✨ ~ substitution fix. Added GHActions Workflow example

mountainash · Mar 10, 2024 · 33faab3 · 33faab3
1 parent 180f536
commit 33faab3
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
-# vx.x.x
+# v1.1.3
+## Features
+- Added GitHub Actions example to README
 ## Fixes
-- Keygen command fix in docs
+- setting USER so `~` substitution works as expected
+- Pulled latest `alpine` base image
+- "GitHub" branding from "Github"
 
 # v1.1.2
 ## Features

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,7 @@
 FROM alpine:latest
 
+USER root
+
 RUN apk add --no-cache openssh-client rsync && \
     mkdir -p ~/.ssh
 

diff --git a/README.md b/README.md
@@ -13,7 +13,7 @@ Can be used in a deployment pipeline to connect to a remote host, and run a git,
 
 These variables are set in GitLab CI/CD settings (but could be any CI/CD pipeline service eg. GitHub Actions, CircleCI, Jenkins, etc.):
 - `SSH_HOST` (remote's hostname)
-- `SSH_KNOWN_HOSTS` (host's key signature eg. `[172.31.98.99]:22222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE21QbMGqxh/pXh0/mn9K9hnplyRGA3MJfe/wBoCVIaX`, can be set to `NoStrictHostKeyChecking` to not check)
+- `SSH_KNOWN_HOSTS` (host's key signature eg. `[172.31.98.99]:22222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE...n9K9hnplyRGA3MJfe/wBoCVIaX`, can be set to `NoStrictHostKeyChecking` to not check)
 - `SSH_USER_NAME` (ssh username for access to the host)
 - `SSH_PRIVATE_KEY` (ssh private key for SSH_USER_NAME)
 
@@ -43,6 +43,7 @@ Create a `.gitlab-ci.yml` file in the root of your project to trigger SSH comman
 
 ```yml
 deploy:
+  ## Replace latest with a SHA for better security
   image: mountainash/openssh-client:latest
   only:
     - master
@@ -59,6 +60,38 @@ deploy:
 
 `image` can also be pulled from `registry.gitlab.com/containeryard/openssh`
 
+### GitHub Actions Workflow Example
+
+In `./github/workflows/ssh-deploy.yml` (or similar).
+
+```yml
+name: Deploy to Remote Server
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    name: Deploy to Remote Server
+    runs-on: ubuntu-latest
+    container:
+      image: registry.gitlab.com/containeryard/openssh
+      env:
+        SSH_HOST: ${{ vars.SSH_HOST }}
+        SSH_KNOWN_HOSTS: ${{ vars.SSH_KNOWN_HOSTS }}
+        SSH_USER_NAME: ${{ vars.SSH_USER_NAME }}
+        SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+      volumes:
+          - ./:/app/
+    steps:
+      - name: Copy HTML to Remote Server
+        run: scp /app/sample.html $SSH_USER_NAME@$SSH_HOST:/home/mountainash/www/sitename/index.html
+```
+
+`image` can also be pulled from `mountainash/openssh-client:latest` (Docker Hub).
+
 ## Contribute
 
 - GitLab: <https://gitlab.com/containeryard/openssh>

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -12,11 +12,13 @@ if [ "$SSH_PRIVATE_KEY" ]; then
 fi
 
 if [ "$SSH_KNOWN_HOSTS" ]; then
+    touch ~/.ssh/known_hosts
     echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
     chmod 644 ~/.ssh/known_hosts
 fi
 
 if [ "$SSH_KNOWN_HOSTS" == "NoStrictHostKeyChecking" ]; then
+    touch ~/.ssh/config
     echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >> ~/.ssh/config
 fi