ability to set instance domain

This commit is contained in:
Alexander Mirgorod 2024-09-30 17:38:04 +03:00
parent dc588b651f
commit 3f570f79fc
3 changed files with 23 additions and 12 deletions

View file

@ -1,6 +1,9 @@
name: 'webfactory/ssh-agent' name: 'webfactory/ssh-agent'
description: 'Run `ssh-agent` and load an SSH key to access other private repositories' description: 'Run `ssh-agent` and load an SSH key to access other private repositories'
inputs: inputs:
instance-domain:
description: 'Domain name of the instance (gitea/forgejo)'
required: false
ssh-private-key: ssh-private-key:
description: 'Private SSH key to register in the SSH agent' description: 'Private SSH key to register in the SSH agent'
required: true required: true

16
dist/index.js vendored
View file

@ -341,6 +341,10 @@ const crypto = __webpack_require__(417);
const { homePath, sshAgentCmdDefault, sshAddCmdDefault, gitCmdDefault } = __webpack_require__(972); const { homePath, sshAgentCmdDefault, sshAddCmdDefault, gitCmdDefault } = __webpack_require__(972);
try { try {
const instanceDomain = core.getInput('instance-domain', {default: 'github.com'});
const escapedDomain = instanceDomain.replace(/[-.]/g, '\\$&');
const regexDomain = new RegExp(`\\b${escapedDomain}[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)`, 'i');
const privateKey = core.getInput('ssh-private-key'); const privateKey = core.getInput('ssh-private-key');
const logPublicKey = core.getBooleanInput('log-public-key', {default: true}); const logPublicKey = core.getBooleanInput('log-public-key', {default: true});
@ -390,7 +394,7 @@ try {
console.log('Configuring deployment key(s)'); console.log('Configuring deployment key(s)');
child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) { child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) {
const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i); const parts = key.match(regexDomain);
if (!parts) { if (!parts) {
if (logPublicKey) { if (logPublicKey) {
@ -404,12 +408,12 @@ try {
fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' }); fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' });
child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "https://github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.${instanceDomain}:${ownerAndRepo}".insteadOf "https://${instanceDomain}/${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "git@github.com:${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${instanceDomain}:${ownerAndRepo}".insteadOf "git@${instanceDomain}:${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${instanceDomain}:${ownerAndRepo}".insteadOf "ssh://git@${instanceDomain}/${ownerAndRepo}"`);
const sshConfig = `\nHost key-${sha256}.github.com\n` const sshConfig = `\nHost key-${sha256}.${instanceDomain}\n`
+ ` HostName github.com\n` + ` HostName ${instanceDomain}\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n` + ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`; + ` IdentitiesOnly yes\n`;

View file

@ -5,6 +5,10 @@ const crypto = require('crypto');
const { homePath, sshAgentCmdDefault, sshAddCmdDefault, gitCmdDefault } = require('./paths.js'); const { homePath, sshAgentCmdDefault, sshAddCmdDefault, gitCmdDefault } = require('./paths.js');
try { try {
const instanceDomain = core.getInput('instance-domain', {default: 'github.com'});
const escapedDomain = instanceDomain.replace(/[-.]/g, '\\$&');
const regexDomain = new RegExp(`\\b${escapedDomain}[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)`, 'i');
const privateKey = core.getInput('ssh-private-key'); const privateKey = core.getInput('ssh-private-key');
const logPublicKey = core.getBooleanInput('log-public-key', {default: true}); const logPublicKey = core.getBooleanInput('log-public-key', {default: true});
@ -54,7 +58,7 @@ try {
console.log('Configuring deployment key(s)'); console.log('Configuring deployment key(s)');
child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) { child_process.execFileSync(sshAddCmd, ['-L']).toString().trim().split(/\r?\n/).forEach(function(key) {
const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i); const parts = key.match(regexDomain);
if (!parts) { if (!parts) {
if (logPublicKey) { if (logPublicKey) {
@ -68,12 +72,12 @@ try {
fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' }); fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' });
child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "https://github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --replace-all url."git@key-${sha256}.${instanceDomain}:${ownerAndRepo}".insteadOf "https://${instanceDomain}/${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "git@github.com:${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${instanceDomain}:${ownerAndRepo}".insteadOf "git@${instanceDomain}:${ownerAndRepo}"`);
child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`); child_process.execSync(`${gitCmd} config --global --add url."git@key-${sha256}.${instanceDomain}:${ownerAndRepo}".insteadOf "ssh://git@${instanceDomain}/${ownerAndRepo}"`);
const sshConfig = `\nHost key-${sha256}.github.com\n` const sshConfig = `\nHost key-${sha256}.${instanceDomain}\n`
+ ` HostName github.com\n` + ` HostName ${instanceDomain}\n`
+ ` IdentityFile ${homeSsh}/key-${sha256}\n` + ` IdentityFile ${homeSsh}/key-${sha256}\n`
+ ` IdentitiesOnly yes\n`; + ` IdentitiesOnly yes\n`;