-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
148 lines (139 loc) · 4.8 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
apiVersion: automation.cloudbees.io/v1alpha1
kind: action
name: ssh actions
inputs:
host:
description: 'SSH host address.'
required: true
port:
description: 'SSH port number.'
default: "22"
passphrase:
description: 'Passphrase for the SSH key.'
username:
description: 'SSH username.'
required: true
password:
description: 'SSH password. (Optional if key_path is provided)'
sync:
description: 'Enable synchronous execution if multiple hosts are involved.'
use_insecure_cipher:
description: 'Include more ciphers by using insecure ciphers.'
cipher:
description: 'Allowed cipher algorithms. If unspecified, a sensible default is used.'
timeout:
description: 'Timeout duration for establishing SSH connection to the host.'
default: "30s"
command_timeout:
description: 'Timeout duration for SSH commands execution.'
default: "10m"
key:
description: 'Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa.'
key_path:
description: 'Path to the SSH private key file. (Optional if password is provided)'
fingerprint:
description: 'SHA256 fingerprint of the host public key.'
proxy_host:
description: 'SSH proxy host address.'
proxy_port:
description: 'SSH proxy port number.'
default: "22"
proxy_username:
description: 'SSH proxy username.'
proxy_password:
description: 'SSH proxy password.'
proxy_passphrase:
description: 'SSH proxy key passphrase.'
proxy_timeout:
description: 'Timeout duration for establishing SSH connection to the proxy host.'
default: "30s"
proxy_key:
description: 'Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa.'
proxy_key_path:
description: 'Path to the SSH proxy private key file.'
proxy_fingerprint:
description: 'SHA256 fingerprint of the proxy host public key.'
proxy_cipher:
description: 'Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used.'
proxy_use_insecure_cipher:
description: 'Include more ciphers for the proxy by using insecure ciphers.'
script:
description: 'Commands to be executed.'
required: true
script_stop:
description: 'Stop the script after the first failure.'
envs:
description: 'Environment variables to be passed to the shell script.'
envs_format:
description: 'Flexible configuration for environment value transfer.'
debug:
description: 'Enable debug mode.'
allenvs:
description: 'pass all environment variable to shell script.'
runs:
using: composite
steps:
- id: ssh-login
uses: 'docker://public.ecr.aws/l7o7z1g8/actions/ssh-actions:main-a1cfc7c5509a5d402dc057d4ae278beb333fdd9a'
env:
HOST: ${{ inputs.host }}
PORT: ${{ inputs.port }}
PASSPHRASE: ${{ inputs.passphrase }}
USERNAME: ${{ inputs.username }}
PASSWORD: ${{ inputs.password }}
SYNC: ${{ inputs.sync }}
USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
CIPHER: ${{ inputs.cipher }}
TIMEOUT: ${{ inputs.timeout }}
COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
KEY: ${{ inputs.key }}
KEY_PATH: "data.pem"
FINGERPRINT: ${{ inputs.fingerprint }}
PROXY_HOST: ${{ inputs.proxy_host }}
PROXY_PORT: ${{ inputs.proxy_port }}
PROXY_USERNAME: ${{ inputs.proxy_username }}
PROXY_PASSWORD: ${{ inputs.proxy_password }}
PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
PROXY_KEY: ${{ inputs.proxy_key }}
PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
PROXY_CIPHER: ${{ inputs.proxy_cipher }}
PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
SCRIPT: ${{ inputs.script }}
SCRIPT_STOP: ${{ inputs.script_stop }}
ENVS: ${{ inputs.envs }}
ENVS_FORMAT: ${{ inputs.envs_format }}
DEBUG: ${{ inputs.debug }}
ALLENVS: ${{ inputs.allenvs }}
shell: sh
run: |
set +x
cd /app
# prepare pem file from ssh key
if [ -n "${{ inputs.key_path }}" ]; then
#preprocess key data
kvalue="${{ inputs.key_path }}"
#get begin
prefix=${kvalue%%----- *}
pidx=${#prefix}+5
begin="${kvalue:0:$pidx}"
#get end
suffix=${kvalue%*-----END*}
sidx=${#suffix}
end="${kvalue:$sidx}"
#get mid
mid="${kvalue#*$begin }"
mid="${mid% $end*}"
{
echo "$begin"
# Replace all spaces with newlines
echo "$mid" | tr -s '[:space:]' '\n'
echo "$end"
} > data.pem || exit 1
chmod 400 data.pem
fi
# execute the ssh action
./ssh_actions_app
# clean up
rm -f data.pem