commit
609b9969e2
15
Dockerfile
15
Dockerfile
|
@ -1,27 +1,12 @@
|
|||
FROM ubuntu:latest
|
||||
|
||||
|
||||
# Update
|
||||
RUN apt-get update
|
||||
|
||||
|
||||
# Install packages
|
||||
RUN apt-get -yq install rsync openssh-client
|
||||
|
||||
|
||||
# Label
|
||||
LABEL "com.github.actions.name"="rsync deployments"
|
||||
LABEL "com.github.actions.description"="For deploying code to a webserver via rsync over ssh"
|
||||
LABEL "com.github.actions.icon"="truck"
|
||||
LABEL "com.github.actions.color"="yellow"
|
||||
|
||||
LABEL "repository"="https://github.com/Burnett01/rsync-deployments"
|
||||
LABEL "homepage"="https://github.com/Burnett01/rsync-deployments"
|
||||
LABEL "maintainer"="Contention <hello@contention.agency> & Burnett01"
|
||||
|
||||
|
||||
# Copy entrypoint
|
||||
ADD entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
|
|
89
README.md
89
README.md
|
@ -7,24 +7,32 @@ This GitHub Action deploys files in `GITHUB_WORKSPACE` to a folder on a server v
|
|||
|
||||
Use this action in a build/test workflow which leaves deployable code in `GITHUB_WORKSPACE`.
|
||||
|
||||
# Required SECRETs
|
||||
# Inputs
|
||||
|
||||
This action needs a `DEPLOY_KEY` secret variable. This should be the private key part of a ssh key pair. The public key part should be added to the authorized_keys file on the server that receives the deployment. This should be set in the Github secrets section and then referenced as an `env` variable.
|
||||
- `switches`* - The first is for any initial/required rsync flags, eg: `-avzr --delete`
|
||||
|
||||
# ARGs
|
||||
- `rsh` - Remote shell commands, eg for using a different SSH port: `"-p ${{ secrets.DEPLOY_PORT }}"`
|
||||
|
||||
This action requires 4 args in the `with` block.
|
||||
- `path` - The source path. Defaults to GITHUB_WORKSPACE
|
||||
|
||||
1. `swtiches` - The first is for any initial/required rsync flags, eg: `-avzr --delete`
|
||||
- `remote_path`* - The deployment target path
|
||||
|
||||
2. `rsh` - Remote shell commands, eg for using a different SSH port: `"-p ${{ secrets.DEPLOY_PORT }}"`
|
||||
- `remote_host`* - The remote host
|
||||
|
||||
3. `path` - The source path, if none; use `""`
|
||||
- `remote_user`* - The remote user
|
||||
|
||||
4. `upload_path` - The deployment target, and should be in the format: `[USER]@[HOST]:[PATH]`
|
||||
- `remote_key`* - The remote ssh key
|
||||
|
||||
``* = Required``
|
||||
|
||||
# Required secret
|
||||
|
||||
This action needs a `DEPLOY_KEY` secret variable. This should be the private key part of a ssh key pair. The public key part should be added to the authorized_keys file on the server that receives the deployment. This should be set in the Github secrets section and then referenced as the `remote_key` input.
|
||||
|
||||
# Example usage
|
||||
|
||||
Simple:
|
||||
|
||||
```
|
||||
name: DEPLOY
|
||||
on:
|
||||
|
@ -38,20 +46,63 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: rsync deployments
|
||||
uses: burnett01/rsync-deployments@1.0
|
||||
uses: burnett01/rsync-deployments@2.0
|
||||
with:
|
||||
switches: -avzr --delete --exclude="" --include=""
|
||||
rsh: "-p ${{ secrets.DEPLOY_PORT }}"
|
||||
switches: -avzr --delete
|
||||
path: src/
|
||||
upload_path: user@example.com:/var/www/html/
|
||||
|
||||
env:
|
||||
DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }}
|
||||
|
||||
remote_path: /var/www/html/
|
||||
remote_host: example.com
|
||||
remote_user: debian
|
||||
remote_key: ${{ secrets.DEPLOY_KEY }}
|
||||
```
|
||||
|
||||
## Disclaimer
|
||||
Advanced:
|
||||
|
||||
If you're using GitHub Actions, you probably already know that it's still in limited public beta, and GitHub advise against using Actions in production.
|
||||
```
|
||||
name: DEPLOY
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
|
||||
So, check your keys. Check your deployment paths. And use at your own risk.
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: rsync deployments
|
||||
uses: burnett01/rsync-deployments@2.0
|
||||
with:
|
||||
switches: -avzr --delete --exclude="" --include="" --filter=""
|
||||
rsh: "-p ${{ secrets.DEPLOY_PORT }}"
|
||||
path: src/
|
||||
remote_path: /var/www/html/
|
||||
remote_host: example.com
|
||||
remote_user: debian
|
||||
remote_key: ${{ secrets.DEPLOY_KEY }}
|
||||
```
|
||||
|
||||
For better security, I suggest you create additional secrets for remote_host and remote_user inputs.
|
||||
|
||||
```
|
||||
name: DEPLOY
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: rsync deployments
|
||||
uses: burnett01/rsync-deployments@2.0
|
||||
with:
|
||||
switches: -avzr --delete
|
||||
path: src/
|
||||
remote_path: /var/www/html/
|
||||
remote_host: ${{ secrets.DEPLOY_HOST }}
|
||||
remote_user: ${{ secrets.DEPLOY_USER }}
|
||||
remote_key: ${{ secrets.DEPLOY_KEY }}
|
||||
```
|
||||
|
|
11
action.yml
11
action.yml
|
@ -13,9 +13,18 @@ inputs:
|
|||
description: 'The local path'
|
||||
required: false
|
||||
default: ''
|
||||
upload_path:
|
||||
remote_path:
|
||||
description: 'The remote path'
|
||||
required: true
|
||||
remote_host:
|
||||
description: 'The remote host'
|
||||
required: true
|
||||
remote_user:
|
||||
description: 'The remote user'
|
||||
required: true
|
||||
remote_key:
|
||||
description: 'The remote key'
|
||||
required: true
|
||||
runs:
|
||||
using: 'docker'
|
||||
image: 'Dockerfile'
|
||||
|
|
|
@ -1,17 +1,18 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
|
||||
set -eu
|
||||
|
||||
# Set deploy key
|
||||
SSH_PATH="$HOME/.ssh"
|
||||
|
||||
# Create .ssh dir if it doesn't exist
|
||||
if [ ! -d "$SSH_PATH" ]; then
|
||||
mkdir "$SSH_PATH"
|
||||
fi
|
||||
[ -d "$SSH_PATH" ] || mkdir "$SSH_PATH"
|
||||
|
||||
# Place deploy_key into .ssh dir
|
||||
echo "$DEPLOY_KEY" > "$SSH_PATH/deploy_key"
|
||||
echo "$INPUT_REMOTE_KEY" > "$SSH_PATH/key"
|
||||
|
||||
# Set r+w to user only
|
||||
chmod 600 "$SSH_PATH/deploy_key"
|
||||
chmod 600 "$SSH_PATH/key"
|
||||
|
||||
# Do deployment
|
||||
sh -c "rsync $INPUT_SWITCHES -e 'ssh -i $SSH_PATH/deploy_key -o StrictHostKeyChecking=no $INPUT_RSH' $GITHUB_WORKSPACE/$INPUT_PATH $INPUT_UPLOAD_PATH"
|
||||
sh -c "rsync $INPUT_SWITCHES -e 'ssh -i $SSH_PATH/key -o StrictHostKeyChecking=no $INPUT_RSH' $GITHUB_WORKSPACE/$INPUT_PATH $INPUT_REMOTE_USER@$INPUT_REMOTE_HOST:$INPUT_REMOTE_PATH"
|
||||
|
|
Loading…
Reference in New Issue