Compare commits
	
		
			131 Commits 
		
	
	
	| Author | SHA1 | Date | 
|---|---|---|
|  | 3ca8a7c535 | |
|  | 57f6f3556d | |
|  | ffd1eec364 | |
|  | 8745f9583c | |
|  | 8f3cc07719 | |
|  | 4d84f0522a | |
|  | c7fbbc9208 | |
|  | b80f638dc4 | |
|  | 0e19dd962d | |
|  | bd83ba7e2b | |
|  | 9ca1cd2174 | |
|  | 20d5c5bbc9 | |
|  | b27b9f8968 | |
|  | 689de3cf64 | |
|  | b6690ee817 | |
|  | 52a1840ca6 | |
|  | 2b3c6504b3 | |
|  | 2ead5e3657 | |
|  | a0a0326939 | |
|  | b0a8f324e1 | |
|  | 039c9e07bb | |
|  | 48992f2e2c | |
|  | 01a53594eb | |
|  | d99ccf8c09 | |
|  | 92737056c0 | |
|  | 9817ef4a17 | |
|  | 8faa84277b | |
|  | 49751ff516 | |
|  | 86aa40ddb7 | |
|  | 66aa4d343b | |
|  | 102c0d2e5f | |
|  | e13c387332 | |
|  | 1c1ad10f6d | |
|  | 48531853a7 | |
|  | b76e6173e8 | |
|  | 6137f733fb | |
|  | 43d4ebbb72 | |
|  | a9e2fdf08d | |
|  | cec69ef231 | |
|  | a8952ebe2a | |
|  | 8fdfeb034e | |
|  | 7eaf76671a | |
|  | 176437b548 | |
|  | 25259c3d50 | |
|  | bf84378588 | |
|  | 362a7f1677 | |
|  | ab698e59d8 | |
|  | 703ffa3c1e | |
|  | 8b84eaec3a | |
|  | 2763143a97 | |
|  | 3f1416813d | |
|  | bb32884d53 | |
|  | 25ce8cbbcb | |
|  | 58164d0dc2 | |
|  | d732991ab0 | |
|  | b4a07ca594 | |
|  | eaeb06998d | |
|  | 06fa62e61c | |
|  | 28428a13f5 | |
|  | 5ade826485 | |
|  | 8b6078208d | |
|  | 036cad7df7 | |
|  | 71d43ea0f7 | |
|  | 43895f2cd5 | |
|  | b6941ae5d5 | |
|  | 0c7561b1a3 | |
|  | 5a8776fd15 | |
|  | 97f8d752b5 | |
|  | 9c32aa61f8 | |
|  | f0e5a23d53 | |
|  | fc1c1fce51 | |
|  | aa293c24bb | |
|  | 378323e4c8 | |
|  | 815c5743ac | |
|  | a39b3cce7d | |
|  | 15b64dc891 | |
|  | e40b597081 | |
|  | f05aefe351 | |
|  | acd41e5091 | |
|  | da612c8015 | |
|  | 2eeab5bdba | |
|  | 977b74a12d | |
|  | 0b0e77098a | |
|  | 40aad53c5a | |
|  | c8594ae37d | |
|  | aabaf1254d | |
|  | f916346256 | |
|  | 551964ebda | |
|  | d2d6858859 | |
|  | dd0f09ca07 | |
|  | 1991c553ec | |
|  | fe44be0b96 | |
|  | c78141851a | |
|  | 8a779a5b1a | |
|  | 9b978f09f2 | |
|  | 029f5b4aee | |
|  | d134a26a1f | |
|  | 2451745138 | |
|  | 1f3c338936 | |
|  | 8f94919856 | |
|  | 2344d97573 | |
|  | b9f6bf6223 | |
|  | 4330a1ea48 | |
|  | 55dabf81b4 | |
|  | 8d9094f3b1 | |
|  | 5ac43dd762 | |
|  | a01d3ea1df | |
|  | c7d850f6cd | |
|  | f579d71942 | |
|  | d87d276960 | |
|  | 3130c7a2bc | |
|  | 2b7de38eed | |
|  | 334f9259f2 | |
|  | 6268c80dd6 | |
|  | 5f64c95280 | |
|  | 3cd1bcf771 | |
|  | 6a1b59d972 | |
|  | e4a881008d | |
|  | 51b83ba474 | |
|  | 495830820f | |
|  | b601429988 | |
|  | ae2bb3c3dc | |
|  | 7bf58514db | |
|  | c1965ddd25 | |
|  | d91a1af6f5 | |
|  | 4a03da89e5 | |
|  | 0d5a3d0e48 | |
|  | db9be1d5f2 | |
|  | 9a7da95c8c | |
|  | f23dd5c681 | |
|  | cc051b07ed | 
|  | @ -0,0 +1,41 @@ | |||
| --- | ||||
| name: Bug report | ||||
| about: Create a report to help us improve | ||||
| title: "" | ||||
| labels: bug | ||||
| assignees: appleboy | ||||
| --- | ||||
| 
 | ||||
| ## Describe the bug | ||||
| 
 | ||||
| A clear and concise description of what the bug is. If applicable, add screenshots to help explain your problem. | ||||
| 
 | ||||
| ## Yaml Config | ||||
| 
 | ||||
| Please post your Yaml configuration file along with the output results. | ||||
| 
 | ||||
| ```yaml | ||||
| name: remote ssh command | ||||
| on: [push] | ||||
| jobs: | ||||
|   build: | ||||
|     name: Build | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: executing remote ssh commands using password | ||||
|         uses: appleboy/ssh-action@v1.2.2 | ||||
|         with: | ||||
|           host: ${{ secrets.HOST }} | ||||
|           username: ${{ secrets.USERNAME }} | ||||
|           password: ${{ secrets.PASSWORD }} | ||||
|           port: ${{ secrets.PORT }} | ||||
|           script: whoami | ||||
| ``` | ||||
| 
 | ||||
| ## Related environment | ||||
| 
 | ||||
| Please provide the following information: | ||||
| 
 | ||||
| 1. Your hosting provider information, such as DigitalOcean, Linode, AWS, or GCP. | ||||
| 2. The version information of your host's SSH service. | ||||
| 3. The information from your host's SSH configuration file. | ||||
|  | @ -1,151 +0,0 @@ | |||
| name: remote ssh command | ||||
| on: [push] | ||||
| 
 | ||||
| env: | ||||
|   FOO: "BAR" | ||||
|   BAR: "FOO" | ||||
| 
 | ||||
| jobs: | ||||
| 
 | ||||
|   build: | ||||
|     name: Build | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|     - name: checkout | ||||
|       uses: actions/checkout@v1 | ||||
| 
 | ||||
|     - name: executing remote ssh commands using password | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         password: ${{ secrets.PASSWORD }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         script: whoami | ||||
| 
 | ||||
|     - name: executing remote ssh commands using ssh key | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         key: ${{ secrets.KEY }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         script: whoami | ||||
| 
 | ||||
|     - name: multiple command | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         key: ${{ secrets.KEY }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         script: | | ||||
|           whoami | ||||
|           ls -al | ||||
| 
 | ||||
|     # - name: stop script if command error | ||||
|     #   if: always() | ||||
|     #   uses: ./ | ||||
|     #   with: | ||||
|     #     host: ${{ secrets.HOST }} | ||||
|     #     username: ${{ secrets.USERNAME }} | ||||
|     #     key: ${{ secrets.KEY }} | ||||
|     #     port: ${{ secrets.PORT }} | ||||
|     #     script_stop: true | ||||
|     #     script: | | ||||
|     #       mkdir abc/def | ||||
|     #       ls -al | ||||
| 
 | ||||
|     - name: pass environment | ||||
|       uses: ./ | ||||
|       env: | ||||
|         FOO: "BAR" | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         key: ${{ secrets.KEY }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         envs: FOO | ||||
|         script: | | ||||
|           echo "I am $FOO, thanks" | ||||
|           echo "I am $BAR, thanks" | ||||
| 
 | ||||
|     - name: pass multiple environment | ||||
|       uses: ./ | ||||
|       env: | ||||
|         FOO: "BAR" | ||||
|         BAR: "FOO" | ||||
|         SHA: ${{ github.sha }} | ||||
|         PORT: ${{ secrets.PORT }} | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         key: ${{ secrets.KEY }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         envs: FOO,BAR,SHA,PORT | ||||
|         script: | | ||||
|           echo "I am $FOO, thanks" | ||||
|           echo "I am $BAR, thanks" | ||||
|           echo "sha: $SHA" | ||||
|           echo "port: $PORT" | ||||
| 
 | ||||
|     - name: ssh key passphrase | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         key: ${{ secrets.SSH2 }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         passphrase: ${{ secrets.PASSPHRASE }} | ||||
|         script: | | ||||
|           whoami | ||||
|           ls -al | ||||
| 
 | ||||
|     - name: use insecure cipher | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         password: ${{ secrets.PASSWORD }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         script: | | ||||
|             ls \ | ||||
|               -lah | ||||
|         use_insecure_cipher: true | ||||
| 
 | ||||
|     # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271 | ||||
|     - name: Multiline SSH commands interpreted as single lines | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         password: ${{ secrets.PASSWORD }} | ||||
|         port: ${{ secrets.PORT }} | ||||
|         script_stop: true | ||||
|         script: | | ||||
|             ls \ | ||||
|               -lah | ||||
|         use_insecure_cipher: true | ||||
| 
 | ||||
|     # https://github.com/appleboy/ssh-action/issues/85 | ||||
|     - name: Deployment to multiple hosts with different ports | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: "${{ secrets.HOST }}:${{ secrets.PORT }}" | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|         password: ${{ secrets.PASSWORD }} | ||||
|         port: 1024 | ||||
|         script_stop: true | ||||
|         script: | | ||||
|             ls \ | ||||
|               -lah | ||||
|         use_insecure_cipher: true | ||||
| 
 | ||||
|     - name: SSH ED25519 Private Key | ||||
|       uses: ./ | ||||
|       with: | ||||
|         host: ${{ secrets.TUNNEL_HOST }} | ||||
|         username: ${{ secrets.TUNNEL_USERNAME }} | ||||
|         key: ${{ secrets.ID_ED25519 }} | ||||
|         port: ${{ secrets.TUNNEL_PORT }} | ||||
|         script: whoami | ||||
|  | @ -0,0 +1,33 @@ | |||
| name: Goreleaser | ||||
| 
 | ||||
| on: | ||||
|   push: | ||||
|     tags: | ||||
|       - "*" | ||||
| 
 | ||||
| permissions: | ||||
|   contents: write | ||||
| 
 | ||||
| jobs: | ||||
|   goreleaser: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
| 
 | ||||
|       - name: Setup go | ||||
|         uses: actions/setup-go@v5 | ||||
|         with: | ||||
|           go-version: "^1" | ||||
| 
 | ||||
|       - name: Run GoReleaser | ||||
|         uses: goreleaser/goreleaser-action@v6 | ||||
|         with: | ||||
|           # either 'goreleaser' (default) or 'goreleaser-pro' | ||||
|           distribution: goreleaser | ||||
|           version: latest | ||||
|           args: release --clean | ||||
|         env: | ||||
|           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||||
|  | @ -0,0 +1,739 @@ | |||
| name: testing main branch | ||||
| 
 | ||||
| on: [push] | ||||
| 
 | ||||
| jobs: | ||||
|   default-user-name-password: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh by username and password | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             whoami | ||||
| 
 | ||||
|       - name: ssh commands from a file | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           script_path: testdata/test.sh | ||||
| 
 | ||||
|       # https://github.com/appleboy/ssh-action/issues/377 | ||||
|       - name: multiple commands | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             mkdir -p /tmp/test | ||||
|             echo "hello world" > /tmp/test/hello.txt | ||||
|             cd /tmp/test | ||||
|             ls -al | ||||
|             cat /tmp/test/hello.txt | ||||
| 
 | ||||
|   check-ssh-key: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_rsa.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_rsa.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_rsa >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_rsa | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh by private key | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: whoami | ||||
| 
 | ||||
|       - name: wrong password but correct key | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: "abcdef" | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: whoami | ||||
| 
 | ||||
|       - name: correct password but wrong key | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           key: password | ||||
|           port: 2222 | ||||
|           script: whoami | ||||
| 
 | ||||
|   support-key-passphrase: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_passphrase.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_passphrase | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh key passphrase | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           passphrase: 1234 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|       - name: missing ssh key passphrase | ||||
|         uses: ./ | ||||
|         continue-on-error: true | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|       # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271 | ||||
|       - name: Multiline SSH commands interpreted as single lines | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           passphrase: 1234 | ||||
|           script: | | ||||
|             ls \ | ||||
|               -lah | ||||
|           use_insecure_cipher: true | ||||
| 
 | ||||
|   multiple-server: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_passphrase.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_passphrase | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server-01 \ | ||||
|           --hostname=openssh-server-01 \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server-01 sh -c "hostname -i" > ip01.txt | ||||
|           echo "REMOTE_HOST_01<<EOF" >> $GITHUB_ENV | ||||
|           cat ip01.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip01.txt | ||||
|           echo "======================================" | ||||
| 
 | ||||
|           docker run -d \ | ||||
|           --name=openssh-server-02 \ | ||||
|           --hostname=openssh-server-02 \ | ||||
|           -p 2223:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server-02 sh -c "hostname -i" > ip02.txt | ||||
|           echo "REMOTE_HOST_02<<EOF" >> $GITHUB_ENV | ||||
|           cat ip02.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip02.txt | ||||
|           echo "======================================" | ||||
| 
 | ||||
|           sleep 2 | ||||
| 
 | ||||
|       # https://github.com/appleboy/ssh-action/issues/85 | ||||
|       - name: Deployment to multiple hosts with different ports | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222" | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           passphrase: 1234 | ||||
|           script: | | ||||
|             whoami | ||||
| 
 | ||||
|   support-ed25519-key: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_ed25519.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_ed25519 | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: testing id_ed25519 key | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|   testing-with-env: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_ed25519.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_ed25519 | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=true \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: testing id_ed25519 key | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|       - name: pass environment | ||||
|         uses: ./ | ||||
|         env: | ||||
|           FOO: "BAR" | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           envs: FOO | ||||
|           script: | | ||||
|             echo "I am $FOO, thanks" | ||||
|             echo "I am $BAR, thanks" | ||||
| 
 | ||||
|       - name: pass multiple environment | ||||
|         uses: ./ | ||||
|         env: | ||||
|           FOO: "BAR" | ||||
|           BAR: "FOO" | ||||
|           SHA: ${{ github.sha }} | ||||
|           PORT: ${{ secrets.PORT }} | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           envs: FOO,BAR,SHA,PORT | ||||
|           script: | | ||||
|             echo "I am $FOO, thanks" | ||||
|             echo "I am $BAR, thanks" | ||||
|             echo "sha: $SHA" | ||||
|             echo "port: $PORT" | ||||
| 
 | ||||
|       - name: custom envs format | ||||
|         uses: ./ | ||||
|         env: | ||||
|           FOO: "BAR" | ||||
|           AAA: "BBB" | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           envs: FOO,BAR,AAA | ||||
|           envs_format: export TEST_{NAME}={VALUE} | ||||
|           script: | | ||||
|             echo "I am $TEST_FOO, thanks" | ||||
|             echo "I am $TEST_BAR, thanks" | ||||
|             echo "I am $BAR, thanks" | ||||
|             echo "I am $TEST_AAA, thanks" | ||||
| 
 | ||||
|       - name: pass all ENV variables to script | ||||
|         uses: ./ | ||||
|         env: | ||||
|           INPUT_FOO: "BAR" | ||||
|           INPUT_AAA: "BBB" | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           allenvs: true | ||||
|           script: | | ||||
|             echo "I am $INPUT_FOO, thanks" | ||||
|             echo "I am $INPUT_AAA, thanks" | ||||
|             echo "$GITHUB_BASE_REF" | ||||
|             echo "$GITHUB_REF" | ||||
| 
 | ||||
|       - name: pass secret variable in shell | ||||
|         uses: ./ | ||||
|         continue-on-error: true | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: cd ${{ secrets.PORT }} | ||||
| 
 | ||||
|       - name: switch to root user | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           request_pty: true | ||||
|           command_timeout: 30s | ||||
|           script: | | ||||
|             whoami && echo 'hello world' && touch todo.txt | ||||
|             sudo whoami | ||||
| 
 | ||||
|   testing06: | ||||
|     name: testing ipv6 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: checkout | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: Set up WARP | ||||
|         uses: fscarmen/warp-on-actions@v1.1 | ||||
|         with: | ||||
|           stack: dual | ||||
| 
 | ||||
|       - name: testing ipv6 for command | ||||
|         run: | | ||||
|           curl -m 9 --ipv6 --verbose https://google.com | ||||
| 
 | ||||
|       - name: testing ipv6 | ||||
|         uses: ./ | ||||
|         continue-on-error: true | ||||
|         with: | ||||
|           host: 2402:1f00:8000:800::2628 | ||||
|           username: ubuntu | ||||
|           password: ${{ secrets.OVH_PASSWORD }} | ||||
|           protocol: tcp6 | ||||
|           port: 22 | ||||
|           command_timeout: 30s | ||||
|           script: | | ||||
|             whoami | ||||
| 
 | ||||
|   testing07: | ||||
|     name: some special character | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: checkout | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: Set Environment Variables | ||||
|         run: | | ||||
|           PASS='3HUS$?8kLu)}' | ||||
|           printf "PASS=${PASS}" >> $GITHUB_ENV | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD='${{ env.PASS }}'  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh by username and password | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: ${{ env.PASS }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             whoami | ||||
| 
 | ||||
|   testing-capturing-output: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - id: stdout | ||||
|         name: ssh command with stdout | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           capture_stdout: true | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             whoami | ||||
| 
 | ||||
|       - name: check stdout | ||||
|         run: | | ||||
|           echo "stdout: ${{ steps.stdout.outputs.stdout }}" | ||||
| 
 | ||||
|   testing-script-stop: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - id: stdout01 | ||||
|         name: ssh command with stdout 01 | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           capture_stdout: true | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             echo "TMP TESTING IF" | ||||
|             if [[ "2" == "1" ]]; then | ||||
|               echo "True" | ||||
|             else | ||||
|               echo "False" | ||||
|             fi | ||||
| 
 | ||||
|       - name: check stdout 01 | ||||
|         run: | | ||||
|           echo "stdout: ${{ steps.stdout01.outputs.stdout }}" | ||||
|           if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "True"; then | ||||
|             echo "Output contains 'True'" | ||||
|             exit 1 | ||||
|           fi | ||||
|           if echo "${{ steps.stdout01.outputs.stdout }}" | grep -q "False"; then | ||||
|             echo "Output contains 'False'" | ||||
|           fi | ||||
| 
 | ||||
|       - id: stdout02 | ||||
|         name: ssh command with stdout 01 | ||||
|         uses: ./ | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           capture_stdout: true | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             echo "TMP TESTING IF" | ||||
|             if [[ "1" == "1" ]]; then | ||||
|               echo "True" | ||||
|             else | ||||
|               echo "False" | ||||
|             fi | ||||
| 
 | ||||
|       - name: check stdout 02 | ||||
|         run: | | ||||
|           echo "stdout: ${{ steps.stdout02.outputs.stdout }}" | ||||
|           if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "False"; then | ||||
|             echo "Output contains 'False'" | ||||
|             exit 1 | ||||
|           fi | ||||
|           if echo "${{ steps.stdout02.outputs.stdout }}" | grep -q "True"; then | ||||
|             echo "Output contains 'True'" | ||||
|           fi | ||||
| 
 | ||||
|   testing-script-error: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: test script error | ||||
|         uses: ./ | ||||
|         continue-on-error: true | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           capture_stdout: true | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             ls /nonexistent | ||||
|  | @ -0,0 +1,467 @@ | |||
| name: testing stable version | ||||
| 
 | ||||
| on: [push] | ||||
| 
 | ||||
| jobs: | ||||
|   default-user-name-password: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh by username and password | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             #!/usr/bin/env bash | ||||
|             set -e | ||||
|             whoami | ||||
| 
 | ||||
|       - name: ssh commands from a file | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           port: 2222 | ||||
|           script_path: testdata/test.sh | ||||
| 
 | ||||
|   check-ssh-key: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_rsa.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_rsa.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_rsa >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_rsa | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh by private key | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: whoami | ||||
| 
 | ||||
|       - name: wrong password but correct key | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: "abcdef" | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: whoami | ||||
| 
 | ||||
|       - name: correct password but wrong key | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: password | ||||
|           key: password | ||||
|           port: 2222 | ||||
|           script: whoami | ||||
| 
 | ||||
|   support-key-passphrase: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_passphrase.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_passphrase | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: ssh key passphrase | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           passphrase: 1234 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|       - name: missing ssh key passphrase | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         continue-on-error: true | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|       # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271 | ||||
|       - name: Multiline SSH commands interpreted as single lines | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           passphrase: 1234 | ||||
|           script: | | ||||
|             ls \ | ||||
|               -lah | ||||
|           use_insecure_cipher: true | ||||
| 
 | ||||
|   multiple-server: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_passphrase.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_passphrase >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_passphrase | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server-01 \ | ||||
|           --hostname=openssh-server-01 \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server-01 sh -c "hostname -i" > ip01.txt | ||||
|           echo "REMOTE_HOST_01<<EOF" >> $GITHUB_ENV | ||||
|           cat ip01.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip01.txt | ||||
|           echo "======================================" | ||||
| 
 | ||||
|           docker run -d \ | ||||
|           --name=openssh-server-02 \ | ||||
|           --hostname=openssh-server-02 \ | ||||
|           -p 2223:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server-02 sh -c "hostname -i" > ip02.txt | ||||
|           echo "REMOTE_HOST_02<<EOF" >> $GITHUB_ENV | ||||
|           cat ip02.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip02.txt | ||||
|           echo "======================================" | ||||
| 
 | ||||
|           sleep 2 | ||||
| 
 | ||||
|       # https://github.com/appleboy/ssh-action/issues/85 | ||||
|       - name: Deployment to multiple hosts with different ports | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222" | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           passphrase: 1234 | ||||
|           script: | | ||||
|             whoami | ||||
| 
 | ||||
|   support-ed25519-key: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_ed25519.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_ed25519 | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=false \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_PASSWORD=password  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: testing id_ed25519 key | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|   testing-with-env: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
|         uses: actions/checkout@v4 | ||||
| 
 | ||||
|       - name: add public key to env | ||||
|         run: | | ||||
|           echo "PUBLIC_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519.pub >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= public key =========" | ||||
|           cat testdata/.ssh/id_ed25519.pub | ||||
|           echo "============================" | ||||
|           echo "PRIVATE_KEY<<EOF" >> $GITHUB_ENV | ||||
|           cat testdata/.ssh/id_ed25519 >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= private key =========" | ||||
|           cat testdata/.ssh/id_ed25519 | ||||
|           echo "============================" | ||||
| 
 | ||||
|       - name: create new ssh server | ||||
|         run: | | ||||
|           docker run -d \ | ||||
|           --name=openssh-server \ | ||||
|           --hostname=openssh-server \ | ||||
|           -p 2222:2222 \ | ||||
|           -e PUBLIC_KEY="${{ env.PUBLIC_KEY }}" \ | ||||
|           -e SUDO_ACCESS=true \ | ||||
|           -e PASSWORD_ACCESS=true  \ | ||||
|           -e USER_NAME=linuxserver.io \ | ||||
|           --restart unless-stopped \ | ||||
|           lscr.io/linuxserver/openssh-server:latest | ||||
|           docker exec openssh-server sh -c "hostname -i" > ip.txt | ||||
|           echo "REMOTE_HOST<<EOF" >> $GITHUB_ENV | ||||
|           cat ip.txt >> $GITHUB_ENV | ||||
|           echo "EOF" >> $GITHUB_ENV | ||||
|           echo "======= container ip address =========" | ||||
|           cat ip.txt | ||||
|           echo "======================================" | ||||
|           sleep 2 | ||||
| 
 | ||||
|       - name: testing id_ed25519 key | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           script: | | ||||
|             whoami | ||||
|             ls -al | ||||
| 
 | ||||
|       - name: pass environment | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         env: | ||||
|           FOO: "BAR" | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           envs: FOO | ||||
|           script: | | ||||
|             echo "I am $FOO, thanks" | ||||
|             echo "I am $BAR, thanks" | ||||
| 
 | ||||
|       - name: pass multiple environment | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         env: | ||||
|           FOO: "BAR" | ||||
|           BAR: "FOO" | ||||
|           SHA: ${{ github.sha }} | ||||
|           PORT: ${{ secrets.PORT }} | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           envs: FOO,BAR,SHA,PORT | ||||
|           script: | | ||||
|             echo "I am $FOO, thanks" | ||||
|             echo "I am $BAR, thanks" | ||||
|             echo "sha: $SHA" | ||||
|             echo "port: $PORT" | ||||
| 
 | ||||
|       - name: custom envs format | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         env: | ||||
|           FOO: "BAR" | ||||
|           AAA: "BBB" | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           envs: FOO,BAR,AAA | ||||
|           envs_format: export TEST_{NAME}={VALUE} | ||||
|           script: | | ||||
|             echo "I am $TEST_FOO, thanks" | ||||
|             echo "I am $TEST_BAR, thanks" | ||||
|             echo "I am $BAR, thanks" | ||||
|             echo "I am $TEST_AAA, thanks" | ||||
| 
 | ||||
|       - name: pass all ENV variables to script | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         env: | ||||
|           INPUT_FOO: "BAR" | ||||
|           INPUT_AAA: "BBB" | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           allenvs: true | ||||
|           script: | | ||||
|             echo "I am $INPUT_FOO, thanks" | ||||
|             echo "I am $INPUT_AAA, thanks" | ||||
|             echo "$GITHUB_BASE_REF" | ||||
|             echo "$GITHUB_REF" | ||||
| 
 | ||||
|       - name: switch to root user | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ env.REMOTE_HOST }} | ||||
|           username: linuxserver.io | ||||
|           key: ${{ env.PRIVATE_KEY }} | ||||
|           port: 2222 | ||||
|           request_pty: true | ||||
|           command_timeout: 30s | ||||
|           script: | | ||||
|             whoami && echo 'hello world' && touch todo.txt | ||||
|             sudo whoami | ||||
|  | @ -0,0 +1,28 @@ | |||
| builds: | ||||
|   - # If true, skip the build. | ||||
|     # Useful for library projects. | ||||
|     # Default is false | ||||
|     skip: true | ||||
| 
 | ||||
| changelog: | ||||
|   use: github | ||||
|   groups: | ||||
|     - title: Features | ||||
|       regexp: "^.*feat[(\\w)]*:+.*$" | ||||
|       order: 0 | ||||
|     - title: "Bug fixes" | ||||
|       regexp: "^.*fix[(\\w)]*:+.*$" | ||||
|       order: 1 | ||||
|     - title: "Enhancements" | ||||
|       regexp: "^.*chore[(\\w)]*:+.*$" | ||||
|       order: 2 | ||||
|     - title: "Refactor" | ||||
|       regexp: "^.*refactor[(\\w)]*:+.*$" | ||||
|       order: 3 | ||||
|     - title: "Build process updates" | ||||
|       regexp: ^.*?(build|ci)(\(.+\))??!?:.+$ | ||||
|       order: 4 | ||||
|     - title: "Documentation updates" | ||||
|       regexp: ^.*?docs?(\(.+\))??!?:.+$ | ||||
|       order: 5 | ||||
|     - title: Others | ||||
|  | @ -1,5 +0,0 @@ | |||
| FROM appleboy/drone-ssh:1.6.4-linux-amd64 | ||||
| 
 | ||||
| COPY entrypoint.sh /entrypoint.sh | ||||
| RUN chmod +x /entrypoint.sh | ||||
| ENTRYPOINT ["/entrypoint.sh"] | ||||
							
								
								
									
										426
									
								
								README.md
								
								
								
								
							
							
						
						
									
										426
									
								
								README.md
								
								
								
								
							|  | @ -1,196 +1,247 @@ | |||
| # 🚀 SSH for GitHub Actions | ||||
| 
 | ||||
| [GitHub Action](https://github.com/features/actions) for executing remote ssh commands. | ||||
| English | [繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md) | ||||
| 
 | ||||
| ## Table of Contents | ||||
| 
 | ||||
| - [🚀 SSH for GitHub Actions](#-ssh-for-github-actions) | ||||
|   - [Table of Contents](#table-of-contents) | ||||
|   - [📖 Introduction](#-introduction) | ||||
|   - [🧩 Core Concepts \& Input Parameters](#-core-concepts--input-parameters) | ||||
|     - [🔌 Connection Settings](#-connection-settings) | ||||
|     - [🛠️ SSH Command Settings](#️-ssh-command-settings) | ||||
|     - [🌐 Proxy Settings](#-proxy-settings) | ||||
|   - [⚡ Quick Start](#-quick-start) | ||||
|   - [🔑 SSH Key Setup \& OpenSSH Compatibility](#-ssh-key-setup--openssh-compatibility) | ||||
|     - [Setting Up SSH Keys](#setting-up-ssh-keys) | ||||
|       - [Generate RSA key](#generate-rsa-key) | ||||
|       - [Generate ED25519 key](#generate-ed25519-key) | ||||
|     - [OpenSSH Compatibility](#openssh-compatibility) | ||||
|   - [🛠️ Usage Scenarios \& Advanced Examples](#️-usage-scenarios--advanced-examples) | ||||
|     - [Using password authentication](#using-password-authentication) | ||||
|     - [Using private key authentication](#using-private-key-authentication) | ||||
|     - [Multiple commands](#multiple-commands) | ||||
|     - [Run commands from a file](#run-commands-from-a-file) | ||||
|     - [Multiple hosts](#multiple-hosts) | ||||
|     - [Multiple hosts with different ports](#multiple-hosts-with-different-ports) | ||||
|     - [Synchronous execution on multiple hosts](#synchronous-execution-on-multiple-hosts) | ||||
|     - [Pass environment variables to shell script](#pass-environment-variables-to-shell-script) | ||||
|   - [🌐 Proxy \& Jump Host Usage](#-proxy--jump-host-usage) | ||||
|   - [🛡️ Security Best Practices](#️-security-best-practices) | ||||
|     - [Protecting Your Private Key](#protecting-your-private-key) | ||||
|     - [Host Fingerprint Verification](#host-fingerprint-verification) | ||||
|   - [🚨 Error Handling \& Troubleshooting](#-error-handling--troubleshooting) | ||||
|     - [Q\&A](#qa) | ||||
|       - [Command not found (npm or other command)](#command-not-found-npm-or-other-command) | ||||
|   - [🤝 Contributing](#-contributing) | ||||
|   - [📝 License](#-license) | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 📖 Introduction | ||||
| 
 | ||||
| **SSH for GitHub Actions** is a powerful [GitHub Action](https://github.com/features/actions) for executing remote SSH commands easily and securely in your CI/CD workflows.   | ||||
| Built with [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh), it supports a wide range of SSH scenarios, including multi-host, proxy, and advanced authentication. | ||||
| 
 | ||||
|  | ||||
| 
 | ||||
| [](https://github.com/appleboy/ssh-action/actions) | ||||
| [](https://github.com/appleboy/ssh-action/actions/workflows/main.yml) | ||||
| 
 | ||||
| **Important**: Only support **Linux** [docker](https://www.docker.com/) container. | ||||
| --- | ||||
| 
 | ||||
| ## Input variables | ||||
| ## 🧩 Core Concepts & Input Parameters | ||||
| 
 | ||||
| See [action.yml](./action.yml) for more detailed information. | ||||
| This action provides flexible SSH command execution with a rich set of configuration options. | ||||
| 
 | ||||
| * `host` - ssh host | ||||
| * `port` - ssh port, default is `22` | ||||
| * `username` - ssh username | ||||
| * `password` - ssh password | ||||
| * `passphrase` - the passphrase is usually to encrypt the private key | ||||
| * `sync` - synchronous execution if multiple hosts, default is false | ||||
| * `timeout` - timeout for ssh to remote host, default is `30s` | ||||
| * `command_timeout` - timeout for ssh command, default is `10m` | ||||
| * `key` - content of ssh private key. ex raw content of ~/.ssh/id_rsa | ||||
| * `key_path` - path of ssh private key | ||||
| * `fingerprint` - fingerprint SHA256 of the host public key, default is to skip verification | ||||
| * `script` - execute commands | ||||
| * `script_stop` - stop script after first failure | ||||
| * `envs` - pass environment variable to shell script | ||||
| * `debug` - enable debug mode | ||||
| * `use_insecure_cipher` - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56)) | ||||
| * `cipher` - the allowed cipher algorithms. If unspecified then a sensible | ||||
| For full details, see [action.yml](./action.yml). | ||||
| 
 | ||||
| SSH Proxy Setting: | ||||
| ### 🔌 Connection Settings | ||||
| 
 | ||||
| * `proxy_host` - proxy host | ||||
| * `proxy_port` - proxy port, default is `22` | ||||
| * `proxy_username` - proxy username | ||||
| * `proxy_password` - proxy password | ||||
| * `proxy_passphrase` - the passphrase is usually to encrypt the private key | ||||
| * `proxy_timeout` - timeout for ssh to proxy host, default is `30s` | ||||
| * `proxy_key` - content of ssh proxy private key. | ||||
| * `proxy_key_path` - path of ssh proxy private key | ||||
| * `proxy_fingerprint` - fingerprint SHA256 of the proxy host public key, default is to skip verification | ||||
| * `proxy_use_insecure_cipher` - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56)) | ||||
| * `proxy_cipher` - the allowed cipher algorithms. If unspecified then a sensible | ||||
| These parameters control how the action connects to your remote host. | ||||
| 
 | ||||
| ## Usage | ||||
| | Parameter           | Description                                                       | Default | | ||||
| | ------------------- | ----------------------------------------------------------------- | ------- | | ||||
| | host                | SSH host address                                                  |         | | ||||
| | port                | SSH port number                                                   | 22      | | ||||
| | username            | SSH username                                                      |         | | ||||
| | password            | SSH password                                                      |         | | ||||
| | protocol            | SSH protocol version (`tcp`, `tcp4`, `tcp6`)                      | tcp     | | ||||
| | sync                | Run synchronously if multiple hosts are specified                 | false   | | ||||
| | timeout             | Timeout for SSH connection to host                                | 30s     | | ||||
| | key                 | Content of SSH private key (e.g., raw content of `~/.ssh/id_rsa`) |         | | ||||
| | key_path            | Path to SSH private key                                           |         | | ||||
| | passphrase          | Passphrase for the SSH private key                                |         | | ||||
| | fingerprint         | SHA256 fingerprint of the host public key                         |         | | ||||
| | use_insecure_cipher | Allow additional (less secure) ciphers                            | false   | | ||||
| | cipher              | Allowed cipher algorithms. Uses sensible defaults if unspecified  |         | | ||||
| 
 | ||||
| Executing remote ssh commands. | ||||
| --- | ||||
| 
 | ||||
| ### 🛠️ SSH Command Settings | ||||
| 
 | ||||
| These parameters control the commands executed on the remote host and related behaviors. | ||||
| 
 | ||||
| | Parameter       | Description                                                                       | Default | | ||||
| | --------------- | --------------------------------------------------------------------------------- | ------- | | ||||
| | script          | Commands to execute remotely                                                      |         | | ||||
| | script_path     | Path to a file in the repository containing commands to execute remotely          |         | | ||||
| | envs            | Environment variables to pass to the shell script                                 |         | | ||||
| | envs_format     | Flexible configuration for environment variable transfer                          |         | | ||||
| | allenvs         | Pass all environment variables with `GITHUB_` and `INPUT_` prefixes to the script | false   | | ||||
| | command_timeout | Timeout for SSH command execution                                                 | 10m     | | ||||
| | debug           | Enable debug mode                                                                 | false   | | ||||
| | request_pty     | Request a pseudo-terminal from the server                                         | false   | | ||||
| | curl_insecure   | Allow curl to connect to SSL sites without certificates                           | false   | | ||||
| | version         | drone-ssh binary version. If not specified, the latest version will be used.      |         | | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ### 🌐 Proxy Settings | ||||
| 
 | ||||
| These parameters control the use of a proxy (jump host) for connecting to your target host. | ||||
| 
 | ||||
| | Parameter                 | Description                                     | Default | | ||||
| | ------------------------- | ----------------------------------------------- | ------- | | ||||
| | proxy_host                | SSH proxy host                                  |         | | ||||
| | proxy_port                | SSH proxy port                                  | 22      | | ||||
| | proxy_username            | SSH proxy username                              |         | | ||||
| | proxy_password            | SSH proxy password                              |         | | ||||
| | proxy_passphrase          | SSH proxy key passphrase                        |         | | ||||
| | proxy_protocol            | SSH proxy protocol version                      | tcp     | | ||||
| | proxy_timeout             | Timeout for SSH connection to proxy host        | 30s     | | ||||
| | proxy_key                 | Content of SSH proxy private key                |         | | ||||
| | proxy_key_path            | Path to SSH proxy private key                   |         | | ||||
| | proxy_fingerprint         | SHA256 fingerprint of the proxy host public key |         | | ||||
| | proxy_cipher              | Allowed cipher algorithms for the proxy         |         | | ||||
| | proxy_use_insecure_cipher | Allow insecure ciphers for the proxy            | false   | | ||||
| 
 | ||||
| > **Note:** To mimic the removed `script_stop` option, add `set -e` at the top of your shell script. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## ⚡ Quick Start | ||||
| 
 | ||||
| Run remote SSH commands in your workflow with minimal configuration: | ||||
| 
 | ||||
| ```yaml | ||||
| name: remote ssh command | ||||
| name: Remote SSH Command | ||||
| on: [push] | ||||
| jobs: | ||||
| 
 | ||||
|   build: | ||||
|     name: Build | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|     - name: executing remote ssh commands using password | ||||
|       uses: appleboy/ssh-action@master | ||||
|       - name: Execute remote SSH commands using password | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ secrets.HOST }} | ||||
|         username: ${{ secrets.USERNAME }} | ||||
|           username: linuxserver.io | ||||
|           password: ${{ secrets.PASSWORD }} | ||||
|           port: ${{ secrets.PORT }} | ||||
|           script: whoami | ||||
| ``` | ||||
| 
 | ||||
| output: | ||||
| **Output:** | ||||
| 
 | ||||
| ```sh | ||||
| ======CMD====== | ||||
| whoami | ||||
| ======END====== | ||||
| out: *** | ||||
| ============================================== | ||||
| ✅ Successfully executed commands to all host. | ||||
| ============================================== | ||||
| linuxserver.io | ||||
| =============================================== | ||||
| ✅ Successfully executed commands to all hosts. | ||||
| =============================================== | ||||
| ``` | ||||
| 
 | ||||
| ### Setting up a SSH Key | ||||
| --- | ||||
| 
 | ||||
| Make sure to follow the below steps while creating SSH Keys and using them. | ||||
| The best practice is create the SSH Keys on local machine not remote machine. | ||||
| Login with username specified in Github Secrets. Generate a RSA Key-Pair: | ||||
| ## 🔑 SSH Key Setup & OpenSSH Compatibility | ||||
| 
 | ||||
| <details> | ||||
| <summary>rsa</summary> | ||||
| <p> | ||||
| ### Setting Up SSH Keys | ||||
| 
 | ||||
| It is best practice to create SSH keys on your local machine (not on a remote server). Log in with the username specified in GitHub Secrets and generate a key pair: | ||||
| 
 | ||||
| #### Generate RSA key | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t rsa -b 4096 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| </p> | ||||
| </details> | ||||
| 
 | ||||
| <details> | ||||
| <summary>ed25519</summary> | ||||
| <p> | ||||
| #### Generate ED25519 key | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| </p> | ||||
| </details> | ||||
| 
 | ||||
| Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/). | ||||
| 
 | ||||
| <details> | ||||
| <summary>rsa</summary> | ||||
| <p> | ||||
| Add the new public key to the authorized keys on your server. [Learn more about authorized keys.](https://www.ssh.com/ssh/authorized_keys/) | ||||
| 
 | ||||
| ```bash | ||||
| cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys' | ||||
| # Add RSA key | ||||
| cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys' | ||||
| 
 | ||||
| # Add ED25519 key | ||||
| cat .ssh/id_ed25519.pub | ssh user@host 'cat >> .ssh/authorized_keys' | ||||
| ``` | ||||
| 
 | ||||
| </p> | ||||
| </details> | ||||
| 
 | ||||
| <details> | ||||
| <summary>ed25519</summary> | ||||
| <p> | ||||
| Copy the private key content and paste it into GitHub Secrets. | ||||
| 
 | ||||
| ```bash | ||||
| cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys' | ||||
| # macOS | ||||
| pbcopy < ~/.ssh/id_rsa | ||||
| # Ubuntu | ||||
| xclip < ~/.ssh/id_rsa | ||||
| ``` | ||||
| 
 | ||||
| </p> | ||||
| </details> | ||||
| > **Tip:** Copy from `-----BEGIN OPENSSH PRIVATE KEY-----` to `-----END OPENSSH PRIVATE KEY-----` (inclusive). | ||||
| 
 | ||||
| Copy Private Key content and paste in Github Secrets. | ||||
| 
 | ||||
| <details> | ||||
| <summary>rsa</summary> | ||||
| <p> | ||||
| For ED25519: | ||||
| 
 | ||||
| ```bash | ||||
| clip < ~/.ssh/id_rsa | ||||
| # macOS | ||||
| pbcopy < ~/.ssh/id_ed25519 | ||||
| # Ubuntu | ||||
| xclip < ~/.ssh/id_ed25519 | ||||
| ``` | ||||
| 
 | ||||
| </p> | ||||
| </details> | ||||
| See more: [SSH login without a password](http://www.linuxproblem.org/art_9.html). | ||||
| 
 | ||||
| <details> | ||||
| <summary>ed25519</summary> | ||||
| <p> | ||||
| > **Note:** Depending on your SSH version, you may also need to: | ||||
| > | ||||
| > - Place the public key in `.ssh/authorized_keys2` | ||||
| > - Set `.ssh` permissions to 700 | ||||
| > - Set `.ssh/authorized_keys2` permissions to 640 | ||||
| 
 | ||||
| ```bash | ||||
| clip < ~/.ssh/id_ed25519 | ||||
| ``` | ||||
| ### OpenSSH Compatibility | ||||
| 
 | ||||
| </p> | ||||
| </details> | ||||
| 
 | ||||
| See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html). | ||||
| 
 | ||||
| **A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes: | ||||
| 
 | ||||
| * Put the public key in `.ssh/authorized_keys2` | ||||
| * Change the permissions of `.ssh` to 700 | ||||
| * Change the permissions of `.ssh/authorized_keys2` to 640 | ||||
| 
 | ||||
| ### If you are using OpenSSH | ||||
| 
 | ||||
| If you are currently using OpenSSH and are getting the following error: | ||||
| If you see this error: | ||||
| 
 | ||||
| ```bash | ||||
| ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey] | ||||
| ``` | ||||
| 
 | ||||
| Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under  | ||||
| `/etc/ssh/sshd_config.d/`): | ||||
| On Ubuntu 20.04+ you may need to explicitly allow the `ssh-rsa` algorithm. Add this to your OpenSSH daemon config (`/etc/ssh/sshd_config` or a drop-in under `/etc/ssh/sshd_config.d/`): | ||||
| 
 | ||||
| ```bash | ||||
| CASignatureAlgorithms +ssh-rsa | ||||
| ``` | ||||
| 
 | ||||
| Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed: | ||||
| Alternatively, use ED25519 keys (supported by default): | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| ### Example | ||||
| --- | ||||
| 
 | ||||
| #### Executing remote ssh commands using password | ||||
| ## 🛠️ Usage Scenarios & Advanced Examples | ||||
| 
 | ||||
| This section covers common and advanced usage patterns, including multi-host, proxy, and environment variable passing. | ||||
| 
 | ||||
| ### Using password authentication | ||||
| 
 | ||||
| ```yaml | ||||
| - name: executing remote ssh commands using password | ||||
|   uses: appleboy/ssh-action@master | ||||
| - name: Execute remote SSH commands using password | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|  | @ -199,11 +250,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
|     script: whoami | ||||
| ``` | ||||
| 
 | ||||
| #### Using private key | ||||
| ### Using private key authentication | ||||
| 
 | ||||
| ```yaml | ||||
| - name: executing remote ssh commands using ssh key | ||||
|   uses: appleboy/ssh-action@master | ||||
| - name: Execute remote SSH commands using SSH key | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|  | @ -212,11 +263,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
|     script: whoami | ||||
| ``` | ||||
| 
 | ||||
| #### Multiple Commands | ||||
| ### Multiple commands | ||||
| 
 | ||||
| ```yaml | ||||
| - name: multiple command | ||||
|   uses: appleboy/ssh-action@master | ||||
| - name: Multiple commands | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|  | @ -229,11 +280,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
| 
 | ||||
|  | ||||
| 
 | ||||
| #### Multiple Hosts | ||||
| ### Run commands from a file | ||||
| 
 | ||||
| ```yaml | ||||
| - name: File commands | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script_path: scripts/script.sh | ||||
| ``` | ||||
| 
 | ||||
| ### Multiple hosts | ||||
| 
 | ||||
| ```diff | ||||
|   - name: multiple host | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: Multiple hosts | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
| -     host: "foo.com" | ||||
| +     host: "foo.com,bar.com" | ||||
|  | @ -245,11 +309,13 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| #### Multiple hosts with different port | ||||
| Default `port` is `22`. | ||||
| 
 | ||||
| ### Multiple hosts with different ports | ||||
| 
 | ||||
| ```diff | ||||
|   - name: multiple host | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: Multiple hosts | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
| -     host: "foo.com" | ||||
| +     host: "foo.com:1234,bar.com:5678" | ||||
|  | @ -260,11 +326,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| #### Synchronous execution on multiple hosts | ||||
| ### Synchronous execution on multiple hosts | ||||
| 
 | ||||
| ```diff | ||||
|   - name: multiple host | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: Multiple hosts | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: "foo.com,bar.com" | ||||
| +     sync: true | ||||
|  | @ -276,11 +342,11 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| #### Pass environment variable to shell script | ||||
| ### Pass environment variables to shell script | ||||
| 
 | ||||
| ```diff | ||||
|   - name: pass environment | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: Pass environment | ||||
|     uses: appleboy/ssh-action@v1 | ||||
| +   env: | ||||
| +     FOO: "BAR" | ||||
| +     BAR: "FOO" | ||||
|  | @ -297,40 +363,13 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | |||
|         echo "sha: $SHA" | ||||
| ``` | ||||
| 
 | ||||
| _Inside `env` object, you need to pass every environment variable as a string, passing `Integer` data type or any other may output unexpected results._ | ||||
| > _All environment variables in the `env` object must be strings. Using integers or other types may cause unexpected results._ | ||||
| 
 | ||||
| #### Stop script after first failure | ||||
| --- | ||||
| 
 | ||||
| > ex: missing `abc` folder | ||||
| ## 🌐 Proxy & Jump Host Usage | ||||
| 
 | ||||
| ```diff | ||||
|   - name: stop script if command error | ||||
|     uses: appleboy/ssh-action@master | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     script_stop: true | ||||
|       script: | | ||||
|         mkdir abc/def | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| output: | ||||
| 
 | ||||
| ```sh | ||||
| ======CMD====== | ||||
| mkdir abc/def | ||||
| ls -al | ||||
| 
 | ||||
| ======END====== | ||||
| 2019/11/21 01:16:21 Process exited with status 1 | ||||
| err: mkdir: cannot create directory ‘abc/def’: No such file or directory | ||||
| ##[error]Docker run failed with exit code 1 | ||||
| ``` | ||||
| 
 | ||||
| #### How to connect remote server using `ProxyCommand`? | ||||
| You can connect to remote hosts via a proxy (jump host) for advanced network topologies. | ||||
| 
 | ||||
| ```bash | ||||
| +--------+       +----------+      +-----------+ | ||||
|  | @ -338,7 +377,7 @@ err: mkdir: cannot create directory ‘abc/def’: No such file or directory | |||
| +--------+       +----------+      +-----------+ | ||||
| ``` | ||||
| 
 | ||||
| in your `~/.ssh/config`, you will see the following. | ||||
| Example `~/.ssh/config`: | ||||
| 
 | ||||
| ```bash | ||||
| Host Jumphost | ||||
|  | @ -354,11 +393,11 @@ Host FooServer | |||
|   ProxyCommand ssh -q -W %h:%p Jumphost | ||||
| ``` | ||||
| 
 | ||||
| #### How to convert to YAML format of GitHubActions | ||||
| **GitHub Actions YAML:** | ||||
| 
 | ||||
| ```diff | ||||
|   - name: ssh proxy command | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: SSH proxy command | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|  | @ -373,15 +412,17 @@ Host FooServer | |||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| #### Protecting a Private Key | ||||
| --- | ||||
| 
 | ||||
| The purpose of the passphrase is usually to encrypt the private key. | ||||
| This makes the key file by itself useless to an attacker. | ||||
| It is not uncommon for files to leak from backups or decommissioned hardware, and hackers commonly exfiltrate files from compromised systems. | ||||
| ## 🛡️ Security Best Practices | ||||
| 
 | ||||
| ### Protecting Your Private Key | ||||
| 
 | ||||
| A passphrase encrypts your private key, making it useless to attackers if leaked. Always store your private key securely. | ||||
| 
 | ||||
| ```diff | ||||
|   - name: ssh key passphrase | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: SSH key passphrase | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|  | @ -393,21 +434,19 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an | |||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| #### Using host fingerprint verification | ||||
| ### Host Fingerprint Verification | ||||
| 
 | ||||
| Setting up SSH host fingerprint verification can help to prevent Person-in-the-Middle attacks. Before setting this up, run the command below to get your SSH host fingerprint. Remember to replace `ed25519` with your appropriate key type (`rsa`, `dsa`, etc.) that your server is using and `example.com` with your host. | ||||
| 
 | ||||
| In modern OpenSSH releases, the _default_ key types to be fetched are `rsa` (since version 5.1), `ecdsa` (since version 6.0), and `ed25519` (since version 6.7). | ||||
| Verifying the SSH host fingerprint helps prevent man-in-the-middle attacks. To get your host's fingerprint (replace `ed25519` with your key type and `example.com` with your host): | ||||
| 
 | ||||
| ```sh | ||||
| ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2 | ||||
| ``` | ||||
| 
 | ||||
| Now you can adjust you config: | ||||
| Update your config: | ||||
| 
 | ||||
| ```diff | ||||
|   - name: ssh key passphrase | ||||
|     uses: appleboy/ssh-action@master | ||||
|   - name: SSH key passphrase | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|  | @ -419,10 +458,33 @@ Now you can adjust you config: | |||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ## Contributing | ||||
| --- | ||||
| 
 | ||||
| We would love for you to contribute to `appleboy/ssh-action`, pull requests are welcome! | ||||
| ## 🚨 Error Handling & Troubleshooting | ||||
| 
 | ||||
| ## License | ||||
| ### Q&A | ||||
| 
 | ||||
| The scripts and documentation in this project are released under the [MIT License](LICENSE) | ||||
| #### Command not found (npm or other command) | ||||
| 
 | ||||
| If you encounter "command not found" errors, see [this issue comment](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) about interactive vs non-interactive shells. | ||||
| 
 | ||||
| On many Linux distros, `/etc/bash.bashrc` contains: | ||||
| 
 | ||||
| ```sh | ||||
| # If not running interactively, don't do anything | ||||
| [ -z "$PS1" ] && return | ||||
| ``` | ||||
| 
 | ||||
| Comment out this line or use absolute paths for your commands. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🤝 Contributing | ||||
| 
 | ||||
| Contributions are welcome! Please submit a pull request to help improve `appleboy/ssh-action`. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 📝 License | ||||
| 
 | ||||
| This project is licensed under the [MIT License](LICENSE). | ||||
|  |  | |||
|  | @ -0,0 +1,490 @@ | |||
| # 🚀 用于 GitHub Actions 的 SSH | ||||
| 
 | ||||
| [English](./README.md) | [繁體中文](./README.zh-tw.md) | 简体中文 | ||||
| 
 | ||||
| ## 目录 | ||||
| 
 | ||||
| - [🚀 用于 GitHub Actions 的 SSH](#-用于-github-actions-的-ssh) | ||||
|   - [目录](#目录) | ||||
|   - [📖 简介](#-简介) | ||||
|   - [🧩 核心概念与输入参数](#-核心概念与输入参数) | ||||
|     - [🔌 连接设置](#-连接设置) | ||||
|     - [🛠️ 指令设置](#️-指令设置) | ||||
|     - [🌐 代理设置](#-代理设置) | ||||
|   - [⚡ 快速开始](#-快速开始) | ||||
|   - [🔑 SSH 密钥配置与 OpenSSH 兼容性](#-ssh-密钥配置与-openssh-兼容性) | ||||
|     - [配置 SSH 密钥](#配置-ssh-密钥) | ||||
|       - [生成 RSA 密钥](#生成-rsa-密钥) | ||||
|       - [生成 ED25519 密钥](#生成-ed25519-密钥) | ||||
|     - [OpenSSH 兼容性](#openssh-兼容性) | ||||
|   - [🛠️ 用法场景与进阶示例](#️-用法场景与进阶示例) | ||||
|     - [使用密码认证](#使用密码认证) | ||||
|     - [使用私钥认证](#使用私钥认证) | ||||
|     - [多条命令](#多条命令) | ||||
|     - [从文件执行命令](#从文件执行命令) | ||||
|     - [多主机](#多主机) | ||||
|     - [多主机不同端口](#多主机不同端口) | ||||
|     - [多主机同步执行](#多主机同步执行) | ||||
|     - [传递环境变量到 shell 脚本](#传递环境变量到-shell-脚本) | ||||
|   - [🌐 代理与跳板机用法](#-代理与跳板机用法) | ||||
|   - [🛡️ 安全最佳实践](#️-安全最佳实践) | ||||
|     - [保护你的私钥](#保护你的私钥) | ||||
|     - [主机指纹验证](#主机指纹验证) | ||||
|   - [🚨 错误处理与疑难解答](#-错误处理与疑难解答) | ||||
|     - [常见问题](#常见问题) | ||||
|       - [命令未找到(npm 或其他命令)](#命令未找到npm-或其他命令) | ||||
|   - [🤝 贡献](#-贡献) | ||||
|   - [📝 许可证](#-许可证) | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 📖 简介 | ||||
| 
 | ||||
| **SSH for GitHub Actions** 是一个强大的 [GitHub Action](https://github.com/features/actions),可让你在 CI/CD 工作流中轻松且安全地执行远程 SSH 命令。   | ||||
| 本项目基于 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 构建,支持多主机、代理、高级认证等多种 SSH 场景。 | ||||
| 
 | ||||
|  | ||||
| 
 | ||||
| [](https://github.com/appleboy/ssh-action/actions/workflows/main.yml) | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🧩 核心概念与输入参数 | ||||
| 
 | ||||
| 本 Action 提供灵活的 SSH 命令执行能力,并具备丰富的配置选项。 | ||||
| 
 | ||||
| 详细参数请参阅 [action.yml](./action.yml)。 | ||||
| 
 | ||||
| ### 🔌 连接设置 | ||||
| 
 | ||||
| 这些参数用于控制如何连接到远程主机。 | ||||
| 
 | ||||
| | 参数                | 描述                                          | 默认值 | | ||||
| | ------------------- | --------------------------------------------- | ------ | | ||||
| | host                | SSH 主机地址                                  |        | | ||||
| | port                | SSH 端口号                                    | 22     | | ||||
| | username            | SSH 用户名                                    |        | | ||||
| | password            | SSH 密码                                      |        | | ||||
| | protocol            | SSH 协议版本(`tcp`、`tcp4`、`tcp6`)         | tcp    | | ||||
| | sync                | 指定多个主机时同步执行                        | false  | | ||||
| | timeout             | SSH 连接主机的超时时间                        | 30s    | | ||||
| | key                 | SSH 私钥内容(如 `~/.ssh/id_rsa` 的原始内容) |        | | ||||
| | key_path            | SSH 私钥路径                                  |        | | ||||
| | passphrase          | SSH 私钥密码短语                              |        | | ||||
| | fingerprint         | 主机公钥的 SHA256 指纹                        |        | | ||||
| | use_insecure_cipher | 允许额外(不安全)的加密算法                  | false  | | ||||
| | cipher              | 允许的加密算法,未指定时使用默认值            |        | | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ### 🛠️ 指令设置 | ||||
| 
 | ||||
| 这些参数用于控制在远程主机上执行的命令及相关行为。 | ||||
| 
 | ||||
| | 参数            | 描述                                                  | 默认值 | | ||||
| | --------------- | ----------------------------------------------------- | ------ | | ||||
| | script          | 远程执行的命令                                        |        | | ||||
| | script_path     | 仓库中包含要远程执行命令的文件路径                    |        | | ||||
| | envs            | 传递给 shell 脚本的环境变量                           |        | | ||||
| | envs_format     | 环境变量传递的灵活配置                                |        | | ||||
| | allenvs         | 传递所有带 `GITHUB_` 和 `INPUT_` 前缀的环境变量到脚本 | false  | | ||||
| | command_timeout | SSH 命令执行超时时间                                  | 10m    | | ||||
| | debug           | 启用调试模式                                          | false  | | ||||
| | request_pty     | 向服务器请求伪终端                                    | false  | | ||||
| | curl_insecure   | 允许 curl 连接无证书的 SSL 站点                       | false  | | ||||
| | version         | drone-ssh 二进制版本,未指定时使用最新版本            |        | | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ### 🌐 代理设置 | ||||
| 
 | ||||
| 这些参数用于通过代理(跳板机)连接到目标主机。 | ||||
| 
 | ||||
| | 参数                      | 描述                                      | 默认值 | | ||||
| | ------------------------- | ----------------------------------------- | ------ | | ||||
| | proxy_host                | SSH 代理主机                              |        | | ||||
| | proxy_port                | SSH 代理端口                              | 22     | | ||||
| | proxy_username            | SSH 代理用户名                            |        | | ||||
| | proxy_password            | SSH 代理密码                              |        | | ||||
| | proxy_passphrase          | SSH 代理私钥密码短语                      |        | | ||||
| | proxy_protocol            | SSH 代理协议版本(`tcp`、`tcp4`、`tcp6`) | tcp    | | ||||
| | proxy_timeout             | SSH 连接代理主机的超时时间                | 30s    | | ||||
| | proxy_key                 | SSH 代理私钥内容                          |        | | ||||
| | proxy_key_path            | SSH 代理私钥路径                          |        | | ||||
| | proxy_fingerprint         | 代理主机公钥的 SHA256 指纹                |        | | ||||
| | proxy_cipher              | 代理允许的加密算法                        |        | | ||||
| | proxy_use_insecure_cipher | 代理允许额外(不安全)的加密算法          | false  | | ||||
| 
 | ||||
| > **注意:** 如需实现已移除的 `script_stop` 功能,请在 shell 脚本顶部添加 `set -e`。 | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## ⚡ 快速开始 | ||||
| 
 | ||||
| 只需简单配置,即可在工作流中执行远程 SSH 命令: | ||||
| 
 | ||||
| ```yaml | ||||
| name: Remote SSH Command | ||||
| on: [push] | ||||
| jobs: | ||||
|   build: | ||||
|     name: Build | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: 执行远程 SSH 命令(密码认证) | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ secrets.HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: ${{ secrets.PASSWORD }} | ||||
|           port: ${{ secrets.PORT }} | ||||
|           script: whoami | ||||
| ``` | ||||
| 
 | ||||
| **输出:** | ||||
| 
 | ||||
| ```sh | ||||
| ======CMD====== | ||||
| whoami | ||||
| ======END====== | ||||
| linuxserver.io | ||||
| =============================================== | ||||
| ✅ Successfully executed commands to all hosts. | ||||
| =============================================== | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🔑 SSH 密钥配置与 OpenSSH 兼容性 | ||||
| 
 | ||||
| ### 配置 SSH 密钥 | ||||
| 
 | ||||
| 建议在本地机器(而非远程服务器)上创建 SSH 密钥。请使用 GitHub Secrets 中指定的用户名登录并生成密钥对: | ||||
| 
 | ||||
| #### 生成 RSA 密钥 | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t rsa -b 4096 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| #### 生成 ED25519 密钥 | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| 将新生成的公钥添加到服务器的 authorized_keys。 [了解更多 authorized_keys](https://www.ssh.com/ssh/authorized_keys/) | ||||
| 
 | ||||
| ```bash | ||||
| # 添加 RSA 公钥 | ||||
| cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys' | ||||
| 
 | ||||
| # 添加 ED25519 公钥 | ||||
| cat .ssh/id_ed25519.pub | ssh user@host 'cat >> .ssh/authorized_keys' | ||||
| ``` | ||||
| 
 | ||||
| 复制私钥内容并粘贴到 GitHub Secrets。 | ||||
| 
 | ||||
| ```bash | ||||
| # macOS | ||||
| pbcopy < ~/.ssh/id_rsa | ||||
| # Ubuntu | ||||
| xclip < ~/.ssh/id_rsa | ||||
| ``` | ||||
| 
 | ||||
| > **提示:** 复制内容需包含 `-----BEGIN OPENSSH PRIVATE KEY-----` 到 `-----END OPENSSH PRIVATE KEY-----`(含)。 | ||||
| 
 | ||||
| ED25519 同理: | ||||
| 
 | ||||
| ```bash | ||||
| # macOS | ||||
| pbcopy < ~/.ssh/id_ed25519 | ||||
| # Ubuntu | ||||
| xclip < ~/.ssh/id_ed25519 | ||||
| ``` | ||||
| 
 | ||||
| 更多信息:[SSH 无密码登录](http://www.linuxproblem.org/art_9.html)。 | ||||
| 
 | ||||
| > **注意:** 根据 SSH 版本,可能还需: | ||||
| > | ||||
| > - 将公钥放入 `.ssh/authorized_keys2` | ||||
| > - 设置 `.ssh` 权限为 700 | ||||
| > - 设置 `.ssh/authorized_keys2` 权限为 640 | ||||
| 
 | ||||
| ### OpenSSH 兼容性 | ||||
| 
 | ||||
| 如果出现如下错误: | ||||
| 
 | ||||
| ```bash | ||||
| ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey] | ||||
| ``` | ||||
| 
 | ||||
| 在 Ubuntu 20.04+,你可能需要显式允许 `ssh-rsa` 算法。请在 OpenSSH 配置文件(`/etc/ssh/sshd_config` 或 `/etc/ssh/sshd_config.d/` 下的 drop-in 文件)中添加: | ||||
| 
 | ||||
| ```bash | ||||
| CASignatureAlgorithms +ssh-rsa | ||||
| ``` | ||||
| 
 | ||||
| 或者,直接使用默认支持的 ED25519 密钥: | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🛠️ 用法场景与进阶示例 | ||||
| 
 | ||||
| 本节涵盖常见与进阶用法,包括多主机、代理、环境变量传递等。 | ||||
| 
 | ||||
| ### 使用密码认证 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 执行远程 SSH 命令(密码认证) | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     password: ${{ secrets.PASSWORD }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script: whoami | ||||
| ``` | ||||
| 
 | ||||
| ### 使用私钥认证 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 执行远程 SSH 命令(密钥认证) | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script: whoami | ||||
| ``` | ||||
| 
 | ||||
| ### 多条命令 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 多条命令 | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script: | | ||||
|       whoami | ||||
|       ls -al | ||||
| ``` | ||||
| 
 | ||||
|  | ||||
| 
 | ||||
| ### 从文件执行命令 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 文件命令 | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script_path: scripts/script.sh | ||||
| ``` | ||||
| 
 | ||||
| ### 多主机 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 多主机 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
| -     host: "foo.com" | ||||
| +     host: "foo.com,bar.com" | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| 默认 `port` 为 `22`。 | ||||
| 
 | ||||
| ### 多主机不同端口 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 多主机 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
| -     host: "foo.com" | ||||
| +     host: "foo.com:1234,bar.com:5678" | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ### 多主机同步执行 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 多主机 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: "foo.com,bar.com" | ||||
| +     sync: true | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ### 传递环境变量到 shell 脚本 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 传递环境变量 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
| +   env: | ||||
| +     FOO: "BAR" | ||||
| +     BAR: "FOO" | ||||
| +     SHA: ${{ github.sha }} | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     envs: FOO,BAR,SHA | ||||
|       script: | | ||||
|         echo "I am $FOO" | ||||
|         echo "I am $BAR" | ||||
|         echo "sha: $SHA" | ||||
| ``` | ||||
| 
 | ||||
| > _`env` 对象中的所有环境变量必须为字符串。传递整数或其他类型可能导致意外结果。_ | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🌐 代理与跳板机用法 | ||||
| 
 | ||||
| 你可以通过代理(跳板机)连接到远程主机,适用于进阶网络拓扑。 | ||||
| 
 | ||||
| ```bash | ||||
| +--------+       +----------+      +-----------+ | ||||
| | Laptop | <-->  | Jumphost | <--> | FooServer | | ||||
| +--------+       +----------+      +-----------+ | ||||
| ``` | ||||
| 
 | ||||
| 示例 `~/.ssh/config`: | ||||
| 
 | ||||
| ```bash | ||||
| Host Jumphost | ||||
|   HostName Jumphost | ||||
|   User ubuntu | ||||
|   Port 22 | ||||
|   IdentityFile ~/.ssh/keys/jump_host.pem | ||||
| 
 | ||||
| Host FooServer | ||||
|   HostName FooServer | ||||
|   User ubuntu | ||||
|   Port 22 | ||||
|   ProxyCommand ssh -q -W %h:%p Jumphost | ||||
| ``` | ||||
| 
 | ||||
| **GitHub Actions YAML:** | ||||
| 
 | ||||
| ```diff | ||||
|   - name: SSH 代理命令 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     proxy_host: ${{ secrets.PROXY_HOST }} | ||||
| +     proxy_username: ${{ secrets.PROXY_USERNAME }} | ||||
| +     proxy_key: ${{ secrets.PROXY_KEY }} | ||||
| +     proxy_port: ${{ secrets.PROXY_PORT }} | ||||
|       script: | | ||||
|         mkdir abc/def | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🛡️ 安全最佳实践 | ||||
| 
 | ||||
| ### 保护你的私钥 | ||||
| 
 | ||||
| 密码短语会加密你的私钥,即使泄露也无法被攻击者直接利用。请务必妥善保管私钥。 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: SSH 密钥密码短语 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     passphrase: ${{ secrets.PASSPHRASE }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ### 主机指纹验证 | ||||
| 
 | ||||
| 验证 SSH 主机指纹有助于防止中间人攻击。获取主机指纹(将 `ed25519` 替换为你的密钥类型,`example.com` 替换为你的主机): | ||||
| 
 | ||||
| ```sh | ||||
| ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2 | ||||
| ``` | ||||
| 
 | ||||
| 更新配置: | ||||
| 
 | ||||
| ```diff | ||||
|   - name: SSH 密钥密码短语 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     fingerprint: ${{ secrets.FINGERPRINT }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🚨 错误处理与疑难解答 | ||||
| 
 | ||||
| ### 常见问题 | ||||
| 
 | ||||
| #### 命令未找到(npm 或其他命令) | ||||
| 
 | ||||
| 如果遇到 "command not found" 错误,请参考 [此评论](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) 了解交互式与非交互式 shell 的区别。 | ||||
| 
 | ||||
| 许多 Linux 发行版的 `/etc/bash.bashrc` 包含如下内容: | ||||
| 
 | ||||
| ```sh | ||||
| # If not running interactively, don't do anything | ||||
| [ -z "$PS1" ] && return | ||||
| ``` | ||||
| 
 | ||||
| 注释掉该行或使用命令的绝对路径。 | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🤝 贡献 | ||||
| 
 | ||||
| 欢迎贡献!请提交 Pull Request 改进 `appleboy/ssh-action`。 | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 📝 许可证 | ||||
| 
 | ||||
| 本项目采用 [MIT License](LICENSE) 授权。 | ||||
|  | @ -0,0 +1,490 @@ | |||
| # 🚀 GitHub Actions 的 SSH | ||||
| 
 | ||||
| [English](./README.md) | 繁體中文 | [简体中文](./README.zh-cn.md) | ||||
| 
 | ||||
| ## 目錄 | ||||
| 
 | ||||
| - [🚀 GitHub Actions 的 SSH](#-github-actions-的-ssh) | ||||
|   - [目錄](#目錄) | ||||
|   - [📖 簡介](#-簡介) | ||||
|   - [🧩 核心概念與輸入參數](#-核心概念與輸入參數) | ||||
|     - [🔌 連線設定](#-連線設定) | ||||
|     - [🛠️ 指令設定](#️-指令設定) | ||||
|     - [🌐 代理設定](#-代理設定) | ||||
|   - [⚡ 快速開始](#-快速開始) | ||||
|   - [🔑 SSH 金鑰設定與 OpenSSH 相容性](#-ssh-金鑰設定與-openssh-相容性) | ||||
|     - [設定 SSH 金鑰](#設定-ssh-金鑰) | ||||
|       - [產生 RSA 金鑰](#產生-rsa-金鑰) | ||||
|       - [產生 ED25519 金鑰](#產生-ed25519-金鑰) | ||||
|     - [OpenSSH 相容性](#openssh-相容性) | ||||
|   - [🛠️ 用法場景與進階範例](#️-用法場景與進階範例) | ||||
|     - [使用密碼認證](#使用密碼認證) | ||||
|     - [使用私鑰認證](#使用私鑰認證) | ||||
|     - [多條指令](#多條指令) | ||||
|     - [從檔案執行指令](#從檔案執行指令) | ||||
|     - [多主機](#多主機) | ||||
|     - [多主機不同埠號](#多主機不同埠號) | ||||
|     - [多主機同步執行](#多主機同步執行) | ||||
|     - [傳遞環境變數到 shell 腳本](#傳遞環境變數到-shell-腳本) | ||||
|   - [🌐 代理與跳板機用法](#-代理與跳板機用法) | ||||
|   - [🛡️ 安全最佳實踐](#️-安全最佳實踐) | ||||
|     - [保護你的私鑰](#保護你的私鑰) | ||||
|     - [主機指紋驗證](#主機指紋驗證) | ||||
|   - [🚨 錯誤處理與疑難排解](#-錯誤處理與疑難排解) | ||||
|     - [常見問題](#常見問題) | ||||
|       - [指令找不到(npm 或其他指令)](#指令找不到npm-或其他指令) | ||||
|   - [🤝 貢獻](#-貢獻) | ||||
|   - [📝 授權](#-授權) | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 📖 簡介 | ||||
| 
 | ||||
| **SSH for GitHub Actions** 是一個強大的 [GitHub Action](https://github.com/features/actions),可讓你在 CI/CD 工作流程中輕鬆且安全地執行遠端 SSH 指令。   | ||||
| 本專案以 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 建立,支援多主機、代理、進階認證等多種 SSH 場景。 | ||||
| 
 | ||||
|  | ||||
| 
 | ||||
| [](https://github.com/appleboy/ssh-action/actions/workflows/main.yml) | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🧩 核心概念與輸入參數 | ||||
| 
 | ||||
| 本 Action 提供彈性的 SSH 指令執行能力,並具備豐富的設定選項。 | ||||
| 
 | ||||
| 完整參數請參閱 [action.yml](./action.yml)。 | ||||
| 
 | ||||
| ### 🔌 連線設定 | ||||
| 
 | ||||
| 這些參數用於控制如何連線到遠端主機。 | ||||
| 
 | ||||
| | 參數                | 說明                                          | 預設值 | | ||||
| | ------------------- | --------------------------------------------- | ------ | | ||||
| | host                | SSH 主機位址                                  |        | | ||||
| | port                | SSH 埠號                                      | 22     | | ||||
| | username            | SSH 使用者名稱                                |        | | ||||
| | password            | SSH 密碼                                      |        | | ||||
| | protocol            | SSH 協議版本(`tcp`、`tcp4`、`tcp6`)         | tcp    | | ||||
| | sync                | 指定多個主機時同步執行                        | false  | | ||||
| | timeout             | SSH 連線主機的逾時時間                        | 30s    | | ||||
| | key                 | SSH 私鑰內容(如 `~/.ssh/id_rsa` 的原始內容) |        | | ||||
| | key_path            | SSH 私鑰路徑                                  |        | | ||||
| | passphrase          | SSH 私鑰密碼                                  |        | | ||||
| | fingerprint         | 主機公鑰的 SHA256 指紋                        |        | | ||||
| | use_insecure_cipher | 允許額外(不安全)的加密演算法                | false  | | ||||
| | cipher              | 允許的加密演算法,未指定時使用預設值          |        | | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ### 🛠️ 指令設定 | ||||
| 
 | ||||
| 這些參數用於控制在遠端主機上執行的指令及相關行為。 | ||||
| 
 | ||||
| | 參數            | 說明                                                  | 預設值 | | ||||
| | --------------- | ----------------------------------------------------- | ------ | | ||||
| | script          | 遠端執行的指令                                        |        | | ||||
| | script_path     | 儲存庫中包含要遠端執行指令的檔案路徑                  |        | | ||||
| | envs            | 傳遞給 shell 腳本的環境變數                           |        | | ||||
| | envs_format     | 環境變數傳遞的彈性設定                                |        | | ||||
| | allenvs         | 傳遞所有帶 `GITHUB_` 和 `INPUT_` 前綴的環境變數到腳本 | false  | | ||||
| | command_timeout | SSH 指令執行逾時時間                                  | 10m    | | ||||
| | debug           | 啟用除錯模式                                          | false  | | ||||
| | request_pty     | 向伺服器請求偽終端                                    | false  | | ||||
| | curl_insecure   | 允許 curl 連線無憑證的 SSL 網站                       | false  | | ||||
| | version         | drone-ssh 執行檔版本,未指定時使用最新版本            |        | | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ### 🌐 代理設定 | ||||
| 
 | ||||
| 這些參數用於透過代理(跳板機)連線到目標主機。 | ||||
| 
 | ||||
| | 參數                      | 說明                                      | 預設值 | | ||||
| | ------------------------- | ----------------------------------------- | ------ | | ||||
| | proxy_host                | SSH 代理主機                              |        | | ||||
| | proxy_port                | SSH 代理埠號                              | 22     | | ||||
| | proxy_username            | SSH 代理使用者名稱                        |        | | ||||
| | proxy_password            | SSH 代理密碼                              |        | | ||||
| | proxy_passphrase          | SSH 代理私鑰密碼                          |        | | ||||
| | proxy_protocol            | SSH 代理協議版本(`tcp`、`tcp4`、`tcp6`) | tcp    | | ||||
| | proxy_timeout             | SSH 連線代理主機的逾時時間                | 30s    | | ||||
| | proxy_key                 | SSH 代理私鑰內容                          |        | | ||||
| | proxy_key_path            | SSH 代理私鑰路徑                          |        | | ||||
| | proxy_fingerprint         | 代理主機公鑰的 SHA256 指紋                |        | | ||||
| | proxy_cipher              | 代理允許的加密演算法                      |        | | ||||
| | proxy_use_insecure_cipher | 代理允許額外(不安全)的加密演算法        | false  | | ||||
| 
 | ||||
| > **注意:** 如需實現已移除的 `script_stop` 功能,請在 shell 腳本最上方加上 `set -e`。 | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## ⚡ 快速開始 | ||||
| 
 | ||||
| 只需簡單設定,即可在工作流程中執行遠端 SSH 指令: | ||||
| 
 | ||||
| ```yaml | ||||
| name: Remote SSH Command | ||||
| on: [push] | ||||
| jobs: | ||||
|   build: | ||||
|     name: Build | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: 執行遠端 SSH 指令(密碼認證) | ||||
|         uses: appleboy/ssh-action@v1 | ||||
|         with: | ||||
|           host: ${{ secrets.HOST }} | ||||
|           username: linuxserver.io | ||||
|           password: ${{ secrets.PASSWORD }} | ||||
|           port: ${{ secrets.PORT }} | ||||
|           script: whoami | ||||
| ``` | ||||
| 
 | ||||
| **輸出:** | ||||
| 
 | ||||
| ```sh | ||||
| ======CMD====== | ||||
| whoami | ||||
| ======END====== | ||||
| linuxserver.io | ||||
| =============================================== | ||||
| ✅ Successfully executed commands to all hosts. | ||||
| =============================================== | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🔑 SSH 金鑰設定與 OpenSSH 相容性 | ||||
| 
 | ||||
| ### 設定 SSH 金鑰 | ||||
| 
 | ||||
| 建議於本地端(非遠端伺服器)產生 SSH 金鑰。請以 GitHub Secrets 指定的使用者名稱登入並產生金鑰對: | ||||
| 
 | ||||
| #### 產生 RSA 金鑰 | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t rsa -b 4096 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| #### 產生 ED25519 金鑰 | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| 將新產生的公鑰加入伺服器的 authorized_keys。 [了解更多 authorized_keys](https://www.ssh.com/ssh/authorized_keys/) | ||||
| 
 | ||||
| ```bash | ||||
| # 加入 RSA 公鑰 | ||||
| cat .ssh/id_rsa.pub | ssh user@host 'cat >> .ssh/authorized_keys' | ||||
| 
 | ||||
| # 加入 ED25519 公鑰 | ||||
| cat .ssh/id_ed25519.pub | ssh user@host 'cat >> .ssh/authorized_keys' | ||||
| ``` | ||||
| 
 | ||||
| 複製私鑰內容並貼到 GitHub Secrets。 | ||||
| 
 | ||||
| ```bash | ||||
| # macOS | ||||
| pbcopy < ~/.ssh/id_rsa | ||||
| # Ubuntu | ||||
| xclip < ~/.ssh/id_rsa | ||||
| ``` | ||||
| 
 | ||||
| > **提示:** 複製內容需包含 `-----BEGIN OPENSSH PRIVATE KEY-----` 到 `-----END OPENSSH PRIVATE KEY-----`(含)。 | ||||
| 
 | ||||
| ED25519 同理: | ||||
| 
 | ||||
| ```bash | ||||
| # macOS | ||||
| pbcopy < ~/.ssh/id_ed25519 | ||||
| # Ubuntu | ||||
| xclip < ~/.ssh/id_ed25519 | ||||
| ``` | ||||
| 
 | ||||
| 更多資訊:[SSH 免密碼登入](http://www.linuxproblem.org/art_9.html)。 | ||||
| 
 | ||||
| > **注意:** 根據 SSH 版本,可能還需: | ||||
| > | ||||
| > - 將公鑰放入 `.ssh/authorized_keys2` | ||||
| > - 設定 `.ssh` 權限為 700 | ||||
| > - 設定 `.ssh/authorized_keys2` 權限為 640 | ||||
| 
 | ||||
| ### OpenSSH 相容性 | ||||
| 
 | ||||
| 若出現以下錯誤: | ||||
| 
 | ||||
| ```bash | ||||
| ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey] | ||||
| ``` | ||||
| 
 | ||||
| 在 Ubuntu 20.04+,你可能需明確允許 `ssh-rsa` 演算法。請於 OpenSSH 設定檔(`/etc/ssh/sshd_config` 或 `/etc/ssh/sshd_config.d/` 下的 drop-in 檔案)加入: | ||||
| 
 | ||||
| ```bash | ||||
| CASignatureAlgorithms +ssh-rsa | ||||
| ``` | ||||
| 
 | ||||
| 或直接使用預設支援的 ED25519 金鑰: | ||||
| 
 | ||||
| ```bash | ||||
| ssh-keygen -t ed25519 -a 200 -C "your_email@example.com" | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🛠️ 用法場景與進階範例 | ||||
| 
 | ||||
| 本節涵蓋常見與進階用法,包括多主機、代理、環境變數傳遞等。 | ||||
| 
 | ||||
| ### 使用密碼認證 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 執行遠端 SSH 指令(密碼認證) | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     password: ${{ secrets.PASSWORD }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script: whoami | ||||
| ``` | ||||
| 
 | ||||
| ### 使用私鑰認證 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 執行遠端 SSH 指令(私鑰認證) | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script: whoami | ||||
| ``` | ||||
| 
 | ||||
| ### 多條指令 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 多條指令 | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script: | | ||||
|       whoami | ||||
|       ls -al | ||||
| ``` | ||||
| 
 | ||||
|  | ||||
| 
 | ||||
| ### 從檔案執行指令 | ||||
| 
 | ||||
| ```yaml | ||||
| - name: 檔案指令 | ||||
|   uses: appleboy/ssh-action@v1 | ||||
|   with: | ||||
|     host: ${{ secrets.HOST }} | ||||
|     username: ${{ secrets.USERNAME }} | ||||
|     key: ${{ secrets.KEY }} | ||||
|     port: ${{ secrets.PORT }} | ||||
|     script_path: scripts/script.sh | ||||
| ``` | ||||
| 
 | ||||
| ### 多主機 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 多主機 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
| -     host: "foo.com" | ||||
| +     host: "foo.com,bar.com" | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| 預設 `port` 為 `22`。 | ||||
| 
 | ||||
| ### 多主機不同埠號 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 多主機 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
| -     host: "foo.com" | ||||
| +     host: "foo.com:1234,bar.com:5678" | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ### 多主機同步執行 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 多主機 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: "foo.com,bar.com" | ||||
| +     sync: true | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ### 傳遞環境變數到 shell 腳本 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: 傳遞環境變數 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
| +   env: | ||||
| +     FOO: "BAR" | ||||
| +     BAR: "FOO" | ||||
| +     SHA: ${{ github.sha }} | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     envs: FOO,BAR,SHA | ||||
|       script: | | ||||
|         echo "I am $FOO" | ||||
|         echo "I am $BAR" | ||||
|         echo "sha: $SHA" | ||||
| ``` | ||||
| 
 | ||||
| > _`env` 物件中的所有環境變數必須為字串。傳遞整數或其他型別可能導致非預期結果。_ | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🌐 代理與跳板機用法 | ||||
| 
 | ||||
| 你可以透過代理(跳板機)連線到遠端主機,適用於進階網路拓撲。 | ||||
| 
 | ||||
| ```bash | ||||
| +--------+       +----------+      +-----------+ | ||||
| | Laptop | <-->  | Jumphost | <--> | FooServer | | ||||
| +--------+       +----------+      +-----------+ | ||||
| ``` | ||||
| 
 | ||||
| 範例 `~/.ssh/config`: | ||||
| 
 | ||||
| ```bash | ||||
| Host Jumphost | ||||
|   HostName Jumphost | ||||
|   User ubuntu | ||||
|   Port 22 | ||||
|   IdentityFile ~/.ssh/keys/jump_host.pem | ||||
| 
 | ||||
| Host FooServer | ||||
|   HostName FooServer | ||||
|   User ubuntu | ||||
|   Port 22 | ||||
|   ProxyCommand ssh -q -W %h:%p Jumphost | ||||
| ``` | ||||
| 
 | ||||
| **GitHub Actions YAML:** | ||||
| 
 | ||||
| ```diff | ||||
|   - name: SSH 代理指令 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     proxy_host: ${{ secrets.PROXY_HOST }} | ||||
| +     proxy_username: ${{ secrets.PROXY_USERNAME }} | ||||
| +     proxy_key: ${{ secrets.PROXY_KEY }} | ||||
| +     proxy_port: ${{ secrets.PROXY_PORT }} | ||||
|       script: | | ||||
|         mkdir abc/def | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🛡️ 安全最佳實踐 | ||||
| 
 | ||||
| ### 保護你的私鑰 | ||||
| 
 | ||||
| 密碼短語會加密你的私鑰,即使外洩也無法被攻擊者直接利用。請務必妥善保管私鑰。 | ||||
| 
 | ||||
| ```diff | ||||
|   - name: SSH 私鑰密碼 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     passphrase: ${{ secrets.PASSPHRASE }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| ### 主機指紋驗證 | ||||
| 
 | ||||
| 驗證 SSH 主機指紋有助於防止中間人攻擊。取得主機指紋(將 `ed25519` 換成你的金鑰型別,`example.com` 換成你的主機): | ||||
| 
 | ||||
| ```sh | ||||
| ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2 | ||||
| ``` | ||||
| 
 | ||||
| 更新設定: | ||||
| 
 | ||||
| ```diff | ||||
|   - name: SSH 私鑰密碼 | ||||
|     uses: appleboy/ssh-action@v1 | ||||
|     with: | ||||
|       host: ${{ secrets.HOST }} | ||||
|       username: ${{ secrets.USERNAME }} | ||||
|       key: ${{ secrets.KEY }} | ||||
|       port: ${{ secrets.PORT }} | ||||
| +     fingerprint: ${{ secrets.FINGERPRINT }} | ||||
|       script: | | ||||
|         whoami | ||||
|         ls -al | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🚨 錯誤處理與疑難排解 | ||||
| 
 | ||||
| ### 常見問題 | ||||
| 
 | ||||
| #### 指令找不到(npm 或其他指令) | ||||
| 
 | ||||
| 若遇到 "command not found" 錯誤,請參考 [此討論](https://github.com/appleboy/ssh-action/issues/31#issuecomment-1006565847) 了解互動式與非互動式 shell 差異。 | ||||
| 
 | ||||
| 許多 Linux 發行版的 `/etc/bash.bashrc` 包含如下內容: | ||||
| 
 | ||||
| ```sh | ||||
| # If not running interactively, don't do anything | ||||
| [ -z "$PS1" ] && return | ||||
| ``` | ||||
| 
 | ||||
| 請將該行註解掉或使用指令的絕對路徑。 | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 🤝 貢獻 | ||||
| 
 | ||||
| 歡迎貢獻!請提交 Pull Request 改善 `appleboy/ssh-action`。 | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## 📝 授權 | ||||
| 
 | ||||
| 本專案採用 [MIT License](LICENSE) 授權。 | ||||
							
								
								
									
										154
									
								
								action.yml
								
								
								
								
							
							
						
						
									
										154
									
								
								action.yml
								
								
								
								
							|  | @ -1,77 +1,145 @@ | |||
| name: 'SSH Remote Commands' | ||||
| description: 'Executing remote ssh commands' | ||||
| author: 'Bo-Yi Wu' | ||||
| name: "SSH Remote Commands" | ||||
| description: "Executing remote ssh commands" | ||||
| author: "Bo-Yi Wu" | ||||
| inputs: | ||||
|   host: | ||||
|     description: 'ssh host' | ||||
|     description: "SSH host address or IP to connect to." | ||||
|   port: | ||||
|     description: 'ssh port' | ||||
|     default: 22 | ||||
|     description: "SSH port number for the connection." | ||||
|     default: "22" | ||||
|   passphrase: | ||||
|     description: 'ssh key passphrase' | ||||
|     description: "Passphrase to decrypt the SSH private key if protected." | ||||
|   username: | ||||
|     description: 'ssh username' | ||||
|     description: "SSH username for authentication on the remote server." | ||||
|   password: | ||||
|     description: 'ssh password' | ||||
|     description: "SSH password for authentication (use secrets for sensitive data)." | ||||
|   protocol: | ||||
|     description: 'IP protocol version to use. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).' | ||||
|     default: "tcp" | ||||
|   sync: | ||||
|     description: 'synchronous execution if multiple hosts' | ||||
|     default: false | ||||
|     description: "When true, executes commands synchronously across multiple hosts (one after another)." | ||||
|   use_insecure_cipher: | ||||
|     description: 'include more ciphers with use_insecure_cipher' | ||||
|     default: false | ||||
|     description: "Enable additional legacy ciphers that might be less secure but more compatible with older systems." | ||||
|   cipher: | ||||
|     description: 'the allowed cipher algorithms. If unspecified then a sensible' | ||||
|     description: "Specify custom cipher algorithms for encryption. Leave empty to use secure defaults." | ||||
|   timeout: | ||||
|     description: 'timeout for ssh to host' | ||||
|     description: "Maximum time to wait when establishing the SSH connection, e.g., '30s', '1m'." | ||||
|     default: "30s" | ||||
|   command_timeout: | ||||
|     description: 'timeout for ssh command' | ||||
|     description: "Maximum execution time for the remote commands before terminating, e.g., '10m', '1h'." | ||||
|     default: "10m" | ||||
|   key: | ||||
|     description: 'content of ssh private key. ex raw content of ~/.ssh/id_rsa' | ||||
|     description: "Raw content of the SSH private key for authentication (use secrets for sensitive data)." | ||||
|   key_path: | ||||
|     description: 'path of ssh private key' | ||||
|     description: "Path to the SSH private key file on the runner." | ||||
|   fingerprint: | ||||
|     description: 'sha256 fingerprint of the host public key' | ||||
|     description: "SHA256 fingerprint of the host public key for verification to prevent MITM attacks." | ||||
|   proxy_host: | ||||
|     description: 'ssh proxy host' | ||||
|     description: "Proxy server hostname or IP if connecting through an SSH jump host." | ||||
|   proxy_port: | ||||
|     description: 'ssh proxy port' | ||||
|     default: 22 | ||||
|     description: "SSH port number for the proxy connection." | ||||
|     default: "22" | ||||
|   proxy_username: | ||||
|     description: 'ssh proxy username' | ||||
|     description: "Username for authentication on the proxy server." | ||||
|   proxy_password: | ||||
|     description: 'ssh proxy password' | ||||
|     description: "Password for authentication on the proxy server (use secrets for sensitive data)." | ||||
|   proxy_protocol: | ||||
|     description: 'IP protocol version for proxy. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).' | ||||
|     default: "tcp" | ||||
|   proxy_passphrase: | ||||
|     description: 'ssh proxy key passphrase' | ||||
|     description: "Passphrase to decrypt the proxy SSH private key if protected." | ||||
|   proxy_timeout: | ||||
|     description: 'timeout for ssh to proxy host' | ||||
|     description: "Maximum time to wait when establishing the proxy SSH connection, e.g., '30s', '1m'." | ||||
|     default: "30s" | ||||
|   proxy_key: | ||||
|     description: 'content of ssh proxy private key. ex raw content of ~/.ssh/id_rsa' | ||||
|     description: "Raw content of the SSH proxy private key for authentication (use secrets for sensitive data)." | ||||
|   proxy_key_path: | ||||
|     description: 'path of ssh proxy private key' | ||||
|     description: "Path to the SSH proxy private key file on the runner." | ||||
|   proxy_fingerprint: | ||||
|     description: 'sha256 fingerprint of the proxy host public key' | ||||
|     description: "SHA256 fingerprint of the proxy host public key for verification." | ||||
|   proxy_cipher: | ||||
|     description: 'the allowed cipher algorithms. If unspecified then a sensible' | ||||
|     description: "Specify custom cipher algorithms for proxy connection encryption." | ||||
|   proxy_use_insecure_cipher: | ||||
|     description: 'include more ciphers with use_insecure_cipher' | ||||
|     default: false | ||||
|     description: "Enable additional legacy ciphers for proxy connections (less secure but more compatible)." | ||||
|   script: | ||||
|     description: 'execute commands' | ||||
|   script_stop: | ||||
|     description: 'stop script after first failure' | ||||
|     default: false | ||||
|     description: "Commands to execute on the remote server (inline script string)." | ||||
|   script_path: | ||||
|     description: "Path to a local file containing commands to execute on the remote server." | ||||
|   envs: | ||||
|     description: 'pass environment variable to shell script' | ||||
|     description: "Environment variables to expose to the remote script, format: key=value,key2=value2." | ||||
|   envs_format: | ||||
|     description: "Format specification for environment variable transfer (for advanced usage)." | ||||
|   debug: | ||||
|     description: 'enable debug mode' | ||||
|     default: false | ||||
|     description: "Set to true to enable verbose logging for troubleshooting connection issues." | ||||
|   allenvs: | ||||
|     description: "When true, passes all GitHub Actions environment variables to the remote script." | ||||
|   request_pty: | ||||
|     description: "Request a pseudo-terminal from the server (required for interactive commands or sudo)." | ||||
|   curl_insecure: | ||||
|     description: "When true, uses the --insecure option with curl for insecure downloads." | ||||
|     default: "false" | ||||
|   capture_stdout: | ||||
|     description: "When true, captures and returns standard output from the commands as action output." | ||||
|     default: "false" | ||||
|   version: | ||||
|     description: | | ||||
|       The version of drone-ssh to use. | ||||
| 
 | ||||
| outputs: | ||||
|   stdout: | ||||
|     description: "Standard output of the executed commands when capture_stdout is enabled." | ||||
|     value: ${{ steps.entrypoint.outputs.stdout }} | ||||
| 
 | ||||
| runs: | ||||
|   using: 'docker' | ||||
|   image: 'Dockerfile' | ||||
|   using: "composite" | ||||
|   steps: | ||||
|     - name: Set GitHub Path | ||||
|       run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH | ||||
|       shell: bash | ||||
|       env: | ||||
|         GITHUB_ACTION_PATH: ${{ github.action_path }} | ||||
|     - id: entrypoint | ||||
|       name: Run entrypoint.sh | ||||
|       run: entrypoint.sh | ||||
|       shell: bash | ||||
|       env: | ||||
|         GITHUB_ACTION_PATH: ${{ github.action_path }} | ||||
|         INPUT_HOST: ${{ inputs.host }} | ||||
|         INPUT_PORT: ${{ inputs.port }} | ||||
|         INPUT_PROTOCOL: ${{ inputs.protocol }} | ||||
|         INPUT_USERNAME: ${{ inputs.username }} | ||||
|         INPUT_PASSWORD: ${{ inputs.password }} | ||||
|         INPUT_PASSPHRASE: ${{ inputs.passphrase }} | ||||
|         INPUT_KEY: ${{ inputs.key }} | ||||
|         INPUT_KEY_PATH: ${{ inputs.key_path }} | ||||
|         INPUT_FINGERPRINT: ${{ inputs.fingerprint }} | ||||
|         INPUT_PROXY_HOST: ${{ inputs.proxy_host }} | ||||
|         INPUT_PROXY_PORT: ${{ inputs.proxy_port }} | ||||
|         INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }} | ||||
|         INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }} | ||||
|         INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }} | ||||
|         INPUT_PROXY_KEY: ${{ inputs.proxy_key }} | ||||
|         INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }} | ||||
|         INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }} | ||||
|         INPUT_TIMEOUT: ${{ inputs.timeout }} | ||||
|         INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }} | ||||
|         INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }} | ||||
|         INPUT_SCRIPT: ${{ inputs.script }} | ||||
|         INPUT_SCRIPT_FILE: ${{ inputs.script_path }} | ||||
|         INPUT_ENVS: ${{ inputs.envs }} | ||||
|         INPUT_ENVS_FORMAT: ${{ inputs.envs_format }} | ||||
|         INPUT_DEBUG: ${{ inputs.debug }} | ||||
|         INPUT_ALL_ENVS: ${{ inputs.allenvs }} | ||||
|         INPUT_REQUEST_PTY: ${{ inputs.request_pty }} | ||||
|         INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }} | ||||
|         INPUT_CIPHER: ${{ inputs.cipher }} | ||||
|         INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }} | ||||
|         INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }} | ||||
|         INPUT_SYNC: ${{ inputs.sync }} | ||||
|         INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }} | ||||
|         INPUT_CURL_INSECURE: ${{ inputs.curl_insecure }} | ||||
|         DRONE_SSH_VERSION: ${{ inputs.version }} | ||||
| 
 | ||||
| branding: | ||||
|   icon: 'terminal' | ||||
|   color: 'gray-dark' | ||||
|   icon: "terminal" | ||||
|   color: "gray-dark" | ||||
|  |  | |||
|  | @ -1,7 +1,56 @@ | |||
| #!/bin/sh | ||||
| #!/usr/bin/env bash | ||||
| 
 | ||||
| set -eu | ||||
| set -euo pipefail | ||||
| 
 | ||||
| export GITHUB="true" | ||||
| 
 | ||||
| sh -c "/bin/drone-ssh $*" | ||||
| GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}" | ||||
| DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}" | ||||
| DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.8.1}" | ||||
| 
 | ||||
| function log_error() { | ||||
|   echo "$1" >&2 | ||||
|   exit "$2" | ||||
| } | ||||
| 
 | ||||
| function detect_client_info() { | ||||
|   CLIENT_PLATFORM="${SSH_CLIENT_OS:-$(uname -s | tr '[:upper:]' '[:lower:]')}" | ||||
|   CLIENT_ARCH="${SSH_CLIENT_ARCH:-$(uname -m)}" | ||||
| 
 | ||||
|   case "${CLIENT_PLATFORM}" in | ||||
|   darwin | linux | windows) ;; | ||||
|   *) log_error "Unknown or unsupported platform: ${CLIENT_PLATFORM}. Supported platforms are Linux, Darwin, and Windows." 2 ;; | ||||
|   esac | ||||
| 
 | ||||
|   case "${CLIENT_ARCH}" in | ||||
|   x86_64* | i?86_64* | amd64*) CLIENT_ARCH="amd64" ;; | ||||
|   aarch64* | arm64*) CLIENT_ARCH="arm64" ;; | ||||
|   *) log_error "Unknown or unsupported architecture: ${CLIENT_ARCH}. Supported architectures are x86_64, i686, and arm64." 3 ;; | ||||
|   esac | ||||
| } | ||||
| 
 | ||||
| detect_client_info | ||||
| DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}" | ||||
| CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}" | ||||
| TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}" | ||||
| echo "Downloading ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}" | ||||
| INSECURE_OPTION="" | ||||
| if [[ "${INPUT_CURL_INSECURE}" == 'true' ]]; then | ||||
|   INSECURE_OPTION="--insecure" | ||||
| fi | ||||
| 
 | ||||
| curl -fsSL --retry 5 --keepalive-time 2 ${INSECURE_OPTION} "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}" | ||||
| chmod +x "${TARGET}" | ||||
| 
 | ||||
| echo "======= CLI Version Information =======" | ||||
| "${TARGET}" --version | ||||
| echo "=======================================" | ||||
| if [[ "${INPUT_CAPTURE_STDOUT}" == 'true' ]]; then | ||||
|   { | ||||
|     echo 'stdout<<EOF' | ||||
|     "${TARGET}" "$@" | tee -a "${GITHUB_OUTPUT}" | ||||
|     echo 'EOF' | ||||
|   } >>"${GITHUB_OUTPUT}" | ||||
| else | ||||
|   "${TARGET}" "$@" | ||||
| fi | ||||
|  |  | |||
|  | @ -0,0 +1,7 @@ | |||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||||
| b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW | ||||
| QyNTUxOQAAACDoi7FltQCqpWporKh61nJUPIeazUYdzdstncoeU5XS2AAAAKBF5e2SReXt | ||||
| kgAAAAtzc2gtZWQyNTUxOQAAACDoi7FltQCqpWporKh61nJUPIeazUYdzdstncoeU5XS2A | ||||
| AAAEBrsLG1vSg08yaQgYM46KQW93Lz2ZikS1tTMH35gfHhpOiLsWW1AKqlamisqHrWclQ8 | ||||
| h5rNRh3N2y2dyh5TldLYAAAAFnlvdXJfZW1haWxAZXhhbXBsZS5jb20BAgMEBQYH | ||||
| -----END OPENSSH PRIVATE KEY----- | ||||
|  | @ -0,0 +1 @@ | |||
| ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiLsWW1AKqlamisqHrWclQ8h5rNRh3N2y2dyh5TldLY your_email@example.com | ||||
|  | @ -0,0 +1,39 @@ | |||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||||
| b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA5p9eRXu | ||||
| BJantF5ARnBfnqAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQCuWKQh09Vl | ||||
| v3IRu/+oK18ws72VQS7PCXJaIEp1L+7HqC/6+plizaVgd9SjAg0UJSqvp+WfpU5I53hevE | ||||
| 0Ip3s71Tsoeu1azWoi2Mbq3ycZ5ysh4htZZklKBkYsyW+2EdITPcmhA8rF+KiDRyuvk7fD | ||||
| o08G3YWgbCScY6VkLA06ReThCehAY54WNvgbx7lyvCWj1qYG0XjM7mTQHr3QN0JHJNdFaG | ||||
| 3MCi1rTG2hK/owOlzcesIbzfM1VMIQG5HT4vNg/ULP0BTZ7pGtdvWlvR/660KQwc1tBxLq | ||||
| xI1dYoCgiS/gMyPxhOtNKTvhR/NR7e2sp/StkXURIxTHhj0KjKbnpXTQ2IndnesHAG9kDJ | ||||
| 7c31SXastWpbXWhCIdRZk+KQsnmwobZlw3w1vfx2Dm7M2ZCcCgG/ArUPjY44nGOWO5Nz98 | ||||
| QHyz3IocsKJXrGVo/3YpNNu72jkw7UGVMqh1dAe3ZMaCAC5pAAa0HKvkid7jdXawL2b//+ | ||||
| vsAPSHdnEjP58AAAWQCUj9ajDO6N0sI5jzkRxiMIaeDvP7Ns+cJtE1uxzrm7Ecgf7kBL2V | ||||
| 9Ru0gW1+ii3U/hPLkxwBwd3xvoc1Xy+n+c7D6bQVviv1lsbY1uPzxGR3fUfRCu2M1D8OEH | ||||
| vol7jvFAZmtrpgy3gY45k2lbsY368bIJ+hYIqeHRqFsD+SyM/xSnj5/bZNvNrc+kHikiA3 | ||||
| uVSvXe9oWVNm3hxLDppYPEYkORERHx9EWh5sruLwoM2NW6qwE+wGw0Vx1AuA7cNszDdmMs | ||||
| qJFq0n5cQ78E3q0V49e0FOBjMoSJBxdQRHRz2al9MzJlcVVs5LGwmgVH0ur0V9QR8zv2Pv | ||||
| ZV6r+H9mMo2eCtUDlKUXlCnfgwDP0ghXysFKSDLzXNEPrddmvzQeWA973fcguniLLq7Gbw | ||||
| gpHSuP/vqVqtQQbXEdozgUl666SXC7GdPqaA5YsfGIJ4Ank3/Vjb3hc0/hElx4O0fEn18E | ||||
| TWbd9o6v70mNbu3LjeJPNDwODMGn9GC3kRtSc5bU0A8YAM+gFaeytrz2W/vCe3EST8VBcQ | ||||
| UtvYqGG/zGJhV8+OYoIZZQQkyCmTt0i4nTCJAMUnZ+pgY6YJk+UdBGhLvwNBtl4Z1nQKSA | ||||
| hcBBo6T08bQfe/HmVs4dcwBO956qiOX/QjHDLew81MfpvjZ2kGD5Hp/qhieUdJ3IiUEsOC | ||||
| FQC01JeEJlkEqd2jqBR/9RDnK7O8gTR0AA858L+MftN4nN2h2UkGjWMWSbkmwGMqyRGfRa | ||||
| TJeg5njxYJVcRlWZ/KvNPxis8wIuCaRMbPT2WpHsRr1lY3s4IzFn+EMCkybHZArQVYtl1O | ||||
| iGXYjpxe+cOc02PM1aKlUfCQfsr0CrXwwGzIQ73uXVSQgP5pQdV3iN/57+5aiH8F9D7X3n | ||||
| p5QJzBuLGvhUDWqqwbwWy+81k3Y8rHXNfhVSlRmtGJXAPqpw0PCyquySJNwogi4rBkg0jF | ||||
| xuqvimvhNcWzF7yf+fnYa6H+N8PavH32HRM50AYyWPyKWBp3Syri0P54cnkBjKTjTKGYA6 | ||||
| 4KwizazsbOMY5kp0UAmgX6XyM5OSROtxUp4P6T20okjKaSzamgMBKZULP/b768l4UYRgFe | ||||
| uohg2/9A1fwYB/K8I+V7Qw9079JvAG05eIOgce3Dd+bXoH6j/Ylmk5Gj7LzhEXtMz3NEpj | ||||
| LCg8tx0YFpuyoCaRlqOnsZCpc1EnL0UyMguCh9ADTG9h6V3Xf2j2Q94rKvAc4ZrBtj6qXT | ||||
| BIfGsBIA7vA1KnKHB9oOFQZ26iRU7oTAunAQvSKF7/7luTqONoni6U/RpvERT/KeeIDSxz | ||||
| uzFQ+apy/PTESSUtutpnTug6rexwrPb6ugJipag8ebNWVdOgaNBUL8wciW4lN8YkzjhXMw | ||||
| xHB0PUuSXcBuuPDQuYZk84dpXxM10fWwuCTMlH1bXatSQhtRVbjVJIDXnnYpQKtuURiwMm | ||||
| j4WLEt10hvu6t4aNJzzVY80/iLMb4ZGQgHotrjFfx9nzwe3SioINPaxRIb3m2gTsi8Nr/p | ||||
| Y5zNjV9NOjONktUjLznRpfY/yBxOtPe9lxnaKfniRTK5HjBbi8hmei9G8lIHV9qyhpURYM | ||||
| 1EdZB86uZWJOaRA8/fpwt8z2stmpKpuGFQOSgr7W5JQWSFeTAMYPoafsm0PD1zSyw7j1wE | ||||
| DWlmUAzpMirSnPUQndR8IcF7fZmI8J1g30eIFTQpoTDCyoiegkOXHa9HyWwmEAwws1PCWZ | ||||
| a5Viw6XLJI3tahSNhZzdY/UNFikuO8AuIDXykBM7riaqK4PADtmGY88QGWXQbw5xxWtH6r | ||||
| Wwk4KzDL9UFeCMSiQo//e+kg/mPLml6Sa4THOzP3iOmx810JoMDmF/jvtpC+ew5HpPPtg4 | ||||
| h55pSap77CEhEhE5FPZKuH9f7/E= | ||||
| -----END OPENSSH PRIVATE KEY----- | ||||
|  | @ -0,0 +1 @@ | |||
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuWKQh09Vlv3IRu/+oK18ws72VQS7PCXJaIEp1L+7HqC/6+plizaVgd9SjAg0UJSqvp+WfpU5I53hevE0Ip3s71Tsoeu1azWoi2Mbq3ycZ5ysh4htZZklKBkYsyW+2EdITPcmhA8rF+KiDRyuvk7fDo08G3YWgbCScY6VkLA06ReThCehAY54WNvgbx7lyvCWj1qYG0XjM7mTQHr3QN0JHJNdFaG3MCi1rTG2hK/owOlzcesIbzfM1VMIQG5HT4vNg/ULP0BTZ7pGtdvWlvR/660KQwc1tBxLqxI1dYoCgiS/gMyPxhOtNKTvhR/NR7e2sp/StkXURIxTHhj0KjKbnpXTQ2IndnesHAG9kDJ7c31SXastWpbXWhCIdRZk+KQsnmwobZlw3w1vfx2Dm7M2ZCcCgG/ArUPjY44nGOWO5Nz98QHyz3IocsKJXrGVo/3YpNNu72jkw7UGVMqh1dAe3ZMaCAC5pAAa0HKvkid7jdXawL2b//+vsAPSHdnEjP58= mtk10671@NB22040567 | ||||
|  | @ -0,0 +1,27 @@ | |||
| -----BEGIN RSA PRIVATE KEY----- | ||||
| MIIEpAIBAAKCAQEA4e2D/qPN08pzTac+a8ZmlP1ziJOXk45CynMPtva0rtK/RB26 | ||||
| VbfAF0hIJji7ltvnYnqCU9oFfvEM33cTn7T96+od8ib/Vz25YU8ZbstqtIskPuwC | ||||
| bv3K0mAHgsviJyRD7yM+QKTbBQEgbGuW6gtbMKhiYfiIB4Dyj7AdS/fk3v26wDgz | ||||
| 7SHI5OBqu9bv1KhxQYdFEnU3PAtAqeccgzNpbH3eYLyGzuUxEIJlhpZ/uU2G9ppj | ||||
| /cSrONVPiI8Ahi4RrlZjmP5l57/sq1ClGulyLpFcMw68kP5FikyqHpHJHRBNgU57 | ||||
| 1y0Ph33SjBbs0haCIAcmreWEhGe+/OXnJe6VUQIDAQABAoIBAH97emORIm9DaVSD | ||||
| 7mD6DqA7c5m5Tmpgd6eszU08YC/Vkz9oVuBPUwDQNIX8tT0m0KVs42VVPIyoj874 | ||||
| bgZMJoucC1G8V5Bur9AMxhkShx9g9A7dNXJTmsKilRpk2TOk7wBdLp9jZoKoZBdJ | ||||
| jlp6FfaazQjjKD6zsCsMATwAoRCBpBNsmT6QDN0n0bIgY0tE6YGQaDdka0dAv68G | ||||
| R0VZrcJ9voT6+f+rgJLoojn2DAu6iXaM99Gv8FK91YCymbQlXXgrk6CyS0IHexN7 | ||||
| V7a3k767KnRbrkqd3o6JyNun/CrUjQwHs1IQH34tvkWScbseRaFehcAm6mLT93RP | ||||
| muauvMECgYEA9AXGtfDMse0FhvDPZx4mx8x+vcfsLvDHcDLkf/lbyPpu97C27b/z | ||||
| ia07bu5TAXesUZrWZtKA5KeRE5doQSdTOv1N28BEr8ZwzDJwfn0DPUYUOxsN2iIy | ||||
| MheO5A45Ko7bjKJVkZ61Mb1UxtqCTF9mqu9R3PBdJGthWOd+HUvF460CgYEA7QRf | ||||
| Z8+vpGA+eSuu29e0xgRKnRzed5zXYpcI4aERc3JzBgO4Z0er9G8l66OWVGdMfpe6 | ||||
| CBajC5ToIiT8zqoYxXwqJgN+glir4gJe3mm8J703QfArZiQrdk0NTi5bY7+vLLG/ | ||||
| knTrtpdsKih6r3kjhuPPaAsIwmMxIydFvATKjLUCgYEAh/y4EihRSk5WKC8GxeZt | ||||
| oiZ58vT4z+fqnMIfyJmD5up48JuQNcokw/LADj/ODiFM7GUnWkGxBrvDA3H67WQm | ||||
| 49bJjs8E+BfUQFdTjYnJRlpJZ+7Zt1gbNQMf5ENw5CCchTDqEq6pN0DVf8PBnSIF | ||||
| KvkXW9KvdV5J76uCAn15mDkCgYA1y8dHzbjlCz9Cy2pt1aDfTPwOew33gi7U3skS | ||||
| RTerx29aDyAcuQTLfyrROBkX4TZYiWGdEl5Bc7PYhCKpWawzrsH2TNa7CRtCOh2E | ||||
| R+V/84+GNNf04ALJYCXD9/ugQVKmR1XfDRCvKeFQFE38Y/dvV2etCswbKt5tRy2p | ||||
| xkCe/QKBgQCkLqafD4S20YHf6WTp3jp/4H/qEy2X2a8gdVVBi1uKkGDXr0n+AoVU | ||||
| ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1 | ||||
| 7XC9wlRna4b3Ln8ew3q1ZcBjXwD4ppbTlmwAfQIaZTGJUgQbdsO9YA== | ||||
| -----END RSA PRIVATE KEY----- | ||||
|  | @ -0,0 +1 @@ | |||
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDh7YP+o83TynNNpz5rxmaU/XOIk5eTjkLKcw+29rSu0r9EHbpVt8AXSEgmOLuW2+dieoJT2gV+8QzfdxOftP3r6h3yJv9XPblhTxluy2q0iyQ+7AJu/crSYAeCy+InJEPvIz5ApNsFASBsa5bqC1swqGJh+IgHgPKPsB1L9+Te/brAODPtIcjk4Gq71u/UqHFBh0USdTc8C0Cp5xyDM2lsfd5gvIbO5TEQgmWGln+5TYb2mmP9xKs41U+IjwCGLhGuVmOY/mXnv+yrUKUa6XIukVwzDryQ/kWKTKoekckdEE2BTnvXLQ+HfdKMFuzSFoIgByat5YSEZ7785ecl7pVR drone-scp@localhost | ||||
|  | @ -0,0 +1,50 @@ | |||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||||
| b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAZka7A7i | ||||
| FscMeJBPyPteclAAAAEAAAAAEAAAIXAAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2o | ||||
| nnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mh | ||||
| HBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+ | ||||
| rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMG | ||||
| vX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv | ||||
| 9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOr | ||||
| b93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mr | ||||
| D2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jI | ||||
| NHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE | ||||
| 3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpv | ||||
| jwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQAAB1CnEMQGwAKZbd3F1DJqwfPf | ||||
| KWjoUJKbTRiav6h5pQr65JaqDe/7YE2ZHYo5917AC2vPLwPxAnoHFMsbObd5mWcmpATg/0 | ||||
| K/qkN5Z4Ml5U3bwr51wfSPh1MiAP21Aickt09BDstIJzNNwwgcY31O3k/d6VBjqyM6Ezop | ||||
| 66LI4s/IIni1BI+cALyEfzE4Qu16GfzIeM+JVxildP4VImhvNBESmmbBL8rNmSzlQ+FTuF | ||||
| JVmowUbcon1O0CppM1MRVPeG805XDwjxHXKwOp5O7MdTz7H8JeORoe8D6+4rNfJE0eQGY7 | ||||
| Nm4+Wa97HzAFbT9IS433rxoGx9Qps3LAySFONso2JWSOEfo8rxnqO04DrfVHQhY3DkkwQt | ||||
| FsDnMtkthJa+ZzUYc75fnS0DBPGuF9DZUCqrev5oAUHP6C4Vc4b33JJQD4FZJ+ehk3Xsci | ||||
| cwJQsmgLyc5Jdh543Dm7kZoM9ku7HDNrB4H/1p45Vo6aBZMAY50x+fTdBeTgCzzhzzTbf+ | ||||
| 0IF8W3yW3/BYD+S2Byo3JKp6NH0Q8cgPJrGTl6GltGfpVuc6kLjMZ5zvxRbyWaqtIygM46 | ||||
| W1izbA+9jwbHhitCtOk42e/ff6iEB1MVC13LqPty3gPNR8Pv0rDUDjJS4KiVwXqUY+bMr0 | ||||
| C8l/hx93euHjLUJ49Ru6uy/2fBlHZEj6GmEAJhu/i6t2c1Rq0HBLis9X356oQT+YZnIai2 | ||||
| ym0MknPxjeYBAItOV3zhRd1cYnk7CDcl1XALcnh0tqP712x24IJ+Ytqg7nvB2NZV8T469I | ||||
| 8Fp254Nr89HOMAXaZD0UcIPm7D2rfWV+YJFI3ZcJ/8DM99H3tpXe2j4oHMdmAbBd++09sx | ||||
| KBRdFLcvnBfd1lqwxpA7hbxzrxi/yehYCqzh5KQGaf2UXej6TPiVzBWVYbp34cMZtsT6mF | ||||
| K8SS3l5TXoNK2DNEk30o8K3q+vngQpfC9GZ/id4B7LS/3ybellxemZHXQoU4PxDkLKt7jd | ||||
| AAsd5WO13dv3n/qgyu8iBRiFU+W66NX0RJGkp+lZMnta0YzukafM2n6GDn/r/Cx/y21PAi | ||||
| ah8i41ByI1QLI4m1r+bRHdUxAarS/XJw4tTSFiZu3zddMYrlzeG9O3VUX9zBvBtfQbSmeJ | ||||
| omml0zlr/qD7TMsORiujy7XIn7sMW+Ls/NA8TvX8oRnACjXe/MYNEZ8WDu2rkZuY/Dfc+o | ||||
| NyYWO7kZ3kcejQZ1NusJSA7MG0FFGYSIaC9T9CWqYd5IcRSJW4dZnCt9z8CIJ6TSUFqMb/ | ||||
| H1Y5Rmi0IIX+8qbGGXVBDIBk5y9xtS43+nz1nsdXwDmkTiXN9+ZX+GDsLxCWoHGryrWDbk | ||||
| EuOAlqpvxFKzEkNsx+AC5wae6i/hBeiEce9bm4nZp+hFv1ic1Z9WS8B37YOFgJ4utGeOjB | ||||
| 6hnywUUJ3aH0LnCQNB3UzeFR7BmEaxmYD/phJodmjA5SD3CWpeizdXfrUjtqXGhYlr2jzq | ||||
| vBAeeYEO4uaHIGxg8GqoqtaseqVcIdtouHxrVAxxXkjShV2ji7oJ/AtrLZNlkKYxMk0TpX | ||||
| fFiKqL/uKfS78FfvVOhOkHZTD6ZeMgmdL/uOghEAtrf08ChyRvdp7QLjA802aio9eUVIQm | ||||
| lHb1ltPEbIZNuvQ5kTIwk2eM6EAkOh0MBMoAYOxOpIb00XHNRDGJYuLewByjMQa8EoT6VM | ||||
| NoiFIzJU9lLAXE6yz6JswctpTpLHK9Aq5vY7ObaOvrmpCQqsXfOuVUo2nR/FyEes97zuXG | ||||
| E4aKaHK4IAW4UY/oGYk7pU/yRpudhiNRMXzmcQXfVmBEHuvDrh2chg8lDYn++07F7RWqkI | ||||
| nfMAOWR8UEl4xp4zJtThDjRxNW6QLl8E1ADjndA9wVaKNSzv2i1TLXKBr5luFqY9MSJ2rm | ||||
| yBR5EwairH/Qn9TUxaDD+0p6J+E9iz1l8UPTJa/cjtwiySljahY/6tHHnr9YQVnox92yfU | ||||
| UXpfINGjYrpqh6EFwmyRw9fryIMvMhgZYo6ZoCRBCK2GfGAB0VTzJy2FGs4GecZK5ptXKu | ||||
| sOX8BgGX/Q/nAJ7PWf9hgYlX2YyjmLjQZDMWECp05VFx9znEETNKlwF1FX5/E/37ISyz4d | ||||
| I1LVSKOEccJX7jCR32LzvRW1UBX47Z+q3LVE4sa0QAV/JoISq6Qn6zAsVIV0yEPmVbd/xx | ||||
| aX2uBUGHhmd99YJDh81xJIoYEMRzoGVfp0JjfYcDUc+2I6JdrOMF9/KmMA5wsZl4OKiu/F | ||||
| cTRGjUkgw/cF2EFRGWknee2esYRB7tOr4y56qZ4gxqw8q9rYXhyB42jbdTvt5xcCm/ynid | ||||
| sn4InokRRoIiMIPL5Ur7FZQHOP+915MWUBsrTJtkCWQuqJheYUi3mCzh/7NadAKplRpaKb | ||||
| rS/DJIOOkjnGni/sDxJzPq7STDBVy4WStwQl6NI5hq+/c+JvN9GI4Vu/kz0z8qUcdShLaH | ||||
| l4njcaMpg4tpQMHtCBOicGyV0= | ||||
| -----END OPENSSH PRIVATE KEY----- | ||||
|  | @ -0,0 +1 @@ | |||
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2onnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mhHBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMGvX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOrb93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mrD2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jINHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpvjwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQ== deploy@easyssh | ||||
|  | @ -0,0 +1,3 @@ | |||
| #!/usr/bin/env bash | ||||
| set -e | ||||
| whoami | ||||
		Loading…
	
		Reference in New Issue