diff --git a/CHANGELOG.md b/CHANGELOG.md index c29d204..999e8ba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ -# vx.x.x +# v1.1.3 +## Features +- Added GitHub Actions example to README ## Fixes -- Keygen command fix in docs +- setting USER so `~` substitution works as expected +- Pulled latest `alpine` base image +- "GitHub" branding from "Github" # v1.1.2 ## Features diff --git a/Dockerfile b/Dockerfile index d8d9a47..e5d0e46 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,7 @@ FROM alpine:latest +USER root + RUN apk add --no-cache openssh-client rsync && \ mkdir -p ~/.ssh diff --git a/README.md b/README.md index 1678029..6566278 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Can be used in a deployment pipeline to connect to a remote host, and run a git, These variables are set in GitLab CI/CD settings (but could be any CI/CD pipeline service eg. GitHub Actions, CircleCI, Jenkins, etc.): - `SSH_HOST` (remote's hostname) -- `SSH_KNOWN_HOSTS` (host's key signature eg. `[172.31.98.99]:22222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE21QbMGqxh/pXh0/mn9K9hnplyRGA3MJfe/wBoCVIaX`, can be set to `NoStrictHostKeyChecking` to not check) +- `SSH_KNOWN_HOSTS` (host's key signature eg. `[172.31.98.99]:22222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE...n9K9hnplyRGA3MJfe/wBoCVIaX`, can be set to `NoStrictHostKeyChecking` to not check) - `SSH_USER_NAME` (ssh username for access to the host) - `SSH_PRIVATE_KEY` (ssh private key for SSH_USER_NAME) @@ -43,6 +43,7 @@ Create a `.gitlab-ci.yml` file in the root of your project to trigger SSH comman ```yml deploy: + ## Replace latest with a SHA for better security image: mountainash/openssh-client:latest only: - master @@ -59,6 +60,38 @@ deploy: `image` can also be pulled from `registry.gitlab.com/containeryard/openssh` +### GitHub Actions Workflow Example + +In `./github/workflows/ssh-deploy.yml` (or similar). + +```yml +name: Deploy to Remote Server + +on: + push: + branches: + - main + +jobs: + deploy: + name: Deploy to Remote Server + runs-on: ubuntu-latest + container: + image: registry.gitlab.com/containeryard/openssh + env: + SSH_HOST: ${{ vars.SSH_HOST }} + SSH_KNOWN_HOSTS: ${{ vars.SSH_KNOWN_HOSTS }} + SSH_USER_NAME: ${{ vars.SSH_USER_NAME }} + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + volumes: + - ./:/app/ + steps: + - name: Copy HTML to Remote Server + run: scp /app/sample.html $SSH_USER_NAME@$SSH_HOST:/home/mountainash/www/sitename/index.html +``` + +`image` can also be pulled from `mountainash/openssh-client:latest` (Docker Hub). + ## Contribute - GitLab: diff --git a/entrypoint.sh b/entrypoint.sh index fcae432..9e9fc4f 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -12,11 +12,13 @@ if [ "$SSH_PRIVATE_KEY" ]; then fi if [ "$SSH_KNOWN_HOSTS" ]; then + touch ~/.ssh/known_hosts echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts chmod 644 ~/.ssh/known_hosts fi if [ "$SSH_KNOWN_HOSTS" == "NoStrictHostKeyChecking" ]; then + touch ~/.ssh/config echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >> ~/.ssh/config fi