commit
609b9969e2
15
Dockerfile
15
Dockerfile
|
@ -1,27 +1,12 @@
|
||||||
FROM ubuntu:latest
|
FROM ubuntu:latest
|
||||||
|
|
||||||
|
|
||||||
# Update
|
# Update
|
||||||
RUN apt-get update
|
RUN apt-get update
|
||||||
|
|
||||||
|
|
||||||
# Install packages
|
# Install packages
|
||||||
RUN apt-get -yq install rsync openssh-client
|
RUN apt-get -yq install rsync openssh-client
|
||||||
|
|
||||||
|
|
||||||
# Label
|
|
||||||
LABEL "com.github.actions.name"="rsync deployments"
|
|
||||||
LABEL "com.github.actions.description"="For deploying code to a webserver via rsync over ssh"
|
|
||||||
LABEL "com.github.actions.icon"="truck"
|
|
||||||
LABEL "com.github.actions.color"="yellow"
|
|
||||||
|
|
||||||
LABEL "repository"="https://github.com/Burnett01/rsync-deployments"
|
|
||||||
LABEL "homepage"="https://github.com/Burnett01/rsync-deployments"
|
|
||||||
LABEL "maintainer"="Contention <hello@contention.agency> & Burnett01"
|
|
||||||
|
|
||||||
|
|
||||||
# Copy entrypoint
|
# Copy entrypoint
|
||||||
ADD entrypoint.sh /entrypoint.sh
|
ADD entrypoint.sh /entrypoint.sh
|
||||||
RUN chmod +x /entrypoint.sh
|
RUN chmod +x /entrypoint.sh
|
||||||
ENTRYPOINT ["/entrypoint.sh"]
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
|
||||||
|
|
89
README.md
89
README.md
|
@ -7,24 +7,32 @@ This GitHub Action deploys files in `GITHUB_WORKSPACE` to a folder on a server v
|
||||||
|
|
||||||
Use this action in a build/test workflow which leaves deployable code in `GITHUB_WORKSPACE`.
|
Use this action in a build/test workflow which leaves deployable code in `GITHUB_WORKSPACE`.
|
||||||
|
|
||||||
# Required SECRETs
|
# Inputs
|
||||||
|
|
||||||
This action needs a `DEPLOY_KEY` secret variable. This should be the private key part of a ssh key pair. The public key part should be added to the authorized_keys file on the server that receives the deployment. This should be set in the Github secrets section and then referenced as an `env` variable.
|
- `switches`* - The first is for any initial/required rsync flags, eg: `-avzr --delete`
|
||||||
|
|
||||||
# ARGs
|
- `rsh` - Remote shell commands, eg for using a different SSH port: `"-p ${{ secrets.DEPLOY_PORT }}"`
|
||||||
|
|
||||||
This action requires 4 args in the `with` block.
|
- `path` - The source path. Defaults to GITHUB_WORKSPACE
|
||||||
|
|
||||||
1. `swtiches` - The first is for any initial/required rsync flags, eg: `-avzr --delete`
|
- `remote_path`* - The deployment target path
|
||||||
|
|
||||||
2. `rsh` - Remote shell commands, eg for using a different SSH port: `"-p ${{ secrets.DEPLOY_PORT }}"`
|
- `remote_host`* - The remote host
|
||||||
|
|
||||||
3. `path` - The source path, if none; use `""`
|
- `remote_user`* - The remote user
|
||||||
|
|
||||||
4. `upload_path` - The deployment target, and should be in the format: `[USER]@[HOST]:[PATH]`
|
- `remote_key`* - The remote ssh key
|
||||||
|
|
||||||
|
``* = Required``
|
||||||
|
|
||||||
|
# Required secret
|
||||||
|
|
||||||
|
This action needs a `DEPLOY_KEY` secret variable. This should be the private key part of a ssh key pair. The public key part should be added to the authorized_keys file on the server that receives the deployment. This should be set in the Github secrets section and then referenced as the `remote_key` input.
|
||||||
|
|
||||||
# Example usage
|
# Example usage
|
||||||
|
|
||||||
|
Simple:
|
||||||
|
|
||||||
```
|
```
|
||||||
name: DEPLOY
|
name: DEPLOY
|
||||||
on:
|
on:
|
||||||
|
@ -38,20 +46,63 @@ jobs:
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v1
|
- uses: actions/checkout@v1
|
||||||
- name: rsync deployments
|
- name: rsync deployments
|
||||||
uses: burnett01/rsync-deployments@1.0
|
uses: burnett01/rsync-deployments@2.0
|
||||||
with:
|
with:
|
||||||
switches: -avzr --delete --exclude="" --include=""
|
switches: -avzr --delete
|
||||||
rsh: "-p ${{ secrets.DEPLOY_PORT }}"
|
|
||||||
path: src/
|
path: src/
|
||||||
upload_path: user@example.com:/var/www/html/
|
remote_path: /var/www/html/
|
||||||
|
remote_host: example.com
|
||||||
env:
|
remote_user: debian
|
||||||
DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }}
|
remote_key: ${{ secrets.DEPLOY_KEY }}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Disclaimer
|
Advanced:
|
||||||
|
|
||||||
If you're using GitHub Actions, you probably already know that it's still in limited public beta, and GitHub advise against using Actions in production.
|
```
|
||||||
|
name: DEPLOY
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
|
||||||
So, check your keys. Check your deployment paths. And use at your own risk.
|
jobs:
|
||||||
|
deploy:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v1
|
||||||
|
- name: rsync deployments
|
||||||
|
uses: burnett01/rsync-deployments@2.0
|
||||||
|
with:
|
||||||
|
switches: -avzr --delete --exclude="" --include="" --filter=""
|
||||||
|
rsh: "-p ${{ secrets.DEPLOY_PORT }}"
|
||||||
|
path: src/
|
||||||
|
remote_path: /var/www/html/
|
||||||
|
remote_host: example.com
|
||||||
|
remote_user: debian
|
||||||
|
remote_key: ${{ secrets.DEPLOY_KEY }}
|
||||||
|
```
|
||||||
|
|
||||||
|
For better security, I suggest you create additional secrets for remote_host and remote_user inputs.
|
||||||
|
|
||||||
|
```
|
||||||
|
name: DEPLOY
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
deploy:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v1
|
||||||
|
- name: rsync deployments
|
||||||
|
uses: burnett01/rsync-deployments@2.0
|
||||||
|
with:
|
||||||
|
switches: -avzr --delete
|
||||||
|
path: src/
|
||||||
|
remote_path: /var/www/html/
|
||||||
|
remote_host: ${{ secrets.DEPLOY_HOST }}
|
||||||
|
remote_user: ${{ secrets.DEPLOY_USER }}
|
||||||
|
remote_key: ${{ secrets.DEPLOY_KEY }}
|
||||||
|
```
|
||||||
|
|
11
action.yml
11
action.yml
|
@ -13,9 +13,18 @@ inputs:
|
||||||
description: 'The local path'
|
description: 'The local path'
|
||||||
required: false
|
required: false
|
||||||
default: ''
|
default: ''
|
||||||
upload_path:
|
remote_path:
|
||||||
description: 'The remote path'
|
description: 'The remote path'
|
||||||
required: true
|
required: true
|
||||||
|
remote_host:
|
||||||
|
description: 'The remote host'
|
||||||
|
required: true
|
||||||
|
remote_user:
|
||||||
|
description: 'The remote user'
|
||||||
|
required: true
|
||||||
|
remote_key:
|
||||||
|
description: 'The remote key'
|
||||||
|
required: true
|
||||||
runs:
|
runs:
|
||||||
using: 'docker'
|
using: 'docker'
|
||||||
image: 'Dockerfile'
|
image: 'Dockerfile'
|
||||||
|
|
|
@ -1,17 +1,18 @@
|
||||||
#!/bin/sh
|
#!/bin/bash
|
||||||
|
|
||||||
set -eu
|
set -eu
|
||||||
|
|
||||||
# Set deploy key
|
# Set deploy key
|
||||||
SSH_PATH="$HOME/.ssh"
|
SSH_PATH="$HOME/.ssh"
|
||||||
|
|
||||||
# Create .ssh dir if it doesn't exist
|
# Create .ssh dir if it doesn't exist
|
||||||
if [ ! -d "$SSH_PATH" ]; then
|
[ -d "$SSH_PATH" ] || mkdir "$SSH_PATH"
|
||||||
mkdir "$SSH_PATH"
|
|
||||||
fi
|
|
||||||
# Place deploy_key into .ssh dir
|
# Place deploy_key into .ssh dir
|
||||||
echo "$DEPLOY_KEY" > "$SSH_PATH/deploy_key"
|
echo "$INPUT_REMOTE_KEY" > "$SSH_PATH/key"
|
||||||
|
|
||||||
# Set r+w to user only
|
# Set r+w to user only
|
||||||
chmod 600 "$SSH_PATH/deploy_key"
|
chmod 600 "$SSH_PATH/key"
|
||||||
|
|
||||||
# Do deployment
|
# Do deployment
|
||||||
sh -c "rsync $INPUT_SWITCHES -e 'ssh -i $SSH_PATH/deploy_key -o StrictHostKeyChecking=no $INPUT_RSH' $GITHUB_WORKSPACE/$INPUT_PATH $INPUT_UPLOAD_PATH"
|
sh -c "rsync $INPUT_SWITCHES -e 'ssh -i $SSH_PATH/key -o StrictHostKeyChecking=no $INPUT_RSH' $GITHUB_WORKSPACE/$INPUT_PATH $INPUT_REMOTE_USER@$INPUT_REMOTE_HOST:$INPUT_REMOTE_PATH"
|
||||||
|
|
Loading…
Reference in New Issue