chore: Support UseInsecureCipher (#115)

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

.drone.jsonnet

@@ -0,0 +1,16 @@
+local pipeline = import 'pipeline.libsonnet';
+local name = 'drone-scp';
+
+[
+  pipeline.test,
+  pipeline.build(name, 'linux', 'amd64'),
+  pipeline.build(name, 'linux', 'arm64'),
+  pipeline.build(name, 'linux', 'arm'),
+  pipeline.release,
+  pipeline.notifications(depends_on=[
+    'linux-amd64',
+    'linux-arm64',
+    'linux-arm',
+    'release-binary',
+  ]),
+]

.drone.yml

@@ -1,84 +1,365 @@
-workspace:
-  base: /srv/app
-  path: src/github.com/appleboy/drone-scp
+---
+kind: pipeline
+name: testing
 
-pipeline:
-  # restore the cache from an sftp server
-  restore_cache:
-    image: appleboy/drone-sftp-cache
-    restore: true
-    mount: [ .glide, vendor ]
-    ignore_branch: true
+platform:
+  os: linux
+  arch: amd64
 
-  test:
-    image: appleboy/golang-testing
-    pull: true
-    environment:
-      TAGS: netgo
-      GOPATH: /srv/app
-    commands:
-      - adduser -h /home/drone-scp -s /bin/bash -D -S drone-scp
-      - passwd -d drone-scp
-      - mkdir -p /home/drone-scp/.ssh
-      - chmod 700 /home/drone-scp/.ssh
-      - cp tests/.ssh/id_rsa.pub /home/drone-scp/.ssh/authorized_keys
-      - chown -R drone-scp /home/drone-scp/.ssh
-      # install ssh and start server
-      - apk update && apk add openssh openrc
-      - rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
-      - ./tests/entrypoint.sh /usr/sbin/sshd -D &
-      - make dep_install
-      - make vet
-      - make lint
-      - make test
-      - make coverage
-      - make build
-      # build binary for docker image
-      - make static_build
-    when:
-      event: [ push, tag, pull_request ]
+steps:
+- name: vet
+  pull: always
+  image: golang:1.14
+  commands:
+  - make vet
+  volumes:
+  - name: gopath
+    path: /go
 
-  release:
-    image: appleboy/golang-testing
-    pull: true
-    environment:
-      TAGS: netgo
-      GOPATH: /srv/app
-    commands:
-      - make release
-    when:
-      event: [ tag ]
-      branch: [ refs/tags/* ]
+- name: lint
+  pull: always
+  image: golang:1.14
+  commands:
+  - make lint
+  volumes:
+  - name: gopath
+    path: /go
 
-  docker:
-    image: plugins/docker
-    repo: ${DRONE_REPO}
-    tags: [ '${DRONE_TAG}' ]
-    when:
-      event: [ tag ]
-      branch: [ refs/tags/* ]
+- name: misspell
+  pull: always
+  image: golang:1.14
+  commands:
+  - make misspell-check
+  volumes:
+  - name: gopath
+    path: /go
 
-  docker:
-    image: plugins/docker
-    repo: ${DRONE_REPO}
-    tags: [ 'latest' ]
-    when:
-      event: [ push ]
-      branch: [ master ]
+- name: test
+  pull: always
+  image: golang:1.14-alpine
+  commands:
+  - apk add git make curl perl bash build-base zlib-dev ucl-dev
+  - make ssh-server
+  - make test
+  - make coverage
+  volumes:
+  - name: gopath
+    path: /go
 
-  github:
-    image: plugins/github-release
+- name: codecov
+  pull: always
+  image: robertstettner/drone-codecov
+  settings:
+    token:
+      from_secret: codecov_token
+
+volumes:
+- name: gopath
+  temp: {}
+
+---
+kind: pipeline
+name: linux-amd64
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: build-push
+  pull: always
+  image: golang:1.14
+  commands:
+  - "go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-scp"
+  environment:
+    CGO_ENABLED: 0
+  when:
+    event:
+      exclude:
+      - tag
+
+- name: build-tag
+  pull: always
+  image: golang:1.14
+  commands:
+  - "go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-scp"
+  environment:
+    CGO_ENABLED: 0
+  when:
+    event:
+    - tag
+
+- name: executable
+  pull: always
+  image: golang:1.14
+  commands:
+  - ./release/linux/amd64/drone-scp --help
+
+- name: dryrun
+  pull: always
+  image: plugins/docker:linux-amd64
+  settings:
+    cache_from: appleboy/drone-scp
+    dockerfile: docker/Dockerfile.linux.amd64
+    dry_run: true
+    repo: appleboy/drone-scp
+    tags: linux-amd64
+  when:
+    event:
+    - pull_request
+
+- name: publish
+  pull: always
+  image: plugins/docker:linux-amd64
+  settings:
+    auto_tag: true
+    auto_tag_suffix: linux-amd64
+    cache_from: appleboy/drone-scp
+    daemon_off: false
+    dockerfile: docker/Dockerfile.linux.amd64
+    password:
+      from_secret: docker_password
+    repo: appleboy/drone-scp
+    username:
+      from_secret: docker_username
+  when:
+    event:
+      exclude:
+      - pull_request
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/pull/**"
+  - "refs/tags/**"
+
+depends_on:
+- testing
+
+---
+kind: pipeline
+name: linux-arm64
+
+platform:
+  os: linux
+  arch: arm64
+
+steps:
+- name: build-push
+  pull: always
+  image: golang:1.14
+  commands:
+  - "go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-scp"
+  environment:
+    CGO_ENABLED: 0
+  when:
+    event:
+      exclude:
+      - tag
+
+- name: build-tag
+  pull: always
+  image: golang:1.14
+  commands:
+  - "go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-scp"
+  environment:
+    CGO_ENABLED: 0
+  when:
+    event:
+    - tag
+
+- name: executable
+  pull: always
+  image: golang:1.14
+  commands:
+  - ./release/linux/arm64/drone-scp --help
+
+- name: dryrun
+  pull: always
+  image: plugins/docker:linux-arm64
+  settings:
+    cache_from: appleboy/drone-scp
+    dockerfile: docker/Dockerfile.linux.arm64
+    dry_run: true
+    repo: appleboy/drone-scp
+    tags: linux-arm64
+  when:
+    event:
+    - pull_request
+
+- name: publish
+  pull: always
+  image: plugins/docker:linux-arm64
+  settings:
+    auto_tag: true
+    auto_tag_suffix: linux-arm64
+    cache_from: appleboy/drone-scp
+    daemon_off: false
+    dockerfile: docker/Dockerfile.linux.arm64
+    password:
+      from_secret: docker_password
+    repo: appleboy/drone-scp
+    username:
+      from_secret: docker_username
+  when:
+    event:
+      exclude:
+      - pull_request
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/pull/**"
+  - "refs/tags/**"
+
+depends_on:
+- testing
+
+---
+kind: pipeline
+name: linux-arm
+
+platform:
+  os: linux
+  arch: arm
+
+steps:
+- name: build-push
+  pull: always
+  image: golang:1.14
+  commands:
+  - "go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-scp"
+  environment:
+    CGO_ENABLED: 0
+  when:
+    event:
+      exclude:
+      - tag
+
+- name: build-tag
+  pull: always
+  image: golang:1.14
+  commands:
+  - "go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-scp"
+  environment:
+    CGO_ENABLED: 0
+  when:
+    event:
+    - tag
+
+- name: executable
+  pull: always
+  image: golang:1.14
+  commands:
+  - ./release/linux/arm/drone-scp --help
+
+- name: dryrun
+  pull: always
+  image: plugins/docker:linux-arm
+  settings:
+    cache_from: appleboy/drone-scp
+    dockerfile: docker/Dockerfile.linux.arm
+    dry_run: true
+    repo: appleboy/drone-scp
+    tags: linux-arm
+  when:
+    event:
+    - pull_request
+
+- name: publish
+  pull: always
+  image: plugins/docker:linux-arm
+  settings:
+    auto_tag: true
+    auto_tag_suffix: linux-arm
+    cache_from: appleboy/drone-scp
+    daemon_off: false
+    dockerfile: docker/Dockerfile.linux.arm
+    password:
+      from_secret: docker_password
+    repo: appleboy/drone-scp
+    username:
+      from_secret: docker_username
+  when:
+    event:
+      exclude:
+      - pull_request
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/pull/**"
+  - "refs/tags/**"
+
+depends_on:
+- testing
+
+---
+kind: pipeline
+name: release-binary
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: build-all-binary
+  pull: always
+  image: golang:1.14
+  commands:
+  - make release
+  when:
+    event:
+    - tag
+
+- name: deploy-all-binary
+  pull: always
+  image: plugins/github-release
+  settings:
+    api_key:
+      from_secret: github_release_api_key
     files:
-      - dist/release/*
-    when:
-      event: [ tag ]
-      branch: [ refs/tags/* ]
+    - "dist/release/*"
+  when:
+    event:
+    - tag
 
-  # rebuild the cache on the sftp server
-  rebuild_cache:
-    image: appleboy/drone-sftp-cache
-    rebuild: true
-    mount: [ .glide, vendor ]
-    ignore_branch: true
-    when:
-      branch: master
+trigger:
+  ref:
+  - "refs/tags/**"
+
+depends_on:
+- testing
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: manifest
+  pull: always
+  image: plugins/manifest
+  settings:
+    ignore_missing: true
+    password:
+      from_secret: docker_password
+    spec: docker/manifest.tmpl
+    username:
+      from_secret: docker_username
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+
+depends_on:
+- linux-amd64
+- linux-arm64
+- linux-arm
+- release-binary
+
+...

.drone.yml.sig

@@ -1 +0,0 @@
-eyJhbGciOiJIUzI1NiJ9.d29ya3NwYWNlOgogIGJhc2U6IC9zcnYvYXBwCiAgcGF0aDogc3JjL2dpdGh1Yi5jb20vYXBwbGVib3kvZHJvbmUtc2NwCgpwaXBlbGluZToKICAjIHJlc3RvcmUgdGhlIGNhY2hlIGZyb20gYW4gc2Z0cCBzZXJ2ZXIKICByZXN0b3JlX2NhY2hlOgogICAgaW1hZ2U6IGFwcGxlYm95L2Ryb25lLXNmdHAtY2FjaGUKICAgIHJlc3RvcmU6IHRydWUKICAgIG1vdW50OiBbIC5nbGlkZSwgdmVuZG9yIF0KICAgIGlnbm9yZV9icmFuY2g6IHRydWUKCiAgdGVzdDoKICAgIGltYWdlOiBhcHBsZWJveS9nb2xhbmctdGVzdGluZwogICAgcHVsbDogdHJ1ZQogICAgZW52aXJvbm1lbnQ6CiAgICAgIFRBR1M6IG5ldGdvCiAgICAgIEdPUEFUSDogL3Nydi9hcHAKICAgIGNvbW1hbmRzOgogICAgICAtIGFkZHVzZXIgLWggL2hvbWUvZHJvbmUtc2NwIC1zIC9iaW4vYmFzaCAtRCAtUyBkcm9uZS1zY3AKICAgICAgLSBwYXNzd2QgLWQgZHJvbmUtc2NwCiAgICAgIC0gbWtkaXIgLXAgL2hvbWUvZHJvbmUtc2NwLy5zc2gKICAgICAgLSBjaG1vZCA3MDAgL2hvbWUvZHJvbmUtc2NwLy5zc2gKICAgICAgLSBjcCB0ZXN0cy8uc3NoL2lkX3JzYS5wdWIgL2hvbWUvZHJvbmUtc2NwLy5zc2gvYXV0aG9yaXplZF9rZXlzCiAgICAgIC0gY2hvd24gLVIgZHJvbmUtc2NwIC9ob21lL2Ryb25lLXNjcC8uc3NoCiAgICAgICMgaW5zdGFsbCBzc2ggYW5kIHN0YXJ0IHNlcnZlcgogICAgICAtIGFwayB1cGRhdGUgJiYgYXBrIGFkZCBvcGVuc3NoIG9wZW5yYwogICAgICAtIHJtIC1yZiAvZXRjL3NzaC9zc2hfaG9zdF9yc2Ffa2V5IC9ldGMvc3NoL3NzaF9ob3N0X2RzYV9rZXkKICAgICAgLSAuL3Rlc3RzL2VudHJ5cG9pbnQuc2ggL3Vzci9zYmluL3NzaGQgLUQgJgogICAgICAtIG1ha2UgZGVwX2luc3RhbGwKICAgICAgLSBtYWtlIHZldAogICAgICAtIG1ha2UgbGludAogICAgICAtIG1ha2UgdGVzdAogICAgICAtIG1ha2UgY292ZXJhZ2UKICAgICAgLSBtYWtlIGJ1aWxkCiAgICAgICMgYnVpbGQgYmluYXJ5IGZvciBkb2NrZXIgaW1hZ2UKICAgICAgLSBtYWtlIHN0YXRpY19idWlsZAogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgcHVzaCwgdGFnLCBwdWxsX3JlcXVlc3QgXQoKICByZWxlYXNlOgogICAgaW1hZ2U6IGFwcGxlYm95L2dvbGFuZy10ZXN0aW5nCiAgICBwdWxsOiB0cnVlCiAgICBlbnZpcm9ubWVudDoKICAgICAgVEFHUzogbmV0Z28KICAgICAgR09QQVRIOiAvc3J2L2FwcAogICAgY29tbWFuZHM6CiAgICAgIC0gbWFrZSByZWxlYXNlCiAgICB3aGVuOgogICAgICBldmVudDogWyB0YWcgXQogICAgICBicmFuY2g6IFsgcmVmcy90YWdzLyogXQoKICBkb2NrZXI6CiAgICBpbWFnZTogcGx1Z2lucy9kb2NrZXIKICAgIHJlcG86ICR7RFJPTkVfUkVQT30KICAgIHRhZ3M6IFsgJyR7RFJPTkVfVEFHfScgXQogICAgd2hlbjoKICAgICAgZXZlbnQ6IFsgdGFnIF0KICAgICAgYnJhbmNoOiBbIHJlZnMvdGFncy8qIF0KCiAgZG9ja2VyOgogICAgaW1hZ2U6IHBsdWdpbnMvZG9ja2VyCiAgICByZXBvOiAke0RST05FX1JFUE99CiAgICB0YWdzOiBbICdsYXRlc3QnIF0KICAgIHdoZW46CiAgICAgIGV2ZW50OiBbIHB1c2ggXQogICAgICBicmFuY2g6IFsgbWFzdGVyIF0KCiAgZ2l0aHViOgogICAgaW1hZ2U6IHBsdWdpbnMvZ2l0aHViLXJlbGVhc2UKICAgIGZpbGVzOgogICAgICAtIGRpc3QvcmVsZWFzZS8qCiAgICB3aGVuOgogICAgICBldmVudDogWyB0YWcgXQogICAgICBicmFuY2g6IFsgcmVmcy90YWdzLyogXQoKICAjIHJlYnVpbGQgdGhlIGNhY2hlIG9uIHRoZSBzZnRwIHNlcnZlcgogIHJlYnVpbGRfY2FjaGU6CiAgICBpbWFnZTogYXBwbGVib3kvZHJvbmUtc2Z0cC1jYWNoZQogICAgcmVidWlsZDogdHJ1ZQogICAgbW91bnQ6IFsgLmdsaWRlLCB2ZW5kb3IgXQogICAgaWdub3JlX2JyYW5jaDogdHJ1ZQogICAgd2hlbjoKICAgICAgYnJhbmNoOiBtYXN0ZXIK.iJq2DIBtHk-IH2ioZdNEkFcxDj-5mtNikSX66Jdt_pM

.gitignore

@@ -22,8 +22,9 @@ _testmain.go
 *.exe
 *.test
 *.prof
-vendor
 drone-scp
 coverage.txt
 .env
 dist
+.cover
+release

.revive.toml

@@ -0,0 +1,25 @@
+ignoreGeneratedHeader = false
+severity = "warning"
+confidence = 0.8
+errorCode = 1
+warningCode = 1
+
+[rule.blank-imports]
+[rule.context-as-argument]
+[rule.context-keys-type]
+[rule.dot-imports]
+[rule.error-return]
+[rule.error-strings]
+[rule.error-naming]
+[rule.exported]
+[rule.if-return]
+[rule.increment-decrement]
+[rule.var-naming]
+[rule.var-declaration]
+[rule.package-comments]
+[rule.range]
+[rule.receiver-naming]
+[rule.time-naming]
+[rule.unexported-return]
+[rule.indent-error-flow]
+[rule.errorf]

.travis.yml

@@ -1,30 +0,0 @@
-sudo: required
-language: go
-
-go:
-  - 1.6.x
-  - 1.7.x
-  - tip
-
-cache:
-  directories:
-    - vendor
-    - ${HOME}/.glide
-
-before_install:
-  - mkdir -p $GOPATH/bin
-  - curl https://glide.sh/get | sh
-  - sudo useradd -m -d /home/drone-scp -s /bin/bash drone-scp
-  - sudo mkdir -p /home/drone-scp/.ssh
-  - sudo chmod 700 /home/drone-scp/.ssh
-  - sudo cp tests/.ssh/id_rsa.pub /home/drone-scp/.ssh/authorized_keys
-  - sudo chown -R drone-scp /home/drone-scp/.ssh
-
-install:
-  - make dep_install
-
-script:
-  - make vet
-  - make lint
-  - make test
-  - make build

DOCS.md

@@ -3,128 +3,191 @@ date: 2017-01-06T00:00:00+00:00
 title: SCP
 author: appleboy
 tags: [ publish, ssh, scp ]
-repo: appleboy/drone-scp
 logo: term.svg
+repo: appleboy/drone-scp
 image: appleboy/drone-scp
 ---
 
 The SCP plugin copy files and artifacts to target host machine via SSH. The below pipeline configuration demonstrates simple usage:
 
 ```yaml
-pipeline:
-  scp:
-    image: appleboy/drone-scp
+- name: scp files
+  image: appleboy/drone-scp
+  settings:
     host: example.com
-    target: /home/deploy/web
-    source: release.tar.gz
-```
-
-Example configuration with custom username, password and port:
-
-```diff
-pipeline:
-  scp:
-    image: appleboy/drone-scp
-    host: example.com
-+   username: appleboy
-+   password: 12345678
-+   port: 4430
-    target: /home/deploy/web
+    username: foo
+    password: bar
+    port: 22
+    target: /var/www/deploy/${DRONE_REPO_OWNER}/${DRONE_REPO_NAME}
     source: release.tar.gz
 ```
 
 Example configuration with multiple source and target folder:
 
 ```diff
-pipeline:
-  scp:
+  - name: scp files
     image: appleboy/drone-scp
-    host: example.com
-    target: 
-+     - /home/deploy/web1
-+     - /home/deploy/web2
-    source: 
-+     - release_1.tar.gz
-+     - release_2.tar.gz
+    settings:
+      host: example.com
+      target:
++       - /home/deploy/web1
++       - /home/deploy/web2
+      source:
++       - release_1.tar.gz
++       - release_2.tar.gz
 ```
 
 Example configuration with multiple host:
 
 ```diff
-pipeline:
-  scp:
+  - name: scp files
     image: appleboy/drone-scp
--   host: example.com
-+   host:
-+     - example1.com
-+     - example2.com
-    target: /home/deploy/web
-    source: release.tar.gz
+    settings:
+-     host: example.com
++     host:
++       - example1.com
++       - example2.com
+      target: /home/deploy/web
+      source: release.tar.gz
+```
+
+Example configuration with wildcard pattern of source list:
+
+```diff
+  - name: scp files
+    image: appleboy/drone-scp
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      target: /home/deploy/web
+      source:
+-       - release/backend.tar.gz
+-       - release/images.tar.gz
++       - release/*.tar.gz
 ```
 
 Remove target folder before copy files and artifacts to target:
 
 ```diff
-  scp:
+  - name: scp files
     image: appleboy/drone-scp
-    host: example.com
-    target: /home/deploy/web
-    source: release.tar.gz
-+   rm: true
+    settings:
+      target: /home/deploy/web
+      source: release.tar.gz
++     rm: true
 ```
 
-Example configuration for success build:
+Example for remove the specified number of leading path elements:
 
 ```diff
-pipeline:
-  scp:
+  - name: scp files
     image: appleboy/drone-scp
-    host: example.com
-    target: /home/deploy/web
-    source: release.tar.gz
-+   when:
-+     status: success
+    settings:
+      host: example.com
+      target: /home/deploy/web
+      source: dist/release.tar.gz
++     strip_components: 1
 ```
 
-Example configuration for tag event:
+Example configuration using ｀SSHProxyCommand｀:
 
 ```diff
-pipeline:
-  scp:
+  - name: scp files
     image: appleboy/drone-scp
-    host: example.com
-    target: /home/deploy/web
-    source: release.tar.gz
-+   when:
-+     status: success
-+     event: tag
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      target: /home/deploy/web
+      source:
+        - release/*.tar.gz
++     proxy_host: 10.130.33.145
++     proxy_user: ubuntu
++     proxy_port: 22
++     proxy_password: 1234
 ```
 
-# Secrets
-
-The SCP plugin supports reading credentials from the Drone secret store. This is strongly recommended instead of storing credentials in the pipeline configuration in plain text.
+Example configuration using password from secrets:
 
 ```diff
-pipeline:
-  scp:
+  - name: scp files
     image: appleboy/drone-scp
-    host: example.com
-    username: appleboy
--   password: 12345678
-    port: 4430
-    target: /home/deploy/web
-    source: release.tar.gz
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      user: ubuntu
+      port: 22
+-     password: 1234
++     password:
++       from_secret: ssh_password
+      target: /home/deploy/web
+      source:
+        - release/*.tar.gz
 ```
 
-The `password` or `key` attributes can be replaced with the below secret environment variables. Please see the Drone documentation to learn more about secrets.
+Example configuration using command timeout:
 
-SCP_PASSWORD
-: password of target host user
+```diff
+  - name: scp files
+    image: appleboy/drone-scp
+    settings:
+      host:
+      - example1.com
+      - example2.com
+      user: ubuntu
+      password:
+      from_secret: ssh_password
+      port: 22
+-     command_timeout: 120
++     command_timeout: 2m
+      target: /home/deploy/web
+      source:
+      - release/*.tar.gz
+```
 
-SCP_KEY
-: plain text of user private key
+Example configuration for ignore list:
 
-# Parameter Reference
+```diff
+  - name: scp files
+    image: appleboy/drone-scp
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      user: ubuntu
+      password:
+        from_secret: ssh_password
+      port: 22
+      command_timeout: 2m
+      target: /home/deploy/web
+      source:
++       - !release/README.md
+        - release/*
+```
+
+Example configuration for passphrase which protecting a private key:
+
+```diff
+  - name: scp files
+    image: appleboy/drone-scp
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      user: ubuntu
++     key:
++       from_secret: ssh_key
++     passphrase: 1234
+      port: 22
+      command_timeout: 2m
+      target: /home/deploy/web
+      source:
+        - release/*
+```
+
+## Parameter Reference
 
 host
 : target hostname or IP
@@ -141,6 +204,12 @@ password
 key
 : plain text of user private key
 
+passphrase
+: The purpose of the passphrase is usually to encrypt the private key.
+
+fingerprint
+: fingerprint SHA256 of the host public key, default is to skip verification
+
 target
 : folder path of target host
 
@@ -150,7 +219,49 @@ source
 rm
 : remove target folder before copy files and artifacts
 
-# Template Reference
+timeout
+: Timeout is the maximum amount of time for the ssh connection to establish, default is 30 seconds.
+
+command_timeout
+: Command timeout is the maximum amount of time for the execute commands, default is 10 minutes.
+
+strip_components
+: remove the specified number of leading path elements
+
+tar_tmp_path
+: temporary path for tar file on the dest host
+
+tar_exec
+: alternative `tar` executable to on the dest host
+
+overwrite
+: use `--overwrite` flag with tar
+
+proxy_host
+: proxy hostname or IP
+
+proxy_port
+: ssh port of proxy host
+
+proxy_username
+: account for proxy host user
+
+proxy_password
+: password for proxy host user
+
+proxy_key
+: plain text of proxy private key
+
+proxy_key_path
+: key path of proxy private key
+
+proxy_passphrase
+: The purpose of the passphrase is usually to encrypt the private key.
+
+proxy_fingerprint
+: fingerprint SHA256 of the host public key, default is to skip verification
+
+## Template Reference
 
 repo.owner
 : repository owner
@@ -183,4 +294,4 @@ build.author
 : git author for current commit
 
 build.link
-: link the the build results in drone
+: link the the build results in drone

Dockerfile

@@ -1,9 +0,0 @@
-FROM alpine:3.4
-
-RUN apk update && \
-  apk add ca-certificates && \
-  rm -rf /var/cache/apk/*
-
-ADD drone-scp /
-
-ENTRYPOINT ["/drone-scp"]

Dockerfile.armhf

@@ -1,8 +0,0 @@
-FROM armhfbuild/alpine:3.4
-
-RUN apk update && \
-  apk add ca-certificates && \
-  rm -rf /var/cache/apk/*
-
-ADD drone-scp /bin/
-ENTRYPOINT ["/bin/drone-scp"]

Makefile

@@ -1,17 +1,17 @@
-.PHONY: test drone-scp build fmt vet errcheck lint install update release-dirs release-build release-copy release-check release coverage
-
 DIST := dist
 EXECUTABLE := drone-scp
+GOFMT ?= gofmt "-s"
+GO ?= go
 
 # for dockerhub
 DEPLOY_ACCOUNT := appleboy
 DEPLOY_IMAGE := $(EXECUTABLE)
 
 TARGETS ?= linux darwin windows
-PACKAGES ?= $(shell go list ./... | grep -v /vendor/)
+ARCHS ?= amd64 386
 SOURCES ?= $(shell find . -name "*.go" -type f)
 TAGS ?=
-LDFLAGS += -X 'main.Version=$(VERSION)'
+LDFLAGS ?= -X 'main.Version=$(VERSION)'
 
 ifneq ($(shell uname), Darwin)
 	EXTLDFLAGS = -extldflags "-static" $(null)
@@ -28,42 +28,50 @@ endif
 all: build
 
 fmt:
-	find . -name "*.go" -type f -not -path "./vendor/*" | xargs gofmt -s -w
+	$(GOFMT) -w $(SOURCES)
 
 vet:
-	go vet $(PACKAGES)
-
-errcheck:
-	@which errcheck > /dev/null; if [ $$? -ne 0 ]; then \
-		go get -u github.com/kisielk/errcheck; \
-	fi
-	errcheck $(PACKAGES)
+	$(GO) vet ./...
 
 lint:
-	@which golint > /dev/null; if [ $$? -ne 0 ]; then \
-		go get -u github.com/golang/lint/golint; \
+	@hash revive > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/mgechev/revive; \
 	fi
-	for PKG in $(PACKAGES); do golint -set_exit_status $$PKG || exit 1; done;
+	revive -config .revive.toml ./... || exit 1
 
-test:
-	for PKG in $(PACKAGES); do go test -v -cover -coverprofile $$GOPATH/src/$$PKG/coverage.txt $$PKG || exit 1; done;
+.PHONY: misspell-check
+misspell-check:
+	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/client9/misspell/cmd/misspell; \
+	fi
+	misspell -error $(SOURCES)
 
-html:
-	go tool cover -html=coverage.txt
+.PHONY: misspell
+misspell:
+	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/client9/misspell/cmd/misspell; \
+	fi
+	misspell -w $(SOURCES)
 
-dep_install:
-	glide install
+.PHONY: fmt-check
+fmt-check:
+	@diff=$$($(GOFMT) -d $(SOURCES)); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make fmt' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
 
-dep_update:
-	glide up
+test: fmt-check
+	@$(GO) test -v -cover -coverprofile coverage.txt ./... && echo "\n==>\033[32m Ok\033[m\n" || exit 1
 
 install: $(SOURCES)
-	go install -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)'
+	$(GO) install -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)'
 
 build: $(EXECUTABLE)
 
 $(EXECUTABLE): $(SOURCES)
-	go build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
+	$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
 
 release: release-dirs release-build release-copy release-check
 
@@ -72,9 +80,9 @@ release-dirs:
 
 release-build:
 	@which gox > /dev/null; if [ $$? -ne 0 ]; then \
-		go get -u github.com/mitchellh/gox; \
+		$(GO) get -u github.com/mitchellh/gox; \
 	fi
-	gox -os="$(TARGETS)" -arch="amd64 386" -tags="$(TAGS)" -ldflags="-s -w $(LDFLAGS)" -output="$(DIST)/binaries/$(EXECUTABLE)-$(VERSION)-{{.OS}}-{{.Arch}}"
+	gox -os="$(TARGETS)" -arch="$(ARCHS)" -tags="$(TAGS)" -ldflags="-s -w $(LDFLAGS)" -output="$(DIST)/binaries/$(EXECUTABLE)-$(VERSION)-{{.OS}}-{{.Arch}}"
 
 release-copy:
 	$(foreach file,$(wildcard $(DIST)/binaries/$(EXECUTABLE)-*),cp $(file) $(DIST)/release/$(notdir $(file));)
@@ -82,14 +90,22 @@ release-copy:
 release-check:
 	cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/release/$(EXECUTABLE)-*),sha256sum $(notdir $(file)) > $(notdir $(file)).sha256;)
 
-# for docker.
-static_build:
-	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $(DEPLOY_IMAGE)
+build_linux_amd64:
+	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/amd64/$(DEPLOY_IMAGE)
+
+build_linux_i386:
+	CGO_ENABLED=0 GOOS=linux GOARCH=386 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/i386/$(DEPLOY_IMAGE)
+
+build_linux_arm64:
+	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/arm64/$(DEPLOY_IMAGE)
+
+build_linux_arm:
+	CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=7 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/arm/$(DEPLOY_IMAGE)
 
 docker_image:
 	docker build -t $(DEPLOY_ACCOUNT)/$(DEPLOY_IMAGE) .
 
-docker: static_build docker_image
+docker: docker_image
 
 docker_deploy:
 ifeq ($(tag),)
@@ -100,15 +116,25 @@ endif
 	docker tag $(DEPLOY_ACCOUNT)/$(DEPLOY_IMAGE):latest $(DEPLOY_ACCOUNT)/$(DEPLOY_IMAGE):$(tag)
 	docker push $(DEPLOY_ACCOUNT)/$(DEPLOY_IMAGE):$(tag)
 
+ssh-server:
+	adduser -h /home/drone-scp -s /bin/sh -D -S drone-scp
+	echo drone-scp:1234 | chpasswd
+	mkdir -p /home/drone-scp/.ssh
+	chmod 700 /home/drone-scp/.ssh
+	cat tests/.ssh/id_rsa.pub >> /home/drone-scp/.ssh/authorized_keys
+	cat tests/.ssh/test.pub >> /home/drone-scp/.ssh/authorized_keys
+	chmod 600 /home/drone-scp/.ssh/authorized_keys
+	chown -R drone-scp /home/drone-scp/.ssh
+	# install ssh and start server
+	apk add --update openssh openrc
+	rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
+	sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
+	sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
+	./tests/entrypoint.sh /usr/sbin/sshd -D &
+
 coverage:
 	sed -i '/main.go/d' coverage.txt
-	curl -s https://codecov.io/bash > .codecov && \
-	chmod +x .codecov && \
-	./.codecov -f coverage.txt
 
 clean:
-	go clean -x -i ./...
-	rm -rf coverage.txt $(EXECUTABLE) $(DIST) vendor
-
-version:
-	@echo $(VERSION)
+	$(GO) clean -x -i ./...
+	rm -rf coverage.txt $(EXECUTABLE) $(DIST)

README.md

@@ -1,50 +1,92 @@
 # drone-scp
 
-[![GoDoc](https://godoc.org/github.com/appleboy/drone-scp?status.svg)](https://godoc.org/github.com/appleboy/drone-scp) [![Build Status](http://drone.wu-boy.com/api/badges/appleboy/drone-scp/status.svg)](http://drone.wu-boy.com/appleboy/drone-scp) [![codecov](https://codecov.io/gh/appleboy/drone-scp/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-scp) [![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-scp)](https://goreportcard.com/report/github.com/appleboy/drone-scp) [![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-scp.svg)](https://hub.docker.com/r/appleboy/drone-scp/) [![](https://images.microbadger.com/badges/image/appleboy/drone-scp.svg)](https://microbadger.com/images/appleboy/drone-scp "Get your own image badge on microbadger.com")
+[![GoDoc](https://godoc.org/github.com/appleboy/drone-scp?status.svg)](https://godoc.org/github.com/appleboy/drone-scp)
+[![Build Status](https://cloud.drone.io/api/badges/appleboy/drone-scp/status.svg)](https://cloud.drone.io/appleboy/drone-scp)
+[![codecov](https://codecov.io/gh/appleboy/drone-scp/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-scp)
+[![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-scp)](https://goreportcard.com/report/github.com/appleboy/drone-scp)
+[![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-scp.svg)](https://hub.docker.com/r/appleboy/drone-scp/)
+[![micro badger](https://images.microbadger.com/badges/image/appleboy/drone-scp.svg)](https://microbadger.com/images/appleboy/drone-scp "Get your own image badge on microbadger.com")
 
-Copy files and artifacts via SSH using a binary, docker or [Drone CI](http://readme.drone.io/0.5/).
+Copy files and artifacts via SSH using a binary, docker or [Drone CI](http://docs.drone.io/).
 
 ## Feature
 
 * [x] Support routines.
+* [x] Support wildcard pattern on source list.
 * [x] Support send files to multiple host.
 * [x] Support send files to multiple target folder on host.
 * [x] Support load ssh key from absolute path or raw body.
+* [x] Support SSH ProxyCommand.
+
+```sh
++--------+       +----------+      +-----------+
+| Laptop | <-->  | Jumphost | <--> | FooServer |
++--------+       +----------+      +-----------+
+
+                   OR
+
++--------+       +----------+      +-----------+
+| Laptop | <-->  | Firewall | <--> | FooServer |
++--------+       +----------+      +-----------+
+192.168.1.5       121.1.2.3         10.10.29.68
+```
+
+## Breaking changes
+
+`v1.5.0`: change command timeout flag to `Duration`. See the following setting:
+
+```diff
+  - name: scp files
+    image: appleboy/drone-scp
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      username: ubuntu
+      password:
+        from_secret: ssh_password
+      port: 22
+-     command_timeout: 120
++     command_timeout: 2m
+      target: /home/deploy/web
+      source:
+        - release/*.tar.gz
+```
 
 ## Build or Download a binary
 
 The pre-compiled binaries can be downloaded from [release page](https://github.com/appleboy/drone-scp/releases). Support the following OS type.
 
 * Windows amd64/386
-* Linux amd64/386
+* Linux arm/amd64/386
 * Darwin amd64/386
 
 With `Go` installed
 
+```sh
+export GO111MODULE=on
+go get -u -v github.com/appleboy/drone-scp
 ```
-$ go get -u -v github.com/appleboy/drone-scp
-``` 
 
 or build the binary with the following command:
 
-```
-$ make build
+```sh
+export GOOS=linux
+export GOARCH=amd64
+export CGO_ENABLED=0
+export GO111MODULE=on
+
+go test -cover ./...
+
+go build -v -a -tags netgo -o release/linux/amd64/drone-scp .
 ```
 
 ## Docker
 
 Build the docker image with the following commands:
 
-```
-$ make docker
-```
-
-Please note incorrectly building the image for the correct x64 linux and with
-CGO disabled will result in an error when running the Docker image:
-
-```
-docker: Error response from daemon: Container command
-'/bin/drone-scp' not found or does not exist..
+```sh
+make docker
 ```
 
 ## Usage
@@ -55,7 +97,6 @@ There are three ways to send notification.
 * [usage from docker](#usage-from-docker)
 * [usage from drone ci](#usage-from-drone-ci)
 
-<a name="usage-from-binary"></a>
 ### Usage from binary
 
 #### Using public key
@@ -75,7 +116,7 @@ drone-scp --host example.com \
 drone-scp --host example.com \
   --port 22 \
   --username appleboy \
-+  --password xxxxxxx \
++ --password xxxxxxx \
   --target /home/appleboy/test \
   --source your_local_folder_path
 ```
@@ -90,8 +131,8 @@ eval `ssh-agent -s`
 
 Import your local public key `~/.ssh/id_rsa`
 
-```bash
-$ ssh-add
+```sh
+ssh-add
 ```
 
 You don't need to add `--password` or `--key-path` arguments.
@@ -108,52 +149,49 @@ drone-scp --host example.com \
 
 ```diff
 drone-scp --host example1.com \
-+  --host example2.com \
++ --host example2.com \
   --port 22 \
   --username appleboy \
   --password  xxxxxxx
   --target /home/appleboy/test1 \
-+  --target /home/appleboy/test2 \
++ --target /home/appleboy/test2 \
   --source your_local_folder_path_1
-+  --source your_local_folder_path_2
++ --source your_local_folder_path_2
 ```
 
-<a name="usage-from-docker"></a>
 ### Usage from docker
 
-#### Using public key
+Using public key
 
 ```bash
 docker run --rm \
-  -e SCP_HOST example.com \
-  -e SCP_USERNAME xxxxxxx \
-  -e SCP_PORT 22 \
-  -e SCP_KEY_PATH "${HOME}/.ssh/id_rsa"
-  -e SCP_SOURCE SOURCE_FILE_LIST \
-  -e SCP_TARGET TARGET_FOLDER_PATH \
+  -e SCP_HOST=example.com \
+  -e SCP_USERNAME=xxxxxxx \
+  -e SCP_PORT=22 \
+  -e SCP_KEY_PATH="${HOME}/.ssh/id_rsa"
+  -e SCP_SOURCE=SOURCE_FILE_LIST \
+  -e SCP_TARGET=TARGET_FOLDER_PATH \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
   appleboy/drone-scp
 ```
 
-#### Using password
+Using password
 
 ```diff
 docker run --rm \
-  -e SCP_HOST example.com \
-  -e SCP_USERNAME xxxxxxx \
-  -e SCP_PORT 22 \
-+  -e SCP_PASSWORD "xxxxxxx"
-  -e SCP_SOURCE SOURCE_FILE_LIST \
-  -e SCP_TARGET TARGET_FOLDER_PATH \
+  -e SCP_HOST=example.com \
+  -e SCP_USERNAME=xxxxxxx \
+  -e SCP_PORT=22 \
++ -e SCP_PASSWORD="xxxxxxx"
+  -e SCP_SOURCE=SOURCE_FILE_LIST \
+  -e SCP_TARGET=TARGET_FOLDER_PATH \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
   appleboy/drone-scp
 ```
 
-#### Using ssh-agent
-
-Start your local ssh agent:
+Using ssh-agent, start your local ssh agent:
 
 ```bash
 eval `ssh-agent -s`
@@ -161,74 +199,64 @@ eval `ssh-agent -s`
 
 Import your local public key `~/.ssh/id_rsa`
 
-```bash
-$ ssh-add
+```sh
+ssh-add
 ```
 
-You don't need to add `SCP_PASSWORD` or `SCP_KEY_PATH ` arguments.
+You don't need to add `SCP_PASSWORD` or `SCP_KEY_PATH` arguments.
 
 ```bash
 docker run --rm \
-  -e SCP_HOST example.com \
-  -e SCP_USERNAME xxxxxxx \
-  -e SCP_PORT 22 \
-  -e SCP_SOURCE SOURCE_FILE_LIST \
-  -e SCP_TARGET TARGET_FOLDER_PATH \
+  -e SCP_HOST=example.com \
+  -e SCP_USERNAME=xxxxxxx \
+  -e SCP_PORT=22 \
+  -e SCP_SOURCE=SOURCE_FILE_LIST \
+  -e SCP_TARGET=TARGET_FOLDER_PATH \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
   appleboy/drone-scp
 ```
 
-#### Send multiple source or target folder and hosts
+Send multiple source or target folder and hosts
 
 ```bash
 docker run --rm \
-  -e SCP_HOST example1.com,example2.com \
-  -e SCP_USERNAME xxxxxxx \
-  -e SCP_PASSWORD xxxxxxx \
-  -e SCP_PORT 22 \
-  -e SCP_SOURCE SOURCE_FILE_LIST_1,SOURCE_FILE_LIST_2 \
-  -e SCP_TARGET TARGET_FOLDER_PATH_1,TARGET_FOLDER_PATH_2 \
+  -e SCP_HOST=example1.com,example2.com \
+  -e SCP_USERNAME=xxxxxxx \
+  -e SCP_PASSWORD=xxxxxxx \
+  -e SCP_PORT=22 \
+  -e SCP_SOURCE=SOURCE_FILE_LIST_1,SOURCE_FILE_LIST_2 \
+  -e SCP_TARGET=TARGET_FOLDER_PATH_1,TARGET_FOLDER_PATH_2 \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
   appleboy/drone-scp
 ```
 
-<a name="usage-from-drone-ci"></a>
 ### Usage from drone ci
 
 Execute from the working directory:
 
 ```bash
 docker run --rm \
-  -e PLUGIN_HOST example.com \
-  -e PLUGIN_USERNAME xxxxxxx \
-  -e PLUGIN_PASSWORD xxxxxxx \
-  -e PLUGIN_PORT xxxxxxx \
-  -e PLUGIN_KEY "$(cat ${HOME}/.ssh/id_rsa)"
-  -e PLUGIN_SOURCE SOURCE_FILE_LIST \
-  -e PLUGIN_TARGET TARGET_FOLDER_PATH \
-  -e PLUGIN_RM false \
-  -e PLUGIN_DEBUG false \
-  -e DRONE_REPO_OWNER appleboy \
-  -e DRONE_REPO_NAME go-hello \
-  -e DRONE_COMMIT_SHA e5e82b5eb3737205c25955dcc3dcacc839b7be52 \
-  -e DRONE_COMMIT_BRANCH master \
-  -e DRONE_COMMIT_AUTHOR appleboy \
-  -e DRONE_BUILD_NUMBER 1 \
-  -e DRONE_BUILD_STATUS success \
-  -e DRONE_BUILD_LINK http://github.com/appleboy/go-hello \
+  -e PLUGIN_HOST=example.com \
+  -e PLUGIN_USERNAME=xxxxxxx \
+  -e PLUGIN_PASSWORD=xxxxxxx \
+  -e PLUGIN_PORT=xxxxxxx \
+  -e PLUGIN_SOURCE=SOURCE_FILE_LIST \
+  -e PLUGIN_TARGET=TARGET_FOLDER_PATH \
+  -e PLUGIN_RM=false \
+  -e PLUGIN_DEBUG=true \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
   appleboy/drone-scp
 ```
 
-You can get more [information](DOCS.md) about how to use scp in drone.
+You can get more [information](http://plugins.drone.io/appleboy/drone-scp/) about how to use scp in drone.
 
 ## Testing
 
 Test the package with the following command:
 
-```
-$ make test
+```sh
+make test
 ```

docker/Dockerfile.linux.amd64

@@ -0,0 +1,12 @@
+FROM plugins/base:linux-amd64
+
+LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
+  org.label-schema.name="Drone SCP" \
+  org.label-schema.vendor="Bo-Yi Wu" \
+  org.label-schema.schema-version="1.0"
+
+RUN apk add --no-cache ca-certificates && \
+  rm -rf /var/cache/apk/*
+
+COPY release/linux/amd64/drone-scp /bin/
+ENTRYPOINT ["/bin/drone-scp"]

docker/Dockerfile.linux.arm

@@ -0,0 +1,12 @@
+FROM plugins/base:linux-arm
+
+LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
+  org.label-schema.name="Drone SCP" \
+  org.label-schema.vendor="Bo-Yi Wu" \
+  org.label-schema.schema-version="1.0"
+
+RUN apk add --no-cache ca-certificates && \
+  rm -rf /var/cache/apk/*
+
+COPY release/linux/arm/drone-scp /bin/
+ENTRYPOINT ["/bin/drone-scp"]

docker/Dockerfile.linux.arm64

@@ -0,0 +1,12 @@
+FROM plugins/base:linux-arm64
+
+LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
+  org.label-schema.name="Drone SCP" \
+  org.label-schema.vendor="Bo-Yi Wu" \
+  org.label-schema.schema-version="1.0"
+
+RUN apk add --no-cache ca-certificates && \
+  rm -rf /var/cache/apk/*
+
+COPY release/linux/arm64/drone-scp /bin/
+ENTRYPOINT ["/bin/drone-scp"]

docker/Dockerfile.windows.amd64

@@ -0,0 +1,10 @@
+FROM microsoft/nanoserver:10.0.14393.1884
+
+LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
+  org.label-schema.name="Drone SCP" \
+  org.label-schema.vendor="Bo-Yi Wu" \
+  org.label-schema.schema-version="1.0"
+
+COPY drone-scp.exe /drone-scp.exe
+
+ENTRYPOINT [ "\\drone-scp.exe" ]

docker/manifest.tmpl

@@ -0,0 +1,25 @@
+image: appleboy/drone-scp:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+{{/if}}
+manifests:
+  -
+    image: appleboy/drone-scp:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: appleboy/drone-scp:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8
+  -
+    image: appleboy/drone-scp:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
+    platform:
+      architecture: arm
+      os: linux
+      variant: v7

easyssh/easyssh.go

@@ -1,197 +0,0 @@
-// Package easyssh provides a simple implementation of some SSH protocol
-// features in Go. You can simply run a command on a remote server or get a file
-// even simpler than native console SSH client. You don't need to think about
-// Dials, sessions, defers, or public keys... Let easyssh think about it!
-package easyssh
-
-import (
-	"bufio"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net"
-	"os"
-	"path/filepath"
-
-	"golang.org/x/crypto/ssh"
-	"golang.org/x/crypto/ssh/agent"
-)
-
-// MakeConfig Contains main authority information.
-// User field should be a name of user on remote server (ex. john in ssh john@example.com).
-// Server field should be a remote machine address (ex. example.com in ssh john@example.com)
-// Key is a path to private key on your local machine.
-// Port is SSH server port on remote machine.
-// Note: easyssh looking for private key in user's home directory (ex. /home/john + Key).
-// Then ensure your Key begins from '/' (ex. /.ssh/id_rsa)
-type MakeConfig struct {
-	User     string
-	Server   string
-	Key      string
-	KeyPath  string
-	Port     string
-	Password string
-}
-
-// returns ssh.Signer from user you running app home path + cutted key path.
-// (ex. pubkey,err := getKeyFile("/.ssh/id_rsa") )
-func getKeyFile(keypath string) (ssh.Signer, error) {
-	buf, err := ioutil.ReadFile(keypath)
-	if err != nil {
-		return nil, err
-	}
-
-	pubkey, err := ssh.ParsePrivateKey(buf)
-	if err != nil {
-		return nil, err
-	}
-
-	return pubkey, nil
-}
-
-// connects to remote server using MakeConfig struct and returns *ssh.Session
-func (ssh_conf *MakeConfig) connect() (*ssh.Session, error) {
-	// auths holds the detected ssh auth methods
-	auths := []ssh.AuthMethod{}
-
-	// figure out what auths are requested, what is supported
-	if ssh_conf.Password != "" {
-		auths = append(auths, ssh.Password(ssh_conf.Password))
-	}
-
-	if sshAgent, err := net.Dial("unix", os.Getenv("SSH_AUTH_SOCK")); err == nil {
-		auths = append(auths, ssh.PublicKeysCallback(agent.NewClient(sshAgent).Signers))
-		defer sshAgent.Close()
-	}
-
-	if ssh_conf.KeyPath != "" {
-		if pubkey, err := getKeyFile(ssh_conf.KeyPath); err == nil {
-			auths = append(auths, ssh.PublicKeys(pubkey))
-		}
-	}
-
-	if ssh_conf.Key != "" {
-		signer, _ := ssh.ParsePrivateKey([]byte(ssh_conf.Key))
-		auths = append(auths, ssh.PublicKeys(signer))
-	}
-
-	config := &ssh.ClientConfig{
-		User: ssh_conf.User,
-		Auth: auths,
-	}
-
-	client, err := ssh.Dial("tcp", ssh_conf.Server+":"+ssh_conf.Port, config)
-	if err != nil {
-		return nil, err
-	}
-
-	session, err := client.NewSession()
-	if err != nil {
-		return nil, err
-	}
-
-	return session, nil
-}
-
-// Stream returns one channel that combines the stdout and stderr of the command
-// as it is run on the remote machine, and another that sends true when the
-// command is done. The sessions and channels will then be closed.
-func (ssh_conf *MakeConfig) Stream(command string) (output chan string, done chan bool, err error) {
-	// connect to remote host
-	session, err := ssh_conf.connect()
-	if err != nil {
-		return output, done, err
-	}
-	// connect to both outputs (they are of type io.Reader)
-	outReader, err := session.StdoutPipe()
-	if err != nil {
-		return output, done, err
-	}
-	errReader, err := session.StderrPipe()
-	if err != nil {
-		return output, done, err
-	}
-	// combine outputs, create a line-by-line scanner
-	outputReader := io.MultiReader(outReader, errReader)
-	err = session.Start(command)
-	scanner := bufio.NewScanner(outputReader)
-	// continuously send the command's output over the channel
-	outputChan := make(chan string)
-	done = make(chan bool)
-	go func(scanner *bufio.Scanner, out chan string, done chan bool) {
-		defer close(outputChan)
-		defer close(done)
-		for scanner.Scan() {
-			outputChan <- scanner.Text()
-		}
-		// close all of our open resources
-		done <- true
-		session.Close()
-	}(scanner, outputChan, done)
-	return outputChan, done, err
-}
-
-// Run command on remote machine and returns its stdout as a string
-func (ssh_conf *MakeConfig) Run(command string) (outStr string, err error) {
-	outChan, doneChan, err := ssh_conf.Stream(command)
-	if err != nil {
-		return outStr, err
-	}
-	// read from the output channel until the done signal is passed
-	stillGoing := true
-	for stillGoing {
-		select {
-		case <-doneChan:
-			stillGoing = false
-		case line := <-outChan:
-			outStr += line + "\n"
-		}
-	}
-	// return the concatenation of all signals from the output channel
-	return outStr, err
-}
-
-// Scp uploads sourceFile to remote machine like native scp console app.
-func (ssh_conf *MakeConfig) Scp(sourceFile string) error {
-	session, err := ssh_conf.connect()
-
-	if err != nil {
-		return err
-	}
-	defer session.Close()
-
-	targetFile := filepath.Base(sourceFile)
-
-	src, srcErr := os.Open(sourceFile)
-
-	if srcErr != nil {
-		return srcErr
-	}
-
-	srcStat, statErr := src.Stat()
-
-	if statErr != nil {
-		return statErr
-	}
-
-	go func() {
-		w, _ := session.StdinPipe()
-
-		fmt.Fprintln(w, "C0644", srcStat.Size(), targetFile)
-
-		if srcStat.Size() > 0 {
-			io.Copy(w, src)
-			fmt.Fprint(w, "\x00")
-			w.Close()
-		} else {
-			fmt.Fprint(w, "\x00")
-			w.Close()
-		}
-	}()
-
-	if err := session.Run(fmt.Sprintf("scp -t %s", targetFile)); err != nil {
-		return err
-	}
-
-	return nil
-}

glide.lock

@@ -1,34 +0,0 @@
-hash: 324c76f4ece1989f584ec84aab8252020da4dcbc20e38990465a9a0b7400f8ec
-updated: 2016-12-28T15:52:54.896825557+08:00
-imports:
-- name: github.com/appleboy/com
-  version: c2e1fea1b771a26cb55774843ebd8955d723ee4e
-  subpackages:
-  - random
-- name: github.com/joho/godotenv
-  version: a01a834e1654b4c9ca5b3ad05159445cc9c7ad08
-  subpackages:
-  - autoload
-- name: github.com/urfave/cli
-  version: 0bdeddeeb0f650497d603c4ad7b20cfe685682f6
-- name: golang.org/x/crypto
-  version: c2f4947f41766b144bb09066e919466da5eddeae
-  subpackages:
-  - curve25519
-  - ed25519
-  - ed25519/internal/edwards25519
-  - ssh
-  - ssh/agent
-testImports:
-- name: github.com/davecgh/go-spew
-  version: 6d212800a42e8ab5c146b8ace3490ee17e5225f9
-  subpackages:
-  - spew
-- name: github.com/pmezard/go-difflib
-  version: d8ed2627bdf02c080bf22230dbb337003b7aba2d
-  subpackages:
-  - difflib
-- name: github.com/stretchr/testify
-  version: 69483b4bd14f5845b5a1e55bca19e954e827f1d0
-  subpackages:
-  - assert

glide.yaml

@@ -1,20 +0,0 @@
-package: github.com/appleboy/drone-scp
-import:
-- package: github.com/joho/godotenv
-  version: ^1.0.0
-  subpackages:
-  - autoload
-- package: github.com/urfave/cli
-  version: ^1.19.1
-- package: golang.org/x/crypto
-  subpackages:
-  - ssh
-  - ssh/agent
-- package: github.com/appleboy/com
-  subpackages:
-  - random
-testImport:
-- package: github.com/stretchr/testify
-  version: ^1.1.4
-  subpackages:
-  - assert

go.mod

@@ -0,0 +1,13 @@
+module github.com/appleboy/drone-scp
+
+go 1.14
+
+require (
+	github.com/appleboy/com v0.0.6
+	github.com/appleboy/easyssh-proxy v1.3.7
+	github.com/fatih/color v1.9.0
+	github.com/joho/godotenv v1.3.0
+	github.com/stretchr/testify v1.5.1
+	github.com/urfave/cli/v2 v2.2.0
+	golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876
+)

go.sum

@@ -0,0 +1,48 @@
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/ScaleFT/sshkeys v0.0.0-20181112160850-82451a803681 h1:JS2rl38kZmHgWa0xINSaSYH0Whtvem64/4+Ef0+Y5pE=
+github.com/ScaleFT/sshkeys v0.0.0-20181112160850-82451a803681/go.mod h1:WfDateMPQ/55dPbZRp5Zxrux5WiEaHsjk9puUhz0KgY=
+github.com/appleboy/com v0.0.6 h1:l8cZ0aQJU/SWyL79ciYAJeqV835PRdlZ6efiPhus5Ic=
+github.com/appleboy/com v0.0.6/go.mod h1:jnufjIC3opMlReyPPPye+8JqNvUzLm25o7h6SOy8nv0=
+github.com/appleboy/easyssh-proxy v1.3.7 h1:4XsChI8PuAd6jwTIKvTCH97vWmknvMJGxYi0PLiULG8=
+github.com/appleboy/easyssh-proxy v1.3.7/go.mod h1:Kk57I3w7OCafOjp5kgZFvxk2fO8Tca5CriBTOsbSbjY=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU=
+github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
+github.com/fatih/color v1.9.0 h1:8xPHl4/q1VyqGIPif1F+1V3Y3lSmrq01EabUW3CoW5s=
+github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
+github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
+github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
+github.com/mattn/go-colorable v0.1.4 h1:snbPLB8fVfU9iwbbo30TPtbLRzwWu6aJS6Xh4eaaviA=
+github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.11 h1:FxPOTFNqGkuDUGi3H/qkUbQO4ZiBa2brKq5r0l8TGeM=
+github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
+github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/urfave/cli/v2 v2.2.0 h1:JTTnM6wKzdA0Jqodd966MVj4vWbbquZykeX1sKbe2C4=
+github.com/urfave/cli/v2 v2.2.0/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876 h1:sKJQZMuxjOAR/Uo2LBfU90onWEf1dF4C+0hPJCc9Mpc=
+golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

logo.svg

@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg width="256px" height="210px" viewBox="0 0 256 210" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
-	<g>
-		<rect fill="#000000" x="0" y="0" width="256" height="209.342334" rx="5"></rect>
-		<path d="M28.2414658,21.7735776 C27.3856638,20.9177756 26.3529412,20.4898746 25.143298,20.4898746 C23.9336548,20.4898746 22.8968177,20.9218901 22.0327869,21.7859209 C21.1810993,22.6376085 20.7490839,23.6744455 20.7490839,24.8840887 C20.7490839,26.0937319 21.1810993,27.1305689 22.0327869,27.9822565 L35.4746384,41.424108 L22.0451302,54.8536162 C21.1810993,55.7176471 20.7490839,56.7544841 20.7367406,57.9641273 C20.7490839,59.1737705 21.1810993,60.2106075 22.0327869,61.0622951 C22.8968177,61.9139826 23.9336548,62.3459981 25.1309547,62.3583414 C26.3529412,62.3583414 27.3897782,61.9263259 28.2538091,61.0622951 L43.1891996,46.1145612 C46.3243973,42.9917068 46.3243973,39.8565092 43.1891996,36.7213115 L28.2414658,21.7735776 L28.2414658,21.7735776 Z M86.7857281,54.8783028 C85.9216972,54.0142719 84.8725169,53.5822565 83.6505304,53.5822565 L83.6505304,53.5760849 L54.8165863,53.5760849 L54.8165863,53.5822565 C53.5945998,53.5822565 52.5577628,54.0142719 51.6937319,54.8783028 C50.8297011,55.7423337 50.3976856,56.7791707 50.3976856,58.0011572 C50.3976856,59.2231437 50.8297011,60.272324 51.6937319,61.1363549 C52.5577628,62.0003857 53.5945998,62.4324012 54.8165863,62.4324012 L54.8165863,62.4262295 L83.6505304,62.4262295 L83.6505304,62.4324012 C84.8725169,62.4324012 85.9216972,62.0003857 86.7857281,61.1363549 C87.6497589,60.272324 88.0817743,59.2231437 88.0817743,58.0011572 C88.0817743,56.7791707 87.6497589,55.7423337 86.7857281,54.8783028 L86.7857281,54.8783028 L86.7857281,54.8783028 Z" fill="#FFFFFF"></path>
-	</g>
-</svg>

main.go

@@ -1,23 +1,33 @@
 package main
 
 import (
+	"log"
 	"os"
+	"time"
 
+	"github.com/appleboy/easyssh-proxy"
 	"github.com/joho/godotenv"
 	_ "github.com/joho/godotenv/autoload"
-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v2"
 )
 
 // Version set at compile-time
-var Version = "v1.0.0-dev"
+var (
+	Version string
+)
 
 func main() {
+	// Load env-file if it exists first
+	if filename, found := os.LookupEnv("PLUGIN_ENV_FILE"); found {
+		_ = godotenv.Load(filename)
+	}
 
 	app := cli.NewApp()
 	app.Name = "Drone SCP"
 	app.Usage = "Copy files and artifacts via SSH."
-	app.Copyright = "Copyright (c) 2017 Bo-Yi Wu"
-	app.Authors = []cli.Author{
+	app.Copyright = "Copyright (c) 2020 Bo-Yi Wu"
+	app.Version = Version
+	app.Authors = []*cli.Author{
 		{
 			Name:  "Bo-Yi Wu",
 			Email: "appleboy.tw@gmail.com",
@@ -26,108 +36,220 @@ func main() {
 	app.Action = run
 	app.Version = Version
 	app.Flags = []cli.Flag{
-		cli.StringSliceFlag{
-			Name:   "host, H",
-			Usage:  "Server host",
-			EnvVar: "PLUGIN_HOST,SCP_HOST",
+		&cli.StringSliceFlag{
+			Name:     "host, H",
+			Usage:    "Server host",
+			EnvVars:  []string{"PLUGIN_HOST", "SCP_HOST", "SSH_HOST", "HOST", "INPUT_HOST"},
+			FilePath: ".host",
 		},
-		cli.StringFlag{
-			Name:   "port, P",
-			Value:  "22",
-			Usage:  "Server port, default to 22",
-			EnvVar: "PLUGIN_PORT,SCP_PORT",
+		&cli.StringFlag{
+			Name:    "port, P",
+			Value:   "22",
+			Usage:   "Server port, default to 22",
+			EnvVars: []string{"PLUGIN_PORT", "SCP_PORT", "SSH_PORT", "PORT", "INPUT_PORT"},
 		},
-		cli.StringFlag{
-			Name:   "username, u",
-			Usage:  "Server username",
-			EnvVar: "PLUGIN_USERNAME,SCP_USERNAME",
+		&cli.StringFlag{
+			Name:    "username, u",
+			Usage:   "Server username",
+			EnvVars: []string{"PLUGIN_USERNAME", "PLUGIN_USER", "SCP_USERNAME", "SSH_USERNAME", "USERNAME", "INPUT_USERNAME"},
 		},
-		cli.StringFlag{
-			Name:   "password, p",
-			Usage:  "Password for password-based authentication",
-			EnvVar: "PLUGIN_PASSWORD,SCP_PASSWORD",
+		&cli.StringFlag{
+			Name:    "password, p",
+			Usage:   "Password for password-based authentication",
+			EnvVars: []string{"PLUGIN_PASSWORD", "SCP_PASSWORD", "SSH_PASSWORD", "PASSWORD", "INPUT_PASSWORD"},
 		},
-		cli.StringFlag{
-			Name:   "key, k",
-			Usage:  "ssh private key",
-			EnvVar: "PLUGIN_KEY,SCP_KEY",
+		&cli.StringSliceFlag{
+			Name:    "ciphers",
+			Usage:   "The allowed cipher algorithms. If unspecified then a sensible",
+			EnvVars: []string{"PLUGIN_CIPHERS", "SSH_CIPHERS", "CIPHERS", "INPUT_CIPHERS"},
 		},
-		cli.StringFlag{
-			Name:   "key-path, i",
-			Usage:  "ssh private key path",
-			EnvVar: "PLUGIN_KEY_PATH,SCP_KEY_PATH",
+		&cli.BoolFlag{
+			Name:    "useInsecureCipher",
+			Usage:   "include more ciphers with use_insecure_cipher",
+			EnvVars: []string{"PLUGIN_USE_INSECURE_CIPHER", "SSH_USE_INSECURE_CIPHER", "USE_INSECURE_CIPHER", "INPUT_USE_INSECURE_CIPHER"},
 		},
-		cli.StringSliceFlag{
-			Name:   "target, t",
-			Usage:  "Target path on the server",
-			EnvVar: "PLUGIN_TARGET,SCP_TARGET",
+		&cli.StringFlag{
+			Name:    "fingerprint",
+			Usage:   "fingerprint SHA256 of the host public key, default is to skip verification",
+			EnvVars: []string{"PLUGIN_FINGERPRINT", "SSH_FINGERPRINT", "FINGERPRINT", "INPUT_FINGERPRINT"},
 		},
-		cli.StringSliceFlag{
-			Name:   "source, s",
-			Usage:  "scp file list",
-			EnvVar: "PLUGIN_SOURCE,SCP_SOURCE",
+		&cli.DurationFlag{
+			Name:    "timeout",
+			Usage:   "connection timeout",
+			EnvVars: []string{"PLUGIN_TIMEOUT", "SCP_TIMEOUT", "INPUT_TIMEOUT"},
+			Value:   30 * time.Second,
 		},
-		cli.BoolFlag{
-			Name:   "rm, r",
-			Usage:  "remove target folder before upload data",
-			EnvVar: "PLUGIN_RM,SCP_RM",
+		&cli.DurationFlag{
+			Name:    "command.timeout",
+			Usage:   "command timeout",
+			EnvVars: []string{"PLUGIN_COMMAND_TIMEOUT", "SSH_COMMAND_TIMEOUT", "INPUT_COMMAND_TIMEOUT"},
+			Value:   10 * time.Minute,
 		},
-		cli.StringFlag{
-			Name:   "repo.owner",
-			Usage:  "repository owner",
-			EnvVar: "DRONE_REPO_OWNER",
+		&cli.StringFlag{
+			Name:    "ssh-key, k",
+			Usage:   "ssh private key",
+			EnvVars: []string{"PLUGIN_SSH_KEY,", "PLUGIN_KEY", "SCP_KEY", "SSH_KEY", "KEY", "INPUT_KEY"},
 		},
-		cli.StringFlag{
-			Name:   "repo.name",
-			Usage:  "repository name",
-			EnvVar: "DRONE_REPO_NAME",
+		&cli.StringFlag{
+			Name:    "ssh-passphrase",
+			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
+			EnvVars: []string{"PLUGIN_SSH_PASSPHRASE", "PLUGIN_PASSPHRASE", "SSH_PASSPHRASE", "PASSPHRASE", "INPUT_PASSPHRASE"},
 		},
-		cli.StringFlag{
-			Name:   "commit.sha",
-			Usage:  "git commit sha",
-			EnvVar: "DRONE_COMMIT_SHA",
+		&cli.StringFlag{
+			Name:    "key-path, i",
+			Usage:   "ssh private key path",
+			EnvVars: []string{"PLUGIN_KEY_PATH", "SCP_KEY_PATH", "SSH_KEY_PATH", "INPUT_KEY_PATH"},
 		},
-		cli.StringFlag{
-			Name:   "commit.branch",
-			Value:  "master",
-			Usage:  "git commit branch",
-			EnvVar: "DRONE_COMMIT_BRANCH",
+		&cli.StringSliceFlag{
+			Name:    "target, t",
+			Usage:   "Target path on the server",
+			EnvVars: []string{"PLUGIN_TARGET", "SCP_TARGET", "TARGET", "INPUT_TARGET"},
 		},
-		cli.StringFlag{
-			Name:   "commit.author",
-			Usage:  "git author name",
-			EnvVar: "DRONE_COMMIT_AUTHOR",
+		&cli.StringSliceFlag{
+			Name:    "source, s",
+			Usage:   "scp file list",
+			EnvVars: []string{"PLUGIN_SOURCE", "SCP_SOURCE", "SOURCE", "INPUT_SOURCE"},
 		},
-		cli.StringFlag{
-			Name:   "commit.message",
-			Usage:  "commit message",
-			EnvVar: "DRONE_COMMIT_MESSAGE",
+		&cli.BoolFlag{
+			Name:    "rm, r",
+			Usage:   "remove target folder before upload data",
+			EnvVars: []string{"PLUGIN_RM", "SCP_RM", "RM", "INPUT_RM"},
 		},
-		cli.StringFlag{
-			Name:   "build.event",
-			Value:  "push",
-			Usage:  "build event",
-			EnvVar: "DRONE_BUILD_EVENT",
+		&cli.StringFlag{
+			Name:    "repo.owner",
+			Usage:   "repository owner",
+			EnvVars: []string{"DRONE_REPO_OWNER"},
 		},
-		cli.IntFlag{
-			Name:   "build.number",
-			Usage:  "build number",
-			EnvVar: "DRONE_BUILD_NUMBER",
+		&cli.StringFlag{
+			Name:    "repo.name",
+			Usage:   "repository name",
+			EnvVars: []string{"DRONE_REPO_NAME"},
 		},
-		cli.StringFlag{
-			Name:   "build.status",
-			Usage:  "build status",
-			Value:  "success",
-			EnvVar: "DRONE_BUILD_STATUS",
+		&cli.StringFlag{
+			Name:    "commit.sha",
+			Usage:   "git commit sha",
+			EnvVars: []string{"DRONE_COMMIT_SHA"},
 		},
-		cli.StringFlag{
-			Name:   "build.link",
-			Usage:  "build link",
-			EnvVar: "DRONE_BUILD_LINK",
+		&cli.StringFlag{
+			Name:    "commit.branch",
+			Value:   "master",
+			Usage:   "git commit branch",
+			EnvVars: []string{"DRONE_COMMIT_BRANCH"},
 		},
-		cli.StringFlag{
-			Name:  "env-file",
-			Usage: "source env file",
+		&cli.StringFlag{
+			Name:    "commit.author",
+			Usage:   "git author name",
+			EnvVars: []string{"DRONE_COMMIT_AUTHOR"},
+		},
+		&cli.StringFlag{
+			Name:    "commit.message",
+			Usage:   "commit message",
+			EnvVars: []string{"DRONE_COMMIT_MESSAGE"},
+		},
+		&cli.StringFlag{
+			Name:    "build.event",
+			Value:   "push",
+			Usage:   "build event",
+			EnvVars: []string{"DRONE_BUILD_EVENT"},
+		},
+		&cli.IntFlag{
+			Name:    "build.number",
+			Usage:   "build number",
+			EnvVars: []string{"DRONE_BUILD_NUMBER"},
+		},
+		&cli.StringFlag{
+			Name:    "build.status",
+			Usage:   "build status",
+			Value:   "success",
+			EnvVars: []string{"DRONE_BUILD_STATUS"},
+		},
+		&cli.StringFlag{
+			Name:    "build.link",
+			Usage:   "build link",
+			EnvVars: []string{"DRONE_BUILD_LINK"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.ssh-key",
+			Usage:   "private ssh key of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_SSH_KEY", "PLUGIN_PROXY_KEY", "PROXY_SSH_KEY", "PROXY_KEY", "INPUT_PROXY_SSH_KEY"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.ssh-passphrase",
+			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
+			EnvVars: []string{"PLUGIN_PROXY_SSH_PASSPHRASE", "PLUGIN_PROXY_PASSPHRASE", "PROXY_SSH_PASSPHRASE", "PROXY_PASSPHRASE", "INPUT_PROXY_PASSPHRASE"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.key-path",
+			Usage:   "ssh private key path of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_KEY_PATH", "PROXY_SSH_KEY_PATH", "INPUT_PROXY_SSH_KEY_PATH"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.username",
+			Usage:   "connect as user of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_USERNAME", "PLUGIN_PROXY_USER", "PROXY_SSH_USERNAME", "PROXY_USERNAME", "INPUT_PROXY_USERNAME"},
+			Value:   "root",
+		},
+		&cli.StringFlag{
+			Name:    "proxy.password",
+			Usage:   "user password of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_PASSWORD", "PROXY_SSH_PASSWORD", "PROXY_PASSWORD", "INPUT_PROXY_PASSWORD"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.host",
+			Usage:   "connect to host of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_HOST", "PROXY_SSH_HOST", "PROXY_HOST", "INPUT_PROXY_HOST"},
+		},
+		&cli.StringSliceFlag{
+			Name:    "proxy.ciphers",
+			Usage:   "The allowed cipher algorithms. If unspecified then a sensible",
+			EnvVars: []string{"PLUGIN_PROXY_CIPHERS", "PROXY_SSH_CIPHERS", "PROXY_CIPHERS", "INPUT_PROXY_CIPHERS"},
+		},
+		&cli.BoolFlag{
+			Name:    "proxy.useInsecureCipher",
+			Usage:   "include more ciphers with use_insecure_cipher",
+			EnvVars: []string{"PLUGIN_PROXY_USE_INSECURE_CIPHER", "SSH_PROXY_USE_INSECURE_CIPHER", "PROXY_USE_INSECURE_CIPHER", "INPUT_PROXY_USE_INSECURE_CIPHER"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.fingerprint",
+			Usage:   "fingerprint SHA256 of the host public key, default is to skip verification",
+			EnvVars: []string{"PLUGIN_PROXY_FINGERPRINT", "SSH_PROXY_FINGERPRINT", "PROXY_FINGERPRINT", "INPUT_PROXY_FINGERPRINT"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.port",
+			Usage:   "connect to port of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_PORT", "PROXY_SSH_PORT", "PROXY_PORT", "INPUT_PROXY_PORT"},
+			Value:   "22",
+		},
+		&cli.DurationFlag{
+			Name:    "proxy.timeout",
+			Usage:   "proxy connection timeout",
+			EnvVars: []string{"PLUGIN_PROXY_TIMEOUT", "PROXY_SSH_TIMEOUT", "INPUT_PROXY_TIMEOUT"},
+		},
+		&cli.IntFlag{
+			Name:    "strip.components",
+			Usage:   "Remove the specified number of leading path elements.",
+			EnvVars: []string{"PLUGIN_STRIP_COMPONENTS", "TAR_STRIP_COMPONENTS", "INPUT_STRIP_COMPONENTS"},
+		},
+		&cli.StringFlag{
+			Name:    "tar.exec",
+			Usage:   "Alternative `tar` executable to on the dest host",
+			EnvVars: []string{"PLUGIN_TAR_EXEC", "SCP_TAR_EXEC", "INPUT_TAR_EXEC"},
+			Value:   "tar",
+		},
+		&cli.StringFlag{
+			Name:    "tar.tmp-path",
+			Usage:   "Temporary path for tar file on the dest host",
+			EnvVars: []string{"PLUGIN_TAR_TMP_PATH", "SCP_TAR_TMP_PATH"},
+		},
+		&cli.BoolFlag{
+			Name:    "debug",
+			Usage:   "remove target folder before upload data",
+			EnvVars: []string{"PLUGIN_DEBUG", "DEBUG", "INPUT_DEBUG"},
+		},
+		&cli.BoolFlag{
+			Name:    "overwrite",
+			Usage:   "use --overwrite flag with tar",
+			EnvVars: []string{"PLUGIN_OVERWRITE", "SCP_OVERWRITE", "INPUT_OVERWRITE"},
 		},
 	}
 
@@ -163,14 +285,13 @@ VERSION:
 REPOSITORY:
     Github: https://github.com/appleboy/drone-scp
 `
-	app.Run(os.Args)
+
+	if err := app.Run(os.Args); err != nil {
+		log.Fatal(err)
+	}
 }
 
 func run(c *cli.Context) error {
-	if c.String("env-file") != "" {
-		_ = godotenv.Load(c.String("env-file"))
-	}
-
 	plugin := Plugin{
 		Repo: Repo{
 			Owner: c.String("repo.owner"),
@@ -187,15 +308,39 @@ func run(c *cli.Context) error {
 			Link:    c.String("build.link"),
 		},
 		Config: Config{
-			Host:     c.StringSlice("host"),
-			Port:     c.String("port"),
-			Username: c.String("username"),
-			Password: c.String("password"),
-			Key:      c.String("key"),
-			KeyPath:  c.String("key-path"),
-			Target:   c.StringSlice("target"),
-			Source:   c.StringSlice("source"),
-			Remove:   c.Bool("rm"),
+			Host:              c.StringSlice("host"),
+			Port:              c.String("port"),
+			Username:          c.String("username"),
+			Password:          c.String("password"),
+			Passphrase:        c.String("ssh-passphrase"),
+			Fingerprint:       c.String("fingerprint"),
+			Timeout:           c.Duration("timeout"),
+			CommandTimeout:    c.Duration("command.timeout"),
+			Key:               c.String("ssh-key"),
+			KeyPath:           c.String("key-path"),
+			Target:            c.StringSlice("target"),
+			Source:            c.StringSlice("source"),
+			Remove:            c.Bool("rm"),
+			Debug:             c.Bool("debug"),
+			StripComponents:   c.Int("strip.components"),
+			TarExec:           c.String("tar.exec"),
+			TarTmpPath:        c.String("tar.tmp-path"),
+			Overwrite:         c.Bool("overwrite"),
+			Ciphers:           c.StringSlice("ciphers"),
+			UseInsecureCipher: c.Bool("useInsecureCipher"),
+			Proxy: easyssh.DefaultConfig{
+				Key:               c.String("proxy.ssh-key"),
+				Passphrase:        c.String("proxy.ssh-passphrase"),
+				Fingerprint:       c.String("proxy.fingerprint"),
+				KeyPath:           c.String("proxy.key-path"),
+				User:              c.String("proxy.username"),
+				Password:          c.String("proxy.password"),
+				Server:            c.String("proxy.host"),
+				Port:              c.String("proxy.port"),
+				Timeout:           c.Duration("proxy.timeout"),
+				Ciphers:           c.StringSlice("proxy.ciphers"),
+				UseInsecureCipher: c.Bool("proxy.useInsecureCipher"),
+			},
 		},
 	}
 

path.go

@@ -1,4 +1,4 @@
-// +build darwin dragonfly freebsd linux nacl netbsd openbsd solaris
+// +build !windows
 
 package main
 

path_windows_test.go

@@ -1,6 +1,8 @@
 package main
 
-import "testing"
+import (
+	"testing"
+)
 
 func TestGetRealPath(t *testing.T) {
 	type args struct {

pipeline.libsonnet

@@ -0,0 +1,256 @@
+{
+  test:: {
+    kind: 'pipeline',
+    name: 'testing',
+    platform: {
+      os: 'linux',
+      arch: 'amd64',
+    },
+    steps: [
+      {
+        name: 'vet',
+        image: 'golang:1.14',
+        pull: 'always',
+        commands: [
+          'make vet',
+        ],
+        volumes: [
+          {
+            name: 'gopath',
+            path: '/go',
+          },
+        ],
+      },
+      {
+        name: 'lint',
+        image: 'golang:1.14',
+        pull: 'always',
+        commands: [
+          'make lint',
+        ],
+        volumes: [
+          {
+            name: 'gopath',
+            path: '/go',
+          },
+        ],
+      },
+      {
+        name: 'misspell',
+        image: 'golang:1.14',
+        pull: 'always',
+        commands: [
+          'make misspell-check',
+        ],
+        volumes: [
+          {
+            name: 'gopath',
+            path: '/go',
+          },
+        ],
+      },
+      {
+        name: 'test',
+        image: 'golang:1.14-alpine',
+        pull: 'always',
+        commands: [
+          'apk add git make curl perl bash build-base zlib-dev ucl-dev',
+          'make ssh-server',
+          'make test',
+          'make coverage',
+        ],
+        volumes: [
+          {
+            name: 'gopath',
+            path: '/go',
+          },
+        ],
+      },
+      {
+        name: 'codecov',
+        image: 'robertstettner/drone-codecov',
+        pull: 'always',
+        settings: {
+          token: { 'from_secret': 'codecov_token' },
+        },
+      },
+    ],
+    volumes: [
+      {
+        name: 'gopath',
+        temp: {},
+      },
+    ],
+  },
+
+  build(name, os='linux', arch='amd64'):: {
+    kind: 'pipeline',
+    name: os + '-' + arch,
+    platform: {
+      os: os,
+      arch: arch,
+    },
+    steps: [
+      {
+        name: 'build-push',
+        image: 'golang:1.14',
+        pull: 'always',
+        environment: {
+          CGO_ENABLED: '0',
+        },
+        commands: [
+          'go build -v -ldflags \'-X main.build=${DRONE_BUILD_NUMBER}\' -a -o release/' + os + '/' + arch + '/' + name,
+        ],
+        when: {
+          event: {
+            exclude: [ 'tag' ],
+          },
+        },
+      },
+      {
+        name: 'build-tag',
+        image: 'golang:1.14',
+        pull: 'always',
+        environment: {
+          CGO_ENABLED: '0',
+        },
+        commands: [
+          'go build -v -ldflags \'-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}\' -a -o release/' + os + '/' + arch + '/' + name,
+        ],
+        when: {
+          event: [ 'tag' ],
+        },
+      },
+      {
+        name: 'executable',
+        image: 'golang:1.14',
+        pull: 'always',
+        commands: [
+          './release/' + os + '/' + arch + '/' + name + ' --help',
+        ],
+      },
+      {
+        name: 'dryrun',
+        image: 'plugins/docker:' + os + '-' + arch,
+        pull: 'always',
+        settings: {
+          daemon_off: false,
+          dry_run: true,
+          tags: os + '-' + arch,
+          dockerfile: 'docker/Dockerfile.' + os + '.' + arch,
+          repo: 'appleboy/' + name,
+          cache_from: 'appleboy/' + name,
+        },
+        when: {
+          event: [ 'pull_request' ],
+        },
+      },
+      {
+        name: 'publish',
+        image: 'plugins/docker:' + os + '-' + arch,
+        pull: 'always',
+        settings: {
+          daemon_off: 'false',
+          auto_tag: true,
+          auto_tag_suffix: os + '-' + arch,
+          dockerfile: 'docker/Dockerfile.' + os + '.' + arch,
+          repo: 'appleboy/' + name,
+          cache_from: 'appleboy/' + name,
+          username: { 'from_secret': 'docker_username' },
+          password: { 'from_secret': 'docker_password' },
+        },
+        when: {
+          event: {
+            exclude: [ 'pull_request' ],
+          },
+        },
+      },
+    ],
+    depends_on: [
+      'testing',
+    ],
+    trigger: {
+      ref: [
+        'refs/heads/master',
+        'refs/pull/**',
+        'refs/tags/**',
+      ],
+    },
+  },
+
+  release:: {
+    kind: 'pipeline',
+    name: 'release-binary',
+    platform: {
+      os: 'linux',
+      arch: 'amd64',
+    },
+    steps: [
+      {
+        name: 'build-all-binary',
+        image: 'golang:1.14',
+        pull: 'always',
+        commands: [
+          'make release'
+        ],
+        when: {
+          event: [ 'tag' ],
+        },
+      },
+      {
+        name: 'deploy-all-binary',
+        image: 'plugins/github-release',
+        pull: 'always',
+        settings: {
+          files: [ 'dist/release/*' ],
+          api_key: { 'from_secret': 'github_release_api_key' },
+        },
+        when: {
+          event: [ 'tag' ],
+        },
+      },
+    ],
+    depends_on: [
+      'testing',
+    ],
+    trigger: {
+      ref: [
+        'refs/tags/**',
+      ],
+    },
+  },
+
+  notifications(os='linux', arch='amd64', depends_on=[]):: {
+    kind: 'pipeline',
+    name: 'notifications',
+    platform: {
+      os: os,
+      arch: arch,
+    },
+    steps: [
+      {
+        name: 'manifest',
+        image: 'plugins/manifest',
+        pull: 'always',
+        settings: {
+          username: { from_secret: 'docker_username' },
+          password: { from_secret: 'docker_password' },
+          spec: 'docker/manifest.tmpl',
+          ignore_missing: true,
+        },
+      },
+    ],
+    depends_on: depends_on,
+    trigger: {
+      ref: [
+        'refs/heads/master',
+        'refs/tags/**',
+      ],
+    },
+  },
+
+  signature(key):: {
+    kind: 'signature',
+    hmac: key,
+  }
+}

plugin.go

@@ -4,15 +4,24 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
-	"log"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"strconv"
 	"strings"
 	"sync"
+	"time"
 
 	"github.com/appleboy/com/random"
-	"github.com/appleboy/drone-scp/easyssh"
+	"github.com/appleboy/easyssh-proxy"
+	"github.com/fatih/color"
+)
+
+var (
+	errMissingHost           = errors.New("Error: missing server host")
+	errMissingPasswordOrKey  = errors.New("Error: can't connect without a private SSH key or password")
+	errSetPasswordandKey     = errors.New("can't set password and key at the same time")
+	errMissingSourceOrTarget = errors.New("missing source or target config")
 )
 
 type (
@@ -36,26 +45,46 @@ type (
 
 	// Config for the plugin.
 	Config struct {
-		Host     []string
-		Port     string
-		Username string
-		Password string
-		Key      string
-		KeyPath  string
-		Target   []string
-		Source   []string
-		Remove   bool
+		Host              []string
+		Port              string
+		Username          string
+		Password          string
+		Key               string
+		Passphrase        string
+		Fingerprint       string
+		KeyPath           string
+		Timeout           time.Duration
+		CommandTimeout    time.Duration
+		Target            []string
+		Source            []string
+		Remove            bool
+		StripComponents   int
+		TarExec           string
+		TarTmpPath        string
+		Proxy             easyssh.DefaultConfig
+		Debug             bool
+		Overwrite         bool
+		Ciphers           []string
+		UseInsecureCipher bool
 	}
 
 	// Plugin values.
 	Plugin struct {
-		Repo   Repo
-		Build  Build
-		Config Config
+		Repo     Repo
+		Build    Build
+		Config   Config
+		DestFile string
+	}
+
+	copyError struct {
+		host    string
+		message string
 	}
 )
 
-var wg sync.WaitGroup
+func (e copyError) Error() string {
+	return fmt.Sprintf("error copy file to dest: %s, error message: %s\n", e.host, e.message)
+}
 
 func trimPath(keys []string) []string {
 	var newKeys []string
@@ -72,64 +101,225 @@ func trimPath(keys []string) []string {
 	return newKeys
 }
 
+func globList(paths []string) fileList {
+	var list fileList
+
+	for _, pattern := range paths {
+		ignore := false
+		pattern = strings.Trim(pattern, " ")
+		if string(pattern[0]) == "!" {
+			pattern = pattern[1:]
+			ignore = true
+		}
+		matches, err := filepath.Glob(pattern)
+		if err != nil {
+			fmt.Printf("Glob error for %q: %s\n", pattern, err)
+			continue
+		}
+
+		if ignore {
+			list.Ignore = append(list.Ignore, matches...)
+		} else {
+			list.Source = append(list.Source, matches...)
+		}
+	}
+
+	return list
+}
+
+func buildArgs(tar string, files fileList) []string {
+	args := []string{}
+	if len(files.Ignore) > 0 {
+		for _, v := range files.Ignore {
+			args = append(args, "--exclude")
+			args = append(args, v)
+		}
+	}
+	args = append(args, "-cf")
+	args = append(args, getRealPath(tar))
+	args = append(args, files.Source...)
+
+	return args
+}
+
 func (p Plugin) log(host string, message ...interface{}) {
-	log.Printf("%s: %s", host, fmt.Sprintln(message...))
+	if count := len(p.Config.Host); count == 1 {
+		fmt.Printf("%s", fmt.Sprintln(message...))
+	} else {
+		fmt.Printf("%s: %s", host, fmt.Sprintln(message...))
+	}
+}
+
+func (p *Plugin) removeDestFile(ssh *easyssh.MakeConfig) error {
+	p.log(ssh.Server, "remove file", p.DestFile)
+	_, errStr, _, err := ssh.Run(fmt.Sprintf("rm -rf %s", p.DestFile), p.Config.CommandTimeout)
+
+	if err != nil {
+		return err
+	}
+
+	if errStr != "" {
+		return errors.New(errStr)
+	}
+
+	return nil
+}
+
+func (p *Plugin) removeAllDestFile() error {
+	for _, host := range p.Config.Host {
+		ssh := &easyssh.MakeConfig{
+			Server:            host,
+			User:              p.Config.Username,
+			Password:          p.Config.Password,
+			Port:              p.Config.Port,
+			Key:               p.Config.Key,
+			KeyPath:           p.Config.KeyPath,
+			Passphrase:        p.Config.Passphrase,
+			Timeout:           p.Config.Timeout,
+			Ciphers:           p.Config.Ciphers,
+			Fingerprint:       p.Config.Fingerprint,
+			UseInsecureCipher: p.Config.UseInsecureCipher,
+			Proxy: easyssh.DefaultConfig{
+				Server:            p.Config.Proxy.Server,
+				User:              p.Config.Proxy.User,
+				Password:          p.Config.Proxy.Password,
+				Port:              p.Config.Proxy.Port,
+				Key:               p.Config.Proxy.Key,
+				KeyPath:           p.Config.Proxy.KeyPath,
+				Passphrase:        p.Config.Proxy.Passphrase,
+				Timeout:           p.Config.Proxy.Timeout,
+				Ciphers:           p.Config.Proxy.Ciphers,
+				Fingerprint:       p.Config.Proxy.Fingerprint,
+				UseInsecureCipher: p.Config.Proxy.UseInsecureCipher,
+			},
+		}
+
+		// remove tar file
+		err := p.removeDestFile(ssh)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+type fileList struct {
+	Ignore []string
+	Source []string
+}
+
+func (p *Plugin) buildArgs(target string) []string {
+	args := []string{}
+
+	args = append(args,
+		p.Config.TarExec,
+		"-xf",
+		p.DestFile,
+	)
+
+	if p.Config.StripComponents > 0 {
+		args = append(args, "--strip-components")
+		args = append(args, strconv.Itoa(p.Config.StripComponents))
+	}
+
+	if p.Config.Overwrite {
+		args = append(args, "--overwrite")
+	}
+
+	args = append(args,
+		"-C",
+		target,
+	)
+
+	return args
 }
 
 // Exec executes the plugin.
-func (p Plugin) Exec() error {
+func (p *Plugin) Exec() error {
+	if len(p.Config.Host) == 0 {
+		return errMissingHost
+	}
 
-	if len(p.Config.Host) == 0 || len(p.Config.Username) == 0 {
-		return errors.New("missing ssh config (Host, Username)")
+	if len(p.Config.Key) == 0 && len(p.Config.Password) == 0 && len(p.Config.KeyPath) == 0 {
+		return errMissingPasswordOrKey
+	}
+
+	if len(p.Config.Key) != 0 && len(p.Config.Password) != 0 {
+		return errSetPasswordandKey
 	}
 
 	if len(p.Config.Source) == 0 || len(p.Config.Target) == 0 {
-		return errors.New("missing source or target config")
+		return errMissingSourceOrTarget
 	}
 
-	files := trimPath(p.Config.Source)
-	dest := fmt.Sprintf("%s.tar", random.String(10))
+	files := globList(trimPath(p.Config.Source))
+	p.DestFile = fmt.Sprintf("%s.tar", random.String(10))
 
 	// create a temporary file for the archive
 	dir, err := ioutil.TempDir("", "")
 	if err != nil {
 		return err
 	}
-	tar := filepath.Join(dir, dest)
+	tar := filepath.Join(dir, p.DestFile)
 
 	// run archive command
-	log.Println("tar all files into " + tar)
-	args := append(append([]string{}, "-cf", getRealPath(tar)), files...)
-
-	cmd := exec.Command("tar", args...)
+	fmt.Println("tar all files into " + tar)
+	args := buildArgs(tar, files)
+	cmd := exec.Command(p.Config.TarExec, args...)
+	if p.Config.Debug {
+		fmt.Println("$", strings.Join(cmd.Args, " "))
+	}
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	if err := cmd.Run(); err != nil {
 		return err
 	}
 
+	wg := sync.WaitGroup{}
 	wg.Add(len(p.Config.Host))
-	errChannel := make(chan error, 1)
-	finished := make(chan bool, 1)
+	errChannel := make(chan error)
+	finished := make(chan struct{})
 	for _, host := range p.Config.Host {
 		go func(host string) {
 			// Create MakeConfig instance with remote username, server address and path to private key.
 			ssh := &easyssh.MakeConfig{
-				Server:   host,
-				User:     p.Config.Username,
-				Password: p.Config.Password,
-				Port:     p.Config.Port,
-				Key:      p.Config.Key,
-				KeyPath:  p.Config.KeyPath,
+				Server:            host,
+				User:              p.Config.Username,
+				Password:          p.Config.Password,
+				Port:              p.Config.Port,
+				Key:               p.Config.Key,
+				KeyPath:           p.Config.KeyPath,
+				Passphrase:        p.Config.Passphrase,
+				Timeout:           p.Config.Timeout,
+				Ciphers:           p.Config.Ciphers,
+				Fingerprint:       p.Config.Fingerprint,
+				UseInsecureCipher: p.Config.UseInsecureCipher,
+				Proxy: easyssh.DefaultConfig{
+					Server:            p.Config.Proxy.Server,
+					User:              p.Config.Proxy.User,
+					Password:          p.Config.Proxy.Password,
+					Port:              p.Config.Proxy.Port,
+					Key:               p.Config.Proxy.Key,
+					KeyPath:           p.Config.Proxy.KeyPath,
+					Passphrase:        p.Config.Proxy.Passphrase,
+					Timeout:           p.Config.Proxy.Timeout,
+					Ciphers:           p.Config.Proxy.Ciphers,
+					Fingerprint:       p.Config.Proxy.Fingerprint,
+					UseInsecureCipher: p.Config.Proxy.UseInsecureCipher,
+				},
 			}
 
+			// upload file to the tmp path
+			p.DestFile = fmt.Sprintf("%s%s", p.Config.TarTmpPath, p.DestFile)
+
 			// Call Scp method with file you want to upload to remote server.
 			p.log(host, "scp file to server.")
-			err = ssh.Scp(tar)
+			err := ssh.Scp(tar, p.DestFile)
 
-			// Handle errors
 			if err != nil {
-				errChannel <- err
+				errChannel <- copyError{host, err.Error()}
+				return
 			}
 
 			for _, target := range p.Config.Target {
@@ -137,36 +327,54 @@ func (p Plugin) Exec() error {
 				if p.Config.Remove {
 					p.log(host, "Remove target folder:", target)
 
-					_, err := ssh.Run(fmt.Sprintf("rm -rf %s", target))
+					_, _, _, err := ssh.Run(fmt.Sprintf("rm -rf %s", target), p.Config.CommandTimeout)
 
 					if err != nil {
 						errChannel <- err
+						return
 					}
 				}
 
 				// mkdir path
 				p.log(host, "create folder", target)
-				response, _ := ssh.Run(fmt.Sprintf("mkdir -p %s", target))
+				_, errStr, _, err := ssh.Run(fmt.Sprintf("mkdir -p %s", target), p.Config.CommandTimeout)
+				if err != nil {
+					errChannel <- err
+					return
+				}
 
-				if response != "" {
-					errChannel <- errors.New(response)
+				if len(errStr) != 0 {
+					errChannel <- fmt.Errorf(errStr)
+					return
 				}
 
 				// untar file
-				p.log(host, "untar file", dest)
-				_, err = ssh.Run(fmt.Sprintf("tar -xf %s -C %s", dest, target))
+				p.log(host, "untar file", p.DestFile)
+				commamd := strings.Join(p.buildArgs(target), " ")
+				if p.Config.Debug {
+					fmt.Println("$", commamd)
+				}
+				outStr, errStr, _, err := ssh.Run(commamd, p.Config.CommandTimeout)
+
+				if outStr != "" {
+					p.log(host, "output: ", outStr)
+				}
+
+				if errStr != "" {
+					p.log(host, "error: ", errStr)
+				}
 
 				if err != nil {
 					errChannel <- err
+					return
 				}
 			}
 
 			// remove tar file
-			p.log(host, "remove file", dest)
-			_, err = ssh.Run(fmt.Sprintf("rm -rf %s", dest))
-
+			err = p.removeDestFile(ssh)
 			if err != nil {
 				errChannel <- err
+				return
 			}
 
 			wg.Done()
@@ -183,12 +391,19 @@ func (p Plugin) Exec() error {
 	case <-finished:
 	case err := <-errChannel:
 		if err != nil {
-			fmt.Println("drone-scp error: ", err)
+			c := color.New(color.FgRed)
+			c.Println("drone-scp error: ", err)
+			if _, ok := err.(copyError); !ok {
+				fmt.Println("drone-scp rollback: remove all target tmp file")
+				p.removeAllDestFile()
+			}
 			return err
 		}
 	}
 
-	fmt.Println("Successfully executed transfer data to all host.")
+	fmt.Println("===================================================")
+	fmt.Println("✅ Successfully executed transfer data to all host")
+	fmt.Println("===================================================")
 
 	return nil
 }

plugin_test.go

@@ -1,12 +1,19 @@
 package main
 
 import (
-	"github.com/stretchr/testify/assert"
-
+	"io/ioutil"
+	"log"
 	"os"
 	"os/exec"
 	"os/user"
+	"path/filepath"
+	"reflect"
 	"testing"
+	"time"
+
+	"github.com/appleboy/easyssh-proxy"
+	"github.com/stretchr/testify/assert"
+	"golang.org/x/crypto/ssh"
 )
 
 func TestMissingAllConfig(t *testing.T) {
@@ -45,6 +52,23 @@ func TestMissingSourceConfig(t *testing.T) {
 	assert.NotNil(t, err)
 }
 
+func TestSetPasswordAndKey(t *testing.T) {
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"example.com"},
+			Username: "ubuntu",
+			Port:     "443",
+			Password: "1234",
+			Key:      "test",
+		},
+	}
+
+	err := plugin.Exec()
+
+	assert.NotNil(t, err)
+	assert.Equal(t, errSetPasswordandKey, err)
+}
+
 func TestTrimElement(t *testing.T) {
 	var input, result []string
 
@@ -61,7 +85,9 @@ func TestTrimElement(t *testing.T) {
 
 func TestSCPFileFromPublicKey(t *testing.T) {
 	if os.Getenv("SSH_AUTH_SOCK") != "" {
-		exec.Command("eval", "`ssh-agent -k`").Run()
+		if err := exec.Command("eval", "`ssh-agent -k`").Run(); err != nil {
+			t.Fatalf("exec: %v", err)
+		}
 	}
 
 	u, err := user.Lookup("drone-scp")
@@ -71,12 +97,14 @@ func TestSCPFileFromPublicKey(t *testing.T) {
 
 	plugin := Plugin{
 		Config: Config{
-			Host:     []string{"localhost"},
-			Username: "drone-scp",
-			Port:     "22",
-			KeyPath:  "tests/.ssh/id_rsa",
-			Source:   []string{"tests/a.txt", "tests/b.txt"},
-			Target:   []string{u.HomeDir + "/test"},
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "tests/.ssh/id_rsa",
+			Source:         []string{"tests/a.txt", "tests/b.txt"},
+			Target:         []string{filepath.Join(u.HomeDir, "/test")},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
 		},
 	}
 
@@ -84,11 +112,11 @@ func TestSCPFileFromPublicKey(t *testing.T) {
 	assert.Nil(t, err)
 
 	// check file exist
-	if _, err := os.Stat(u.HomeDir + "/test/tests/a.txt"); os.IsNotExist(err) {
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test/tests/a.txt")); os.IsNotExist(err) {
 		t.Fatalf("SCP-error: %v", err)
 	}
 
-	if _, err := os.Stat(u.HomeDir + "/test/tests/b.txt"); os.IsNotExist(err) {
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test/tests/b.txt")); os.IsNotExist(err) {
 		t.Fatalf("SCP-error: %v", err)
 	}
 
@@ -100,7 +128,324 @@ func TestSCPFileFromPublicKey(t *testing.T) {
 	assert.Nil(t, err)
 
 	// check file exist
-	if _, err := os.Stat(u.HomeDir + "/test/tests/b.txt"); os.IsExist(err) {
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test/tests/b.txt")); os.IsExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestSCPFileFromPublicKeyWithPassphrase(t *testing.T) {
+	if os.Getenv("SSH_AUTH_SOCK") != "" {
+		if err := exec.Command("eval", "`ssh-agent -k`").Run(); err != nil {
+			t.Fatalf("exec: %v", err)
+		}
+	}
+
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "tests/.ssh/test",
+			Passphrase:     "1234",
+			Source:         []string{"tests/a.txt", "tests/b.txt"},
+			Target:         []string{filepath.Join(u.HomeDir, "/test2")},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test2/tests/a.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test2/tests/b.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestWrongFingerprint(t *testing.T) {
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "./tests/.ssh/id_rsa",
+			Source:         []string{"tests/a.txt", "tests/b.txt"},
+			Target:         []string{filepath.Join(u.HomeDir, "/test2")},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
+			Fingerprint:    "wrong",
+		},
+	}
+
+	err = plugin.Exec()
+	log.Println(err)
+	assert.NotNil(t, err)
+}
+
+func getHostPublicKeyFile(keypath string) (ssh.PublicKey, error) {
+	var pubkey ssh.PublicKey
+	var err error
+	buf, err := ioutil.ReadFile(keypath)
+	if err != nil {
+		return nil, err
+	}
+
+	pubkey, _, _, _, err = ssh.ParseAuthorizedKey(buf)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return pubkey, nil
+}
+
+func TestSCPFileFromPublicKeyWithFingerprint(t *testing.T) {
+	if os.Getenv("SSH_AUTH_SOCK") != "" {
+		if err := exec.Command("eval", "`ssh-agent -k`").Run(); err != nil {
+			t.Fatalf("exec: %v", err)
+		}
+	}
+
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	hostKey, err := getHostPublicKeyFile("/etc/ssh/ssh_host_rsa_key.pub")
+	assert.NoError(t, err)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "./tests/.ssh/id_rsa",
+			Fingerprint:    ssh.FingerprintSHA256(hostKey),
+			Source:         []string{"tests/a.txt", "tests/b.txt"},
+			Target:         []string{filepath.Join(u.HomeDir, "/test2")},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test2/tests/a.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "/test2/tests/b.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestSCPWildcardFileList(t *testing.T) {
+	if os.Getenv("SSH_AUTH_SOCK") != "" {
+		if err := exec.Command("eval", "`ssh-agent -k`").Run(); err != nil {
+			t.Fatalf("exec: %v", err)
+		}
+	}
+
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "tests/.ssh/id_rsa",
+			Source:         []string{"tests/global/*"},
+			Target:         []string{filepath.Join(u.HomeDir, "abc")},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "abc/tests/global/c.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "abc/tests/global/d.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestSCPFromProxySetting(t *testing.T) {
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "tests/.ssh/id_rsa",
+			Source:         []string{"tests/global/*"},
+			Target:         []string{filepath.Join(u.HomeDir, "def")},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
+			Proxy: easyssh.DefaultConfig{
+				Server:  "localhost",
+				User:    "drone-scp",
+				Port:    "22",
+				KeyPath: "./tests/.ssh/id_rsa",
+			},
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "def/tests/global/c.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "def/tests/global/d.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestStripComponentsFlag(t *testing.T) {
+	if os.Getenv("SSH_AUTH_SOCK") != "" {
+		if err := exec.Command("eval", "`ssh-agent -k`").Run(); err != nil {
+			t.Fatalf("exec: %v", err)
+		}
+	}
+
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:            []string{"localhost"},
+			Username:        "drone-scp",
+			Port:            "22",
+			KeyPath:         "tests/.ssh/id_rsa",
+			Source:          []string{"tests/global/*"},
+			StripComponents: 2,
+			Target:          []string{filepath.Join(u.HomeDir, "123")},
+			CommandTimeout:  60 * time.Second,
+			TarExec:         "tar",
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "123/c.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "123/d.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestUseInsecureCipherFlag(t *testing.T) {
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:              []string{"localhost"},
+			Username:          "drone-scp",
+			Port:              "22",
+			KeyPath:           "tests/.ssh/id_rsa",
+			Source:            []string{"tests/global/*"},
+			StripComponents:   2,
+			Target:            []string{filepath.Join(u.HomeDir, "123")},
+			CommandTimeout:    60 * time.Second,
+			TarExec:           "tar",
+			UseInsecureCipher: true,
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "123/c.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "123/d.txt")); os.IsNotExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
+}
+
+func TestIgnoreList(t *testing.T) {
+	if os.Getenv("SSH_AUTH_SOCK") != "" {
+		if err := exec.Command("eval", "`ssh-agent -k`").Run(); err != nil {
+			t.Fatalf("exec: %v", err)
+		}
+	}
+
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
+	plugin := Plugin{
+		Config: Config{
+			Host:            []string{"localhost"},
+			Username:        "drone-scp",
+			Port:            "22",
+			KeyPath:         "tests/.ssh/id_rsa",
+			Source:          []string{"tests/global/*", "!tests/global/c.txt", "!tests/global/e.txt"},
+			StripComponents: 2,
+			Target:          []string{filepath.Join(u.HomeDir, "ignore")},
+			CommandTimeout:  60 * time.Second,
+			TarExec:         "tar",
+			Debug:           true,
+		},
+	}
+
+	err = plugin.Exec()
+	assert.Nil(t, err)
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "ignore/c.txt")); err == nil {
+		t.Fatal("c.txt file exist")
+	}
+
+	// check file exist
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "ignore/e.txt")); err == nil {
+		t.Fatal("c.txt file exist")
+	}
+
+	if _, err := os.Stat(filepath.Join(u.HomeDir, "ignore/d.txt")); os.IsNotExist(err) {
 		t.Fatalf("SCP-error: %v", err)
 	}
 }
@@ -154,12 +499,14 @@ func TestSCPFileFromPublicKey(t *testing.T) {
 func TestIncorrectPassword(t *testing.T) {
 	plugin := Plugin{
 		Config: Config{
-			Host:     []string{"localhost"},
-			Username: "drone-scp",
-			Port:     "22",
-			Password: "123456",
-			Source:   []string{"tests/a.txt", "tests/b.txt"},
-			Target:   []string{"/home"},
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			Password:       "123456",
+			Source:         []string{"tests/a.txt", "tests/b.txt"},
+			Target:         []string{"/home"},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
 		},
 	}
 
@@ -168,33 +515,182 @@ func TestIncorrectPassword(t *testing.T) {
 }
 
 func TestNoPermissionCreateFolder(t *testing.T) {
+	u, err := user.Lookup("drone-scp")
+	if err != nil {
+		t.Fatalf("Lookup: %v", err)
+	}
+
 	plugin := Plugin{
 		Config: Config{
-			Host:     []string{"localhost"},
-			Username: "drone-scp",
-			Port:     "22",
-			KeyPath:  "tests/.ssh/id_rsa",
-			Source:   []string{"tests/a.txt", "tests/b.txt"},
-			Target:   []string{"/etc/test"},
+			Host:           []string{"localhost"},
+			Username:       "drone-scp",
+			Port:           "22",
+			KeyPath:        "tests/.ssh/id_rsa",
+			Source:         []string{"tests/a.txt", "tests/b.txt"},
+			Target:         []string{"/etc/test"},
+			CommandTimeout: 60 * time.Second,
+			TarExec:        "tar",
 		},
 	}
 
-	err := plugin.Exec()
+	err = plugin.Exec()
 	assert.NotNil(t, err)
+
+	// check tmp file exist
+	if _, err = os.Stat(filepath.Join(u.HomeDir, plugin.DestFile)); os.IsExist(err) {
+		t.Fatalf("SCP-error: %v", err)
+	}
 }
 
-func TestSourceNotFound(t *testing.T) {
-	plugin := Plugin{
-		Config: Config{
-			Host:     []string{"localhost"},
-			Username: "drone-scp",
-			Port:     "22",
-			KeyPath:  "tests/.ssh/id_rsa",
-			Source:   []string{"tests/aa.txt", "tests/b.txt"},
-			Target:   []string{"/test"},
-		},
+func TestGlobList(t *testing.T) {
+	// wrong patern
+	paterns := []string{"[]a]", "tests/?.txt"}
+	expects := []string{"tests/a.txt", "tests/b.txt"}
+	assert.Equal(t, expects, globList(paterns).Source)
+
+	paterns = []string{"tests/*.txt", "tests/.ssh/*", "abc*"}
+	expects = []string{"tests/a.txt", "tests/b.txt", "tests/.ssh/id_rsa", "tests/.ssh/id_rsa.pub", "tests/.ssh/test", "tests/.ssh/test.pub"}
+	assert.Equal(t, expects, globList(paterns).Source)
+
+	paterns = []string{"tests/?.txt"}
+	expects = []string{"tests/a.txt", "tests/b.txt"}
+	assert.Equal(t, expects, globList(paterns).Source)
+
+	// remove item which file not found.
+	paterns = []string{"tests/aa.txt", "tests/b.txt"}
+	expects = []string{"tests/b.txt"}
+	assert.Equal(t, expects, globList(paterns).Source)
+
+	paterns = []string{"./tests/b.txt"}
+	expects = []string{"./tests/b.txt"}
+	assert.Equal(t, expects, globList(paterns).Source)
+
+	paterns = []string{"./tests/*.txt", "!./tests/b.txt"}
+	expectSources := []string{"tests/a.txt", "tests/b.txt"}
+	expectIgnores := []string{"./tests/b.txt"}
+	result := globList(paterns)
+	assert.Equal(t, expectSources, result.Source)
+	assert.Equal(t, expectIgnores, result.Ignore)
+}
+
+func TestBuildArgs(t *testing.T) {
+	list := fileList{
+		Source: []string{"tests/a.txt", "tests/b.txt", "tests/c.txt"},
+		Ignore: []string{"tests/a.txt", "tests/b.txt"},
 	}
 
-	err := plugin.Exec()
-	assert.NotNil(t, err)
+	result := buildArgs("test.tar.gz", list)
+	expects := []string{"--exclude", "tests/a.txt", "--exclude", "tests/b.txt", "-cf", "test.tar.gz", "tests/a.txt", "tests/b.txt", "tests/c.txt"}
+	assert.Equal(t, expects, result)
+
+	list = fileList{
+		Source: []string{"tests/a.txt", "tests/b.txt"},
+	}
+
+	result = buildArgs("test.tar.gz", list)
+	expects = []string{"-cf", "test.tar.gz", "tests/a.txt", "tests/b.txt"}
+	assert.Equal(t, expects, result)
+}
+
+func TestRemoveDestFile(t *testing.T) {
+	ssh := &easyssh.MakeConfig{
+		Server:  "localhost",
+		User:    "drone-scp",
+		Port:    "22",
+		KeyPath: "tests/.ssh/id_rsa",
+		// io timeout
+		Timeout: 1,
+	}
+	plugin := Plugin{
+		Config: Config{
+			CommandTimeout: 60 * time.Second,
+		},
+		DestFile: "/etc/resolv.conf",
+	}
+
+	// ssh io timeout
+	err := plugin.removeDestFile(ssh)
+	assert.Error(t, err)
+
+	ssh.Timeout = 0
+
+	// permission denied
+	err = plugin.removeDestFile(ssh)
+	assert.Error(t, err)
+}
+
+func TestPlugin_buildArgs(t *testing.T) {
+	type fields struct {
+		Repo     Repo
+		Build    Build
+		Config   Config
+		DestFile string
+	}
+	type args struct {
+		target string
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		args   args
+		want   []string
+	}{
+		{
+			name: "default command",
+			fields: fields{
+				Config: Config{
+					Overwrite: false,
+					TarExec:   "tar",
+				},
+				DestFile: "foo.tar",
+			},
+			args: args{
+				target: "foo",
+			},
+			want: []string{"tar", "-xf", "foo.tar", "-C", "foo"},
+		},
+		{
+			name: "strip components",
+			fields: fields{
+				Config: Config{
+					Overwrite:       false,
+					TarExec:         "tar",
+					StripComponents: 2,
+				},
+				DestFile: "foo.tar",
+			},
+			args: args{
+				target: "foo",
+			},
+			want: []string{"tar", "-xf", "foo.tar", "--strip-components", "2", "-C", "foo"},
+		},
+		{
+			name: "overwrite",
+			fields: fields{
+				Config: Config{
+					TarExec:         "tar",
+					StripComponents: 2,
+					Overwrite:       true,
+				},
+				DestFile: "foo.tar",
+			},
+			args: args{
+				target: "foo",
+			},
+			want: []string{"tar", "-xf", "foo.tar", "--strip-components", "2", "--overwrite", "-C", "foo"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			p := &Plugin{
+				Repo:     tt.fields.Repo,
+				Build:    tt.fields.Build,
+				Config:   tt.fields.Config,
+				DestFile: tt.fields.DestFile,
+			}
+			if got := p.buildArgs(tt.args.target); !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("Plugin.buildArgs() = %v, want %v", got, tt.want)
+			}
+		})
+	}
 }

tests/.ssh/test

@@ -0,0 +1,50 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAZka7A7i
+FscMeJBPyPteclAAAAEAAAAAEAAAIXAAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2o
+nnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mh
+HBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+
+rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMG
+vX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv
+9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOr
+b93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mr
+D2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jI
+NHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE
+3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpv
+jwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQAAB1CnEMQGwAKZbd3F1DJqwfPf
+KWjoUJKbTRiav6h5pQr65JaqDe/7YE2ZHYo5917AC2vPLwPxAnoHFMsbObd5mWcmpATg/0
+K/qkN5Z4Ml5U3bwr51wfSPh1MiAP21Aickt09BDstIJzNNwwgcY31O3k/d6VBjqyM6Ezop
+66LI4s/IIni1BI+cALyEfzE4Qu16GfzIeM+JVxildP4VImhvNBESmmbBL8rNmSzlQ+FTuF
+JVmowUbcon1O0CppM1MRVPeG805XDwjxHXKwOp5O7MdTz7H8JeORoe8D6+4rNfJE0eQGY7
+Nm4+Wa97HzAFbT9IS433rxoGx9Qps3LAySFONso2JWSOEfo8rxnqO04DrfVHQhY3DkkwQt
+FsDnMtkthJa+ZzUYc75fnS0DBPGuF9DZUCqrev5oAUHP6C4Vc4b33JJQD4FZJ+ehk3Xsci
+cwJQsmgLyc5Jdh543Dm7kZoM9ku7HDNrB4H/1p45Vo6aBZMAY50x+fTdBeTgCzzhzzTbf+
+0IF8W3yW3/BYD+S2Byo3JKp6NH0Q8cgPJrGTl6GltGfpVuc6kLjMZ5zvxRbyWaqtIygM46
+W1izbA+9jwbHhitCtOk42e/ff6iEB1MVC13LqPty3gPNR8Pv0rDUDjJS4KiVwXqUY+bMr0
+C8l/hx93euHjLUJ49Ru6uy/2fBlHZEj6GmEAJhu/i6t2c1Rq0HBLis9X356oQT+YZnIai2
+ym0MknPxjeYBAItOV3zhRd1cYnk7CDcl1XALcnh0tqP712x24IJ+Ytqg7nvB2NZV8T469I
+8Fp254Nr89HOMAXaZD0UcIPm7D2rfWV+YJFI3ZcJ/8DM99H3tpXe2j4oHMdmAbBd++09sx
+KBRdFLcvnBfd1lqwxpA7hbxzrxi/yehYCqzh5KQGaf2UXej6TPiVzBWVYbp34cMZtsT6mF
+K8SS3l5TXoNK2DNEk30o8K3q+vngQpfC9GZ/id4B7LS/3ybellxemZHXQoU4PxDkLKt7jd
+AAsd5WO13dv3n/qgyu8iBRiFU+W66NX0RJGkp+lZMnta0YzukafM2n6GDn/r/Cx/y21PAi
+ah8i41ByI1QLI4m1r+bRHdUxAarS/XJw4tTSFiZu3zddMYrlzeG9O3VUX9zBvBtfQbSmeJ
+omml0zlr/qD7TMsORiujy7XIn7sMW+Ls/NA8TvX8oRnACjXe/MYNEZ8WDu2rkZuY/Dfc+o
+NyYWO7kZ3kcejQZ1NusJSA7MG0FFGYSIaC9T9CWqYd5IcRSJW4dZnCt9z8CIJ6TSUFqMb/
+H1Y5Rmi0IIX+8qbGGXVBDIBk5y9xtS43+nz1nsdXwDmkTiXN9+ZX+GDsLxCWoHGryrWDbk
+EuOAlqpvxFKzEkNsx+AC5wae6i/hBeiEce9bm4nZp+hFv1ic1Z9WS8B37YOFgJ4utGeOjB
+6hnywUUJ3aH0LnCQNB3UzeFR7BmEaxmYD/phJodmjA5SD3CWpeizdXfrUjtqXGhYlr2jzq
+vBAeeYEO4uaHIGxg8GqoqtaseqVcIdtouHxrVAxxXkjShV2ji7oJ/AtrLZNlkKYxMk0TpX
+fFiKqL/uKfS78FfvVOhOkHZTD6ZeMgmdL/uOghEAtrf08ChyRvdp7QLjA802aio9eUVIQm
+lHb1ltPEbIZNuvQ5kTIwk2eM6EAkOh0MBMoAYOxOpIb00XHNRDGJYuLewByjMQa8EoT6VM
+NoiFIzJU9lLAXE6yz6JswctpTpLHK9Aq5vY7ObaOvrmpCQqsXfOuVUo2nR/FyEes97zuXG
+E4aKaHK4IAW4UY/oGYk7pU/yRpudhiNRMXzmcQXfVmBEHuvDrh2chg8lDYn++07F7RWqkI
+nfMAOWR8UEl4xp4zJtThDjRxNW6QLl8E1ADjndA9wVaKNSzv2i1TLXKBr5luFqY9MSJ2rm
+yBR5EwairH/Qn9TUxaDD+0p6J+E9iz1l8UPTJa/cjtwiySljahY/6tHHnr9YQVnox92yfU
+UXpfINGjYrpqh6EFwmyRw9fryIMvMhgZYo6ZoCRBCK2GfGAB0VTzJy2FGs4GecZK5ptXKu
+sOX8BgGX/Q/nAJ7PWf9hgYlX2YyjmLjQZDMWECp05VFx9znEETNKlwF1FX5/E/37ISyz4d
+I1LVSKOEccJX7jCR32LzvRW1UBX47Z+q3LVE4sa0QAV/JoISq6Qn6zAsVIV0yEPmVbd/xx
+aX2uBUGHhmd99YJDh81xJIoYEMRzoGVfp0JjfYcDUc+2I6JdrOMF9/KmMA5wsZl4OKiu/F
+cTRGjUkgw/cF2EFRGWknee2esYRB7tOr4y56qZ4gxqw8q9rYXhyB42jbdTvt5xcCm/ynid
+sn4InokRRoIiMIPL5Ur7FZQHOP+915MWUBsrTJtkCWQuqJheYUi3mCzh/7NadAKplRpaKb
+rS/DJIOOkjnGni/sDxJzPq7STDBVy4WStwQl6NI5hq+/c+JvN9GI4Vu/kz0z8qUcdShLaH
+l4njcaMpg4tpQMHtCBOicGyV0=
+-----END OPENSSH PRIVATE KEY-----

tests/.ssh/test.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz6aZ1jY2onnuj2YNHJ/HhfvIu0B973v/+pFFOavnTUOhEEKEy3TASu+s9CkHrYZAtRc+QYIkNZI31mhHBhotdeP/7GoO2UirkFtrzyQKPNJxEcv0RBoG9ssN8jex0PyK6DHIYYFnIWadVBEEOh/H+rK7j7u2/big3oTzYBuFrCwmYFcz5na99MzFeAUhazF44gVBma+zO+1quGeqF51UDIg1SMGvX8I7LNEqrKEBaIUQJKFQcxlOWlRLQsjJCymrOujsXsRrXHAQWcnxDcNevv2ZMOUl0ybvv9yH0BiGbRBd1Hy8/QPILbAQaqu0oQE7fubN8Q8lqb3Jg0loID4x/5GPhSY8WAXpuLcXTOrb93SnCw1JsAgJDNqpuuRFy3BSZ7wBOr1jfeIoo7xk14OHiUjJ0uXDL9cLMkcw6ElWz81mrD2VCkXUz+qFyjJ+G7aGWRtctZoOzKln4yfNfUmwW8/8ra3QnmrMZ2xW2Ylw3ZhO+tLi7jINHYFb54bAdLVPUU1ctIuJns2qkWnjJCxxMiynIqCif20/OU1n8CTJuOWiURmRdmvKOH4PE3JxC2Qnk/3tV3Cf8hp1CH5VjBZ9AjGj5MDMHXyu34VY2WvYo5QyzfS3ySPoT8kCO0G0xpvjwCMHOK+G2RP4kqb/KKZguiKdgintBXuskTlJmD7kcMQ== deploy@easyssh

tests/a.txt

@@ -0,0 +1 @@
+appleboy