diff --git a/.markdownlint.json b/.markdownlint.json new file mode 100644 index 0000000..49a5aba --- /dev/null +++ b/.markdownlint.json @@ -0,0 +1,11 @@ +{ + "MD007": { + "indent": 4 + }, + "MD013": { + "line_length": 255 + }, + "MD024": { + "siblings_only": true + } +} diff --git a/CHANGELOG.md b/CHANGELOG.md index abcd703..72f0ee4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +## [1.3.0] + +### Added + +* `known-hosts` option + ## [1.2.0] ### Fixed @@ -29,7 +35,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. * First release. -[Unreleased]: https://github.com/shimataro/ssh-key-action/compare/v1.2.0...HEAD -[1.1.0]: https://github.com/shimataro/ssh-key-action/compare/v1.1.0...v1.2.0 +[Unreleased]: https://github.com/shimataro/ssh-key-action/compare/v1.3.0...HEAD +[1.3.0]: https://github.com/shimataro/ssh-key-action/compare/v1.2.0...v1.3.0 +[1.2.0]: https://github.com/shimataro/ssh-key-action/compare/v1.1.0...v1.2.0 [1.1.0]: https://github.com/shimataro/ssh-key-action/compare/v1.0.0...v1.1.0 [1.0.0]: https://github.com/shimataro/ssh-key-action/compare/8deacc95b1ee5732107e56baa4c8aac4c386ef7e...v1.0.0 diff --git a/README.md b/README.md index a9e2c38..9de787e 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ This action installs SSH key into `~/.ssh`. -Useful for SCP or SFTP or `rsync` over SSH in deployment script. +Useful for SCP, SFTP, and `rsync` over SSH in deployment script. ## Usage @@ -21,10 +21,11 @@ steps: private-key: ${{ secrets.SSH_KEY }} public-key: ${{ secrets.SSH_KEY_PUBLIC }} name: id_rsa # optional + known-hosts: ${{ secrets.KNOWN_HOSTS }} # optional - name: Install packages run: apt install openssh-client rsync - name: rsync over ssh - run: rsync -e "ssh -o StrictHostKeyChecking=no" ./foo/ user@remote:bar/ + run: rsync ./foo/ user@remote:bar/ ``` See [Workflow syntax for GitHub Actions](https://help.github.com/en/articles/workflow-syntax-for-github-actions) for details. diff --git a/action.yml b/action.yml index 9b5cd2a..6fe85c1 100644 --- a/action.yml +++ b/action.yml @@ -1,3 +1,4 @@ +# https://help.github.com/en/articles/metadata-syntax-for-github-actions name: "Install SSH Key" description: "Install SSH key to ~/.ssh" author: "shimataro" @@ -13,7 +14,12 @@ inputs: required: true name: description: "SSH key file name (default: id_rsa)" + required: false default: "id_rsa" + known-hosts: + description: "public keys of SSH servers" + required: false + default: "" runs: using: "node12" main: "lib/main.js" diff --git a/lib/main.js b/lib/main.js index b161818..3a88c7a 100644 --- a/lib/main.js +++ b/lib/main.js @@ -15,23 +15,39 @@ const core = __importStar(require("@actions/core")); */ function main() { try { + const name = core.getInput("name"); + const files = [ + { + name: name, + mode: 0o400, + contents: core.getInput("private-key"), + }, + { + name: `${name}.pub`, + mode: 0o444, + contents: core.getInput("public-key"), + }, + { + name: "known_hosts", + mode: 0o644, + contents: core.getInput("known-hosts"), + }, + ]; + // create ".ssh" directory const home = getHomeDirectory(); const dirName = path.resolve(home, ".ssh"); fs.mkdirSync(dirName, { recursive: true, mode: 0o700, }); - const privateKey = core.getInput("private-key"); - const publicKey = core.getInput("public-key"); - const name = core.getInput("name"); - const fileName = path.join(dirName, name); - fs.writeFileSync(fileName, privateKey, { - mode: 0o400, - }); - fs.writeFileSync(`${fileName}.pub`, publicKey, { - mode: 0o444, - }); - console.log(`SSH key has been stored to ${fileName} successfully.`); + // create files + for (const file of files) { + const fileName = path.join(dirName, file.name); + fs.writeFileSync(fileName, file.contents, { + mode: file.mode, + }); + } + console.log(`SSH key has been stored to ${dirName} successfully.`); } catch (err) { core.setFailed(err.message); diff --git a/lib/main.js.map b/lib/main.js.map index 03808b9..9705ee1 100644 --- a/lib/main.js.map +++ b/lib/main.js.map @@ -1 +1 @@ -{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAEtC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAW,CAAC;QAC1D,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAW,CAAC;QACxD,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAW,CAAC;QAE7C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAC1C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,UAAU,EAAE;YACtC,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QACH,EAAE,CAAC,aAAa,CAAC,GAAG,QAAQ,MAAM,EAAE,SAAS,EAAE;YAC9C,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,8BAA8B,QAAQ,gBAAgB,CAAC,CAAC;KACpE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KAC7C;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED,IAAI,EAAE,CAAC"} \ No newline at end of file +{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAW,CAAC;QAC7C,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI;gBACV,IAAI,EAAE,KAAK;gBACX,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;aACtC;YACD;gBACC,IAAI,EAAE,GAAG,IAAI,MAAM;gBACnB,IAAI,EAAE,KAAK;gBACX,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC;aACrC;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,KAAK;gBACX,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;aACtC;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACzC,IAAI,EAAE,IAAI,CAAC,IAAI;aACf,CAAC,CAAC;SACH;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC;IACrE,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KAC7C;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED,IAAI,EAAE,CAAC"} \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 4abcb8a..6314f54 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "ssh-key-action", - "version": "1.2.0", + "version": "1.3.0", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -25,9 +25,9 @@ } }, "@types/node": { - "version": "12.7.5", - "resolved": "https://registry.npmjs.org/@types/node/-/node-12.7.5.tgz", - "integrity": "sha512-9fq4jZVhPNW8r+UYKnxF1e2HkDWOWKM5bC2/7c9wPV835I0aOrVbS/Hw/pWPk2uKrNXQqg9Z959Kz+IYDd5p3w==", + "version": "12.7.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-12.7.8.tgz", + "integrity": "sha512-FMdVn84tJJdV+xe+53sYiZS4R5yn1mAIxfj+DVoNiQjTYz1+OYmjwEZr1ev9nU0axXwda0QDbYl06QHanRVH3A==", "dev": true }, "JSONStream": { @@ -226,9 +226,9 @@ } }, "chownr": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.2.tgz", - "integrity": "sha512-GkfeAQh+QNy3wquu9oIZr6SS5x7wGdSgNQvD10X3r+AZr1Oys22HW8kAmDMvNg2+Dm0TeGaEuO8gFwdBXxwO8A==", + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.3.tgz", + "integrity": "sha512-i70fVHhmV3DtTl6nqvZOnIjbY0Pe4kAUjwHj8z0zAdgBtYrJyYwLKCCuRBQ5ppkyL0AkN7HKRnETdmdp1zqNXw==", "dev": true }, "ci-info": { @@ -289,9 +289,9 @@ "dev": true }, "commander": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.1.tgz", - "integrity": "sha512-UNgvDd+csKdc9GD4zjtkHKQbT8Aspt2jCBqNSPp53vAS0L1tS9sXB2TCEOPHJ7kt9bN/niWkYj8T3RQSoMXdSQ==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz", + "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow==", "dev": true }, "concat-map": { @@ -468,9 +468,9 @@ } }, "end-of-stream": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.1.tgz", - "integrity": "sha512-1MkrZNvWTKCaigbn+W15elq2BB/L22nqrSY5DKlo3X6+vclJm8Bb5djXJBmEX6fS3+zCh/F4VBK5Z2KxJt4s2Q==", + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", "dev": true, "requires": { "once": "^1.4.0" @@ -1083,9 +1083,9 @@ "dev": true }, "minipass": { - "version": "2.6.5", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-2.6.5.tgz", - "integrity": "sha512-ewSKOPFH9blOLXx0YSE+mbrNMBFPS+11a2b03QZ+P4LVrUHW/GAlqeYC7DBknDyMWkHzrzTpDhUvy7MUxqyrPA==", + "version": "2.8.6", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-2.8.6.tgz", + "integrity": "sha512-lFG7d6g3+/UaFDCOtqPiKAC9zngWWsQZl1g5q6gaONqrjq61SX2xFqXMleQiFVyDpYwa018E9hmlAFY22PCb+A==", "dev": true, "requires": { "safe-buffer": "^5.1.2", @@ -1093,12 +1093,24 @@ } }, "minizlib": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-1.2.2.tgz", - "integrity": "sha512-hR3At21uSrsjjDTWrbu0IMLTpnkpv8IIMFDFaoz43Tmu4LkmAXfH44vNNzpTnf+OAQQCHrb91y/wc2J4x5XgSQ==", + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-1.3.2.tgz", + "integrity": "sha512-lsNFqSHdJ21EwKzCp12HHJGxSMtHkCW1EMA9cceG3MkMNARjuWotZnMe3NKNshAvFXpm4loZqmYsCmRwhS2JMw==", "dev": true, "requires": { - "minipass": "^2.2.1" + "minipass": "^2.9.0" + }, + "dependencies": { + "minipass": { + "version": "2.9.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-2.9.0.tgz", + "integrity": "sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==", + "dev": true, + "requires": { + "safe-buffer": "^5.1.2", + "yallist": "^3.0.0" + } + } } }, "mississippi": { @@ -1223,9 +1235,9 @@ } }, "normalize-url": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.4.1.tgz", - "integrity": "sha512-rjH3yRt0Ssx19mUwS0hrDUOdG9VI+oRLpLHJ7tXRdjcuQ7v7wo6qPvOZppHRrqfslTKr0L2yBhjj4UXd7c3cQg==", + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz", + "integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==", "dev": true }, "npm-bundled": { @@ -2024,14 +2036,14 @@ } }, "tar": { - "version": "4.4.11", - "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.11.tgz", - "integrity": "sha512-iI4zh3ktLJKaDNZKZc+fUONiQrSn9HkCFzamtb7k8FFmVilHVob7QsLX/VySAW8lAviMzMbFw4QtFb4errwgYA==", + "version": "4.4.13", + "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.13.tgz", + "integrity": "sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==", "dev": true, "requires": { "chownr": "^1.1.1", "fs-minipass": "^1.2.5", - "minipass": "^2.6.4", + "minipass": "^2.8.6", "minizlib": "^1.2.1", "mkdirp": "^0.5.0", "safe-buffer": "^5.1.2", @@ -2249,9 +2261,9 @@ "dev": true }, "yallist": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.0.3.tgz", - "integrity": "sha512-S+Zk8DEWE6oKpV+vI3qWkaK+jSbIK86pCwe2IF/xwIpQ8jEuxpw9NyaGjmp9+BoJv5FV2piqCDcoCtStppiq2A==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.0.tgz", + "integrity": "sha512-6gpP93MR+VOOehKbCPchro3wFZNSNmek8A2kbkOAZLIZAYx1KP/zAqwO0sOHi3xJEb+UBz8NaYt/17UNit1Q9w==", "dev": true } } diff --git a/package.json b/package.json index bc60906..1a1ef17 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "ssh-key-action", - "version": "1.2.0", + "version": "1.3.0", "private": true, "description": "Install SSH key to .ssh", "main": "lib/main.js", @@ -29,7 +29,7 @@ "@actions/core": "1.1.1" }, "devDependencies": { - "@types/node": "12.7.5", + "@types/node": "12.7.8", "npm-check-updates": "3.1.23", "typescript": "3.6.3" } diff --git a/src/main.ts b/src/main.ts index 3500b2b..0bf3203 100644 --- a/src/main.ts +++ b/src/main.ts @@ -3,6 +3,13 @@ import * as path from "path"; import * as core from "@actions/core"; +interface FileInfo +{ + name: string; + mode: number; + contents: string; +} + /** * main function */ @@ -10,6 +17,26 @@ function main(): void { try { + const name = core.getInput("name") as string; + const files: FileInfo[] = [ + { + name: name, + mode: 0o400, + contents: core.getInput("private-key"), + }, + { + name: `${name}.pub`, + mode: 0o444, + contents: core.getInput("public-key"), + }, + { + name: "known_hosts", + mode: 0o644, + contents: core.getInput("known-hosts"), + }, + ]; + + // create ".ssh" directory const home = getHomeDirectory(); const dirName = path.resolve(home, ".ssh"); fs.mkdirSync(dirName, { @@ -17,19 +44,16 @@ function main(): void mode: 0o700, }); - const privateKey = core.getInput("private-key") as string; - const publicKey = core.getInput("public-key") as string; - const name = core.getInput("name") as string; + // create files + for(const file of files) + { + const fileName = path.join(dirName, file.name); + fs.writeFileSync(fileName, file.contents, { + mode: file.mode, + }); + } - const fileName = path.join(dirName, name); - fs.writeFileSync(fileName, privateKey, { - mode: 0o400, - }); - fs.writeFileSync(`${fileName}.pub`, publicKey, { - mode: 0o444, - }); - - console.log(`SSH key has been stored to ${fileName} successfully.`); + console.log(`SSH key has been stored to ${dirName} successfully.`); } catch(err) {