From c6cd290932419d7ff442dcf18066f7580ca01a02 Mon Sep 17 00:00:00 2001 From: shimataro Date: Fri, 7 Feb 2020 05:54:57 +0900 Subject: [PATCH 1/5] * update CI URL (#104) --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 55fa515..f206c16 100644 --- a/README.md +++ b/README.md @@ -126,15 +126,15 @@ The scripts and documentation in this project are released under the [MIT Licens See [CHANGELOG.md](CHANGELOG.md). [image-build]: https://github.com/shimataro/ssh-key-action/workflows/Build/badge.svg?event=push&branch=v1 -[link-build]: https://github.com/shimataro/ssh-key-action +[link-build]: https://github.com/shimataro/ssh-key-action/actions?query=workflow%3ABuild [image-verify-windows]: https://github.com/shimataro/ssh-key-action/workflows/Windows/badge.svg?event=push&branch=v1 -[link-verify-windows]: https://github.com/shimataro/ssh-key-action +[link-verify-windows]: https://github.com/shimataro/ssh-key-action/actions?query=workflow%3AWindows [image-verify-macos]: https://github.com/shimataro/ssh-key-action/workflows/macOS/badge.svg?event=push&branch=v1 -[link-verify-macos]: https://github.com/shimataro/ssh-key-action +[link-verify-macos]: https://github.com/shimataro/ssh-key-action/actions?query=workflow%3AmacOS [image-verify-ubuntu]: https://github.com/shimataro/ssh-key-action/workflows/Ubuntu/badge.svg?event=push&branch=v1 -[link-verify-ubuntu]: https://github.com/shimataro/ssh-key-action +[link-verify-ubuntu]: https://github.com/shimataro/ssh-key-action/actions?query=workflow%3AUbuntu [image-verify-ubuntu1604]: https://github.com/shimataro/ssh-key-action/workflows/Ubuntu%2016.04/badge.svg?event=push&branch=v1 -[link-verify-ubuntu1604]: https://github.com/shimataro/ssh-key-action +[link-verify-ubuntu1604]: https://github.com/shimataro/ssh-key-action/actions?query=workflow%3A%22Ubuntu+16.04%22 [image-release]: https://img.shields.io/github/release/shimataro/ssh-key-action.svg [link-release]: https://github.com/shimataro/ssh-key-action/releases [image-license]: https://img.shields.io/github/license/shimataro/ssh-key-action.svg From 806ebadbbe5dd9f210ef11016c9a45763051b9ba Mon Sep 17 00:00:00 2001 From: shimataro Date: Fri, 7 Feb 2020 05:56:43 +0900 Subject: [PATCH 2/5] * refactor YAML file (#105) --- .eslintrc.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.eslintrc.yml b/.eslintrc.yml index bbe1f10..07b4cfe 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -3,9 +3,9 @@ env: # https://eslint.org/docs/user-guide/configuring#specifying-environments es6: true node: true extends: - - eslint:recommended - - plugin:@typescript-eslint/eslint-recommended - - plugin:@typescript-eslint/recommended +- eslint:recommended +- plugin:@typescript-eslint/eslint-recommended +- plugin:@typescript-eslint/recommended plugins: - import - "@typescript-eslint" From aba3f4cae990b8d352578aa6b51c416cba60fddc Mon Sep 17 00:00:00 2001 From: shimataro Date: Fri, 7 Feb 2020 20:57:04 +0900 Subject: [PATCH 3/5] Feature/private key (#71) * * rename private-key to key * * update CI * * update README / CHANGELOG --- .github/workflows/verify-on-macos.yml | 4 ++-- .github/workflows/verify-on-ubuntu.yml | 4 ++-- .github/workflows/verify-on-ubuntu1604.yml | 4 ++-- .github/workflows/verify-on-windows.yml | 4 ++-- CHANGELOG.md | 4 ++++ README.md | 8 ++++---- action.yml | 4 ++-- lib/main.js | 2 +- lib/main.js.map | 2 +- src/main.ts | 2 +- 10 files changed, 21 insertions(+), 17 deletions(-) diff --git a/.github/workflows/verify-on-macos.yml b/.github/workflows/verify-on-macos.yml index 9fd095f..14653ca 100644 --- a/.github/workflows/verify-on-macos.yml +++ b/.github/workflows/verify-on-macos.yml @@ -12,7 +12,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls -l ~/.ssh @@ -27,7 +27,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-ubuntu.yml b/.github/workflows/verify-on-ubuntu.yml index e35a29d..f50b4cd 100644 --- a/.github/workflows/verify-on-ubuntu.yml +++ b/.github/workflows/verify-on-ubuntu.yml @@ -12,7 +12,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls -l ~/.ssh @@ -27,7 +27,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-ubuntu1604.yml b/.github/workflows/verify-on-ubuntu1604.yml index 8c8a87b..7024e65 100644 --- a/.github/workflows/verify-on-ubuntu1604.yml +++ b/.github/workflows/verify-on-ubuntu1604.yml @@ -12,7 +12,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls -l ~/.ssh @@ -27,7 +27,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-windows.yml b/.github/workflows/verify-on-windows.yml index 7e40adb..a2332dd 100644 --- a/.github/workflows/verify-on-windows.yml +++ b/.github/workflows/verify-on-windows.yml @@ -12,7 +12,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls ~/.ssh @@ -27,7 +27,7 @@ jobs: - name: Install SSH key uses: ./. with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional diff --git a/CHANGELOG.md b/CHANGELOG.md index 1525d69..8746d25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +### Changed + +* rename `private-key` to `key` + ## [1.6.4] - 2020-01-27 ### Fixed diff --git a/README.md b/README.md index f206c16..d3e9bc7 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ steps: - name: Install SSH key uses: shimataro/ssh-key-action@v1 with: - private-key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY }} name: id_rsa # optional known-hosts: ${{ secrets.KNOWN_HOSTS }} # known_hosts; optional config: ${{ secrets.CONFIG }} # ssh_config; optional @@ -42,7 +42,7 @@ See [Workflow syntax for GitHub Actions](https://help.github.com/en/articles/wor If you want to install multiple keys, call this action multiple times. It is useful for port forwarding. -**NOTE:** When this action is called multiple times, **the contents of `known-hosts` and `config` will be appended**. `private-key` must be saved as different name, by using `name` option. +**NOTE:** When this action is called multiple times, **the contents of `known-hosts` and `config` will be appended**. `key` must be saved as different name, by using `name` option. ```yaml runs-on: ubuntu-latest @@ -50,7 +50,7 @@ steps: - name: Install SSH key of bastion uses: shimataro/ssh-key-action@v1 with: - private-key: ${{ secrets.SSH_KEY_OF_BASTION }} + key: ${{ secrets.SSH_KEY_OF_BASTION }} name: id_rsa-bastion known-hosts: ${{ secrets.KNOWN_HOSTS_OF_BASTION }} config: | @@ -61,7 +61,7 @@ steps: - name: Install SSH key of target uses: shimataro/ssh-key-action@v1 with: - private-key: ${{ secrets.SSH_KEY_OF_TARGET }} + key: ${{ secrets.SSH_KEY_OF_TARGET }} name: id_rsa-target known-hosts: ${{ secrets.KNOWN_HOSTS_OF_TARGET }} # will be appended! config: | # will be appended! diff --git a/action.yml b/action.yml index 734fd12..9974c8b 100644 --- a/action.yml +++ b/action.yml @@ -6,8 +6,8 @@ branding: icon: "terminal" color: "gray-dark" inputs: - private-key: - description: "private SSH key" + key: + description: "SSH private key" required: true name: description: "SSH key file name (default: id_rsa)" diff --git a/lib/main.js b/lib/main.js index 1360411..ede1edf 100644 --- a/lib/main.js +++ b/lib/main.js @@ -18,7 +18,7 @@ function main() { const files = [ { name: core.getInput("name"), - contents: core.getInput("private-key", { + contents: core.getInput("key", { required: true, }), options: { diff --git a/lib/main.js.map b/lib/main.js.map index 6148a6d..43bb0e4 100644 --- a/lib/main.js.map +++ b/lib/main.js.map @@ -1 +1 @@ -{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;oBACtC,QAAQ,EAAE,IAAI;iBACd,CAAC;gBACF,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,IAAI;iBACV;aACD;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBACjD,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;YACD;gBACC,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;SACxD;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KACzC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU;IAElB,IAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,EAC/B;QACC,UAAU;QACV,OAAO,aAAa,CAAC;KACrB;IAED,gBAAgB;IAChB,OAAO,MAAM,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,SAAS,CAAC,KAAa;IAE/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EACrB;QACC,sBAAsB;QACtB,OAAO,EAAE,CAAC;KACV;IAED,OAAO,KAAK,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,IAAI,EAAE,CAAC"} \ No newline at end of file +{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;oBAC9B,QAAQ,EAAE,IAAI;iBACd,CAAC;gBACF,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,IAAI;iBACV;aACD;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBACjD,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;YACD;gBACC,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;SACxD;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KACzC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU;IAElB,IAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,EAC/B;QACC,UAAU;QACV,OAAO,aAAa,CAAC;KACrB;IAED,gBAAgB;IAChB,OAAO,MAAM,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,SAAS,CAAC,KAAa;IAE/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EACrB;QACC,sBAAsB;QACtB,OAAO,EAAE,CAAC;KACV;IAED,OAAO,KAAK,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,IAAI,EAAE,CAAC"} \ No newline at end of file diff --git a/src/main.ts b/src/main.ts index 48fbd44..62a5520 100644 --- a/src/main.ts +++ b/src/main.ts @@ -20,7 +20,7 @@ function main(): void const files: FileInfo[] = [ { name: core.getInput("name"), - contents: core.getInput("private-key", { + contents: core.getInput("key", { required: true, }), options: { From 326c0f5ec98102c01fd0b8fba81d7da2fed30d81 Mon Sep 17 00:00:00 2001 From: shimataro Date: Sat, 8 Feb 2020 07:40:05 +0900 Subject: [PATCH 4/5] Feature/rename known hosts (#72) * * rename known-hosts to known_hosts * * update CI * * update README * * update CHANGELOG * * update README --- .github/workflows/verify-on-macos.yml | 4 ++-- .github/workflows/verify-on-ubuntu.yml | 4 ++-- .github/workflows/verify-on-ubuntu1604.yml | 4 ++-- .github/workflows/verify-on-windows.yml | 4 ++-- CHANGELOG.md | 1 + README.md | 14 +++++++------- action.yml | 2 +- lib/main.js | 2 +- src/main.ts | 2 +- 9 files changed, 19 insertions(+), 18 deletions(-) diff --git a/.github/workflows/verify-on-macos.yml b/.github/workflows/verify-on-macos.yml index 14653ca..469120b 100644 --- a/.github/workflows/verify-on-macos.yml +++ b/.github/workflows/verify-on-macos.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls -l ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional Host github diff --git a/.github/workflows/verify-on-ubuntu.yml b/.github/workflows/verify-on-ubuntu.yml index f50b4cd..e6548e1 100644 --- a/.github/workflows/verify-on-ubuntu.yml +++ b/.github/workflows/verify-on-ubuntu.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls -l ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional Host github diff --git a/.github/workflows/verify-on-ubuntu1604.yml b/.github/workflows/verify-on-ubuntu1604.yml index 7024e65..b3cce08 100644 --- a/.github/workflows/verify-on-ubuntu1604.yml +++ b/.github/workflows/verify-on-ubuntu1604.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls -l ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional Host github diff --git a/.github/workflows/verify-on-windows.yml b/.github/workflows/verify-on-windows.yml index a2332dd..003466f 100644 --- a/.github/workflows/verify-on-windows.yml +++ b/.github/workflows/verify-on-windows.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: print created files run: ls ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional name: ssh_key_name # optional config: | # optional Host github diff --git a/CHANGELOG.md b/CHANGELOG.md index 8746d25..55bebe3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ### Changed * rename `private-key` to `key` +* rename `known-hosts` to `known_hosts` ## [1.6.4] - 2020-01-27 diff --git a/README.md b/README.md index d3e9bc7..ac298dc 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ steps: with: key: ${{ secrets.SSH_KEY }} name: id_rsa # optional - known-hosts: ${{ secrets.KNOWN_HOSTS }} # known_hosts; optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional config: ${{ secrets.CONFIG }} # ssh_config; optional - name: rsync over ssh run: rsync ./foo/ user@remote:bar/ @@ -42,7 +42,7 @@ See [Workflow syntax for GitHub Actions](https://help.github.com/en/articles/wor If you want to install multiple keys, call this action multiple times. It is useful for port forwarding. -**NOTE:** When this action is called multiple times, **the contents of `known-hosts` and `config` will be appended**. `key` must be saved as different name, by using `name` option. +**NOTE:** When this action is called multiple times, **the contents of `known_hosts` and `config` will be appended**. `key` must be saved as different name, by using `name` option. ```yaml runs-on: ubuntu-latest @@ -52,7 +52,7 @@ steps: with: key: ${{ secrets.SSH_KEY_OF_BASTION }} name: id_rsa-bastion - known-hosts: ${{ secrets.KNOWN_HOSTS_OF_BASTION }} + known_hosts: ${{ secrets.KNOWN_HOSTS_OF_BASTION }} config: | Host bastion HostName xxx.xxx.xxx.xxx @@ -63,7 +63,7 @@ steps: with: key: ${{ secrets.SSH_KEY_OF_TARGET }} name: id_rsa-target - known-hosts: ${{ secrets.KNOWN_HOSTS_OF_TARGET }} # will be appended! + known_hosts: ${{ secrets.KNOWN_HOSTS_OF_TARGET }} # will be appended! config: | # will be appended! Host target HostName yyy.yyy.yyy.yyy @@ -84,9 +84,9 @@ Check belows: * OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work. * Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`). * `Host key verification failed.`: - * Set `known-hosts` option or use `ssh -o StrictHostKeyChecking=no`. + * Set `known_hosts` option or use `ssh -o StrictHostKeyChecking=no`. * The former is **HIGHLY** recommended for security reason. - * I'm planning to make `known-hosts` required in v2. + * I'm planning to make `known_hosts` required in v2. ### How do I use encrypted SSH key? @@ -104,7 +104,7 @@ I recommend **rsync via bastion**. It has some advantages over other methods: * "Rsync via bastion" doesn't require to update workflow files and `secrets` even if it is necessary to transfer files to multiple servers. - * Other methods require to update `known-hosts` if servers have changed. + * Other methods require to update `known_hosts` if servers have changed. * Rsync: * is fastest of all. * does **NOT** break files even if disconnected during transferring. diff --git a/action.yml b/action.yml index 9974c8b..aef5b4e 100644 --- a/action.yml +++ b/action.yml @@ -13,7 +13,7 @@ inputs: description: "SSH key file name (default: id_rsa)" required: false default: "id_rsa" - known-hosts: + known_hosts: description: "public keys of SSH servers" required: false default: "" diff --git a/lib/main.js b/lib/main.js index ede1edf..b97cccb 100644 --- a/lib/main.js +++ b/lib/main.js @@ -28,7 +28,7 @@ function main() { }, { name: "known_hosts", - contents: prependLf(core.getInput("known-hosts")), + contents: prependLf(core.getInput("known_hosts")), options: { mode: 0o644, flag: "a", diff --git a/src/main.ts b/src/main.ts index 62a5520..b3aa60c 100644 --- a/src/main.ts +++ b/src/main.ts @@ -30,7 +30,7 @@ function main(): void }, { name: "known_hosts", - contents: prependLf(core.getInput("known-hosts")), + contents: prependLf(core.getInput("known_hosts")), options: { mode: 0o644, flag: "a", From fc07b00e5f464f247a25a55b9ff5ef001253ca42 Mon Sep 17 00:00:00 2001 From: shimataro Date: Sat, 8 Feb 2020 08:26:57 +0900 Subject: [PATCH 5/5] Feature/known hosts required (#73) * * make known-hosts required * * update CI * * update README * * update CHANGELOG * * update README --- .github/workflows/verify-on-macos.yml | 4 ++-- .github/workflows/verify-on-ubuntu.yml | 4 ++-- .github/workflows/verify-on-ubuntu1604.yml | 4 ++-- .github/workflows/verify-on-windows.yml | 4 ++-- CHANGELOG.md | 1 + README.md | 6 ++---- action.yml | 2 +- lib/main.js | 4 +++- lib/main.js.map | 2 +- src/main.ts | 4 +++- 10 files changed, 19 insertions(+), 16 deletions(-) diff --git a/.github/workflows/verify-on-macos.yml b/.github/workflows/verify-on-macos.yml index 469120b..19ab8ee 100644 --- a/.github/workflows/verify-on-macos.yml +++ b/.github/workflows/verify-on-macos.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional Host github diff --git a/.github/workflows/verify-on-ubuntu.yml b/.github/workflows/verify-on-ubuntu.yml index e6548e1..8b165c5 100644 --- a/.github/workflows/verify-on-ubuntu.yml +++ b/.github/workflows/verify-on-ubuntu.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional Host github diff --git a/.github/workflows/verify-on-ubuntu1604.yml b/.github/workflows/verify-on-ubuntu1604.yml index b3cce08..fdd7d67 100644 --- a/.github/workflows/verify-on-ubuntu1604.yml +++ b/.github/workflows/verify-on-ubuntu1604.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional Host github diff --git a/.github/workflows/verify-on-windows.yml b/.github/workflows/verify-on-windows.yml index 003466f..6e58f05 100644 --- a/.github/workflows/verify-on-windows.yml +++ b/.github/workflows/verify-on-windows.yml @@ -13,7 +13,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls ~/.ssh - name: git clone through SSH @@ -28,7 +28,7 @@ jobs: uses: ./. with: key: ${{ secrets.SSH_KEY }} - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional Host github diff --git a/CHANGELOG.md b/CHANGELOG.md index 55bebe3..79f9ea6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. * rename `private-key` to `key` * rename `known-hosts` to `known_hosts` +* make `known_hosts` required ## [1.6.4] - 2020-01-27 diff --git a/README.md b/README.md index ac298dc..acfb9d3 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ steps: with: key: ${{ secrets.SSH_KEY }} name: id_rsa # optional - known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional + known_hosts: ${{ secrets.KNOWN_HOSTS }} config: ${{ secrets.CONFIG }} # ssh_config; optional - name: rsync over ssh run: rsync ./foo/ user@remote:bar/ @@ -84,9 +84,7 @@ Check belows: * OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work. * Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`). * `Host key verification failed.`: - * Set `known_hosts` option or use `ssh -o StrictHostKeyChecking=no`. - * The former is **HIGHLY** recommended for security reason. - * I'm planning to make `known_hosts` required in v2. + * Set `known_hosts` option correctly (use `ssh-keyscan` command). ### How do I use encrypted SSH key? diff --git a/action.yml b/action.yml index aef5b4e..bf35c34 100644 --- a/action.yml +++ b/action.yml @@ -15,7 +15,7 @@ inputs: default: "id_rsa" known_hosts: description: "public keys of SSH servers" - required: false + required: true default: "" config: description: "SSH config" diff --git a/lib/main.js b/lib/main.js index b97cccb..76eeb65 100644 --- a/lib/main.js +++ b/lib/main.js @@ -28,7 +28,9 @@ function main() { }, { name: "known_hosts", - contents: prependLf(core.getInput("known_hosts")), + contents: prependLf(core.getInput("known_hosts", { + required: true, + })), options: { mode: 0o644, flag: "a", diff --git a/lib/main.js.map b/lib/main.js.map index 43bb0e4..3fa68cc 100644 --- a/lib/main.js.map +++ b/lib/main.js.map @@ -1 +1 @@ -{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;oBAC9B,QAAQ,EAAE,IAAI;iBACd,CAAC;gBACF,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,IAAI;iBACV;aACD;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBACjD,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;YACD;gBACC,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;SACxD;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KACzC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU;IAElB,IAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,EAC/B;QACC,UAAU;QACV,OAAO,aAAa,CAAC;KACrB;IAED,gBAAgB;IAChB,OAAO,MAAM,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,SAAS,CAAC,KAAa;IAE/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EACrB;QACC,sBAAsB;QACtB,OAAO,EAAE,CAAC;KACV;IAED,OAAO,KAAK,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,IAAI,EAAE,CAAC"} \ No newline at end of file +{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;oBAC9B,QAAQ,EAAE,IAAI;iBACd,CAAC;gBACF,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,IAAI;iBACV;aACD;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;oBAChD,QAAQ,EAAE,IAAI;iBACd,CAAC,CAAC;gBACH,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;YACD;gBACC,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;SACxD;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KACzC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU;IAElB,IAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,EAC/B;QACC,UAAU;QACV,OAAO,aAAa,CAAC;KACrB;IAED,gBAAgB;IAChB,OAAO,MAAM,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,SAAS,CAAC,KAAa;IAE/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EACrB;QACC,sBAAsB;QACtB,OAAO,EAAE,CAAC;KACV;IAED,OAAO,KAAK,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,IAAI,EAAE,CAAC"} \ No newline at end of file diff --git a/src/main.ts b/src/main.ts index b3aa60c..7a191cb 100644 --- a/src/main.ts +++ b/src/main.ts @@ -30,7 +30,9 @@ function main(): void }, { name: "known_hosts", - contents: prependLf(core.getInput("known_hosts")), + contents: prependLf(core.getInput("known_hosts", { + required: true, + })), options: { mode: 0o644, flag: "a",