appleboy/ssh-action
1
0
Fork 0
mirror of https://gitea.com/Lydanne/ssh-action.git synced 2025-08-17 09:15:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: appleboy:v1.1.0
Branches Tags
appleboy:master appleboy:346 appleboy:testing
appleboy:v1.2.2 appleboy:v1 appleboy:v1.2.1 appleboy:v1.2.0 appleboy:v1.1.0 appleboy:v1.0.3 appleboy:v1.0.2 appleboy:v1.0.1 appleboy:v1.0.0 appleboy:v0.1.10 appleboy:v0.1.9 appleboy:v0.1.8 appleboy:v0.1.7 appleboy:v0.1.6 appleboy:v0.1.5 appleboy:v0.1.4 appleboy:v0.1.3 appleboy:v0.1.2 appleboy:v0.1.1 appleboy:v0.1.0 appleboy:v0.0.9 appleboy:v0.0.8 appleboy:v0.0.7 appleboy:v0.0.6 appleboy:v0.0.5 appleboy:v0.0.4 appleboy:v0.0.3 appleboy:v0.0.2 appleboy:v0.0.1
..
compare: appleboy:v1.2.1
Branches Tags
appleboy:master appleboy:346 appleboy:testing
appleboy:v1.2.2 appleboy:v1 appleboy:v1.2.1 appleboy:v1.2.0 appleboy:v1.1.0 appleboy:v1.0.3 appleboy:v1.0.2 appleboy:v1.0.1 appleboy:v1.0.0 appleboy:v0.1.10 appleboy:v0.1.9 appleboy:v0.1.8 appleboy:v0.1.7 appleboy:v0.1.6 appleboy:v0.1.5 appleboy:v0.1.4 appleboy:v0.1.3 appleboy:v0.1.2 appleboy:v0.1.1 appleboy:v0.1.0 appleboy:v0.0.9 appleboy:v0.0.8 appleboy:v0.0.7 appleboy:v0.0.6 appleboy:v0.0.5 appleboy:v0.0.4 appleboy:v0.0.3 appleboy:v0.0.2 appleboy:v0.0.1

26 Commits
v1.1.0 ... v1.2.1

Author SHA1 Message Date
Bo-Yi Wu
8faa84277b chore: standardize formatting and update dependencies in workflows 
- Change the title format in the bug report template from single quotes to double quotes
- Update `appleboy/ssh-action` version from `v1.2.0` to `v1.2.1` in multiple workflow files
- Remove unnecessary blank lines in the bug report template

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-02-19 17:50:00 +08:00
Bo-Yi Wu
49751ff516 docs: standardize script_file naming to script_path in documentation (#360) 
- Rename `script_file` to `script_path` in README.md
- Rename `script_file` to `script_path` in README.zh-cn.md
- Rename `script_file` to `script_path` in README.zh-tw.md

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-01-03 10:17:01 +08:00
Bo-Yi Wu
86aa40ddb7 ci: add SSH server testing to GitHub Actions workflow 
- Add a new job `testing-script-error` to the GitHub Actions workflow
- Use `actions/checkout@v4` to check out the code
- Create and run a new SSH server container using `lscr.io/linuxserver/openssh-server:latest`
- Capture the container's IP address and set it as an environment variable
- Add a step to test script errors with `continue-on-error: true`
- Configure the test script to connect to the SSH server and run a command that will fail (`ls /nonexistent`)

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2025-01-03 09:31:39 +08:00
Bo-Yi Wu
66aa4d343b ci: add SSH testing job to GitHub Actions workflow (#355) 
* ci: add SSH testing job to GitHub Actions workflow

https://github.com/appleboy/ssh-action/issues/335#issuecomment-2372414496

- Add a new job `testing-script-stop` to the GitHub Actions workflow
- Set up an SSH server using a Docker container within the new job
- Capture the container's IP address and store it in the GitHub environment
- Add a step to run an SSH command with stdout capture
- Include a script to test conditional logic within the SSH command
- Add a step to check and print the captured stdout from the SSH command

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: improve GitHub Actions workflow with conditional checks

- Add conditional checks in GitHub Actions workflow to handle 'True' and 'False' outputs

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: standardize naming and validation of stdout steps

- Rename `stdout` step to `stdout01` in the GitHub Actions workflow
- Rename `check stdout` step to `check stdout 01`
- Update references to `stdout` to `stdout01` in echo and grep commands
- Add a new step `stdout02` for SSH command execution with stdout capture
- Add a new step `check stdout 02` to validate the output of `stdout02` step

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-12-05 16:23:32 +08:00
Jesse
102c0d2e5f feat: capture stdout and store as output (#287) 2024-12-04 09:49:35 +08:00
Bo-Yi Wu
e13c387332 ci(action): display an environment variable with special characters (#351) 
- Add a new job `testing07` with steps to set environment variables and create an SSH server container
- Set a special character password in environment variables
- Run a Docker container for an OpenSSH server and capture its IP address
- Add steps to SSH into the server using username and password authentication

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-02 23:19:33 +08:00
Bo-Yi Wu
1c1ad10f6d ci(action): remove script stop functionality from project (#350) 
- Remove the `stop script if command error` step from GitHub workflows
- Remove the `script_stop` option from the README and its translations
- Remove the `script_stop` input from `action.yml`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-02 21:25:26 +08:00
appleboy
48531853a7 docs(readme): refactor README files to improve language link structure 
- Combine language links into a single line in `README.md`
- Add links to English and Traditional Chinese README in `README.zh-cn.md`
- Combine language links into a single line in `README.zh-tw.md`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-01 10:12:22 +08:00
appleboy
b76e6173e8 docs(readme): standardize and format README files across languages 
- Remove an empty line in `README.md`
- Replace underscores with bold formatting for default key types in `README.zh-cn.md` and `README.zh-tw.md`
- Standardize list formatting in `README.md`, `README.zh-cn.md`, and `README.zh-tw.md`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-12-01 10:10:43 +08:00
appleboy
6137f733fb docs: improve project documentation and organization 
- Add a project description mentioning the use of Golang and drone-ssh
- Replace the list of input variables with a table format for better readability and organization

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-23 23:30:59 +08:00
Kyle Leonhard
43d4ebbb72 chore: Add test to stable workflow for script_path (#347) 2024-11-18 08:57:32 +08:00
appleboy
a9e2fdf08d docs(readme): improve README structure and add new input variables 
- Update title to remove redundant "用於"
- Add links to English and Simplified Chinese versions of the README
- Add a note about the project using Golang and drone-ssh
- Replace detailed input variable descriptions with a table format
- Add new input variables `protocol`, `proxy_protocol`, `envs_format`, `allenvs`, and `request_pty`
- Update usage section to refer to `action.yml` for detailed information

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 16:00:24 +08:00
appleboy
cec69ef231 docs(readme): standardize terminology and capitalization across project 
- Capitalize "SSH" in multiple instances for consistency
- Change "This thing" to "This project" for clarity and professionalism
- Capitalize "Pass" in the description of the `allenvs` option

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:53:54 +08:00
appleboy
a8952ebe2a docs(readme): update documentation for GitHub Actions and Docker support 
- Update README badges to reflect the new GitHub Actions workflow
- Remove outdated information about Linux Docker container support in README files

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:51:42 +08:00
appleboy
8fdfeb034e chore(github): update appleboy/ssh-action to version v1.2.0 across workflows 
- Update `appleboy/ssh-action` from version `v1.0.3` to `v1.2.0` in bug report template
- Update `appleboy/ssh-action` from version `v1.0.3` to `v1.2.0` in stable workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:17:02 +08:00
appleboy
7eaf76671a docs(readme): update SSH action and enhance Chinese README files 
- Update `appleboy/ssh-action` from version `v1.1.0` to `v1.2.0` in multiple instances
- Add `script_file` option to the Chinese (Simplified) and Chinese (Traditional) README files
- Add example for executing commands from a file in the Chinese (Simplified) and Chinese (Traditional) README files

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:08:23 +08:00
appleboy
176437b548 chore: refactor codebase for improved consistency and performance 
- Change the username from `${{ secrets.USERNAME }}` to `linuxserver.io`
- Update the output from `***` to `linuxserver.io`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:05:56 +08:00
appleboy
25259c3d50 fix: refactor and enhance API and testing infrastructure 
- Update DRONE_SSH_VERSION from 1.7.7 to 1.8.0
- Add missing case statement terminator in detect_client_info function

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:02:20 +08:00
appleboy
bf84378588 refactor: refactor codebase and improve API performance 
-

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-11-17 15:00:26 +08:00
Kyle Leonhard
362a7f1677 chore: support running commands from a file (#341) 2024-11-17 14:57:46 +08:00
appleboy
ab698e59d8 docs(readme): enhance network protocol support and testing 
- Add `proxy_protocol` option to the README with possible values `tcp`, `tcp4`, `tcp6` and default `tcp`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-28 22:37:55 +08:00
appleboy
703ffa3c1e feat(actions): enhance system performance and API integration 
- Add `proxy_protocol` input with description and default value "tcp"

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-28 22:36:36 +08:00
appleboy
8b84eaec3a ci(script): improve CI robustness and coverage across environments 
- Change single-line script to multi-line bash script with error handling in GitHub Actions workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-24 01:27:03 +08:00
appleboy
2763143a97 ci(script): enhance CI workflows and API integration 
- Change script execution to a multi-line bash script with error handling in GitHub workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-24 01:25:46 +08:00
Lukáš Tesař
3f1416813d fix: typo in success message (#340) 
Reflects changes made by [drone-ssh#283](https://github.com/appleboy/drone-ssh/pull/283)
 2024-10-13 09:00:02 +08:00
appleboy
bb32884d53 chore: enhance CI/CD workflows and documentation formatting 
- Update `appleboy/ssh-action` from version `v1.0.3` to `v1.1.0` in multiple instances
- Fix table formatting in `README.md`

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-10-06 21:19:31 +08:00
9 changed files with 530 additions and 351 deletions
Expand all files Collapse all files

20
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@@ -1,10 +1,9 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
title: ""
labels: bug
assignees: appleboy
---
## Describe the bug
@@ -19,19 +18,18 @@ Please post your Yaml configuration file along with the output results.
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
## Related environment

251
.github/workflows/main.yml vendored
View File

@@ -37,7 +37,19 @@ jobs:
username: linuxserver.io
password: password
port: 2222
script: whoami
script: |
#!/usr/bin/env bash
set -e
whoami
- name: ssh commands from a file
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script_path: testdata/test.sh
check-ssh-key:
runs-on: ubuntu-latest
@@ -111,22 +123,6 @@ jobs:
port: 2222
script: whoami
- name: stop script if command error
uses: ./
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
key: password
port: 2222
script_stop: true
sync: true
debug: true
script: |
mkdir abc/def
ls -al
support-key-passphrase:
runs-on: ubuntu-latest
steps:
@@ -203,7 +199,6 @@ jobs:
key: ${{ env.PRIVATE_KEY }}
port: 2222
passphrase: 1234
script_stop: true
script: |
ls \
-lah
@@ -280,7 +275,6 @@ jobs:
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
passphrase: 1234
script_stop: true
script: |
whoami
@@ -476,7 +470,6 @@ jobs:
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script_stop: true
request_pty: true
command_timeout: 30s
script: |
@@ -511,3 +504,221 @@ jobs:
command_timeout: 30s
script: |
whoami
testing07:
name: some special character
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Set Environment Variables
run: |
PASS='3HUS$?8kLu)}'
printf "PASS=${PASS}" >> $GITHUB_ENV
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD='${{ env.PASS }}' \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: ssh by username and password
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: ${{ env.PASS }}
port: 2222
script: |
#!/usr/bin/env bash
set -e
whoami
testing-capturing-output:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- id: stdout
name: ssh command with stdout
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
whoami
- name: check stdout
run: |
echo "stdout: ${{ steps.stdout.outputs.stdout }}"
testing-script-stop:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- id: stdout01
name: ssh command with stdout 01
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
echo "TMP TESTING IF"
if [[ "2" == "1" ]]; then
echo "True"
else
echo "False"
fi
- name: check stdout 01
run: |
echo "stdout: ${{ steps.stdout01.outputs.stdout }}"
if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "True"; then
echo "Output contains 'True'"
exit 1
fi
if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "False"; then
echo "Output contains 'False'"
fi
- id: stdout02
name: ssh command with stdout 01
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
echo "TMP TESTING IF"
if [[ "1" == "1" ]]; then
echo "True"
else
echo "False"
fi
- name: check stdout 02
run: |
echo "stdout: ${{ steps.stdout02.outputs.stdout }}"
if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "False"; then
echo "Output contains 'False'"
exit 1
fi
if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "True"; then
echo "Output contains 'True'"
fi
testing-script-error:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: create new ssh server
run: |
docker run -d \
--name=openssh-server \
--hostname=openssh-server \
-p 2222:2222 \
-e SUDO_ACCESS=false \
-e PASSWORD_ACCESS=true \
-e USER_PASSWORD=password \
-e USER_NAME=linuxserver.io \
--restart unless-stopped \
lscr.io/linuxserver/openssh-server:latest
docker exec openssh-server sh -c "hostname -i" > ip.txt
echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV
cat ip.txt >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "======= container ip address ========="
cat ip.txt
echo "======================================"
sleep 2
- name: test script error
uses: ./
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
capture_stdout: true
script: |
#!/usr/bin/env bash
set -e
ls /nonexistent

63
.github/workflows/stable.yml vendored
View File

@@ -31,13 +31,25 @@ jobs:
sleep 2
- name: ssh by username and password
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script: whoami
script: |
#!/usr/bin/env bash
set -e
whoami
- name: ssh commands from a file
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script_path: testdata/test.sh
check-ssh-key:
runs-on: ubuntu-latest
@@ -83,7 +95,7 @@ jobs:
sleep 2
- name: ssh by private key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
@@ -92,7 +104,7 @@ jobs:
script: whoami
- name: wrong password but correct key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
@@ -102,7 +114,7 @@ jobs:
script: whoami
- name: correct password but wrong key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
@@ -111,22 +123,6 @@ jobs:
port: 2222
script: whoami
- name: stop script if command error
uses: appleboy/ssh-action@v1.0.3
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
key: password
port: 2222
script_stop: true
sync: true
debug: true
script: |
mkdir abc/def
ls -al
support-key-passphrase:
runs-on: ubuntu-latest
steps:
@@ -171,7 +167,7 @@ jobs:
sleep 2
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
@@ -183,7 +179,7 @@ jobs:
ls -al
- name: missing ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
continue-on-error: true
with:
host: ${{ env.REMOTE_HOST }}
@@ -196,14 +192,13 @@ jobs:
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
passphrase: 1234
script_stop: true
script: |
ls \
-lah
@@ -274,13 +269,12 @@ jobs:
# https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222"
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
passphrase: 1234
script_stop: true
script: |
whoami
@@ -328,7 +322,7 @@ jobs:
sleep 2
- name: testing id_ed25519 key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
@@ -381,7 +375,7 @@ jobs:
sleep 2
- name: testing id_ed25519 key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
@@ -392,7 +386,7 @@ jobs:
ls -al
- name: pass environment
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
env:
FOO: "BAR"
with:
@@ -406,7 +400,7 @@ jobs:
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
env:
FOO: "BAR"
BAR: "FOO"
@@ -425,7 +419,7 @@ jobs:
echo "port: $PORT"
- name: custom envs format
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
env:
FOO: "BAR"
AAA: "BBB"
@@ -443,7 +437,7 @@ jobs:
echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
env:
INPUT_FOO: "BAR"
INPUT_AAA: "BBB"
@@ -460,13 +454,12 @@ jobs:
echo "$GITHUB_REF"
- name: switch to root user
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
key: ${{ env.PRIVATE_KEY }}
port: 2222
script_stop: true
request_pty: true
command_timeout: 30s
script: |

115
README.md
View File

@@ -1,24 +1,21 @@
# 🚀 SSH for GitHub Actions
[繁體中文](./README.zh-tw.md)
[简体中文](./README.zh-cn.md)
[繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
[GitHub Action](https://github.com/features/actions) for executing remote SSH commands.
![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
[![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
This project is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
## Input variables
See [action.yml](./action.yml) for more detailed information.
| Input Parameter | Description | Default Value |
|---------------------------|------------------------------------------------------------------------------------------|---------------|
| ------------------------- | ---------------------------------------------------------------------------------------- | ------------- |
| host | SSH host address | |
| port | SSH port number | 22 |
| passphrase | SSH key passphrase | |
@@ -35,6 +32,7 @@ See [action.yml](./action.yml) for more detailed information.
| fingerprint | SHA256 fingerprint of the host public key | |
| proxy_host | SSH proxy host | |
| proxy_port | SSH proxy port | 22 |
| proxy_protocol | SSH proxy protocol version (tcp, tcp4, tcp6) | tcp |
| proxy_username | SSH proxy username | |
| proxy_password | SSH proxy password | |
| proxy_passphrase | SSH proxy key passphrase | |
@@ -45,34 +43,33 @@ See [action.yml](./action.yml) for more detailed information.
| proxy_cipher | Allowed cipher algorithms for the proxy | |
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
| script | Execute commands | |
| script_stop | Stop script after first failure | false |
| script_path | Execute commands from a file | |
| envs | Pass environment variables to shell script | |
| envs_format | Flexible configuration of environment value transfer | |
| debug | Enable debug mode | false |
| allenvs | pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
| allenvs | Pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
| request_pty | Request a pseudo-terminal from the server | false |
## Usage
Executing remote ssh commands.
Executing remote SSH commands.
```yaml
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: linuxserver.io
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
output:
@@ -81,10 +78,10 @@ output:
======CMD======
whoami
======END======
out: ***
==============================================
✅ Successfully executed commands to all host.
==============================================
linuxserver.io
===============================================
✅ Successfully executed commands to all hosts.
===============================================
```
### Setting up a SSH Key
@@ -152,9 +149,9 @@ See the detail information about [SSH login without password](http://www.linuxpr
**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
* Put the public key in `.ssh/authorized_keys2`
* Change the permissions of `.ssh` to 700
* Change the permissions of `.ssh/authorized_keys2` to 640
- Put the public key in `.ssh/authorized_keys2`
- Change the permissions of `.ssh` to 700
- Change the permissions of `.ssh/authorized_keys2` to 640
### If you are using OpenSSH
@@ -182,7 +179,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -195,7 +192,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -208,7 +205,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: multiple command
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -221,11 +218,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
![result](./images/output-result.png)
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### Multiple Hosts
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
@@ -243,7 +253,7 @@ The default value of `port` is `22`.
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
@@ -258,7 +268,7 @@ The default value of `port` is `22`.
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: "foo.com,bar.com"
+ sync: true
@@ -274,7 +284,7 @@ The default value of `port` is `22`.
```diff
- name: pass environment
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
@@ -293,37 +303,6 @@ The default value of `port` is `22`.
_Inside `env` object, you need to pass every environment variable as a string, passing `Integer` data type or any other may output unexpected results._
#### Stop script after first failure
> ex: missing `abc` folder
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ script_stop: true
script: |
mkdir abc/def
ls -al
```
output:
```sh
======CMD======
mkdir abc/def
ls -al
======END======
2019/11/21 01:16:21 Process exited with status 1
err: mkdir: cannot create directory abc/def: No such file or directory
##[error]Docker run failed with exit code 1
```
#### How to connect remote server using `ProxyCommand`?
```bash
@@ -352,7 +331,7 @@ Host FooServer
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -375,7 +354,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -401,7 +380,7 @@ Now you can adjust you config:
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}

169
README.zh-cn.md
View File

@@ -1,48 +1,54 @@
# 🚀 用于 GitHub Actions 的 SSH
[English](./README.md) | [繁體中文](./README.zh-tw.md)
[GitHub Action](https://github.com/features/actions) 用于执行远程 SSH 命令。
![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
[![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**注意** 只支持在 **Linux** [docker](https://www.docker.com/) 容器上执行。
该项目使用 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 构建。🚀
## 输入变量
更详细的信息,请参考 [action.yml](./action.yml)。
* `host` - SSH 主机
* `port` - SSH 连接端口,默认为 `22`
* `username` - SSH 用户名称
* `password` - SSH 密码
* `passphrase` - 通常用于加密私钥的 passphrase
* `sync` - 同步执行多个主机上的命令,默认为 false
* `timeout` - SSH 连接到远程主机的超时时间,默认为 `30s`
* `command_timeout` - SSH 命令超时时间,默认为 10m
* `key` - SSH 私钥的内容,例如 ~/.ssh/id_rsa 的原始内容,请记得包含 BEGIN 和 END 行
* `key_path` - SSH 私钥的路径
* `fingerprint` - 主机公钥的 SHA256 指纹,默认为跳过验证
* `script` - 执行命令
* `script_stop` - 当出现第一个错误时停止执行命令
* `envs` - 传递环境变量到 shell script
* `debug` - 启用调试模式
* `use_insecure_cipher` - 使用不安全的密码ciphers进行加密详见 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `cipher` - 允许使用的密码ciphers算法。如果未指定则使用适当的算法
SSH 代理设置:
* `proxy_host` - 代理主机
* `proxy_port` - 代理端口,默认为 `22`
* `proxy_username` - 代理用户名
* `proxy_password` - 代理密码
* `proxy_passphrase` - 密码通常用于加密私有密钥
* `proxy_timeout` - SSH 连接至代理主机的超时时间,默认为 `30s`
* `proxy_key` - SSH 代理私有密钥内容
* `proxy_key_path` - SSH 代理私有密钥路径
* `proxy_fingerprint` - 代理主机公钥的 SHA256 指纹,默认为跳过验证
* `proxy_use_insecure_cipher` - 使用不安全的加密方式,详见 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `proxy_cipher` - 允许的加密算法。如果未指定,则使用合理的算法
| 输入参数 | 描述 | 默认值 |
| ------------------------- | ----------------------------------------------------- | ------ |
| host | SSH 主机地址 | |
| port | SSH 端口号 | 22 |
| passphrase | SSH 密钥密码短语 | |
| username | SSH 用户名 | |
| password | SSH 密码 | |
| protocol | SSH 协议版本tcp, tcp4, tcp6 | tcp |
| sync | 如果有多个主机,启用同步执行 | false |
| use_insecure_cipher | 使用不安全的密码算法 | false |
| cipher | 允许的密码算法。如果未指定,则使用适当的算法 | |
| timeout | SSH 连接到主机的超时时间 | 30s |
| command_timeout | SSH 命令的超时时间 | 10m |
| key | SSH 私钥的内容,例如 ~/.ssh/id_rsa 的原始内容 | |
| key_path | SSH 私钥的路径 | |
| fingerprint | 主机公钥的 SHA256 指纹 | |
| proxy_host | SSH 代理主机 | |
| proxy_port | SSH 代理端口 | 22 |
| proxy_protocol | SSH 代理协议版本tcp, tcp4, tcp6 | tcp |
| proxy_username | SSH 代理用户名 | |
| proxy_password | SSH 代理密码 | |
| proxy_passphrase | SSH 代理密钥密码短语 | |
| proxy_timeout | SSH 连接到代理主机的超时时间 | 30s |
| proxy_key | SSH 代理私钥的内容 | |
| proxy_key_path | SSH 代理私钥的路径 | |
| proxy_fingerprint | 代理主机公钥的 SHA256 指纹 | |
| proxy_cipher | 代理允许的密码算法 | |
| proxy_use_insecure_cipher | 使用不安全的密码算法 | false |
| script | 执行命令 | |
| script_path | 从文件执行命令 | |
| envs | 传递环境变量到 shell 脚本 | |
| envs_format | 环境变量传递的灵活配置 | |
| debug | 启用调试模式 | false |
| allenvs | 将带有 `GITHUB_``INPUT_` 前缀的环境变量传递给脚本 | false |
| request_pty | 请求伪终端 | false |
## 使用方法
@@ -52,19 +58,18 @@ SSH 代理设置:
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
画面输出
@@ -74,9 +79,9 @@ jobs:
whoami
======END======
out: ***
==============================================
✅ Successfully executed commands to all host.
==============================================
===============================================
✅ Successfully executed commands to all hosts.
===============================================
```
### 设置 SSH 密钥
@@ -127,9 +132,9 @@ clip < ~/.ssh/id_ed25519
**来自读者的注意事项** 根据您的 SSH 版本,您可能还需要进行以下更改:
* 将公钥放在 `.ssh/authorized_keys2`
*`.ssh` 的权限更改为700
*`.ssh/authorized_keys2` 的权限更改为640
- 将公钥放在 `.ssh/authorized_keys2`
-`.ssh` 的权限更改为 700
-`.ssh/authorized_keys2` 的权限更改为 640
### 如果你使用的是 OpenSSH
@@ -157,7 +162,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -170,7 +175,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -183,7 +188,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```yaml
- name: multiple command
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -200,7 +205,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
- host: ”foo.com“
+ host: ”foo.com,bar.com“
@@ -212,11 +217,24 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
ls -al
```
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### 多个不同端口的主机
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
- host: ”foo.com“
+ host: ”foo.com:1234,bar.com:5678“
@@ -231,7 +249,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ”foo.com,bar.com“
+ sync: true
@@ -247,7 +265,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```diff
- name: pass environment
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
+ env:
+ FOO: ”BAR“
+ BAR: ”FOO“
@@ -266,37 +284,6 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
_在 `env` 对象中,您需要将每个环境变量作为字符串传递,传递 `Integer` 数据类型或任何其他类型可能会产生意外结果。_
#### 在第一次失败后停止脚本
> ex: missing `abc` folder
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ script_stop: true
script: |
mkdir abc/def
ls -al
```
画面输出:
```sh
======CMD======
mkdir abc/def
ls -al
======END======
2019/11/21 01:16:21 Process exited with status 1
err: mkdir: cannot create directory abc/def: No such file or directory
##[error]Docker run failed with exit code 1
```
#### 如何使用 `ProxyCommand` 连接远程服务器?
```bash
@@ -325,7 +312,7 @@ Host FooServer
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -346,7 +333,7 @@ Host FooServer
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -362,7 +349,7 @@ Host FooServer
设置 SSH 主机指纹验证可以帮助防止中间人攻击。在设置之前,运行以下命令以获取 SSH 主机指纹。请记得将 `ed25519` 替换为您适当的密钥类型(`rsa``dsa`等),而 `example.com` 则替换为您的主机。
现代 OpenSSH 版本中,需要提取的_默认密钥_类型是 `rsa`(从版本 5.1 开始)、`ecdsa`(从版本 6.0 开始)和 `ed25519`(从版本 6.7 开始)。
现代 OpenSSH 版本中,需要提取的**默认密钥**类型是 `rsa`(从版本 5.1 开始)、`ecdsa`(从版本 6.0 开始)和 `ed25519`(从版本 6.7 开始)。
```sh
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d -f2
@@ -372,7 +359,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -390,4 +377,4 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d
## 授权方式
本项目中的脚本和文档采用 [MIT](LICENSE) 许可证 发布。
本项目中的脚本和文档采用 [MIT](LICENSE) 许可证 发布。

175
README.zh-tw.md
View File

@@ -1,50 +1,56 @@
# 🚀 用於 GitHub Actions 的 SSH
# 🚀 GitHub Actions 的 SSH
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands.
[English](./README.md) | [简体中文](./README.zh-cn.md)
[GitHub Action](https://github.com/features/actions) 用於執行遠端 SSH 命令。
![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
[![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**注意** 只支援在 **Linux** [docker](https://www.docker.com/) 容器上執行。
此專案使用 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 建立。🚀
## 輸入變數
更詳細的資訊,請參閱 [action.yml](./action.yml)。
請參閱 [action.yml](./action.yml) 以獲取更詳細的信息
* `host` - SSH 主機
* `port` - SSH 連接埠,預設為 `22`
* `username` - SSH 使用者名稱
* `password` - SSH 密碼
* `passphrase` - 通常用於加密私鑰的 passphrase
* `sync` - 同步執行多個主機上的命令,預設為 false
* `timeout` - SSH 連接到遠端主機的超時時間,預設為 `30s`
* `command_timeout` - SSH 命令超時時間,預設為 10m
* `key` - SSH 私鑰的內容,例如 ~/.ssh/id_rsa 的原始內容,請記得包含 BEGIN 和 END 行
* `key_path` - SSH 私鑰的路徑
* `fingerprint` - 主機公鑰的 SHA256 指紋,預設為略過驗證
* `script` - 執行命令
* `script_stop` - 當出現第一個錯誤時停止執行命令
* `envs` - 傳遞環境變數到 shell script
* `debug` - 啟用偵錯模式
* `use_insecure_cipher` - 使用不安全的密碼ciphers進行加密參見 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `cipher` - 允許使用的密碼ciphers演算法。如果未指定則使用適當的演算法
| 輸入參數 | 描述 | 預設值 |
| ------------------------- | ----------------------------------------------------- | ------ |
| host | SSH 主機地址 | |
| port | SSH 埠號 | 22 |
| passphrase | SSH 金鑰密碼 | |
| username | SSH 使用者名稱 | |
| password | SSH 密碼 | |
| protocol | SSH 協議版本 (tcp, tcp4, tcp6) | tcp |
| sync | 如果有多個主機,啟用同步執行 | false |
| use_insecure_cipher | 包含更多不安全的加密算法 | false |
| cipher | 允許的加密算法。如果未指定,則使用合理的預設值 | |
| timeout | SSH 連接主機的超時時間 | 30s |
| command_timeout | SSH 命令的超時時間 | 10m |
| key | SSH 私鑰的內容。例如,~/.ssh/id_rsa 的原始內容 | |
| key_path | SSH 私鑰的路徑 | |
| fingerprint | 主機公鑰的 SHA256 指紋 | |
| proxy_host | SSH 代理主機 | |
| proxy_port | SSH 代理埠號 | 22 |
| proxy_protocol | SSH 代理協議版本 (tcp, tcp4, tcp6) | tcp |
| proxy_username | SSH 代理使用者名稱 | |
| proxy_password | SSH 代理密碼 | |
| proxy_passphrase | SSH 代理金鑰密碼 | |
| proxy_timeout | SSH 連接代理主機的超時時間 | 30s |
| proxy_key | SSH 代理私鑰的內容 | |
| proxy_key_path | SSH 代理私鑰的路徑 | |
| proxy_fingerprint | 代理主機公鑰的 SHA256 指紋 | |
| proxy_cipher | 代理允許的加密算法 | |
| proxy_use_insecure_cipher | 包含更多不安全的加密算法 | false |
| script | 執行命令 | |
| script_path | 從文件中執行命令 | |
| envs | 將環境變數傳遞給 shell 腳本 | |
| envs_format | 環境值傳遞的靈活配置 | |
| debug | 啟用調試模式 | false |
| allenvs | 將帶有 `GITHUB_``INPUT_` 前綴的環境變數傳遞給腳本 | false |
| request_pty | 從伺服器請求偽終端 | false |
SSH 代理設置:
* `proxy_host` - 代理主機
* `proxy_port` - 代理端口,預設為 `22`
* `proxy_username` - 代理使用者名稱
* `proxy_password` - 代理密碼
* `proxy_passphrase` - 密碼通常用於加密私有金鑰
* `proxy_timeout` - SSH 連線至代理主機的逾時時間,預設為 `30s`
* `proxy_key` - SSH 代理私有金鑰內容
* `proxy_key_path` - SSH 代理私有金鑰路徑
* `proxy_fingerprint` - 代理主機公鑰的 SHA256 指紋,預設為跳過驗證
* `proxy_use_insecure_cipher` - 使用不安全的加密方式,請參閱 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `proxy_cipher` - 允許的加密算法。如果未指定,則使用合理的算法
## 使用方式
## 用法
執行遠端 SSH 命令
@@ -52,19 +58,18 @@ SSH 代理設置:
name: remote ssh command
on: [push]
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: whoami
```
畫面輸出
@@ -74,9 +79,9 @@ jobs:
whoami
======END======
out: ***
==============================================
✅ Successfully executed commands to all host.
==============================================
===============================================
✅ Successfully executed commands to all hosts.
===============================================
```
### 設置 SSH 金鑰
@@ -127,9 +132,9 @@ clip < ~/.ssh/id_ed25519
**來自讀者的注意事項** 根據您的 SSH 版本,您可能還需要進行以下更改:
* 將公鑰放在 `.ssh/authorized_keys2`
*`.ssh` 的權限更改為700
*`.ssh/authorized_keys2` 的權限更改為640
- 將公鑰放在 `.ssh/authorized_keys2`
-`.ssh` 的權限更改為 700
-`.ssh/authorized_keys2` 的權限更改為 640
### 如果你使用的是 OpenSSH
@@ -157,7 +162,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -170,7 +175,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -183,7 +188,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml
- name: multiple command
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -196,11 +201,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
![result](./images/output-result.png)
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### 多台主機
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
- host: "foo.com"
+ host: "foo.com,bar.com"
@@ -216,7 +234,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
- host: "foo.com"
+ host: "foo.com:1234,bar.com:5678"
@@ -231,7 +249,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: multiple host
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: "foo.com,bar.com"
+ sync: true
@@ -247,7 +265,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff
- name: pass environment
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
+ env:
+ FOO: "BAR"
+ BAR: "FOO"
@@ -266,37 +284,6 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
_在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳遞 `Integer` 數據類型或任何其他類型可能會產生意外結果。_
#### 在第一次失敗後停止腳本
> ex: missing `abc` folder
```diff
- name: stop script if command error
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
+ script_stop: true
script: |
mkdir abc/def
ls -al
```
畫面輸出:
```sh
======CMD======
mkdir abc/def
ls -al
======END======
2019/11/21 01:16:21 Process exited with status 1
err: mkdir: cannot create directory abc/def: No such file or directory
##[error]Docker run failed with exit code 1
```
#### 如何使用 `ProxyCommand` 連接遠程服務器?
```bash
@@ -325,7 +312,7 @@ Host FooServer
```diff
- name: ssh proxy command
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -346,7 +333,7 @@ Host FooServer
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
@@ -362,7 +349,7 @@ Host FooServer
設置 SSH 主機指紋驗證可以幫助防止中間人攻擊。在設置之前,運行以下命令以獲取 SSH 主機指紋。請記得將 `ed25519` 替換為您的適當金鑰類型(`rsa``dsa`等),而 `example.com` 則替換為您的主機。
現代 OpenSSH 版本中,需要提取的_默認金鑰_類型是 `rsa`(從版本 5.1 開始)、`ecdsa`(從版本 6.0 開始)和 `ed25519`(從版本 6.7 開始)。
現代 OpenSSH 版本中,需要提取的**默認金鑰**類型是 `rsa`(從版本 5.1 開始)、`ecdsa`(從版本 6.0 開始)和 `ed25519`(從版本 6.7 開始)。
```sh
ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2
@@ -372,7 +359,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
```diff
- name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3
uses: appleboy/ssh-action@v1.2.1
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}

21
action.yml
View File

@@ -43,6 +43,9 @@ inputs:
description: "SSH proxy username."
proxy_password:
description: "SSH proxy password."
proxy_protocol:
description: 'The IP protocol to use. Valid values are "tcp". "tcp4" or "tcp6". Default to tcp.'
default: "tcp"
proxy_passphrase:
description: "SSH proxy key passphrase."
proxy_timeout:
@@ -60,8 +63,8 @@ inputs:
description: "Include more ciphers for the proxy by using insecure ciphers."
script:
description: "Commands to be executed."
script_stop:
description: "Stop the script after the first failure."
script_path:
description: "Path to the file containing commands to be executed."
envs:
description: "Environment variables to be passed to the shell script."
envs_format:
@@ -72,6 +75,14 @@ inputs:
description: "pass all environment variable to shell script."
request_pty:
description: "Request a pseudo-terminal from the server."
capture_stdout:
description: "Capture the stdout of the commands."
default: "false"
outputs:
stdout:
description: 'Standard output of the executed commands.'
value: ${{ steps.entrypoint.outputs.stdout }}
runs:
using: "composite"
@@ -81,7 +92,8 @@ runs:
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
- name: Run entrypoint.sh
- id: entrypoint
name: Run entrypoint.sh
run: entrypoint.sh
shell: bash
env:
@@ -107,7 +119,7 @@ runs:
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
INPUT_SCRIPT: ${{ inputs.script }}
INPUT_SCRIPT_STOP: ${{ inputs.script_stop }}
INPUT_SCRIPT_FILE: ${{ inputs.script_path }}
INPUT_ENVS: ${{ inputs.envs }}
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
INPUT_DEBUG: ${{ inputs.debug }}
@@ -118,6 +130,7 @@ runs:
INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
INPUT_SYNC: ${{ inputs.sync }}
INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }}
branding:
icon: "terminal"

64
entrypoint.sh
View File

@@ -8,7 +8,7 @@ export GITHUB="true"
GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.7.7}"
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.8.0}"
function detect_client_info() {
if [ -n "${SSH_CLIENT_OS-}" ]; then
@@ -17,20 +17,21 @@ function detect_client_info() {
local kernel
kernel="$(uname -s)"
case "${kernel}" in
Darwin)
CLIENT_PLATFORM="darwin"
;;
Linux)
CLIENT_PLATFORM="linux"
;;
Windows)
CLIENT_PLATFORM="windows"
;;
*)
echo "Unknown, unsupported platform: ${kernel}." >&2
echo "Supported platforms: Linux, Darwin and Windows." >&2
echo "Bailing out." >&2
exit 2
Darwin)
CLIENT_PLATFORM="darwin"
;;
Linux)
CLIENT_PLATFORM="linux"
;;
Windows)
CLIENT_PLATFORM="windows"
;;
*)
echo "Unknown, unsupported platform: ${kernel}." >&2
echo "Supported platforms: Linux, Darwin and Windows." >&2
echo "Bailing out." >&2
exit 2
;;
esac
fi
@@ -40,18 +41,18 @@ function detect_client_info() {
local machine
machine="$(uname -m)"
case "${machine}" in
x86_64*|i?86_64*|amd64*)
CLIENT_ARCH="amd64"
;;
aarch64*|arm64*)
CLIENT_ARCH="arm64"
;;
*)
echo "Unknown, unsupported architecture (${machine})." >&2
echo "Supported architectures x86_64, i686, arm64." >&2
echo "Bailing out." >&2
exit 3
;;
x86_64* | i?86_64* | amd64*)
CLIENT_ARCH="amd64"
;;
aarch64* | arm64*)
CLIENT_ARCH="arm64"
;;
*)
echo "Unknown, unsupported architecture (${machine})." >&2
echo "Supported architectures x86_64, i686, arm64." >&2
echo "Bailing out." >&2
exit 3
;;
esac
fi
}
@@ -63,7 +64,14 @@ TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
echo "Will download ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
curl -fsSL --retry 5 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o ${TARGET}
chmod +x ${TARGET}
echo "======= CLI Version ======="
sh -c "${TARGET} --version" # print version
echo "==========================="
sh -c "${TARGET} $*" # run the command
if [[ "$INPUT_CAPTURE_STDOUT" == 'true' ]]; then
echo 'stdout<<EOF' >> $GITHUB_OUTPUT # use heredoc for multiline output
sh -c "${TARGET} $*" | tee -a $GITHUB_OUTPUT # run the command
echo 'EOF' >> $GITHUB_OUTPUT
else
sh -c "${TARGET} $*" # run the command
fi

3
testdata/test.sh vendored Normal file
View File

@@ -0,0 +1,3 @@
#!/usr/bin/env bash
set -e
whoami