Commit graph

77 commits

Author SHA1 Message Date
Benjamin Ragheb
2e59dd7d06
Remove outdated claim from README (#206)
Since #171 was merged, this action no longer touches `known_hosts`; this
line should have been removed from the README at that time.
2024-02-05 07:37:14 +01:00
wolf++
fd34b8dee2
Update README.md to reflect latest version (#196) 2023-11-02 17:03:13 +01:00
Matthias Pigulla
d4b9b8ff72
Stop adding GitHub SSH keys (#171)
We need to fix the SSH keys shipped with this action:
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/

But, we have another issue
(https://github.com/webfactory/ssh-agent/pull/108) with regards to host
keys: On self-hosted runners which are not ephemeral the known_host file
fills up with repeated entries, because every action run adds a new line
with the same host keys.

Also, on those machines, the old key will still be in the `known_hosts`
file.

IMHO this action should not be repsonsible for shipping SSH host keys,
that's too much responsibility.

This section in the code is a leftover from early days when GitHub
provided runners did not include SSH keys at all. For a long time
already, GH takes care of placing their SSH keys in their runner images.

For self-hosted runners, those people setting up the runner should fetch
and verify SSH keys themselves and put it into the `known_hosts` file.

I know this is a breaking change and is going to annoy users. But on the
other hand, there is no better opportunity to drop this feature than
with an emergency-style key revocation as today.

Closes #106, closes #129, closes #169, closes #170, closes #172.
2023-03-24 12:15:25 +01:00
Dilum Aluthge
ea17a056b9
Add missing semicolons (#159)
Follow-up to #154
2023-01-28 08:20:24 +01:00
j-riebe
9fbc246995
Clarify usage for Docker build processes, especially with deployment keys (#145)
The current docs mention only `docker/build-push-action` in conjunction
with deploy keys.

This might mislead users to believe, that this only applies to said
Action. But the concept applies to all workflows that somehow use
`docker build` with deploy keys.

This PR clarifies the relevant section.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2023-01-27 18:32:35 +01:00
Dilum Aluthge
6f828ccb51
Allow the user to override the commands for git, ssh-agent, and ssh-add (#154)
On my self-hosted Windows runners, the `git`, `ssh-agent`, and `ssh-add`
commands are not located in the locations that are currently hard-coded
in `paths.js`.

With this PR, I am able to get this action to work on my runners as
follows:

```yaml
- uses: webfactory/ssh-agent@...
  with:
    ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
    git-cmd: git
    ssh-agent-cmd: ssh-agent
    ssh-add-cmd: ssh-add
```
2023-01-27 18:09:18 +01:00
kjarkur
209e2d72ff
Fix a typo in the README.md (#146) 2022-11-25 19:45:57 +01:00
kjarkur
18ff7066d3
Update README.md (#147)
Update `actions/checkout` to `@v3` and make it syntactically correct in order to allow copy and paste.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2022-11-25 19:44:41 +01:00
Patrick Higgins
2996779c08
Replace 0.6.0 references with 0.7.0 in README.md (#153) 2022-11-25 19:40:39 +01:00
Matthias Pigulla
4512be8010
Update to actions/checkout@v3 (#143) 2022-10-25 17:23:31 +02:00
Matthias Pigulla
836c84ec59
Prepare a v0.7.0 release 2022-10-19 13:52:25 +00:00
Matthias Pigulla
8a9e20a586
Fix path to git binary on Windows runners (#140)
This PR fixes an apparently wrong path to the `git` binary that was added in #136. 

According to https://github.com/actions/checkout/discussions/928#discussioncomment-3861581, the path should not contain the `usr/` part, although for `ssh-add` and `ssh-agent`, it has to.
2022-10-19 14:55:54 +02:00
Matthias Pigulla
0a7dc1c09f
Avoid nonsensical log message (#139)
This change avoids the

`Comment for (public) key '' does not match GitHub URL pattern. Not treating it as a GitHub deploy key.`

log message that was caused by inappropriate parsing of `ssh-add -L` output and confused a lot of users already.
2022-10-19 14:54:52 +02:00
j-riebe
b19b28d091
Explain how to use docker/build-push-action with deployment-key configs (#133)
This PR adds a recipe for using `docker/build-push-action` with multiple Deploy Keys (#78) to the docs.
2022-10-19 13:32:32 +02:00
Matthias Pigulla
2c78a1c5d1
Update the CHANGELOG 2022-10-19 11:28:57 +00:00
Oktawian Chojnacki
df2f741a87
Provide gitPath for Windows to avoid failures on windows-2022 (GitHub-hosted runner) (#137)
### Problem:
Observed error on `windows-2022` ([GitHub-hosted runner](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources)) that `git` command cannot be found.

### Issue: 

Cannot find git executable on on windows-2022 (GitHub-hosted runner) #136 

### Solution:
This path improvement makes use of existing `path.js` to resolve and return correct `git.exe` path for Windows, leaving the executable name as it was for other operating systems.

### Caveats:
No idea how and why this `c://progra~1//git//usr//bin//git.exe` mumbo-jumbo works but it apparently did for other executables so figured it should work for `git.exe` (and it does).
2022-10-19 13:27:50 +02:00
Camilo Celis Guzman
fbef2c7bd0
Add an action input/flag to disable logging of public key information (#122)
This commit adds the new `log-public-key` action input.

Closes #122 (contains the suggested changes plus a few tweaks and documentation), fixes #100.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2022-10-19 10:42:05 +00:00
Matthias Pigulla
28cb4d8505
Prepare a 0.6.0 release 2022-10-19 08:17:39 +00:00
Chung Tran
ea4c593dc9
Update node from node12 to node16 (#132)
This addresses the deprecation of Node 12 in GHA (https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/).
2022-10-19 10:16:47 +02:00
Dan Walkes
26e485b72d
Fix link to an issue in the README file (#120) 2022-09-01 09:03:13 +02:00
dependabot[bot]
5a6c248f3f
Bump @actions/core from 1.2.6 to 1.9.1 (#125)
* Bump @actions/core from 1.2.6 to 1.9.1

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.6 to 1.9.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the copyright year

* yarn.lock syntax updates

* Rebuild dist/

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2022-09-01 09:02:13 +02:00
Sebastian Kugler
53715f806b
Merge pull request #109 from koshieguchi/fix_a_typo_in_README
Fix a typo in README.md
2022-02-10 08:50:57 +01:00
Koshi Eguchi
19a5c6646f Fix a typo in README.md 2022-02-10 15:26:18 +09:00
Matthias Pigulla
fc49353b67
Bump example version numbers in the README file 2021-11-20 11:43:25 +00:00
Matthias Pigulla
bc6614de94
Update recent changes in the CHANGELOG file 2021-11-20 11:43:02 +00:00
J.R. Mash
dc622c59e4
Update to Reflect Supported GitHub Host Keys (#102)
Closes #101 as well.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2021-11-20 12:21:38 +01:00
John Hamelink
97348a2ec6
Document on how to integrate with docker/build-push-action (#90)
This change adds some extra clarification to the documentation to show how to setup the `docker/build-push-action` step with this action. This is very helpful when using buildkit's `RUN --mount=type=ssh`. We found this to be a little confusing and the GH issues we found on the matter didn't help!

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2021-11-18 12:27:08 +01:00
Ror
bbd5513ed5
Better explain in the README how to set up keys in repositories (#96) 2021-11-18 11:58:33 +01:00
Matthias Pigulla
a652a400f2
Merge pull request #95 from mjhipp/mh_public_key_comment 2021-09-01 21:28:09 +02:00
Michael Hipp
1711bb1971 Update GitHub deploy key log comment to specify public key 2021-09-01 11:40:04 -07:00
Matthias Pigulla
5f066a372e
Prepare a 0.5.3 release 2021-06-11 15:18:45 +02:00
Maciej Pasternacki
a45226bfaf
Use execFileSync to clean up (#80)
execSync just started a second ssh-agent. `['-k']` argument was
treated as options, it didn't have `stdio` set, so stdio was piped and
returned (and ignored).
2021-06-11 15:17:22 +02:00
Matthias Pigulla
81d965f2bd
Tix a fypo 2021-06-03 23:33:40 +02:00
Matthias Pigulla
515d164e78
Run cleanup (post) step also on failure (#79)
According to https://github.com/actions/runner/issues/987, this should run the post step (cleanup.js) also when a workflow fails.

Probably most important on self-hosted runners that are not ephemeral, to terminate SSH agents from failed jobs as well.
2021-06-02 22:15:05 +02:00
Matthias Pigulla
8569bedfe0 Mention "-scmProvider system" for XCode builds/Swift Package Manager
Co-authored-by: rr-james-hickman <james.hickman@rakuten.com>
2021-05-27 20:11:56 +00:00
Matthias Pigulla
98f76b1158 Give an example of how to add a key comment
Co-authored-by: rr-james-hickman <james.hickman@rakuten.com>
2021-05-27 20:05:28 +00:00
Matthias Pigulla
cb8b21017a
Update version numbers in README for the next bugfix release 2021-04-07 12:30:27 +02:00
Matthias Pigulla
aed5400f20 Log when a key is _not_ used as a deploy key
Resolves #69.

Co-authored-by: Sean Killeen <SeanKilleen@gmail.com>
2021-03-17 18:50:49 +00:00
Matthias Pigulla
4681241867 Use case-insensitive regex matching when scanning key comments
Resolves #68, closes #70, closes #71.

Co-authored-by: Sean Killeen <SeanKilleen@gmail.com>
2021-03-17 18:27:52 +00:00
Matthias Pigulla
4b6f4eb000
Windows virtual environment: Use SSH binaries from the Git suite (#63)
* Use SSH binaries from the Git suite

* Try to kill the ssh-agent upon action termination on Windows as well
2021-03-10 08:19:17 +01:00
Matthias Pigulla
795485730f
Prepare 0.5.1 release 2021-03-10 08:17:18 +01:00
Matthias Pigulla
598c7ea894 Handle ENOENT exceptions with a graceful message 2021-03-05 20:17:14 +00:00
Shashank Patidar
65d1ea3d90 Mention that container-based workflows need to have ssh packages installed
Co-authored-by: Shashank Patidar <74622220+shashank11p@users.noreply.github.com>
2021-03-05 20:11:48 +00:00
Cecile Tonglet
5f95203cea
Add note about using cargo with private dependencies (#64)
* Add note about using cargo with private dependencies

* Update doc to mention Windows only

* Add alternative workaround

* Create extra main section for tips and information regarding different languages/tools

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2021-03-04 12:49:35 +01:00
Matthias Pigulla
6b2f2c5354
Prepare README for the upcoming 0.5.0 release 2021-02-19 14:41:23 +01:00
Matthias Pigulla
4d06ea6a33
Add support for GitHub Deployment Keys through key comments (#59)
Fixes #30, closes #38.
2021-02-19 14:37:34 +01:00
Matthias Pigulla
85353917a2
Tweak README formatting 2021-02-13 21:26:12 +01:00
Matthias Pigulla
e5df661fc4 Update README to mention Windows and/or Docker support 2021-02-13 20:25:14 +00:00
Matthias Pigulla
23e7ede81c Bump copyright in README 2021-02-13 20:03:25 +00:00
Matthias Pigulla
edc2fe4f2e
Support container-based workflows and Windows (#17) 2021-02-13 21:02:34 +01:00