actions/ssh-action
1
1
Fork 0
mirror of https://github.com/appleboy/ssh-action.git synced 2025-03-28 14:46:19 +01:00
Code Issues Wiki Activity

Merge branch 'appleboy:master' into master

Browse source
This commit is contained in:
Jesse 2024-11-22 13:55:59 -07:00 committed by GitHub
commit fbf2b7866a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 203 additions and 129 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE/bug_report.md vendored
View file

@ -25,7 +25,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

9
.github/workflows/main.yml vendored
View file

@ -42,6 +42,15 @@ jobs:
set -e set -e
whoami whoami
- name: ssh commands from a file
uses: ./
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script_path: testdata/test.sh
check-ssh-key: check-ssh-key:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:

41
.github/workflows/stable.yml vendored
View file

@ -31,7 +31,7 @@ jobs:
sleep 2 sleep 2
- name: ssh by username and password - name: ssh by username and password
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -42,6 +42,15 @@ jobs:
set -e set -e
whoami whoami
- name: ssh commands from a file
uses: appleboy/ssh-action@v1.2.0
with:
host: ${{ env.REMOTE_HOST }}
username: linuxserver.io
password: password
port: 2222
script_path: testdata/test.sh
check-ssh-key: check-ssh-key:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
@ -86,7 +95,7 @@ jobs:
sleep 2 sleep 2
- name: ssh by private key - name: ssh by private key
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -95,7 +104,7 @@ jobs:
script: whoami script: whoami
- name: wrong password but correct key - name: wrong password but correct key
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -105,7 +114,7 @@ jobs:
script: whoami script: whoami
- name: correct password but wrong key - name: correct password but wrong key
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -115,7 +124,7 @@ jobs:
script: whoami script: whoami
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
continue-on-error: true continue-on-error: true
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
@ -174,7 +183,7 @@ jobs:
sleep 2 sleep 2
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -186,7 +195,7 @@ jobs:
ls -al ls -al
- name: missing ssh key passphrase - name: missing ssh key passphrase
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
continue-on-error: true continue-on-error: true
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
@ -199,7 +208,7 @@ jobs:
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271 # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines - name: Multiline SSH commands interpreted as single lines
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -277,7 +286,7 @@ jobs:
# https://github.com/appleboy/ssh-action/issues/85 # https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports - name: Deployment to multiple hosts with different ports
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222" host: "${{ env.REMOTE_HOST_01 }}:2222,${{ env.REMOTE_HOST_02 }}:2222"
username: linuxserver.io username: linuxserver.io
@ -331,7 +340,7 @@ jobs:
sleep 2 sleep 2
- name: testing id_ed25519 key - name: testing id_ed25519 key
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -384,7 +393,7 @@ jobs:
sleep 2 sleep 2
- name: testing id_ed25519 key - name: testing id_ed25519 key
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io
@ -395,7 +404,7 @@ jobs:
ls -al ls -al
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
env: env:
FOO: "BAR" FOO: "BAR"
with: with:
@ -409,7 +418,7 @@ jobs:
echo "I am $BAR, thanks" echo "I am $BAR, thanks"
- name: pass multiple environment - name: pass multiple environment
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
env: env:
FOO: "BAR" FOO: "BAR"
BAR: "FOO" BAR: "FOO"
@ -428,7 +437,7 @@ jobs:
echo "port: $PORT" echo "port: $PORT"
- name: custom envs format - name: custom envs format
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
env: env:
FOO: "BAR" FOO: "BAR"
AAA: "BBB" AAA: "BBB"
@ -446,7 +455,7 @@ jobs:
echo "I am $TEST_AAA, thanks" echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script - name: pass all ENV variables to script
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
env: env:
INPUT_FOO: "BAR" INPUT_FOO: "BAR"
INPUT_AAA: "BBB" INPUT_AAA: "BBB"
@ -463,7 +472,7 @@ jobs:
echo "$GITHUB_REF" echo "$GITHUB_REF"
- name: switch to root user - name: switch to root user
uses: appleboy/ssh-action@v1.0.3 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ env.REMOTE_HOST }} host: ${{ env.REMOTE_HOST }}
username: linuxserver.io username: linuxserver.io

55
README.md
View file

@ -3,15 +3,13 @@
[繁體中文](./README.zh-tw.md) [繁體中文](./README.zh-tw.md)
[简体中文](./README.zh-cn.md) [简体中文](./README.zh-cn.md)
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands. [GitHub Action](https://github.com/features/actions) for executing remote SSH commands.
![ssh workflow](./images/ssh-workflow.png) ![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions) [![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**Important**: Only support **Linux** [docker](https://www.docker.com/) container. This project is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
## Input variables ## Input variables
@ -35,6 +33,7 @@ See [action.yml](./action.yml) for more detailed information.
| fingerprint | SHA256 fingerprint of the host public key | | | fingerprint | SHA256 fingerprint of the host public key | |
| proxy_host | SSH proxy host | | | proxy_host | SSH proxy host | |
| proxy_port | SSH proxy port | 22 | | proxy_port | SSH proxy port | 22 |
| proxy_protocol | SSH proxy protocol version (tcp, tcp4, tcp6) | tcp |
| proxy_username | SSH proxy username | | | proxy_username | SSH proxy username | |
| proxy_password | SSH proxy password | | | proxy_password | SSH proxy password | |
| proxy_passphrase | SSH proxy key passphrase | | | proxy_passphrase | SSH proxy key passphrase | |
@ -45,16 +44,17 @@ See [action.yml](./action.yml) for more detailed information.
| proxy_cipher | Allowed cipher algorithms for the proxy | | | proxy_cipher | Allowed cipher algorithms for the proxy | |
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false | | proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
| script | Execute commands | | | script | Execute commands | |
| script_file | Execute commands from a file | |
| script_stop | Stop script after first failure | false | | script_stop | Stop script after first failure | false |
| envs | Pass environment variables to shell script | | | envs | Pass environment variables to shell script | |
| envs_format | Flexible configuration of environment value transfer | | | envs_format | Flexible configuration of environment value transfer | |
| debug | Enable debug mode | false | | debug | Enable debug mode | false |
| allenvs | pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false | | allenvs | Pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
| request_pty | Request a pseudo-terminal from the server | false | | request_pty | Request a pseudo-terminal from the server | false |
## Usage ## Usage
Executing remote ssh commands. Executing remote SSH commands.
```yaml ```yaml
name: remote ssh command name: remote ssh command
@ -66,10 +66,10 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: linuxserver.io
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
@ -81,7 +81,7 @@ output:
======CMD====== ======CMD======
whoami whoami
======END====== ======END======
out: *** linuxserver.io
=============================================== ===============================================
✅ Successfully executed commands to all hosts. ✅ Successfully executed commands to all hosts.
=============================================== ===============================================
@ -182,7 +182,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -195,7 +195,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -208,7 +208,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -221,11 +221,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
![result](./images/output-result.png) ![result](./images/output-result.png)
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### Multiple Hosts #### Multiple Hosts
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com,bar.com" + host: "foo.com,bar.com"
@ -243,7 +256,7 @@ The default value of `port` is `22`.
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com:1234,bar.com:5678" + host: "foo.com:1234,bar.com:5678"
@ -258,7 +271,7 @@ The default value of `port` is `22`.
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: "foo.com,bar.com" host: "foo.com,bar.com"
+ sync: true + sync: true
@ -274,7 +287,7 @@ The default value of `port` is `22`.
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
+ env: + env:
+ FOO: "BAR" + FOO: "BAR"
+ BAR: "FOO" + BAR: "FOO"
@ -299,7 +312,7 @@ _Inside `env` object, you need to pass every environment variable as a string, p
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -352,7 +365,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -375,7 +388,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -401,7 +414,7 @@ Now you can adjust you config:
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

42
README.zh-cn.md
View file

@ -4,9 +4,7 @@
![ssh workflow](./images/ssh-workflow.png) ![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions) [![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**注意**: 只支持在 **Linux** [docker](https://www.docker.com/) 容器上执行。
## 输入变量 ## 输入变量
@ -24,6 +22,7 @@
* `key_path` - SSH 私钥的路径 * `key_path` - SSH 私钥的路径
* `fingerprint` - 主机公钥的 SHA256 指纹,默认为跳过验证 * `fingerprint` - 主机公钥的 SHA256 指纹,默认为跳过验证
* `script` - 执行命令 * `script` - 执行命令
* `script_file` - 執行命令的文件
* `script_stop` - 当出现第一个错误时停止执行命令 * `script_stop` - 当出现第一个错误时停止执行命令
* `envs` - 传递环境变量到 shell script * `envs` - 传递环境变量到 shell script
* `debug` - 启用调试模式 * `debug` - 启用调试模式
@ -58,7 +57,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -157,7 +156,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -170,7 +169,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -183,7 +182,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -200,7 +199,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
- host: ”foo.com“ - host: ”foo.com“
+ host: ”foo.com,bar.com“ + host: ”foo.com,bar.com“
@ -212,11 +211,24 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
ls -al ls -al
``` ```
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### 多个不同端口的主机 #### 多个不同端口的主机
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
- host: ”foo.com“ - host: ”foo.com“
+ host: ”foo.com:1234,bar.com:5678“ + host: ”foo.com:1234,bar.com:5678“
@ -231,7 +243,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ”foo.com,bar.com“ host: ”foo.com,bar.com“
+ sync: true + sync: true
@ -247,7 +259,7 @@ ssh-keygen -t ed25519 -a 200 -C ”your_email@example.com“
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
+ env: + env:
+ FOO: ”BAR“ + FOO: ”BAR“
+ BAR: ”FOO“ + BAR: ”FOO“
@ -272,7 +284,7 @@ _在 `env` 对象中,您需要将每个环境变量作为字符串传递,传
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -325,7 +337,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -346,7 +358,7 @@ Host FooServer
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -372,7 +384,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ’
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

119
README.zh-tw.md
View file

@ -1,50 +1,58 @@
# 🚀 用於 GitHub Actions 的 SSH # 🚀 GitHub Actions 的 SSH
[GitHub Action](https://github.com/features/actions) for executing remote ssh commands. [English](./README.md)
[简体中文](./README.zh-cn.md)
[GitHub Action](https://github.com/features/actions) 用於執行遠端 SSH 命令。
![ssh workflow](./images/ssh-workflow.png) ![ssh workflow](./images/ssh-workflow.png)
[![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions) [![testing main branch](https://github.com/appleboy/ssh-action/actions/workflows/main.yml/badge.svg)](https://github.com/appleboy/ssh-action/actions/workflows/main.yml)
**注意**: 只支援在 **Linux** [docker](https://www.docker.com/) 容器上執行。 此專案使用 [Golang](https://go.dev) 和 [drone-ssh](https://github.com/appleboy/drone-ssh) 建立。🚀
## 輸入變數 ## 輸入變數
更詳細的資訊,請參閱 [action.yml](./action.yml)。 請參閱 [action.yml](./action.yml) 以獲取更詳細的信息
* `host` - SSH 主機 | 輸入參數 | 描述 | 預設值 |
* `port` - SSH 連接埠,預設為 `22` | ------------------------- | ----------------------------------------------------- | ------ |
* `username` - SSH 使用者名稱 | host | SSH 主機地址 | |
* `password` - SSH 密碼 | port | SSH 埠號 | 22 |
* `passphrase` - 通常用於加密私鑰的 passphrase | passphrase | SSH 金鑰密碼 | |
* `sync` - 同步執行多個主機上的命令,預設為 false | username | SSH 使用者名稱 | |
* `timeout` - SSH 連接到遠端主機的超時時間,預設為 `30s` | password | SSH 密碼 | |
* `command_timeout` - SSH 命令超時時間,預設為 10m | protocol | SSH 協議版本 (tcp, tcp4, tcp6) | tcp |
* `key` - SSH 私鑰的內容,例如 ~/.ssh/id_rsa 的原始內容,請記得包含 BEGIN 和 END 行 | sync | 如果有多個主機,啟用同步執行 | false |
* `key_path` - SSH 私鑰的路徑 | use_insecure_cipher | 包含更多不安全的加密算法 | false |
* `fingerprint` - 主機公鑰的 SHA256 指紋,預設為略過驗證 | cipher | 允許的加密算法。如果未指定,則使用合理的預設值 | |
* `script` - 執行命令 | timeout | SSH 連接主機的超時時間 | 30s |
* `script_stop` - 當出現第一個錯誤時停止執行命令 | command_timeout | SSH 命令的超時時間 | 10m |
* `envs` - 傳遞環境變數到 shell script | key | SSH 私鑰的內容。例如,~/.ssh/id_rsa 的原始內容 | |
* `debug` - 啟用偵錯模式 | key_path | SSH 私鑰的路徑 | |
* `use_insecure_cipher` - 使用不安全的密碼(ciphers)進行加密,參見 [#56](https://github.com/appleboy/ssh-action/issues/56) | fingerprint | 主機公鑰的 SHA256 指紋 | |
* `cipher` - 允許使用的密碼(ciphers)演算法。如果未指定,則使用適當的演算法 | proxy_host | SSH 代理主機 | |
| proxy_port | SSH 代理埠號 | 22 |
| proxy_protocol | SSH 代理協議版本 (tcp, tcp4, tcp6) | tcp |
| proxy_username | SSH 代理使用者名稱 | |
| proxy_password | SSH 代理密碼 | |
| proxy_passphrase | SSH 代理金鑰密碼 | |
| proxy_timeout | SSH 連接代理主機的超時時間 | 30s |
| proxy_key | SSH 代理私鑰的內容 | |
| proxy_key_path | SSH 代理私鑰的路徑 | |
| proxy_fingerprint | 代理主機公鑰的 SHA256 指紋 | |
| proxy_cipher | 代理允許的加密算法 | |
| proxy_use_insecure_cipher | 包含更多不安全的加密算法 | false |
| script | 執行命令 | |
| script_file | 從文件中執行命令 | |
| script_stop | 在第一次失敗後停止腳本 | false |
| envs | 將環境變數傳遞給 shell 腳本 | |
| envs_format | 環境值傳遞的靈活配置 | |
| debug | 啟用調試模式 | false |
| allenvs | 將帶有 `GITHUB_``INPUT_` 前綴的環境變數傳遞給腳本 | false |
| request_pty | 從伺服器請求偽終端 | false |
SSH 代理設置: ## 用法
* `proxy_host` - 代理主機
* `proxy_port` - 代理端口,預設為 `22`
* `proxy_username` - 代理使用者名稱
* `proxy_password` - 代理密碼
* `proxy_passphrase` - 密碼通常用於加密私有金鑰
* `proxy_timeout` - SSH 連線至代理主機的逾時時間,預設為 `30s`
* `proxy_key` - SSH 代理私有金鑰內容
* `proxy_key_path` - SSH 代理私有金鑰路徑
* `proxy_fingerprint` - 代理主機公鑰的 SHA256 指紋,預設為跳過驗證
* `proxy_use_insecure_cipher` - 使用不安全的加密方式,請參閱 [#56](https://github.com/appleboy/ssh-action/issues/56)
* `proxy_cipher` - 允許的加密算法。如果未指定,則使用合理的算法
## 使用方式
執行遠端 SSH 命令 執行遠端 SSH 命令
@ -58,7 +66,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -157,7 +165,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -170,7 +178,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -183,7 +191,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -196,11 +204,24 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
![result](./images/output-result.png) ![result](./images/output-result.png)
#### Commands from a file
```yaml
- name: file commands
uses: appleboy/ssh-action@v1.2.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_path: scripts/script.sh
```
#### 多台主機 #### 多台主機
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com,bar.com" + host: "foo.com,bar.com"
@ -216,7 +237,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com:1234,bar.com:5678" + host: "foo.com:1234,bar.com:5678"
@ -231,7 +252,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: "foo.com,bar.com" host: "foo.com,bar.com"
+ sync: true + sync: true
@ -247,7 +268,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
+ env: + env:
+ FOO: "BAR" + FOO: "BAR"
+ BAR: "FOO" + BAR: "FOO"
@ -272,7 +293,7 @@ _在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -325,7 +346,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -346,7 +367,7 @@ Host FooServer
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -372,7 +393,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v1.1.0 uses: appleboy/ssh-action@v1.2.0
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

6
action.yml
View file

@ -43,6 +43,9 @@ inputs:
description: "SSH proxy username." description: "SSH proxy username."
proxy_password: proxy_password:
description: "SSH proxy password." description: "SSH proxy password."
proxy_protocol:
description: 'The IP protocol to use. Valid values are "tcp". "tcp4" or "tcp6". Default to tcp.'
default: "tcp"
proxy_passphrase: proxy_passphrase:
description: "SSH proxy key passphrase." description: "SSH proxy key passphrase."
proxy_timeout: proxy_timeout:
@ -60,6 +63,8 @@ inputs:
description: "Include more ciphers for the proxy by using insecure ciphers." description: "Include more ciphers for the proxy by using insecure ciphers."
script: script:
description: "Commands to be executed." description: "Commands to be executed."
script_path:
description: "Path to the file containing commands to be executed."
script_stop: script_stop:
description: "Stop the script after the first failure." description: "Stop the script after the first failure."
envs: envs:
@ -113,6 +118,7 @@ runs:
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }} INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }} INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
INPUT_SCRIPT: ${{ inputs.script }} INPUT_SCRIPT: ${{ inputs.script }}
INPUT_SCRIPT_FILE: ${{ inputs.script_path }}
INPUT_SCRIPT_STOP: ${{ inputs.script_stop }} INPUT_SCRIPT_STOP: ${{ inputs.script_stop }}
INPUT_ENVS: ${{ inputs.envs }} INPUT_ENVS: ${{ inputs.envs }}
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }} INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}

55
entrypoint.sh
View file

@ -8,7 +8,7 @@ export GITHUB="true"
GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}" GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}" DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.7.7}" DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.8.0}"
function detect_client_info() { function detect_client_info() {
if [ -n "${SSH_CLIENT_OS-}" ]; then if [ -n "${SSH_CLIENT_OS-}" ]; then
@ -17,20 +17,21 @@ function detect_client_info() {
local kernel local kernel
kernel="$(uname -s)" kernel="$(uname -s)"
case "${kernel}" in case "${kernel}" in
Darwin) Darwin)
CLIENT_PLATFORM="darwin" CLIENT_PLATFORM="darwin"
;; ;;
Linux) Linux)
CLIENT_PLATFORM="linux" CLIENT_PLATFORM="linux"
;; ;;
Windows) Windows)
CLIENT_PLATFORM="windows" CLIENT_PLATFORM="windows"
;; ;;
*) *)
echo "Unknown, unsupported platform: ${kernel}." >&2 echo "Unknown, unsupported platform: ${kernel}." >&2
echo "Supported platforms: Linux, Darwin and Windows." >&2 echo "Supported platforms: Linux, Darwin and Windows." >&2
echo "Bailing out." >&2 echo "Bailing out." >&2
exit 2 exit 2
;;
esac esac
fi fi
@ -40,18 +41,18 @@ function detect_client_info() {
local machine local machine
machine="$(uname -m)" machine="$(uname -m)"
case "${machine}" in case "${machine}" in
x86_64*|i?86_64*|amd64*) x86_64* | i?86_64* | amd64*)
CLIENT_ARCH="amd64" CLIENT_ARCH="amd64"
;; ;;
aarch64*|arm64*) aarch64* | arm64*)
CLIENT_ARCH="arm64" CLIENT_ARCH="arm64"
;; ;;
*) *)
echo "Unknown, unsupported architecture (${machine})." >&2 echo "Unknown, unsupported architecture (${machine})." >&2
echo "Supported architectures x86_64, i686, arm64." >&2 echo "Supported architectures x86_64, i686, arm64." >&2
echo "Bailing out." >&2 echo "Bailing out." >&2
exit 3 exit 3
;; ;;
esac esac
fi fi
} }

3
testdata/test.sh vendored Normal file
View file

@ -0,0 +1,3 @@
#!/usr/bin/env bash
set -e
whoami