actions/ssh-key-action
1
0
Fork 0
mirror of https://github.com/shimataro/ssh-key-action.git synced 2025-06-19 22:52:10 +10:00
Code Activity

Feature/rename known hosts (#72)

Browse source 
* * rename known-hosts to known_hosts

* * update CI

* * update README

* * update CHANGELOG

* * update README
This commit is contained in:
shimataro 2020-02-08 07:40:05 +09:00 committed by GitHub
parent aba3f4cae9
commit 326c0f5ec9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 19 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/verify-on-macos.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
- name: print created files - name: print created files
run: ls -l ~/.ssh run: ls -l ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

4
.github/workflows/verify-on-ubuntu.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
- name: print created files - name: print created files
run: ls -l ~/.ssh run: ls -l ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

4
.github/workflows/verify-on-ubuntu1604.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
- name: print created files - name: print created files
run: ls -l ~/.ssh run: ls -l ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

4
.github/workflows/verify-on-windows.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
- name: print created files - name: print created files
run: ls ~/.ssh run: ls ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

1
CHANGELOG.md
View file

@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
### Changed ### Changed
* rename `private-key` to `key` * rename `private-key` to `key`
* rename `known-hosts` to `known_hosts`
## [1.6.4] - 2020-01-27 ## [1.6.4] - 2020-01-27

14
README.md
View file

@ -29,7 +29,7 @@ steps:
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
name: id_rsa # optional name: id_rsa # optional
known-hosts: ${{ secrets.KNOWN_HOSTS }} # known_hosts; optional known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional
config: ${{ secrets.CONFIG }} # ssh_config; optional config: ${{ secrets.CONFIG }} # ssh_config; optional
- name: rsync over ssh - name: rsync over ssh
run: rsync ./foo/ user@remote:bar/ run: rsync ./foo/ user@remote:bar/
@ -42,7 +42,7 @@ See [Workflow syntax for GitHub Actions](https://help.github.com/en/articles/wor
If you want to install multiple keys, call this action multiple times. If you want to install multiple keys, call this action multiple times.
It is useful for port forwarding. It is useful for port forwarding.
**NOTE:** When this action is called multiple times, **the contents of `known-hosts` and `config` will be appended**. `key` must be saved as different name, by using `name` option. **NOTE:** When this action is called multiple times, **the contents of `known_hosts` and `config` will be appended**. `key` must be saved as different name, by using `name` option.
```yaml ```yaml
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -52,7 +52,7 @@ steps:
with: with:
key: ${{ secrets.SSH_KEY_OF_BASTION }} key: ${{ secrets.SSH_KEY_OF_BASTION }}
name: id_rsa-bastion name: id_rsa-bastion
known-hosts: ${{ secrets.KNOWN_HOSTS_OF_BASTION }} known_hosts: ${{ secrets.KNOWN_HOSTS_OF_BASTION }}
config: | config: |
Host bastion Host bastion
HostName xxx.xxx.xxx.xxx HostName xxx.xxx.xxx.xxx
@ -63,7 +63,7 @@ steps:
with: with:
key: ${{ secrets.SSH_KEY_OF_TARGET }} key: ${{ secrets.SSH_KEY_OF_TARGET }}
name: id_rsa-target name: id_rsa-target
known-hosts: ${{ secrets.KNOWN_HOSTS_OF_TARGET }} # will be appended! known_hosts: ${{ secrets.KNOWN_HOSTS_OF_TARGET }} # will be appended!
config: | # will be appended! config: | # will be appended!
Host target Host target
HostName yyy.yyy.yyy.yyy HostName yyy.yyy.yyy.yyy
@ -84,9 +84,9 @@ Check belows:
* OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work. * OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work.
* Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`). * Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`).
* `Host key verification failed.`: * `Host key verification failed.`:
* Set `known-hosts` option or use `ssh -o StrictHostKeyChecking=no`. * Set `known_hosts` option or use `ssh -o StrictHostKeyChecking=no`.
* The former is **HIGHLY** recommended for security reason. * The former is **HIGHLY** recommended for security reason.
* I'm planning to make `known-hosts` required in v2. * I'm planning to make `known_hosts` required in v2.
### How do I use encrypted SSH key? ### How do I use encrypted SSH key?
@ -104,7 +104,7 @@ I recommend **rsync via bastion**.
It has some advantages over other methods: It has some advantages over other methods:
* "Rsync via bastion" doesn't require to update workflow files and `secrets` even if it is necessary to transfer files to multiple servers. * "Rsync via bastion" doesn't require to update workflow files and `secrets` even if it is necessary to transfer files to multiple servers.
* Other methods require to update `known-hosts` if servers have changed. * Other methods require to update `known_hosts` if servers have changed.
* Rsync: * Rsync:
* is fastest of all. * is fastest of all.
* does **NOT** break files even if disconnected during transferring. * does **NOT** break files even if disconnected during transferring.

2
action.yml
View file

@ -13,7 +13,7 @@ inputs:
description: "SSH key file name (default: id_rsa)" description: "SSH key file name (default: id_rsa)"
required: false required: false
default: "id_rsa" default: "id_rsa"
known-hosts: known_hosts:
description: "public keys of SSH servers" description: "public keys of SSH servers"
required: false required: false
default: "" default: ""

2
lib/main.js
View file

@ -28,7 +28,7 @@ function main() {
}, },
{ {
name: "known_hosts", name: "known_hosts",
contents: prependLf(core.getInput("known-hosts")), contents: prependLf(core.getInput("known_hosts")),
options: { options: {
mode: 0o644, mode: 0o644,
flag: "a", flag: "a",

2
src/main.ts
View file

@ -30,7 +30,7 @@ function main(): void
}, },
{ {
name: "known_hosts", name: "known_hosts",
contents: prependLf(core.getInput("known-hosts")), contents: prependLf(core.getInput("known_hosts")),
options: { options: {
mode: 0o644, mode: 0o644,
flag: "a", flag: "a",