoami
|
|
Loading…
x
Reference in New Issue
Block a user