actions/ssh-agent
1
0
Fork 0
mirror of https://github.com/webfactory/ssh-agent.git synced 2025-04-21 13:58:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updating the action to have a choice for how user is looked up on linux

Browse source
This commit is contained in:
Stanislaw Wozniak 2022-06-28 00:49:19 +01:00
parent 53715f806b
commit 815a336fc0
8 changed files with 133 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
action.yml
View file

@ -1,16 +1,21 @@
name: 'webfactory/ssh-agent'
description: 'Run `ssh-agent` and load an SSH key to access other private repositories'
name: "webfactory/ssh-agent"
description: "Run `ssh-agent` and load an SSH key to access other private repositories"
inputs:
ssh-private-key:
description: 'Private SSH key to register in the SSH agent'
description: "Private SSH key to register in the SSH agent"
required: true
ssh-auth-sock:
description: 'Where to place the SSH Agent auth socket'
description: "Where to place the SSH Agent auth socket"
required: false
linux-use-homedir:
description: Changes the way user home directory is looked up.
required: false
default: "false"
runs:
using: 'node12'
main: 'dist/index.js'
post: 'dist/cleanup.js'
post-if: 'always()'
using: "node12"
main: "dist/index.js"
post: "dist/cleanup.js"
post-if: "always()"
branding:
icon: loader
color: 'yellow'
color: "yellow"

27
dist/cleanup.js vendored
View file

@ -488,23 +488,24 @@ module.exports = require("fs");
const os = __webpack_require__(87);
module.exports = (process.env['OS'] != 'Windows_NT') ? {
module.exports = (linuxUseHomedir) => {
(process.env['OS'] != 'Windows_NT') ? {
// Use getent() system call, since this is what ssh does; makes a difference in Docker-based
// Action runs, where $HOME is different from the pwent
home: os.userInfo().homedir,
sshAgent: 'ssh-agent',
sshAdd: 'ssh-add'
// Use getent() system call, since this is what ssh does; makes a difference in Docker-based
// Action runs, where $HOME is different from the pwent
// Adds ability to use use os.homedir() to try and counter https://github.com/nodejs/node/issues/25714
home: linuxUseHomedir === "true" ? os.homedir() : os.userInfo().homedir,
sshAgent: 'ssh-agent',
sshAdd: 'ssh-add'
} : {
home: os.homedir(),
sshAgent: 'c://progra~1//git//usr//bin//ssh-agent.exe',
sshAdd: 'c://progra~1//git//usr//bin//ssh-add.exe'
};
} : {
home: os.homedir(),
sshAgent: 'c://progra~1//git//usr//bin//ssh-agent.exe',
sshAdd: 'c://progra~1//git//usr//bin//ssh-add.exe'
};
}
/***/ })

45
dist/index.js vendored
View file

@ -119,10 +119,14 @@ const core = __webpack_require__(470);
const child_process = __webpack_require__(129);
const fs = __webpack_require__(747);
const crypto = __webpack_require__(417);
const { home, sshAgent, sshAdd } = __webpack_require__(972);
const getPaths = __webpack_require__(972);
try {
const privateKey = core.getInput('ssh-private-key');
const linuxUseHomedir = core.getInput('linux-use-homedir');
const { home, sshAgent, sshAdd } = getPaths(linuxUseHomedir);
if (!privateKey) {
core.setFailed("The ssh-private-key argument is empty. Maybe the secret has not been configured, or you are using a wrong secret name in your workflow file.");
@ -145,7 +149,7 @@ try {
const sshAgentArgs = (authSock && authSock.length > 0) ? ['-a', authSock] : [];
// Extract auth socket path and agent pid and set them as job variables
child_process.execFileSync(sshAgent, sshAgentArgs).toString().split("\n").forEach(function(line) {
child_process.execFileSync(sshAgent, sshAgentArgs).toString().split("\n").forEach(function (line) {
const matches = /^(SSH_AUTH_SOCK|SSH_AGENT_PID)=(.*); export \1/.exec(line);
if (matches && matches.length > 0) {
@ -157,7 +161,7 @@ try {
console.log("Adding private key(s) to agent");
privateKey.split(/(?=-----BEGIN)/).forEach(function(key) {
privateKey.split(/(?=-----BEGIN)/).forEach(function (key) {
child_process.execFileSync(sshAdd, ['-'], { input: key.trim() + "\n" });
});
@ -167,7 +171,7 @@ try {
console.log('Configuring deployment key(s)');
child_process.execFileSync(sshAdd, ['-L']).toString().split(/\r?\n/).forEach(function(key) {
child_process.execFileSync(sshAdd, ['-L']).toString().split(/\r?\n/).forEach(function (key) {
const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i);
if (!parts) {
@ -186,9 +190,9 @@ try {
child_process.execSync(`git config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`);
const sshConfig = `\nHost key-${sha256}.github.com\n`
+ ` HostName github.com\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`;
+ ` HostName github.com\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`;
fs.appendFileSync(`${homeSsh}/config`, sshConfig);
@ -572,23 +576,24 @@ module.exports = require("fs");
const os = __webpack_require__(87);
module.exports = (process.env['OS'] != 'Windows_NT') ? {
module.exports = (linuxUseHomedir) => {
(process.env['OS'] != 'Windows_NT') ? {
// Use getent() system call, since this is what ssh does; makes a difference in Docker-based
// Action runs, where $HOME is different from the pwent
home: os.userInfo().homedir,
sshAgent: 'ssh-agent',
sshAdd: 'ssh-add'
// Use getent() system call, since this is what ssh does; makes a difference in Docker-based
// Action runs, where $HOME is different from the pwent
// Adds ability to use use os.homedir() to try and counter https://github.com/nodejs/node/issues/25714
home: linuxUseHomedir === "true" ? os.homedir() : os.userInfo().homedir,
sshAgent: 'ssh-agent',
sshAdd: 'ssh-add'
} : {
home: os.homedir(),
sshAgent: 'c://progra~1//git//usr//bin//ssh-agent.exe',
sshAdd: 'c://progra~1//git//usr//bin//ssh-add.exe'
};
} : {
home: os.homedir(),
sshAgent: 'c://progra~1//git//usr//bin//ssh-agent.exe',
sshAdd: 'c://progra~1//git//usr//bin//ssh-add.exe'
};
}
/***/ })

18
index.js
View file

@ -2,10 +2,14 @@ const core = require('@actions/core');
const child_process = require('child_process');
const fs = require('fs');
const crypto = require('crypto');
const { home, sshAgent, sshAdd } = require('./paths.js');
const getPaths = require('./paths.js');
try {
const privateKey = core.getInput('ssh-private-key');
const linuxUseHomedir = core.getInput('linux-use-homedir');
const { home, sshAgent, sshAdd } = getPaths(linuxUseHomedir);
if (!privateKey) {
core.setFailed("The ssh-private-key argument is empty. Maybe the secret has not been configured, or you are using a wrong secret name in your workflow file.");
@ -28,7 +32,7 @@ try {
const sshAgentArgs = (authSock && authSock.length > 0) ? ['-a', authSock] : [];
// Extract auth socket path and agent pid and set them as job variables
child_process.execFileSync(sshAgent, sshAgentArgs).toString().split("\n").forEach(function(line) {
child_process.execFileSync(sshAgent, sshAgentArgs).toString().split("\n").forEach(function (line) {
const matches = /^(SSH_AUTH_SOCK|SSH_AGENT_PID)=(.*); export \1/.exec(line);
if (matches && matches.length > 0) {
@ -40,7 +44,7 @@ try {
console.log("Adding private key(s) to agent");
privateKey.split(/(?=-----BEGIN)/).forEach(function(key) {
privateKey.split(/(?=-----BEGIN)/).forEach(function (key) {
child_process.execFileSync(sshAdd, ['-'], { input: key.trim() + "\n" });
});
@ -50,7 +54,7 @@ try {
console.log('Configuring deployment key(s)');
child_process.execFileSync(sshAdd, ['-L']).toString().split(/\r?\n/).forEach(function(key) {
child_process.execFileSync(sshAdd, ['-L']).toString().split(/\r?\n/).forEach(function (key) {
const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i);
if (!parts) {
@ -69,9 +73,9 @@ try {
child_process.execSync(`git config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`);
const sshConfig = `\nHost key-${sha256}.github.com\n`
+ ` HostName github.com\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`;
+ ` HostName github.com\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`;
fs.appendFileSync(`${homeSsh}/config`, sshConfig);

47
package-lock.json generated Normal file
View file

@ -0,0 +1,47 @@
{
"name": "webfactory-action-ssh-agent",
"version": "0.1.0",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "webfactory-action-ssh-agent",
"version": "0.1.0",
"license": "MIT",
"devDependencies": {
"@actions/core": "^1.2.4",
"@zeit/ncc": "^0.20.5"
}
},
"node_modules/@actions/core": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA==",
"dev": true
},
"node_modules/@zeit/ncc": {
"version": "0.20.5",
"resolved": "https://registry.npmjs.org/@zeit/ncc/-/ncc-0.20.5.tgz",
"integrity": "sha512-XU6uzwvv95DqxciQx+aOLhbyBx/13ky+RK1y88Age9Du3BlA4mMPCy13BGjayOrrumOzlq1XV3SD/BWiZENXlw==",
"deprecated": "@zeit/ncc is no longer maintained. Please use @vercel/ncc instead.",
"dev": true,
"bin": {
"ncc": "dist/ncc/cli.js"
}
}
},
"dependencies": {
"@actions/core": {
"version": "1.2.6",
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA==",
"dev": true
},
"@zeit/ncc": {
"version": "0.20.5",
"resolved": "https://registry.npmjs.org/@zeit/ncc/-/ncc-0.20.5.tgz",
"integrity": "sha512-XU6uzwvv95DqxciQx+aOLhbyBx/13ky+RK1y88Age9Du3BlA4mMPCy13BGjayOrrumOzlq1XV3SD/BWiZENXlw==",
"dev": true
}
}
}

4
package.json
View file

@ -2,7 +2,7 @@
"name": "webfactory-action-ssh-agent",
"repository": "git@github.com:webfactory/ssh-agent.git",
"description": "GitHub Action to set up ssh-agent with a private SSH key",
"version": "0.1.0",
"version": "0.1.1",
"main": "index.js",
"author": "webfactory GmbH <info@webfactory.de>",
"license": "MIT",
@ -13,4 +13,4 @@
"scripts": {
"build": "node scripts/build.js"
}
}
}

26
paths.js
View file

@ -1,18 +1,20 @@
const os = require('os');
module.exports = (process.env['OS'] != 'Windows_NT') ? {
module.exports = (linuxUseHomedir) => {
(process.env['OS'] != 'Windows_NT') ? {
// Use getent() system call, since this is what ssh does; makes a difference in Docker-based
// Action runs, where $HOME is different from the pwent
home: os.userInfo().homedir,
sshAgent: 'ssh-agent',
sshAdd: 'ssh-add'
// Use getent() system call, since this is what ssh does; makes a difference in Docker-based
// Action runs, where $HOME is different from the pwent
// Adds ability to use use os.homedir() to try and counter https://github.com/nodejs/node/issues/25714
home: linuxUseHomedir === "true" ? os.homedir() : os.userInfo().homedir,
sshAgent: 'ssh-agent',
sshAdd: 'ssh-add'
} : {
} : {
home: os.homedir(),
sshAgent: 'c://progra~1//git//usr//bin//ssh-agent.exe',
sshAdd: 'c://progra~1//git//usr//bin//ssh-add.exe'
};
home: os.homedir(),
sshAgent: 'c://progra~1//git//usr//bin//ssh-agent.exe',
sshAdd: 'c://progra~1//git//usr//bin//ssh-add.exe'
};
}

12
yarn.lock
View file

@ -3,11 +3,11 @@
"@actions/core@^1.2.4":
version "1.2.6"
resolved "https://registry.yarnpkg.com/@actions/core/-/core-1.2.6.tgz#a78d49f41a4def18e88ce47c2cac615d5694bf09"
integrity sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA==
"integrity" "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
"resolved" "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz"
"version" "1.2.6"
"@zeit/ncc@^0.20.5":
version "0.20.5"
resolved "https://registry.yarnpkg.com/@zeit/ncc/-/ncc-0.20.5.tgz#a41af6e6bcab4a58f4612bae6137f70bce0192e3"
integrity sha512-XU6uzwvv95DqxciQx+aOLhbyBx/13ky+RK1y88Age9Du3BlA4mMPCy13BGjayOrrumOzlq1XV3SD/BWiZENXlw==
"integrity" "sha512-XU6uzwvv95DqxciQx+aOLhbyBx/13ky+RK1y88Age9Du3BlA4mMPCy13BGjayOrrumOzlq1XV3SD/BWiZENXlw=="
"resolved" "https://registry.npmjs.org/@zeit/ncc/-/ncc-0.20.5.tgz"
"version" "0.20.5"