actions/ssh-key-action
1
0
Fork 0
mirror of https://github.com/shimataro/ssh-key-action.git synced 2025-06-19 22:52:10 +10:00
Code Activity

Feature/known hosts required (#73)

Browse source 
* * make known-hosts required

* * update CI

* * update README

* * update CHANGELOG

* * update README
This commit is contained in:
shimataro 2020-02-08 08:26:57 +09:00 committed by GitHub
parent 326c0f5ec9
commit fc07b00e5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 19 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/verify-on-macos.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
- name: print created files - name: print created files
run: ls -l ~/.ssh run: ls -l ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

4
.github/workflows/verify-on-ubuntu.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
- name: print created files - name: print created files
run: ls -l ~/.ssh run: ls -l ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

4
.github/workflows/verify-on-ubuntu1604.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
- name: print created files - name: print created files
run: ls -l ~/.ssh run: ls -l ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

4
.github/workflows/verify-on-windows.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
- name: print created files - name: print created files
run: ls ~/.ssh run: ls ~/.ssh
- name: git clone through SSH - name: git clone through SSH
@ -28,7 +28,7 @@ jobs:
uses: ./. uses: ./.
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
name: ssh_key_name # optional name: ssh_key_name # optional
config: | # optional config: | # optional
Host github Host github

1
CHANGELOG.md
View file

@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
* rename `private-key` to `key` * rename `private-key` to `key`
* rename `known-hosts` to `known_hosts` * rename `known-hosts` to `known_hosts`
* make `known_hosts` required
## [1.6.4] - 2020-01-27 ## [1.6.4] - 2020-01-27

6
README.md
View file

@ -29,7 +29,7 @@ steps:
with: with:
key: ${{ secrets.SSH_KEY }} key: ${{ secrets.SSH_KEY }}
name: id_rsa # optional name: id_rsa # optional
known_hosts: ${{ secrets.KNOWN_HOSTS }} # optional known_hosts: ${{ secrets.KNOWN_HOSTS }}
config: ${{ secrets.CONFIG }} # ssh_config; optional config: ${{ secrets.CONFIG }} # ssh_config; optional
- name: rsync over ssh - name: rsync over ssh
run: rsync ./foo/ user@remote:bar/ run: rsync ./foo/ user@remote:bar/
@ -84,9 +84,7 @@ Check belows:
* OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work. * OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work.
* Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`). * Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`).
* `Host key verification failed.`: * `Host key verification failed.`:
* Set `known_hosts` option or use `ssh -o StrictHostKeyChecking=no`. * Set `known_hosts` option correctly (use `ssh-keyscan` command).
* The former is **HIGHLY** recommended for security reason.
* I'm planning to make `known_hosts` required in v2.
### How do I use encrypted SSH key? ### How do I use encrypted SSH key?

2
action.yml
View file

@ -15,7 +15,7 @@ inputs:
default: "id_rsa" default: "id_rsa"
known_hosts: known_hosts:
description: "public keys of SSH servers" description: "public keys of SSH servers"
required: false required: true
default: "" default: ""
config: config:
description: "SSH config" description: "SSH config"

4
lib/main.js
View file

@ -28,7 +28,9 @@ function main() {
}, },
{ {
name: "known_hosts", name: "known_hosts",
contents: prependLf(core.getInput("known_hosts")), contents: prependLf(core.getInput("known_hosts", {
required: true,
})),
options: { options: {
mode: 0o644, mode: 0o644,
flag: "a", flag: "a",

2
lib/main.js.map
View file

@ -1 +1 @@
{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;oBAC9B,QAAQ,EAAE,IAAI;iBACd,CAAC;gBACF,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,IAAI;iBACV;aACD;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBACjD,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;YACD;gBACC,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;SACxD;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KACzC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU;IAElB,IAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,EAC/B;QACC,UAAU;QACV,OAAO,aAAa,CAAC;KACrB;IAED,gBAAgB;IAChB,OAAO,MAAM,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,SAAS,CAAC,KAAa;IAE/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EACrB;QACC,sBAAsB;QACtB,OAAO,EAAE,CAAC;KACV;IAED,OAAO,KAAK,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,IAAI,EAAE,CAAC"} {"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,oDAAsC;AAStC;;GAEG;AACH,SAAS,IAAI;IAEZ,IACA;QACC,MAAM,KAAK,GAAe;YACzB;gBACC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;oBAC9B,QAAQ,EAAE,IAAI;iBACd,CAAC;gBACF,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,IAAI;iBACV;aACD;YACD;gBACC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE;oBAChD,QAAQ,EAAE,IAAI;iBACd,CAAC,CAAC;gBACH,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;YACD;gBACC,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,OAAO,EAAE;oBACR,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,GAAG;iBACT;aACD;SACD,CAAC;QAEF,0BAA0B;QAC1B,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3C,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE;YACrB,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,KAAK;SACX,CAAC,CAAC;QAEH,eAAe;QACf,KAAI,MAAM,IAAI,IAAI,KAAK,EACvB;YACC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;SACxD;QAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,gBAAgB,CAAC,CAAC;KACnE;IACD,OAAM,GAAG,EACT;QACC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;KAC5B;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB;IAExB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAG,IAAI,KAAK,SAAS,EACrB;QACC,MAAM,KAAK,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC;KACzC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU;IAElB,IAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,EAC/B;QACC,UAAU;QACV,OAAO,aAAa,CAAC;KACrB;IAED,gBAAgB;IAChB,OAAO,MAAM,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,SAAS,CAAC,KAAa;IAE/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EACrB;QACC,sBAAsB;QACtB,OAAO,EAAE,CAAC;KACV;IAED,OAAO,KAAK,KAAK,EAAE,CAAC;AACrB,CAAC;AAED,IAAI,EAAE,CAAC"}

4
src/main.ts
View file

@ -30,7 +30,9 @@ function main(): void
}, },
{ {
name: "known_hosts", name: "known_hosts",
contents: prependLf(core.getInput("known_hosts")), contents: prependLf(core.getInput("known_hosts", {
required: true,
})),
options: { options: {
mode: 0o644, mode: 0o644,
flag: "a", flag: "a",