actions/ssh-agent
1
0
Fork 0
mirror of https://github.com/webfactory/ssh-agent.git synced 2025-04-23 22:50:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Create git aliases and SSH mappings for deployment keys

Browse source
This commit is contained in:
Matthias Pigulla 2021-02-13 12:31:04 +00:00
parent 85353917a2
commit e8feaab9e8
3 changed files with 80 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
.github/workflows/demo.yml vendored
View file

@ -7,7 +7,7 @@ jobs:
os: [ubuntu-latest, macOS-latest, windows-latest] os: [ubuntu-latest, macOS-latest, windows-latest]
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@v1 - uses: actions/checkout@v2
- name: Setup key - name: Setup key
uses: ./ uses: ./
with: with:
@ -21,7 +21,7 @@ jobs:
os: [ubuntu-latest, macOS-latest] os: [ubuntu-latest, macOS-latest]
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@v1 - uses: actions/checkout@v2
- name: Setup key - name: Setup key
uses: ./ uses: ./
with: with:
@ -32,7 +32,7 @@ jobs:
container: container:
image: ubuntu:latest image: ubuntu:latest
steps: steps:
- uses: actions/checkout@v1 - uses: actions/checkout@v2
- run: apt update && apt install -y openssh-client - run: apt update && apt install -y openssh-client
- name: Setup key - name: Setup key
uses: ./ uses: ./
@ -40,3 +40,19 @@ jobs:
ssh-private-key: | ssh-private-key: |
${{ secrets.DEMO_KEY }} ${{ secrets.DEMO_KEY }}
${{ secrets.DEMO_KEY_2 }} ${{ secrets.DEMO_KEY_2 }}
deployment_keys_demo:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup key
uses: ./
with:
ssh-private-key: |
${{ secrets.MPDUDE_TEST_1_DEPLOY_KEY }}
${{ secrets.MPDUDE_TEST_2_DEPLOY_KEY }}
- run: |
git clone https://github.com/mpdude/test-1.git test-1-http
git clone git@github.com:mpdude/test-1.git test-1-git
git clone https://github.com/mpdude/test-2.git test-2-http
git clone git@github.com:mpdude/test-2.git test-2-git

34
dist/index.js vendored
View file

@ -119,6 +119,7 @@ const core = __webpack_require__(470);
const child_process = __webpack_require__(129); const child_process = __webpack_require__(129);
const fs = __webpack_require__(747); const fs = __webpack_require__(747);
const os = __webpack_require__(87); const os = __webpack_require__(87);
const crypto = __webpack_require__(417);
try { try {
const privateKey = core.getInput('ssh-private-key'); const privateKey = core.getInput('ssh-private-key');
@ -175,6 +176,32 @@ try {
console.log("Keys added:"); console.log("Keys added:");
child_process.execSync('ssh-add -l', { stdio: 'inherit' }); child_process.execSync('ssh-add -l', { stdio: 'inherit' });
child_process.execFileSync('ssh-add', ['-L']).toString().split(/\r?\n/).forEach(function(key) {
let parts = key.match(/git@github.com:(.*)\.git/);
if (parts == null) {
return;
}
let userHost = parts[1];
let sha256 = crypto.createHash('sha256').update(key).digest('hex');
fs.writeFileSync(`${homeSsh}/${sha256}`, key + "\n", { mode: '600' });
child_process.execSync(`git config --global --replace-all url."git@${sha256}:${userHost}".insteadOf "https://github.com/${userHost}"`);
child_process.execSync(`git config --global --add url."git@${sha256}:${userHost}".insteadOf "git@github.com:${userHost}"`);
let sshConfig = `\nHost ${sha256}\n`
+ ` HostName github.com\n`
+ ` User git\n`
+ ` IdentityFile ${homeSsh}/${sha256}\n`
+ ` IdentitiesOnly yes\n`;
fs.appendFileSync(`${homeSsh}/config`, sshConfig);
console.log(`Added deploy-key mapping: Use key ${sha256} for GitHub repository ${userHost}`);
});
} catch (error) { } catch (error) {
core.setFailed(error.message); core.setFailed(error.message);
} }
@ -189,6 +216,13 @@ module.exports = require("child_process");
/***/ }), /***/ }),
/***/ 417:
/***/ (function(module) {
module.exports = require("crypto");
/***/ }),
/***/ 431: /***/ 431:
/***/ (function(__unusedmodule, exports, __webpack_require__) { /***/ (function(__unusedmodule, exports, __webpack_require__) {

27
index.js
View file

@ -2,6 +2,7 @@ const core = require('@actions/core');
const child_process = require('child_process'); const child_process = require('child_process');
const fs = require('fs'); const fs = require('fs');
const os = require('os'); const os = require('os');
const crypto = require('crypto');
try { try {
const privateKey = core.getInput('ssh-private-key'); const privateKey = core.getInput('ssh-private-key');
@ -58,6 +59,32 @@ try {
console.log("Keys added:"); console.log("Keys added:");
child_process.execSync('ssh-add -l', { stdio: 'inherit' }); child_process.execSync('ssh-add -l', { stdio: 'inherit' });
child_process.execFileSync('ssh-add', ['-L']).toString().split(/\r?\n/).forEach(function(key) {
let parts = key.match(/git@github.com:(.*)\.git/);
if (parts == null) {
return;
}
let userHost = parts[1];
let sha256 = crypto.createHash('sha256').update(key).digest('hex');
fs.writeFileSync(`${homeSsh}/${sha256}`, key + "\n", { mode: '600' });
child_process.execSync(`git config --global --replace-all url."git@${sha256}:${userHost}".insteadOf "https://github.com/${userHost}"`);
child_process.execSync(`git config --global --add url."git@${sha256}:${userHost}".insteadOf "git@github.com:${userHost}"`);
let sshConfig = `\nHost ${sha256}\n`
+ ` HostName github.com\n`
+ ` User git\n`
+ ` IdentityFile ${homeSsh}/${sha256}\n`
+ ` IdentitiesOnly yes\n`;
fs.appendFileSync(`${homeSsh}/config`, sshConfig);
console.log(`Added deploy-key mapping: Use key ${sha256} for GitHub repository ${userHost}`);
});
} catch (error) { } catch (error) {
core.setFailed(error.message); core.setFailed(error.message);
} }