version 2.0

Feature/version 2.0
This commit is contained in:
Steven Agyekum 2019-12-04 18:50:21 +01:00 committed by GitHub
commit 609b9969e2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 88 additions and 42 deletions

View File

@ -1,27 +1,12 @@
FROM ubuntu:latest FROM ubuntu:latest
# Update # Update
RUN apt-get update RUN apt-get update
# Install packages # Install packages
RUN apt-get -yq install rsync openssh-client RUN apt-get -yq install rsync openssh-client
# Label
LABEL "com.github.actions.name"="rsync deployments"
LABEL "com.github.actions.description"="For deploying code to a webserver via rsync over ssh"
LABEL "com.github.actions.icon"="truck"
LABEL "com.github.actions.color"="yellow"
LABEL "repository"="https://github.com/Burnett01/rsync-deployments"
LABEL "homepage"="https://github.com/Burnett01/rsync-deployments"
LABEL "maintainer"="Contention <hello@contention.agency> & Burnett01"
# Copy entrypoint # Copy entrypoint
ADD entrypoint.sh /entrypoint.sh ADD entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]

View File

@ -7,24 +7,32 @@ This GitHub Action deploys files in `GITHUB_WORKSPACE` to a folder on a server v
Use this action in a build/test workflow which leaves deployable code in `GITHUB_WORKSPACE`. Use this action in a build/test workflow which leaves deployable code in `GITHUB_WORKSPACE`.
# Required SECRETs # Inputs
This action needs a `DEPLOY_KEY` secret variable. This should be the private key part of a ssh key pair. The public key part should be added to the authorized_keys file on the server that receives the deployment. This should be set in the Github secrets section and then referenced as an `env` variable. - `switches`* - The first is for any initial/required rsync flags, eg: `-avzr --delete`
# ARGs - `rsh` - Remote shell commands, eg for using a different SSH port: `"-p ${{ secrets.DEPLOY_PORT }}"`
This action requires 4 args in the `with` block. - `path` - The source path. Defaults to GITHUB_WORKSPACE
1. `swtiches` - The first is for any initial/required rsync flags, eg: `-avzr --delete` - `remote_path`* - The deployment target path
2. `rsh` - Remote shell commands, eg for using a different SSH port: `"-p ${{ secrets.DEPLOY_PORT }}"` - `remote_host`* - The remote host
3. `path` - The source path, if none; use `""` - `remote_user`* - The remote user
4. `upload_path` - The deployment target, and should be in the format: `[USER]@[HOST]:[PATH]` - `remote_key`* - The remote ssh key
``* = Required``
# Required secret
This action needs a `DEPLOY_KEY` secret variable. This should be the private key part of a ssh key pair. The public key part should be added to the authorized_keys file on the server that receives the deployment. This should be set in the Github secrets section and then referenced as the `remote_key` input.
# Example usage # Example usage
Simple:
``` ```
name: DEPLOY name: DEPLOY
on: on:
@ -38,20 +46,63 @@ jobs:
steps: steps:
- uses: actions/checkout@v1 - uses: actions/checkout@v1
- name: rsync deployments - name: rsync deployments
uses: burnett01/rsync-deployments@1.0 uses: burnett01/rsync-deployments@2.0
with: with:
switches: -avzr --delete --exclude="" --include="" switches: -avzr --delete
rsh: "-p ${{ secrets.DEPLOY_PORT }}"
path: src/ path: src/
upload_path: user@example.com:/var/www/html/ remote_path: /var/www/html/
remote_host: example.com
env: remote_user: debian
DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }} remote_key: ${{ secrets.DEPLOY_KEY }}
``` ```
## Disclaimer Advanced:
If you're using GitHub Actions, you probably already know that it's still in limited public beta, and GitHub advise against using Actions in production. ```
name: DEPLOY
on:
push:
branches:
- master
So, check your keys. Check your deployment paths. And use at your own risk. jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: rsync deployments
uses: burnett01/rsync-deployments@2.0
with:
switches: -avzr --delete --exclude="" --include="" --filter=""
rsh: "-p ${{ secrets.DEPLOY_PORT }}"
path: src/
remote_path: /var/www/html/
remote_host: example.com
remote_user: debian
remote_key: ${{ secrets.DEPLOY_KEY }}
```
For better security, I suggest you create additional secrets for remote_host and remote_user inputs.
```
name: DEPLOY
on:
push:
branches:
- master
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: rsync deployments
uses: burnett01/rsync-deployments@2.0
with:
switches: -avzr --delete
path: src/
remote_path: /var/www/html/
remote_host: ${{ secrets.DEPLOY_HOST }}
remote_user: ${{ secrets.DEPLOY_USER }}
remote_key: ${{ secrets.DEPLOY_KEY }}
```

View File

@ -13,9 +13,18 @@ inputs:
description: 'The local path' description: 'The local path'
required: false required: false
default: '' default: ''
upload_path: remote_path:
description: 'The remote path' description: 'The remote path'
required: true required: true
remote_host:
description: 'The remote host'
required: true
remote_user:
description: 'The remote user'
required: true
remote_key:
description: 'The remote key'
required: true
runs: runs:
using: 'docker' using: 'docker'
image: 'Dockerfile' image: 'Dockerfile'

View File

@ -1,17 +1,18 @@
#!/bin/sh #!/bin/bash
set -eu set -eu
# Set deploy key # Set deploy key
SSH_PATH="$HOME/.ssh" SSH_PATH="$HOME/.ssh"
# Create .ssh dir if it doesn't exist # Create .ssh dir if it doesn't exist
if [ ! -d "$SSH_PATH" ]; then [ -d "$SSH_PATH" ] || mkdir "$SSH_PATH"
mkdir "$SSH_PATH"
fi
# Place deploy_key into .ssh dir # Place deploy_key into .ssh dir
echo "$DEPLOY_KEY" > "$SSH_PATH/deploy_key" echo "$INPUT_REMOTE_KEY" > "$SSH_PATH/key"
# Set r+w to user only # Set r+w to user only
chmod 600 "$SSH_PATH/deploy_key" chmod 600 "$SSH_PATH/key"
# Do deployment # Do deployment
sh -c "rsync $INPUT_SWITCHES -e 'ssh -i $SSH_PATH/deploy_key -o StrictHostKeyChecking=no $INPUT_RSH' $GITHUB_WORKSPACE/$INPUT_PATH $INPUT_UPLOAD_PATH" sh -c "rsync $INPUT_SWITCHES -e 'ssh -i $SSH_PATH/key -o StrictHostKeyChecking=no $INPUT_RSH' $GITHUB_WORKSPACE/$INPUT_PATH $INPUT_REMOTE_USER@$INPUT_REMOTE_HOST:$INPUT_REMOTE_PATH"