Commit graph

43 commits

Author SHA1 Message Date
Matthias Pigulla
d4b9b8ff72
Stop adding GitHub SSH keys (#171)
We need to fix the SSH keys shipped with this action:
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/

But, we have another issue
(https://github.com/webfactory/ssh-agent/pull/108) with regards to host
keys: On self-hosted runners which are not ephemeral the known_host file
fills up with repeated entries, because every action run adds a new line
with the same host keys.

Also, on those machines, the old key will still be in the `known_hosts`
file.

IMHO this action should not be repsonsible for shipping SSH host keys,
that's too much responsibility.

This section in the code is a leftover from early days when GitHub
provided runners did not include SSH keys at all. For a long time
already, GH takes care of placing their SSH keys in their runner images.

For self-hosted runners, those people setting up the runner should fetch
and verify SSH keys themselves and put it into the `known_hosts` file.

I know this is a breaking change and is going to annoy users. But on the
other hand, there is no better opportunity to drop this feature than
with an emergency-style key revocation as today.

Closes #106, closes #129, closes #169, closes #170, closes #172.
2023-03-24 12:15:25 +01:00
j-riebe
9fbc246995
Clarify usage for Docker build processes, especially with deployment keys (#145)
The current docs mention only `docker/build-push-action` in conjunction
with deploy keys.

This might mislead users to believe, that this only applies to said
Action. But the concept applies to all workflows that somehow use
`docker build` with deploy keys.

This PR clarifies the relevant section.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2023-01-27 18:32:35 +01:00
Dilum Aluthge
6f828ccb51
Allow the user to override the commands for git, ssh-agent, and ssh-add (#154)
On my self-hosted Windows runners, the `git`, `ssh-agent`, and `ssh-add`
commands are not located in the locations that are currently hard-coded
in `paths.js`.

With this PR, I am able to get this action to work on my runners as
follows:

```yaml
- uses: webfactory/ssh-agent@...
  with:
    ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
    git-cmd: git
    ssh-agent-cmd: ssh-agent
    ssh-add-cmd: ssh-add
```
2023-01-27 18:09:18 +01:00
kjarkur
209e2d72ff
Fix a typo in the README.md (#146) 2022-11-25 19:45:57 +01:00
kjarkur
18ff7066d3
Update README.md (#147)
Update `actions/checkout` to `@v3` and make it syntactically correct in order to allow copy and paste.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2022-11-25 19:44:41 +01:00
Patrick Higgins
2996779c08
Replace 0.6.0 references with 0.7.0 in README.md (#153) 2022-11-25 19:40:39 +01:00
j-riebe
b19b28d091
Explain how to use docker/build-push-action with deployment-key configs (#133)
This PR adds a recipe for using `docker/build-push-action` with multiple Deploy Keys (#78) to the docs.
2022-10-19 13:32:32 +02:00
Camilo Celis Guzman
fbef2c7bd0
Add an action input/flag to disable logging of public key information (#122)
This commit adds the new `log-public-key` action input.

Closes #122 (contains the suggested changes plus a few tweaks and documentation), fixes #100.

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2022-10-19 10:42:05 +00:00
Chung Tran
ea4c593dc9
Update node from node12 to node16 (#132)
This addresses the deprecation of Node 12 in GHA (https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/).
2022-10-19 10:16:47 +02:00
Dan Walkes
26e485b72d
Fix link to an issue in the README file (#120) 2022-09-01 09:03:13 +02:00
dependabot[bot]
5a6c248f3f
Bump @actions/core from 1.2.6 to 1.9.1 (#125)
* Bump @actions/core from 1.2.6 to 1.9.1

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.6 to 1.9.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump the copyright year

* yarn.lock syntax updates

* Rebuild dist/

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2022-09-01 09:02:13 +02:00
Koshi Eguchi
19a5c6646f Fix a typo in README.md 2022-02-10 15:26:18 +09:00
Matthias Pigulla
fc49353b67
Bump example version numbers in the README file 2021-11-20 11:43:25 +00:00
John Hamelink
97348a2ec6
Document on how to integrate with docker/build-push-action (#90)
This change adds some extra clarification to the documentation to show how to setup the `docker/build-push-action` step with this action. This is very helpful when using buildkit's `RUN --mount=type=ssh`. We found this to be a little confusing and the GH issues we found on the matter didn't help!

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2021-11-18 12:27:08 +01:00
Ror
bbd5513ed5
Better explain in the README how to set up keys in repositories (#96) 2021-11-18 11:58:33 +01:00
Matthias Pigulla
5f066a372e
Prepare a 0.5.3 release 2021-06-11 15:18:45 +02:00
Matthias Pigulla
81d965f2bd
Tix a fypo 2021-06-03 23:33:40 +02:00
Matthias Pigulla
8569bedfe0 Mention "-scmProvider system" for XCode builds/Swift Package Manager
Co-authored-by: rr-james-hickman <james.hickman@rakuten.com>
2021-05-27 20:11:56 +00:00
Matthias Pigulla
98f76b1158 Give an example of how to add a key comment
Co-authored-by: rr-james-hickman <james.hickman@rakuten.com>
2021-05-27 20:05:28 +00:00
Matthias Pigulla
cb8b21017a
Update version numbers in README for the next bugfix release 2021-04-07 12:30:27 +02:00
Matthias Pigulla
795485730f
Prepare 0.5.1 release 2021-03-10 08:17:18 +01:00
Shashank Patidar
65d1ea3d90 Mention that container-based workflows need to have ssh packages installed
Co-authored-by: Shashank Patidar <74622220+shashank11p@users.noreply.github.com>
2021-03-05 20:11:48 +00:00
Cecile Tonglet
5f95203cea
Add note about using cargo with private dependencies (#64)
* Add note about using cargo with private dependencies

* Update doc to mention Windows only

* Add alternative workaround

* Create extra main section for tips and information regarding different languages/tools

Co-authored-by: Matthias Pigulla <mp@webfactory.de>
2021-03-04 12:49:35 +01:00
Matthias Pigulla
6b2f2c5354
Prepare README for the upcoming 0.5.0 release 2021-02-19 14:41:23 +01:00
Matthias Pigulla
4d06ea6a33
Add support for GitHub Deployment Keys through key comments (#59)
Fixes #30, closes #38.
2021-02-19 14:37:34 +01:00
Matthias Pigulla
85353917a2
Tweak README formatting 2021-02-13 21:26:12 +01:00
Matthias Pigulla
e5df661fc4 Update README to mention Windows and/or Docker support 2021-02-13 20:25:14 +00:00
Matthias Pigulla
23e7ede81c Bump copyright in README 2021-02-13 20:03:25 +00:00
Matthias Pigulla
79096d29b0 Document how to pass input arguments during local development
Suggested by @shaunco in #38.

Co-authored-by: Shaun Cooley <scooley@mapped.com>
2021-02-12 18:04:53 +00:00
Matthias Pigulla
ee29fafb6a Update README for a 0.4.1 release 2020-10-07 21:08:38 +00:00
Matthias Pigulla
9e5c1c7a9b
Point to blog post explaining how to use multiple GitHub deploy keys 2020-09-07 16:57:21 +02:00
Matthias Pigulla
ef0ce0cab8
Ignore failures when trying to kill the ssh-agent (#33) 2020-06-24 08:31:28 +02:00
Ryan Zidago
5ef9e0334a
updated README.md to including further instructions regarding where to add deploy key (#34) 2020-06-23 12:56:50 +02:00
Adam Dobrawy
8789658b02
Update actions version in examples (#29) 2020-06-05 06:45:30 +02:00
Thorben Nissen
4fcb25e7ef
Randomize SSH auth socket, kill agent to support non-ephemeral, self hosted runners (@thommyhh, #27)
Thanks to @thommyhh for this contribution!

Unless the `SSH_AUTH_SOCK` is configured explicitly, this change will make the SSH agent use a random file name for the socket. That way, multiple, concurrent SSH agents can be used on non-ephemeral, self-hosted runners.

A new post-action step will automatically clean up the running agent at the end of a job.

Be aware of the possible security implications: Two jobs running on the same runner might be able to access each other's socket and thus access repositories and/or hosts.
2020-05-18 09:08:29 +02:00
Jan Pieter Waagmeester
a3b3049f43
add omitted 'key' word 2020-03-31 12:23:36 +02:00
Matthias Pigulla
9d13200510 Bump copyright year in README 2020-01-14 09:35:08 +00:00
Matthias Pigulla
b6c65becb0 Prepare the v0.2.0 release 2020-01-14 09:32:40 +00:00
Matthias Pigulla
6cf6299d23
Support multiple SSH keys (#14)
* Support concatenation of multiple private keys in the given secret

* Add a changelog
2020-01-14 10:21:11 +01:00
Matthias Pigulla
ea39f521c5
Write down what this Action cannot do
A few notes on what has been raised as issues recently.
2019-11-28 17:52:10 +01:00
Matthias Pigulla
1a9af8e8e0 Update README to show correct version number in example
Supersedes #3; thank you @kod-kristoff!
2019-09-24 22:08:56 +00:00
Matthias Pigulla
e181806200
Use $HOME to support OS X as well (#2)
This fixes #1. Windows is currently not supported.
2019-09-15 09:32:43 +02:00
Matthias Pigulla
64d68c7e61 Write GH action to set up ssh keys for private repos 2019-09-14 22:28:16 +00:00