refactor: remove unnecessary line setting FilePath field to .host

- Remove the line that sets the `FilePath` field to `.host`

Signed-off-by: appleboy <appleboy.tw@gmail.com>

.drone.jsonnet

@@ -1,16 +0,0 @@
-local pipeline = import 'pipeline.libsonnet';
-local name = 'drone-ssh';
-
-[
-  pipeline.test,
-  pipeline.build(name, 'linux', 'amd64'),
-  // pipeline.build(name, 'linux', 'arm64'),
-  // pipeline.build(name, 'linux', 'arm'),
-  pipeline.release,
-  pipeline.notifications(depends_on=[
-    'linux-amd64',
-    // 'linux-arm64',
-    // 'linux-arm',
-    'release-binary',
-  ]),
-]

.drone.yml

@@ -1,152 +0,0 @@
----
-kind: pipeline
-name: testing
-platform:
-  arch: amd64
-  os: linux
-steps:
-- commands:
-  - make vet
-  image: golang:1.19
-  name: vet
-  pull: always
-  volumes:
-  - name: gopath
-    path: /go
-- image: robertstettner/drone-codecov
-  name: codecov
-  pull: always
-  settings:
-    token:
-      from_secret: codecov_token
-volumes:
-- name: gopath
-  temp: {}
----
-depends_on:
-- testing
-kind: pipeline
-name: linux-amd64
-platform:
-  arch: amd64
-  os: linux
-steps:
-- commands:
-  - go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-ssh
-  environment:
-    CGO_ENABLED: "0"
-  image: golang:1.19
-  name: build-push
-  pull: always
-  when:
-    event:
-      exclude:
-      - tag
-- commands:
-  - go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}'
-    -a -o release/linux/amd64/drone-ssh
-  environment:
-    CGO_ENABLED: "0"
-  image: golang:1.19
-  name: build-tag
-  pull: always
-  when:
-    event:
-    - tag
-- commands:
-  - ./release/linux/amd64/drone-ssh --help
-  image: golang:1.19
-  name: executable
-  pull: always
-- image: plugins/docker:linux-amd64
-  name: dryrun
-  pull: always
-  settings:
-    cache_from: appleboy/drone-ssh
-    daemon_off: false
-    dockerfile: docker/Dockerfile.linux.amd64
-    dry_run: true
-    repo: appleboy/drone-ssh
-    tags: linux-amd64
-  when:
-    event:
-    - pull_request
-- image: plugins/docker:linux-amd64
-  name: publish
-  pull: always
-  settings:
-    auto_tag: true
-    auto_tag_suffix: linux-amd64
-    cache_from: appleboy/drone-ssh
-    daemon_off: "false"
-    dockerfile: docker/Dockerfile.linux.amd64
-    password:
-      from_secret: docker_password
-    repo: appleboy/drone-ssh
-    username:
-      from_secret: docker_username
-  when:
-    event:
-      exclude:
-      - pull_request
-trigger:
-  ref:
-  - refs/heads/master
-  - refs/pull/**
-  - refs/tags/**
----
-depends_on:
-- testing
-kind: pipeline
-name: release-binary
-platform:
-  arch: amd64
-  os: linux
-steps:
-- commands:
-  - export PATH=$PATH:$GOPATH/bin
-  - make release
-  image: techknowlogick/xgo:go-1.19.x
-  name: build-all-binary
-  pull: always
-  when:
-    event:
-    - tag
-- image: plugins/github-release
-  name: deploy-all-binary
-  pull: always
-  settings:
-    api_key:
-      from_secret: github_release_api_key
-    files:
-    - dist/release/*
-  when:
-    event:
-    - tag
-trigger:
-  ref:
-  - refs/tags/**
----
-depends_on:
-- linux-amd64
-- release-binary
-kind: pipeline
-name: notifications
-platform:
-  arch: amd64
-  os: linux
-steps:
-- image: plugins/manifest
-  name: manifest
-  pull: always
-  settings:
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/manifest.tmpl
-    username:
-      from_secret: docker_username
-trigger:
-  ref:
-  - refs/heads/master
-  - refs/tags/**

.github/workflows/codeql.yml

@@ -13,12 +13,12 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [master]
   schedule:
-    - cron: '41 23 * * 6'
+    - cron: "41 23 * * 6"
 
 jobs:
   analyze:
@@ -32,23 +32,23 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go' ]
+        language: ["go"]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v3
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/docker.yml

@@ -0,0 +1,72 @@
+name: Docker Image
+
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - "v*"
+  pull_request:
+    branches:
+      - "master"
+
+jobs:
+  build-docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup go
+        uses: actions/setup-go@v4
+        with:
+          go-version: "^1.21"
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Build binary
+        run: |
+          make build_linux_amd64
+          make build_linux_arm
+          make build_linux_arm64
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: docker-meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ${{ github.repository }}
+            ghcr.io/${{ github.repository }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm,linux/arm64
+          file: docker/Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.docker-meta.outputs.tags }}
+          labels: ${{ steps.docker-meta.outputs.labels }}

.github/workflows/go.yml

@@ -1,25 +0,0 @@
-name: Run Tests
-
-on:
-  push:
-    branches:
-      - master
-  pull_request:
-    branches:
-      - master
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Setup go
-        uses: actions/setup-go@v3
-        with:
-          go-version: '^1'
-      - name: Checkout repository
-        uses: actions/checkout@v3
-      - name: Setup golangci-lint
-        uses: golangci/golangci-lint-action@v3
-        with:
-          version: v1.50.1
-          args: --verbose

.github/workflows/goreleaser.yml

@@ -3,7 +3,7 @@ name: Goreleaser
 on:
   push:
     tags:
-      - '*'
+      - "*"
 
 permissions:
   contents: write
@@ -12,19 +12,17 @@ jobs:
   goreleaser:
     runs-on: ubuntu-latest
     steps:
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v3
         with:
           fetch-depth: 0
-      -
-        name: Set up Go
-        uses: actions/setup-go@v2
+      - name: Setup go
+        uses: actions/setup-go@v4
         with:
-          go-version: 1.18
-      -
-        name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
+          go-version: "^1"
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v4
         with:
           # either 'goreleaser' (default) or 'goreleaser-pro'
           distribution: goreleaser

.github/workflows/lint.yml

@@ -0,0 +1,45 @@
+name: Lint and Testing
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup go
+        uses: actions/setup-go@v4
+        with:
+          go-version: "^1.21"
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Setup golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: latest
+          args: --verbose
+
+      - uses: hadolint/hadolint-action@v3.1.0
+        name: hadolint for Dockerfile
+        with:
+          dockerfile: docker/Dockerfile
+
+  testing:
+    runs-on: ubuntu-latest
+    container: golang:1.21-alpine
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: setup sshd server
+        run: |
+          apk add git make curl perl bash build-base zlib-dev ucl-dev sudo
+          make ssh-server
+
+      - name: testing
+        run: |
+          make test
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3

.gitignore

@@ -29,3 +29,4 @@ release
 drone-ssh
 .cover
 dist
+bin

.goreleaser.yaml

@@ -0,0 +1,99 @@
+before:
+  hooks:
+    - go mod tidy
+
+builds:
+- env:
+  - CGO_ENABLED=0
+  goos:
+  - darwin
+  - linux
+  - windows
+  - freebsd
+  goarch:
+  - amd64
+  - arm
+  - arm64
+  goarm:
+  - "5"
+  - "6"
+  - "7"
+  ignore:
+    - goos: darwin
+      goarch: arm
+    - goos: darwin
+      goarch: ppc64le
+    - goos: darwin
+      goarch: s390x
+    - goos: windows
+      goarch: ppc64le
+    - goos: windows
+      goarch: s390x
+    - goos: windows
+      goarch: arm
+      goarm: "5"
+    - goos: windows
+      goarch: arm
+      goarm: "6"
+    - goos: windows
+      goarch: arm
+      goarm: "7"
+    - goos: windows
+      goarch: arm64
+    - goos: freebsd
+      goarch: ppc64le
+    - goos: freebsd
+      goarch: s390x
+    - goos: freebsd
+      goarch: arm
+      goarm: "5"
+    - goos: freebsd
+      goarch: arm
+      goarm: "6"
+    - goos: freebsd
+      goarch: arm
+      goarm: "7"
+    - goos: freebsd
+      goarch: arm64
+  flags:
+  - -trimpath
+  ldflags:
+  - -s -w
+  - -X main.Version={{.Version}}
+  binary: >-
+    {{ .ProjectName }}-
+    {{- if .IsSnapshot }}{{ .Branch }}-
+    {{- else }}{{- .Version }}-{{ end }}
+    {{- .Os }}-
+    {{- if eq .Arch "amd64" }}amd64
+    {{- else if eq .Arch "amd64_v1" }}amd64
+    {{- else if eq .Arch "386" }}386
+    {{- else }}{{ .Arch }}{{ end }}
+    {{- if .Arm }}-{{ .Arm }}{{ end }}
+  no_unique_dist_dir: true
+  hooks:
+    post:
+      - cmd: xz -k -9 {{ .Path }}
+        dir: ./dist/
+
+archives:
+  - format: binary
+    name_template: "{{ .Binary }}"
+    allow_different_binary_count: true
+
+checksum:
+  name_template: 'checksums.txt'
+  extra_files:
+      - glob: ./**.xz
+
+snapshot:
+  name_template: "{{ incpatch .Version }}"
+
+release:
+  # You can add extra pre-existing files to the release.
+  # The filename on the release will be the last part of the path (base).
+  # If another file with the same name exists, the last one found will be used.
+  #
+  # Templates: allowed
+  extra_files:
+    - glob: ./**.xz

.hadolint.yaml

@@ -0,0 +1,3 @@
+ignored:
+  - DL3018
+  - DL3008

DOCS.md

@@ -5,14 +5,14 @@ author: appleboy
 tags: [ deploy, publish, ssh ]
 repo: appleboy/drone-ssh
 logo: term.svg
-image: appleboy/drone-ssh
+image: ghcr.io/appleboy/drone-ssh
 ---
 
 Use the SSH plugin to execute commands on a remote server. The below pipeline configuration demonstrates simple usage:
 
 ```yaml
 - name: ssh commands
-  image: appleboy/drone-ssh
+  image: ghcr.io/appleboy/drone-ssh
   settings:
     host: foo.com
     username: root
@@ -27,7 +27,7 @@ Example configuration in your `.drone.yml` file for multiple hosts:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host:
 +       - foo.com
@@ -44,7 +44,7 @@ Example configuration for multiple hosts with different port:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host:
 +       - foo.com:1234
@@ -61,7 +61,7 @@ Example configuration for command timeout, default value is 60 seconds:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host: foo.com
       username: root
@@ -77,7 +77,7 @@ Example configuration for execute commands on a remote server using ｀SSHProxyC
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host: foo.com
       username: root
@@ -96,7 +96,7 @@ Example configuration using password from secrets:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host: foo.com
       username: root
@@ -112,7 +112,7 @@ Example configuration using ssh key from secrets:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host: foo.com
       username: root
@@ -128,27 +128,28 @@ Example configuration for exporting custom secrets:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     environment:
-      commit: ${DRONE_BUILD_NUMBER}
+      # MUST BE in UPPERCASE
+      COMMIT:
+        from_secret: commit
     settings:
       host: foo.com
       username: root
       password: 1234
       port: 22
 +     envs:
-        - aws_access_key_id
+        # can be in lowercase (uppercased in code)
         - commit
       script:
-        - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
-        - echo $commit
+        - echo $COMMIT
 ```
 
 Example configuration for stoping script after first failure:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host: foo.com
       username: root
@@ -164,7 +165,7 @@ Example configuration for passphrase which protecting a private key:
 
 ```diff
   - name: ssh commands
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host: foo.com
       username: root
@@ -177,81 +178,56 @@ Example configuration for passphrase which protecting a private key:
         - echo "you can't see the steps."
 ```
 
+Example configuration for forcing protocol to IPv4 only:
+
+```diff
+  - name: ssh commands
+    image: ghcr.io/appleboy/drone-ssh
+    settings:
+      host: foo.com
+      username: root
+      password: 1234
+      port: 22
++     protocol: tcp4
+      script:
+        - echo hello
+        - echo world
+```
+
+
 ## Secret Reference
 
-ssh_username
-: account for target host user
-
-ssh_password
-: password for target host user
-
-ssh_passphrase
-: The purpose of the passphrase is usually to encrypt the private key.
-
-ssh_key
-: plain text of user private key
-
-proxy_ssh_username
-: account for user of proxy server
-
-proxy_ssh_password
-: password for user of proxy server
-
-proxy_ssh_passphrase
-: The purpose of the passphrase is usually to encrypt the private key.
-
-proxy_ssh_key
-: plain text of user private key for proxy server
+| Key | Description |
+|-----|-------------|
+| `ssh_username` | account for target host user |
+| `ssh_password` | password for target host user | |
+| `ssh_passphrase` | The purpose of the passphrase is usually to encrypt the private key. |
+| `ssh_key` | plain text of user private key |
+| `proxy_ssh_username` | account for user of proxy server |
+| `proxy_ssh_password` | password for user of proxy server |
+| `proxy_ssh_passphrase` | The purpose of the passphrase is usually to encrypt the private key. |
+| `proxy_ssh_key` | plain text of user private key for proxy server |
 
 ## Parameter Reference
 
-host
-: target hostname or IP
-
-port
-: ssh port of target host
-
-username
-: account for target host user
-
-password
-: password for target host user
-
-key
-: plain text of user private key
-
-key_path
-: key path of user private key
-
-envs
-: custom secrets which are made available in the script section
-
-script
-: execute commands on a remote server
-
-script_stop
-: stop script after first failure
-
-timeout
-: Timeout is the maximum amount of time for the ssh connection to establish, default is 30 seconds.
-
-command_timeout
-: Command timeout is the maximum amount of time for the execute commands, default is 10 minutes.
-
-proxy_host
-: proxy hostname or IP
-
-proxy_port
-: ssh port of proxy host
-
-proxy_username
-: account for proxy host user
-
-proxy_password
-: password for proxy host user
-
-proxy_key
-: plain text of proxy private key
-
-proxy_key_path
-: key path of proxy private key
+| Key | Description |
+|-----|-------------|
+| `host` | target hostname or IP |
+| `port` | ssh port of target host |
+| `protocol` | IP protocol to use: either tcp, tcp4 or tcp6 |
+| `username` | account for target host user |
+| `password` | password for target host user |
+| `key` | plain text of user private key |
+| `key_path` | key path of user private key |
+| `envs` | custom secrets which are made available in the script section |
+| `script` | execute commands on a remote server |
+| `script_stop` | stop script after first failure |
+| `timeout` | Timeout is the maximum amount of time for the ssh connection to establish, default is 30 seconds. |
+| `command_timeout` | Command timeout is the maximum amount of time for the execute commands, default is 10 minutes. |
+| `proxy_host` | proxy hostname or IP |
+| `proxy_port` | ssh port of proxy host |
+| `proxy_protocol` | IP protocol to use for the proxy: either tcp, tcp4 or tcp6 |
+| `proxy_username` | account for proxy host user |
+| `proxy_password` | password for proxy host user |
+| `proxy_key` | plain text of proxy private key |
+| `proxy_key_path` | key path of proxy private key |

Makefile

@@ -1,18 +1,19 @@
 DIST := dist
 EXECUTABLE := drone-ssh
-GOFMT ?= gofumpt -l -s
+GOFMT ?= gofumpt -l
 DIST := dist
 DIST_DIRS := $(DIST)/binaries $(DIST)/release
 GO ?= go
 SHASUM ?= shasum -a 256
+GOFILES := $(shell find . -name "*.go" -type f)
 HAS_GO = $(shell hash $(GO) > /dev/null 2>&1 && echo "GO" || echo "NOGO" )
 XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
-XGO_VERSION := go-1.18.x
-GXZ_PAGAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.10
+XGO_VERSION := go-1.19.x
+GXZ_PAGAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11
 
 LINUX_ARCHS ?= linux/amd64,linux/arm64
-DARWIN_ARCHS ?= darwin-12/amd64,darwin-12/arm64
-WINDOWS_ARCHS ?= windows/amd64
+DARWIN_ARCHS ?= darwin-10.12/amd64,darwin-10.12/arm64
+WINDOWS_ARCHS ?= windows/*
 
 ifneq ($(shell uname), Darwin)
 	EXTLDFLAGS = -extldflags "-static" $(null)
@@ -39,24 +40,10 @@ else
 	EXECUTABLE ?= $(EXECUTABLE)
 endif
 
-STORED_VERSION_FILE := VERSION
-
 ifneq ($(DRONE_TAG),)
-	VERSION ?= $(subst v,,$(DRONE_TAG))
-	RELASE_VERSION ?= $(VERSION)
+	VERSION ?= $(DRONE_TAG)
 else
-	ifneq ($(DRONE_BRANCH),)
-		VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
-	else
-		VERSION ?= master
-	endif
-
-	STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null)
-	ifneq ($(STORED_VERSION),)
-		RELASE_VERSION ?= $(STORED_VERSION)
-	else
-		RELASE_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
-	endif
+	VERSION ?= $(shell git describe --tags --always || git rev-parse --short HEAD)
 endif
 
 TAGS ?=
@@ -66,9 +53,9 @@ all: build
 
 fmt:
 	@hash gofumpt > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		$(GO) get -u mvdan.cc/gofumpt; \
+		$(GO) install mvdan.cc/gofumpt; \
 	fi
-	$(GOFMT) -w $(SOURCES)
+	$(GOFMT) -w $(GOFILES)
 
 vet:
 	$(GO) vet ./...
@@ -76,25 +63,25 @@ vet:
 .PHONY: fmt-check
 fmt-check:
 	@hash gofumpt > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		$(GO) get -u mvdan.cc/gofumpt; \
+		$(GO) install mvdan.cc/gofumpt; \
 	fi
-	@diff=$$($(GOFMT) -d $(SOURCES)); \
+	@diff=$$($(GOFMT) -d $(GOFILES)); \
 	if [ -n "$$diff" ]; then \
 		echo "Please run 'make fmt' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
 	fi;
 
-test: fmt-check
+test:
 	@$(GO) test -v -cover -coverprofile coverage.txt ./... && echo "\n==>\033[32m Ok\033[m\n" || exit 1
 
-install: $(SOURCES)
+install: $(GOFILES)
 	$(GO) install -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)'
 
 build: $(EXECUTABLE)
 
-$(EXECUTABLE): $(SOURCES)
-	$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
+$(EXECUTABLE): $(GOFILES)
+	$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o bin/$@
 
 build_linux_amd64:
 	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/amd64/$(DEPLOY_IMAGE)
@@ -117,10 +104,21 @@ ssh-server:
 	cat tests/.ssh/test.pub >> /home/drone-scp/.ssh/authorized_keys
 	chmod 600 /home/drone-scp/.ssh/authorized_keys
 	chown -R drone-scp /home/drone-scp/.ssh
+	# add public key to root user
+	mkdir -p /root/.ssh
+	chmod 700 /root/.ssh
+	cat tests/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
+	cat tests/.ssh/test.pub >> /root/.ssh/authorized_keys
+	chmod 600 /root/.ssh/authorized_keys
+	# Append the following entry to run ALL command without a password for a user named drone-scp:
+	cat tests/sudoers >> /etc/sudoers.d/sudoers
+	# install ssh and start server
 	apk add --update openssh openrc
 	rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
 	sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
 	sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
+	sed -i 's/^#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/g' /etc/ssh/sshd_config
+	sed -i 's/^#ListenAddress ::/ListenAddress ::/g' /etc/ssh/sshd_config
 	./tests/entrypoint.sh /usr/sbin/sshd -D &
 
 coverage:
@@ -133,7 +131,7 @@ deps-backend:
 	$(GO) install $(XGO_PACKAGE)
 
 .PHONY: release
-release: release-linux release-copy release-compress release-check
+release: release-linux release-darwin release-windows release-copy release-compress release-check
 
 $(DIST_DIRS):
 	mkdir -p $(DIST_DIRS)

README.md

@@ -4,11 +4,10 @@
 
 [![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
 [![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
-[![Build Status](https://cloud.drone.io/api/badges/appleboy/drone-ssh/status.svg)](https://cloud.drone.io/appleboy/drone-ssh)
+[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/lint.yml/badge.svg)](https://github.com/appleboy/drone-ssh/actions/workflows/lint.yml)
 [![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
 [![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
 [![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
-[![micro badger](https://images.microbadger.com/badges/image/appleboy/drone-ssh.svg)](https://microbadger.com/images/appleboy/drone-ssh "Get your own image badge on microbadger.com")
 
 Drone plugin to execute commands on a remote host through SSH. For the usage
 information and a listing of the available options please take a look at [the docs](http://plugins.drone.io/appleboy/drone-ssh/).
@@ -24,7 +23,7 @@ information and a listing of the available options please take a look at [the do
 ```diff
 pipeline:
   scp:
-    image: appleboy/drone-scp
+    image: ghcr.io/appleboy/drone-ssh
     settings:
       host:
         - example1.com
@@ -50,7 +49,7 @@ The pre-compiled binaries can be downloaded from [release page](https://github.c
 With `Go` installed
 
 ```sh
-go get -u -v github.com/appleboy/drone-ssh
+go install github.com/appleboy/drone-ssh@latest
 ```
 
 or build the binary with the following command:
@@ -86,7 +85,7 @@ docker run --rm \
   -e PLUGIN_SCRIPT=whoami \
   -v $(pwd):$(pwd) \
   -w $(pwd) \
-  appleboy/drone-ssh
+  ghcr.io/appleboy/drone-ssh
 ```
 
 ## Mount key from file path
@@ -100,7 +99,7 @@ Mount private key in `volumes` setting of `.drone.yml` config
 ```diff
 pipeline:
   ssh:
-    image: appleboy/drone-ssh
+    image: ghcr.io/appleboy/drone-ssh
     host: xxxxx.com
     username: deploy
 +   volumes:
@@ -111,3 +110,15 @@ pipeline:
 ```
 
 See the detail of [issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928).
+
+## Configuration
+
+See [DOCS.md](./DOCS.md) for examples and full configuration options
+
+Configuration options are loaded from multiple sources:
+
+0. Hardcoded drone-ssh defaults.  See [main.go CLI Flags](https://github.com/appleboy/drone-ssh/blob/6d9d6acc6aef1f9166118c6ba8bd214d3a582bdb/main.go#L39) for more information.
+1. From a dotenv file at a path specified by the `PLUGIN_ENV_FILE` environment variable.
+2. From your `.drone.yml` Drone configuration.
+
+Later sources override previous sources, i.e. if `PORT` is set in an `.env` file committed in the repository or created by previous test steps, it will override the default set `main.go`.

docker/Dockerfile

@@ -0,0 +1,37 @@
+FROM alpine:3.17
+
+ARG TARGETOS
+ARG TARGETARCH
+
+LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
+  org.label-schema.name="SSH Plugin" \
+  org.label-schema.vendor="Bo-Yi Wu" \
+  org.label-schema.schema-version="1.0"
+
+LABEL org.opencontainers.image.source=https://github.com/appleboy/drone-ssh
+LABEL org.opencontainers.image.description="Execute commands on a remote host through SSH"
+LABEL org.opencontainers.image.licenses=MIT
+
+RUN apk add --no-cache ca-certificates && \
+  rm -rf /var/cache/apk/*
+
+RUN addgroup \
+  -S -g 1000 \
+  deploy && \
+  adduser \
+  -S -H -D \
+  -h /home/deploy \
+  -s /bin/sh \
+  -u 1000 \
+  -G deploy \
+  deploy
+
+RUN mkdir -p /home/deploy && \
+  chown deploy:deploy /home/deploy
+
+# deploy:deploy
+USER 1000:1000
+
+COPY release/${TARGETOS}/${TARGETARCH}/drone-ssh /bin/
+
+ENTRYPOINT ["/bin/drone-ssh"]

docker/Dockerfile.linux.amd64

@@ -1,12 +0,0 @@
-FROM plugins/base:linux-amd64
-
-LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
-  org.label-schema.name="Drone SSH" \
-  org.label-schema.vendor="Bo-Yi Wu" \
-  org.label-schema.schema-version="1.0"
-
-RUN apk add --no-cache ca-certificates && \
-  rm -rf /var/cache/apk/*
-
-ADD release/linux/amd64/drone-ssh /bin/
-ENTRYPOINT ["/bin/drone-ssh"]

docker/Dockerfile.linux.arm

@@ -1,12 +0,0 @@
-FROM plugins/base:linux-arm
-
-LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
-  org.label-schema.name="Drone SSH" \
-  org.label-schema.vendor="Bo-Yi Wu" \
-  org.label-schema.schema-version="1.0"
-
-RUN apk add --no-cache ca-certificates && \
-  rm -rf /var/cache/apk/*
-
-ADD release/linux/arm/drone-ssh /bin/
-ENTRYPOINT ["/bin/drone-ssh"]

docker/Dockerfile.linux.arm64

@@ -1,12 +0,0 @@
-FROM plugins/base:linux-arm64
-
-LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
-  org.label-schema.name="Drone SSH" \
-  org.label-schema.vendor="Bo-Yi Wu" \
-  org.label-schema.schema-version="1.0"
-
-RUN apk add --no-cache ca-certificates && \
-  rm -rf /var/cache/apk/*
-
-ADD release/linux/arm64/drone-ssh /bin/
-ENTRYPOINT ["/bin/drone-ssh"]

docker/Dockerfile.windows.amd64

@@ -1,9 +0,0 @@
-FROM microsoft/nanoserver:10.0.14393.1884
-
-LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
-  org.label-schema.name="Drone SSH" \
-  org.label-schema.vendor="Bo-Yi Wu" \
-  org.label-schema.schema-version="1.0"
-
-ADD drone-ssh.exe /drone-ssh.exe
-ENTRYPOINT [ "\\drone-ssh.exe" ]

docker/manifest.tmpl

@@ -1,25 +0,0 @@
-image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
-      os: linux
-      variant: v8
-  -
-    image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7

go.mod

@@ -3,20 +3,21 @@ module github.com/appleboy/drone-ssh
 go 1.18
 
 require (
-	github.com/appleboy/easyssh-proxy v1.3.9
-	github.com/joho/godotenv v1.4.0
-	github.com/stretchr/testify v1.8.1
-	github.com/urfave/cli v1.22.10
-	golang.org/x/crypto v0.3.0
+	github.com/appleboy/easyssh-proxy v1.5.0
+	github.com/joho/godotenv v1.5.1
+	github.com/stretchr/testify v1.8.4
+	github.com/urfave/cli/v2 v2.27.1
+	golang.org/x/crypto v0.18.0
 )
 
 require (
 	github.com/ScaleFT/sshkeys v1.2.0 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	golang.org/x/sys v0.3.0 // indirect
+	github.com/xrash/smetrics v0.0.0-20231213231151-1d8dd44e695e // indirect
+	golang.org/x/sys v0.16.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,54 +1,42 @@
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o=
 github.com/ScaleFT/sshkeys v1.2.0 h1:5BRp6rTVIhJzXT3VcUQrKgXR8zWA3sOsNeuyW15WUA8=
 github.com/ScaleFT/sshkeys v1.2.0/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o=
-github.com/appleboy/easyssh-proxy v1.3.9 h1:b+sVSTz+cVFvfA23HQywMMpm0s5g3gH7jYdBcQqaCQI=
-github.com/appleboy/easyssh-proxy v1.3.9/go.mod h1:G1eQomBEME7NWKA3hE49s5HsT44S5fn0aBxX7k9Yjug=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
-github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/appleboy/easyssh-proxy v1.5.0 h1:OYdSPvYQN3mhnsMH5I2OF1TgwSEcSq33kvjQfTwvZww=
+github.com/appleboy/easyssh-proxy v1.5.0/go.mod h1:zcEMrStH91/tcUn3gUGP0KpQwUYLm8tX/Ook1AH98uc=
+github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM=
+github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
-github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
-github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
+github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
-github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/urfave/cli v1.22.10 h1:p8Fspmz3iTctJstry1PYS3HVdllxnEzTEsgIgtxTrCk=
-github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/urfave/cli/v2 v2.27.1 h1:8xSQ6szndafKVRmfyeUMxkNUJQMjL1F2zmsZ+qHpfho=
+github.com/urfave/cli/v2 v2.27.1/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ=
+github.com/xrash/smetrics v0.0.0-20231213231151-1d8dd44e695e h1:+SOyEddqYF09QP7vr7CgJ1eti3pY9Fn3LHO1M1r/0sI=
+github.com/xrash/smetrics v0.0.0-20231213231151-1d8dd44e695e/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
-golang.org/x/crypto v0.3.0 h1:a06MkbcxBrEFc0w0QIZWXrH/9cCX6KJyWbBOIwAn+7A=
-golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
+golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
-golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
-golang.org/x/term v0.2.0 h1:z85xZCsEl7bi/KwbNADeBYoOP0++7W1ipu+aGnpwzRM=
+golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -3,11 +3,12 @@ package main
 import (
 	"log"
 	"os"
+	"strconv"
 	"time"
 
 	"github.com/appleboy/easyssh-proxy"
 	"github.com/joho/godotenv"
-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v2"
 )
 
 // Version set at compile-time
@@ -26,8 +27,8 @@ func main() {
 	app := cli.NewApp()
 	app.Name = "Drone SSH"
 	app.Usage = "Executing remote ssh commands"
-	app.Copyright = "Copyright (c) 2019 Bo-Yi Wu"
-	app.Authors = []cli.Author{
+	app.Copyright = "Copyright (c) " + strconv.Itoa(time.Now().Year()) + " Bo-Yi Wu"
+	app.Authors = []*cli.Author{
 		{
 			Name:  "Bo-Yi Wu",
 			Email: "appleboy.tw@gmail.com",
@@ -36,157 +37,192 @@ func main() {
 	app.Action = run
 	app.Version = Version
 	app.Flags = []cli.Flag{
-		cli.StringFlag{
-			Name:   "ssh-key",
-			Usage:  "private ssh key",
-			EnvVar: "PLUGIN_SSH_KEY,PLUGIN_KEY,SSH_KEY,KEY,INPUT_KEY",
+		&cli.StringSliceFlag{
+			Name:    "host",
+			Aliases: []string{"H"},
+			Usage:   "connect to host",
+			EnvVars: []string{"PLUGIN_HOST", "SSH_HOST", "INPUT_HOST"},
 		},
-		cli.StringFlag{
-			Name:   "ssh-passphrase",
-			Usage:  "The purpose of the passphrase is usually to encrypt the private key.",
-			EnvVar: "PLUGIN_SSH_PASSPHRASE,PLUGIN_PASSPHRASE,SSH_PASSPHRASE,PASSPHRASE,INPUT_PASSPHRASE",
+		&cli.IntFlag{
+			Name:    "port",
+			Aliases: []string{"p"},
+			Usage:   "connect to port",
+			EnvVars: []string{"PLUGIN_PORT", "SSH_PORT", "INPUT_PORT"},
+			Value:   22,
 		},
-		cli.StringFlag{
-			Name:   "key-path,i",
-			Usage:  "ssh private key path",
-			EnvVar: "PLUGIN_KEY_PATH,SSH_KEY_PATH,INPUT_KEY_PATH",
+		&cli.StringFlag{
+			Name:    "protocol",
+			Usage:   "The IP protocol to use. Valid values are \"tcp\". \"tcp4\" or \"tcp6\". Default to tcp.",
+			EnvVars: []string{"PLUGIN_PROTOCOL", "SSH_PROTOCOL", "INPUT_PROTOCOL"},
+			Value:   "tcp",
 		},
-		cli.StringFlag{
-			Name:   "username,user,u",
-			Usage:  "connect as user",
-			EnvVar: "PLUGIN_USERNAME,PLUGIN_USER,SSH_USERNAME,USERNAME,INPUT_USERNAME",
-			Value:  "root",
+		&cli.StringFlag{
+			Name:    "username",
+			Aliases: []string{"user", "u"},
+			Usage:   "connect as user",
+			EnvVars: []string{"PLUGIN_USERNAME", "PLUGIN_USER", "SSH_USERNAME", "INPUT_USERNAME"},
+			Value:   "root",
 		},
-		cli.StringFlag{
-			Name:   "password,P",
-			Usage:  "user password",
-			EnvVar: "PLUGIN_PASSWORD,SSH_PASSWORD,PASSWORD,INPUT_PASSWORD",
+		&cli.StringFlag{
+			Name:    "password",
+			Aliases: []string{"P"},
+			Usage:   "user password",
+			EnvVars: []string{"PLUGIN_PASSWORD", "SSH_PASSWORD", "INPUT_PASSWORD"},
 		},
-		cli.StringSliceFlag{
-			Name:   "ciphers",
-			Usage:  "The allowed cipher algorithms. If unspecified then a sensible",
-			EnvVar: "PLUGIN_CIPHERS,SSH_CIPHERS,CIPHERS,INPUT_CIPHERS",
+		&cli.DurationFlag{
+			Name:    "timeout",
+			Aliases: []string{"t"},
+			Usage:   "connection timeout",
+			EnvVars: []string{"PLUGIN_TIMEOUT", "SSH_TIMEOUT", "INPUT_TIMEOUT"},
+			Value:   30 * time.Second,
 		},
-		cli.BoolFlag{
-			Name:   "useInsecureCipher",
-			Usage:  "include more ciphers with use_insecure_cipher",
-			EnvVar: "PLUGIN_USE_INSECURE_CIPHER,SSH_USE_INSECURE_CIPHER,USE_INSECURE_CIPHER,INPUT_USE_INSECURE_CIPHER",
+		&cli.StringFlag{
+			Name:    "ssh-key",
+			Usage:   "private ssh key",
+			EnvVars: []string{"PLUGIN_SSH_KEY", "PLUGIN_KEY", "SSH_KEY", "INPUT_KEY"},
 		},
-		cli.StringFlag{
-			Name:   "fingerprint",
-			Usage:  "fingerprint SHA256 of the host public key, default is to skip verification",
-			EnvVar: "PLUGIN_FINGERPRINT,SSH_FINGERPRINT,FINGERPRINT,INPUT_FINGERPRINT",
+		&cli.StringFlag{
+			Name:    "ssh-passphrase",
+			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
+			EnvVars: []string{"PLUGIN_SSH_PASSPHRASE", "PLUGIN_PASSPHRASE", "SSH_PASSPHRASE", "INPUT_PASSPHRASE"},
 		},
-		cli.StringSliceFlag{
-			Name:     "host,H",
-			Usage:    "connect to host",
-			EnvVar:   "PLUGIN_HOST,SSH_HOST,HOST,INPUT_HOST",
-			FilePath: ".host",
+		&cli.StringFlag{
+			Name:    "key-path",
+			Aliases: []string{"i"},
+			Usage:   "ssh private key path",
+			EnvVars: []string{"PLUGIN_KEY_PATH", "SSH_KEY_PATH", "INPUT_KEY_PATH"},
 		},
-		cli.IntFlag{
-			Name:   "port,p",
-			Usage:  "connect to port",
-			EnvVar: "PLUGIN_PORT,SSH_PORT,PORT,INPUT_PORT",
-			Value:  22,
+		&cli.StringSliceFlag{
+			Name:    "ciphers",
+			Usage:   "The allowed cipher algorithms. If unspecified then a sensible",
+			EnvVars: []string{"PLUGIN_CIPHERS", "SSH_CIPHERS", "INPUT_CIPHERS"},
 		},
-		cli.BoolFlag{
-			Name:   "sync",
-			Usage:  "sync mode",
-			EnvVar: "PLUGIN_SYNC,SYNC,INPUT_SYNC",
+		&cli.BoolFlag{
+			Name:    "useInsecureCipher",
+			Usage:   "include more ciphers with use_insecure_cipher",
+			EnvVars: []string{"PLUGIN_USE_INSECURE_CIPHER", "SSH_USE_INSECURE_CIPHER", "INPUT_USE_INSECURE_CIPHER"},
 		},
-		cli.DurationFlag{
-			Name:   "timeout,t",
-			Usage:  "connection timeout",
-			EnvVar: "PLUGIN_TIMEOUT,SSH_TIMEOUT,TIMEOUT,INPUT_TIMEOUT",
-			Value:  30 * time.Second,
+		&cli.StringFlag{
+			Name:    "fingerprint",
+			Usage:   "fingerprint SHA256 of the host public key, default is to skip verification",
+			EnvVars: []string{"PLUGIN_FINGERPRINT", "SSH_FINGERPRINT", "INPUT_FINGERPRINT"},
 		},
-		cli.DurationFlag{
-			Name:   "command.timeout,T",
-			Usage:  "command timeout",
-			EnvVar: "PLUGIN_COMMAND_TIMEOUT,SSH_COMMAND_TIMEOUT,COMMAND_TIMEOUT,INPUT_COMMAND_TIMEOUT",
-			Value:  10 * time.Minute,
+		&cli.BoolFlag{
+			Name:    "sync",
+			Usage:   "sync mode",
+			EnvVars: []string{"PLUGIN_SYNC", "INPUT_SYNC"},
 		},
-		cli.StringSliceFlag{
-			Name:   "script,s",
-			Usage:  "execute commands",
-			EnvVar: "PLUGIN_SCRIPT,SSH_SCRIPT,SCRIPT",
+		&cli.DurationFlag{
+			Name:    "command.timeout",
+			Aliases: []string{"T"},
+			Usage:   "command timeout",
+			EnvVars: []string{"PLUGIN_COMMAND_TIMEOUT", "SSH_COMMAND_TIMEOUT", "INPUT_COMMAND_TIMEOUT"},
+			Value:   10 * time.Minute,
 		},
-		cli.StringFlag{
-			Name:   "script.string",
-			Usage:  "execute single commands for github action",
-			EnvVar: "INPUT_SCRIPT",
+		&cli.StringSliceFlag{
+			Name:    "script",
+			Aliases: []string{"s"},
+			Usage:   "execute commands",
+			EnvVars: []string{"PLUGIN_SCRIPT", "SSH_SCRIPT"},
 		},
-		cli.BoolFlag{
-			Name:   "script.stop",
-			Usage:  "stop script after first failure",
-			EnvVar: "PLUGIN_SCRIPT_STOP,STOP,INPUT_SCRIPT_STOP",
+		&cli.StringFlag{
+			Name:    "script.string",
+			Usage:   "execute single commands for github action",
+			EnvVars: []string{"INPUT_SCRIPT"},
 		},
-		cli.StringFlag{
-			Name:   "proxy.ssh-key",
-			Usage:  "private ssh key of proxy",
-			EnvVar: "PLUGIN_PROXY_SSH_KEY,PLUGIN_PROXY_KEY,PROXY_SSH_KEY,INPUT_PROXY_KEY",
+		&cli.BoolFlag{
+			Name:    "script.stop",
+			Usage:   "stop script after first failure",
+			EnvVars: []string{"PLUGIN_SCRIPT_STOP", "INPUT_SCRIPT_STOP"},
 		},
-		cli.StringFlag{
-			Name:   "proxy.ssh-passphrase",
-			Usage:  "The purpose of the passphrase is usually to encrypt the private key.",
-			EnvVar: "PLUGIN_PROXY_SSH_PASSPHRASE,PLUGIN_PROXY_PASSPHRASE,PROXY_SSH_PASSPHRASE,PROXY_PASSPHRASE,INPUT_PROXY_PASSPHRASE",
+		&cli.StringFlag{
+			Name:    "proxy.host",
+			Usage:   "connect to host of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_HOST", "PROXY_SSH_HOST", "INPUT_PROXY_HOST"},
 		},
-		cli.StringFlag{
-			Name:   "proxy.key-path",
-			Usage:  "ssh private key path of proxy",
-			EnvVar: "PLUGIN_PROXY_KEY_PATH,PROXY_SSH_KEY_PATH,INPUT_PROXY_KEY_PATH",
+		&cli.StringFlag{
+			Name:    "proxy.port",
+			Usage:   "connect to port of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_PORT", "PROXY_SSH_PORT", "INPUT_PROXY_PORT"},
+			Value:   "22",
 		},
-		cli.StringFlag{
-			Name:   "proxy.username",
-			Usage:  "connect as user of proxy",
-			EnvVar: "PLUGIN_PROXY_USERNAME,PLUGIN_PROXY_USER,PROXY_SSH_USERNAME,INPUT_PROXY_USERNAME",
-			Value:  "root",
+		&cli.StringFlag{
+			Name:    "proxy.protocol",
+			Usage:   "The IP protocol to use for the proxy. Valid values are \"tcp\". \"tcp4\" or \"tcp6\". Default to tcp.",
+			EnvVars: []string{"PLUGIN_PROXY_PROTOCOL", "SSH_PROXY_PROTOCOL", "INPUT_PROXY_PROTOCOL"},
+			Value:   "tcp",
 		},
-		cli.StringFlag{
-			Name:   "proxy.password",
-			Usage:  "user password of proxy",
-			EnvVar: "PLUGIN_PROXY_PASSWORD,PROXY_SSH_PASSWORD,INPUT_PROXY_PASSWORD",
+		&cli.StringFlag{
+			Name:    "proxy.username",
+			Usage:   "connect as user of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_USERNAME", "PLUGIN_PROXY_USER", "PROXY_SSH_USERNAME", "INPUT_PROXY_USERNAME"},
+			Value:   "root",
 		},
-		cli.StringFlag{
-			Name:   "proxy.host",
-			Usage:  "connect to host of proxy",
-			EnvVar: "PLUGIN_PROXY_HOST,PROXY_SSH_HOST,INPUT_PROXY_HOST",
+		&cli.StringFlag{
+			Name:    "proxy.password",
+			Usage:   "user password of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_PASSWORD", "PROXY_SSH_PASSWORD", "INPUT_PROXY_PASSWORD"},
 		},
-		cli.StringFlag{
-			Name:   "proxy.port",
-			Usage:  "connect to port of proxy",
-			EnvVar: "PLUGIN_PROXY_PORT,PROXY_SSH_PORT,INPUT_PROXY_PORT",
-			Value:  "22",
+		&cli.StringFlag{
+			Name:    "proxy.ssh-key",
+			Usage:   "private ssh key of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_SSH_KEY", "PLUGIN_PROXY_KEY", "PROXY_SSH_KEY", "INPUT_PROXY_KEY"},
 		},
-		cli.DurationFlag{
-			Name:   "proxy.timeout",
-			Usage:  "proxy connection timeout",
-			EnvVar: "PLUGIN_PROXY_TIMEOUT,PROXY_SSH_TIMEOUT,INPUT_PROXY_TIMEOUT",
+		&cli.StringFlag{
+			Name:    "proxy.ssh-passphrase",
+			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
+			EnvVars: []string{"PLUGIN_PROXY_SSH_PASSPHRASE", "PLUGIN_PROXY_PASSPHRASE", "PROXY_SSH_PASSPHRASE", "INPUT_PROXY_PASSPHRASE"},
 		},
-		cli.StringSliceFlag{
-			Name:   "proxy.ciphers",
-			Usage:  "The allowed cipher algorithms. If unspecified then a sensible",
-			EnvVar: "PLUGIN_PROXY_CIPHERS,SSH_PROXY_CIPHERS,PROXY_CIPHERS,INPUT_PROXY_CIPHERS",
+		&cli.StringFlag{
+			Name:    "proxy.key-path",
+			Usage:   "ssh private key path of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_KEY_PATH", "PROXY_SSH_KEY_PATH", "INPUT_PROXY_KEY_PATH"},
 		},
-		cli.BoolFlag{
-			Name:   "proxy.useInsecureCipher",
-			Usage:  "include more ciphers with use_insecure_cipher",
-			EnvVar: "PLUGIN_PROXY_USE_INSECURE_CIPHER,SSH_PROXY_USE_INSECURE_CIPHER,PROXY_USE_INSECURE_CIPHER,INPUT_PROXY_USE_INSECURE_CIPHER",
+		&cli.DurationFlag{
+			Name:    "proxy.timeout",
+			Usage:   "proxy connection timeout",
+			EnvVars: []string{"PLUGIN_PROXY_TIMEOUT", "PROXY_SSH_TIMEOUT", "INPUT_PROXY_TIMEOUT"},
 		},
-		cli.StringFlag{
-			Name:   "proxy.fingerprint",
-			Usage:  "fingerprint SHA256 of the host public key, default is to skip verification",
-			EnvVar: "PLUGIN_PROXY_FINGERPRINT,SSH_PROXY_FINGERPRINT,PROXY_FINGERPRINT,INPUT_PROXY_FINGERPRINT",
+		&cli.StringSliceFlag{
+			Name:    "proxy.ciphers",
+			Usage:   "The allowed cipher algorithms. If unspecified then a sensible",
+			EnvVars: []string{"PLUGIN_PROXY_CIPHERS", "PROXY_SSH_CIPHERS", "INPUT_PROXY_CIPHERS"},
 		},
-		cli.StringSliceFlag{
-			Name:   "envs",
-			Usage:  "pass environment variable to shell script",
-			EnvVar: "PLUGIN_ENVS,INPUT_ENVS",
+		&cli.BoolFlag{
+			Name:    "proxy.useInsecureCipher",
+			Usage:   "include more ciphers with use_insecure_cipher",
+			EnvVars: []string{"PLUGIN_PROXY_USE_INSECURE_CIPHER", "PROXY_SSH_USE_INSECURE_CIPHER", "INPUT_PROXY_USE_INSECURE_CIPHER"},
 		},
-		cli.BoolFlag{
-			Name:   "debug",
-			Usage:  "debug mode",
-			EnvVar: "PLUGIN_DEBUG,DEBUG,INPUT_DEBUG",
+		&cli.StringFlag{
+			Name:    "proxy.fingerprint",
+			Usage:   "fingerprint SHA256 of the host public key, default is to skip verification",
+			EnvVars: []string{"PLUGIN_PROXY_FINGERPRINT", "PROXY_SSH_FINGERPRINT", "PROXY_FINGERPRINT", "INPUT_PROXY_FINGERPRINT"},
+		},
+		&cli.StringSliceFlag{
+			Name:    "envs",
+			Usage:   "pass environment variable to shell script",
+			EnvVars: []string{"PLUGIN_ENVS", "INPUT_ENVS"},
+		},
+		&cli.BoolFlag{
+			Name:    "debug",
+			Usage:   "debug mode",
+			EnvVars: []string{"PLUGIN_DEBUG", "INPUT_DEBUG"},
+		},
+		&cli.StringFlag{
+			Name:    "envs.format",
+			Usage:   "flexible configuration of environment value transfer",
+			EnvVars: []string{"PLUGIN_ENVS_FORMAT", "INPUT_ENVS_FORMAT"},
+			Value:   envsFormat,
+		},
+		&cli.BoolFlag{
+			Name:    "allenvs",
+			Usage:   "pass all environment variable to shell script",
+			EnvVars: []string{"PLUGIN_ALLENVS", "INPUT_ALLENVS"},
+		},
+		&cli.BoolFlag{
+			Name:    "request-pty",
+			Usage:   "request a pseudo-terminal from the server",
+			EnvVars: []string{"PLUGIN_REQUEST_PTY", "INPUT_REQUEST_PTY"},
 		},
 	}
 
@@ -233,6 +269,7 @@ func run(c *cli.Context) error {
 	if s := c.String("script.string"); s != "" {
 		scripts = append(scripts, s)
 	}
+
 	plugin := Plugin{
 		Config: Config{
 			Key:               c.String("ssh-key"),
@@ -243,15 +280,19 @@ func run(c *cli.Context) error {
 			Fingerprint:       c.String("fingerprint"),
 			Host:              c.StringSlice("host"),
 			Port:              c.Int("port"),
+			Protocol:          easyssh.Protocol(c.String("protocol")),
 			Timeout:           c.Duration("timeout"),
 			CommandTimeout:    c.Duration("command.timeout"),
 			Script:            scripts,
 			ScriptStop:        c.Bool("script.stop"),
 			Envs:              c.StringSlice("envs"),
+			EnvsFormat:        c.String("envs.format"),
 			Debug:             c.Bool("debug"),
 			Sync:              c.Bool("sync"),
 			Ciphers:           c.StringSlice("ciphers"),
 			UseInsecureCipher: c.Bool("useInsecureCipher"),
+			AllEnvs:           c.Bool("allenvs"),
+			RequireTty:        c.Bool("request-pty"),
 			Proxy: easyssh.DefaultConfig{
 				Key:               c.String("proxy.ssh-key"),
 				KeyPath:           c.String("proxy.key-path"),
@@ -261,6 +302,7 @@ func run(c *cli.Context) error {
 				Fingerprint:       c.String("proxy.fingerprint"),
 				Server:            c.String("proxy.host"),
 				Port:              c.String("proxy.port"),
+				Protocol:          easyssh.Protocol(c.String("proxy.protocol")),
 				Timeout:           c.Duration("proxy.timeout"),
 				Ciphers:           c.StringSlice("proxy.ciphers"),
 				UseInsecureCipher: c.Bool("proxy.useInsecureCipher"),

pipeline.libsonnet

@@ -1,229 +0,0 @@
-{
-  test:: {
-    kind: 'pipeline',
-    name: 'testing',
-    platform: {
-      os: 'linux',
-      arch: 'amd64',
-    },
-    steps: [
-      {
-        name: 'vet',
-        image: 'golang:1.19',
-        pull: 'always',
-        commands: [
-          'make vet',
-        ],
-        volumes: [
-          {
-            name: 'gopath',
-            path: '/go',
-          },
-        ],
-      },
-      // {
-      //   name: 'test',
-      //   image: 'golang:1.19-alpine',
-      //   pull: 'always',
-      //   commands: [
-      //     'apk add git make curl perl bash build-base zlib-dev ucl-dev',
-      //     'make ssh-server',
-      //     'make test',
-      //     'make coverage',
-      //   ],
-      //   volumes: [
-      //     {
-      //       name: 'gopath',
-      //       path: '/go',
-      //     },
-      //   ],
-      // },
-      {
-        name: 'codecov',
-        image: 'robertstettner/drone-codecov',
-        pull: 'always',
-        settings: {
-          token: { 'from_secret': 'codecov_token' },
-        },
-      },
-    ],
-    volumes: [
-      {
-        name: 'gopath',
-        temp: {},
-      },
-    ],
-  },
-
-  build(name, os='linux', arch='amd64'):: {
-    kind: 'pipeline',
-    name: os + '-' + arch,
-    platform: {
-      os: os,
-      arch: arch,
-    },
-    steps: [
-      {
-        name: 'build-push',
-        image: 'golang:1.19',
-        pull: 'always',
-        environment: {
-          CGO_ENABLED: '0',
-        },
-        commands: [
-          'go build -v -ldflags \'-X main.build=${DRONE_BUILD_NUMBER}\' -a -o release/' + os + '/' + arch + '/' + name,
-        ],
-        when: {
-          event: {
-            exclude: [ 'tag' ],
-          },
-        },
-      },
-      {
-        name: 'build-tag',
-        image: 'golang:1.19',
-        pull: 'always',
-        environment: {
-          CGO_ENABLED: '0',
-        },
-        commands: [
-          'go build -v -ldflags \'-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}\' -a -o release/' + os + '/' + arch + '/' + name,
-        ],
-        when: {
-          event: [ 'tag' ],
-        },
-      },
-      {
-        name: 'executable',
-        image: 'golang:1.19',
-        pull: 'always',
-        commands: [
-          './release/' + os + '/' + arch + '/' + name + ' --help',
-        ],
-      },
-      {
-        name: 'dryrun',
-        image: 'plugins/docker:' + os + '-' + arch,
-        pull: 'always',
-        settings: {
-          daemon_off: false,
-          dry_run: true,
-          tags: os + '-' + arch,
-          dockerfile: 'docker/Dockerfile.' + os + '.' + arch,
-          repo: 'appleboy/' + name,
-          cache_from: 'appleboy/' + name,
-        },
-        when: {
-          event: [ 'pull_request' ],
-        },
-      },
-      {
-        name: 'publish',
-        image: 'plugins/docker:' + os + '-' + arch,
-        pull: 'always',
-        settings: {
-          daemon_off: 'false',
-          auto_tag: true,
-          auto_tag_suffix: os + '-' + arch,
-          dockerfile: 'docker/Dockerfile.' + os + '.' + arch,
-          repo: 'appleboy/' + name,
-          cache_from: 'appleboy/' + name,
-          username: { 'from_secret': 'docker_username' },
-          password: { 'from_secret': 'docker_password' },
-        },
-        when: {
-          event: {
-            exclude: [ 'pull_request' ],
-          },
-        },
-      },
-    ],
-    depends_on: [
-      'testing',
-    ],
-    trigger: {
-      ref: [
-        'refs/heads/master',
-        'refs/pull/**',
-        'refs/tags/**',
-      ],
-    },
-  },
-
-  release:: {
-    kind: 'pipeline',
-    name: 'release-binary',
-    platform: {
-      os: 'linux',
-      arch: 'amd64',
-    },
-    steps: [
-      {
-        name: 'build-all-binary',
-        image: 'techknowlogick/xgo:go-1.19.x',
-        pull: 'always',
-        commands: [
-          'export PATH=$PATH:$GOPATH/bin',
-          'make release'
-        ],
-        when: {
-          event: [ 'tag' ],
-        },
-      },
-      {
-        name: 'deploy-all-binary',
-        image: 'plugins/github-release',
-        pull: 'always',
-        settings: {
-          files: [ 'dist/release/*' ],
-          api_key: { 'from_secret': 'github_release_api_key' },
-        },
-        when: {
-          event: [ 'tag' ],
-        },
-      },
-    ],
-    depends_on: [
-      'testing',
-    ],
-    trigger: {
-      ref: [
-        'refs/tags/**',
-      ],
-    },
-  },
-
-  notifications(os='linux', arch='amd64', depends_on=[]):: {
-    kind: 'pipeline',
-    name: 'notifications',
-    platform: {
-      os: os,
-      arch: arch,
-    },
-    steps: [
-      {
-        name: 'manifest',
-        image: 'plugins/manifest',
-        pull: 'always',
-        settings: {
-          username: { from_secret: 'docker_username' },
-          password: { from_secret: 'docker_password' },
-          spec: 'docker/manifest.tmpl',
-          ignore_missing: true,
-        },
-      },
-    ],
-    depends_on: depends_on,
-    trigger: {
-      ref: [
-        'refs/heads/master',
-        'refs/tags/**',
-      ],
-    },
-  },
-
-  signature(key):: {
-    kind: 'signature',
-    hmac: key,
-  }
-}

plugin.go

@@ -17,7 +17,7 @@ var (
 	errMissingHost          = errors.New("Error: missing server host")
 	errMissingPasswordOrKey = errors.New("Error: can't connect without a private SSH key or password")
 	errCommandTimeOut       = errors.New("Error: command timeout")
-	errSetPasswordandKey    = errors.New("can't set password and key at the same time")
+	envsFormat              = "export {NAME}={VALUE}"
 )
 
 type (
@@ -30,6 +30,7 @@ type (
 		Password          string
 		Host              []string
 		Port              int
+		Protocol          easyssh.Protocol
 		Fingerprint       string
 		Timeout           time.Duration
 		CommandTimeout    time.Duration
@@ -41,6 +42,9 @@ type (
 		Sync              bool
 		Ciphers           []string
 		UseInsecureCipher bool
+		EnvsFormat        string
+		AllEnvs           bool
+		RequireTty        bool
 	}
 
 	// Plugin structure
@@ -57,7 +61,9 @@ func escapeArg(arg string) string {
 func (p Plugin) hostPort(host string) (string, string) {
 	hosts := strings.Split(host, ":")
 	port := strconv.Itoa(p.Config.Port)
-	if len(hosts) > 1 {
+	if len(hosts) > 1 &&
+		(p.Config.Protocol == easyssh.PROTOCOL_TCP ||
+			p.Config.Protocol == easyssh.PROTOCOL_TCP4) {
 		host = hosts[0]
 		port = hosts[1]
 	}
@@ -66,6 +72,7 @@ func (p Plugin) hostPort(host string) (string, string) {
 }
 
 func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
+	defer wg.Done()
 	host, port := p.hostPort(host)
 	// Create MakeConfig instance with remote username, server address and path to private key.
 	ssh := &easyssh.MakeConfig{
@@ -73,6 +80,7 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 		User:              p.Config.Username,
 		Password:          p.Config.Password,
 		Port:              port,
+		Protocol:          p.Config.Protocol,
 		Key:               p.Config.Key,
 		KeyPath:           p.Config.KeyPath,
 		Passphrase:        p.Config.Passphrase,
@@ -80,11 +88,13 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 		Ciphers:           p.Config.Ciphers,
 		Fingerprint:       p.Config.Fingerprint,
 		UseInsecureCipher: p.Config.UseInsecureCipher,
+		RequestPty:        p.Config.RequireTty,
 		Proxy: easyssh.DefaultConfig{
 			Server:            p.Config.Proxy.Server,
 			User:              p.Config.Proxy.User,
 			Password:          p.Config.Proxy.Password,
 			Port:              p.Config.Proxy.Port,
+			Protocol:          p.Config.Proxy.Protocol,
 			Key:               p.Config.Proxy.Key,
 			KeyPath:           p.Config.Proxy.KeyPath,
 			Passphrase:        p.Config.Proxy.Passphrase,
@@ -100,10 +110,14 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 	p.log(host, "======END======")
 
 	env := []string{}
+	if p.Config.AllEnvs {
+		allenvs := findEnvs("DRONE_", "PLUGIN_", "INPUT_", "GITHUB_")
+		p.Config.Envs = append(p.Config.Envs, allenvs...)
+	}
 	for _, key := range p.Config.Envs {
 		key = strings.ToUpper(key)
 		if val, found := os.LookupEnv(key); found {
-			env = append(env, key+"="+escapeArg(val))
+			env = append(env, p.format(p.Config.EnvsFormat, "{NAME}", key, "{VALUE}", escapeArg(val)))
 		}
 	}
 
@@ -118,53 +132,61 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 	stdoutChan, stderrChan, doneChan, errChan, err := ssh.Stream(strings.Join(p.Config.Script, "\n"), p.Config.CommandTimeout)
 	if err != nil {
 		errChannel <- err
-	} else {
-		// read from the output channel until the done signal is passed
-		isTimeout := true
-	loop:
-		for {
-			select {
-			case isTimeout = <-doneChan:
-				break loop
-			case outline := <-stdoutChan:
-				if outline != "" {
-					p.log(host, "out:", outline)
-				}
-			case errline := <-stderrChan:
-				if errline != "" {
-					p.log(host, "err:", errline)
-				}
-			case err = <-errChan:
+		return
+	}
+	// read from the output channel until the done signal is passed
+	isTimeout := true
+loop:
+	for {
+		select {
+		case isTimeout = <-doneChan:
+			break loop
+		case outline := <-stdoutChan:
+			if outline != "" {
+				p.log(host, "out:", outline)
 			}
-		}
-
-		// get exit code or command error.
-		if err != nil {
-			errChannel <- err
-		}
-
-		// command time out
-		if !isTimeout {
-			errChannel <- errCommandTimeOut
+		case errline := <-stderrChan:
+			if errline != "" {
+				p.log(host, "err:", errline)
+			}
+		case err = <-errChan:
 		}
 	}
 
-	wg.Done()
+	// get exit code or command error.
+	if err != nil {
+		errChannel <- err
+	}
+
+	// command time out
+	if !isTimeout {
+		errChannel <- errCommandTimeOut
+	}
 }
 
+// format string
+func (p Plugin) format(format string, args ...string) string {
+	r := strings.NewReplacer(args...)
+	return r.Replace(format)
+}
+
+// log output to console
 func (p Plugin) log(host string, message ...interface{}) {
 	if p.Writer == nil {
 		p.Writer = os.Stdout
 	}
 	if count := len(p.Config.Host); count == 1 {
 		fmt.Fprintf(p.Writer, "%s", fmt.Sprintln(message...))
-	} else {
-		fmt.Fprintf(p.Writer, "%s: %s", host, fmt.Sprintln(message...))
+		return
 	}
+
+	fmt.Fprintf(p.Writer, "%s: %s", host, fmt.Sprintln(message...))
 }
 
 // Exec executes the plugin.
 func (p Plugin) Exec() error {
+	p.Config.Host = trimValues(p.Config.Host)
+
 	if len(p.Config.Host) == 0 {
 		return errMissingHost
 	}
@@ -173,18 +195,22 @@ func (p Plugin) Exec() error {
 		return errMissingPasswordOrKey
 	}
 
-	if len(p.Config.Key) != 0 && len(p.Config.Password) != 0 {
-		return errSetPasswordandKey
+	if p.Config.EnvsFormat == "" {
+		p.Config.EnvsFormat = envsFormat
 	}
 
 	wg := sync.WaitGroup{}
 	wg.Add(len(p.Config.Host))
 	errChannel := make(chan error)
 	finished := make(chan struct{})
-	for _, host := range p.Config.Host {
-		if p.Config.Sync {
-			p.exec(host, &wg, errChannel)
-		} else {
+	if p.Config.Sync {
+		go func() {
+			for _, host := range p.Config.Host {
+				p.exec(host, &wg, errChannel)
+			}
+		}()
+	} else {
+		for _, host := range p.Config.Host {
 			go p.exec(host, &wg, errChannel)
 		}
 	}
@@ -235,3 +261,33 @@ func (p Plugin) scriptCommands() []string {
 
 	return commands
 }
+
+func trimValues(keys []string) []string {
+	var newKeys []string
+
+	for _, value := range keys {
+		value = strings.TrimSpace(value)
+		if len(value) == 0 {
+			continue
+		}
+
+		newKeys = append(newKeys, value)
+	}
+
+	return newKeys
+}
+
+// Find all envs from specified prefix
+func findEnvs(prefix ...string) []string {
+	envs := []string{}
+	for _, e := range os.Environ() {
+		for _, p := range prefix {
+			if strings.HasPrefix(e, p) {
+				e = strings.Split(e, "=")[0]
+				envs = append(envs, e)
+				break
+			}
+		}
+	}
+	return envs
+}

plugin_test.go

@@ -38,23 +38,6 @@ func TestMissingKeyOrPassword(t *testing.T) {
 	assert.Equal(t, errMissingPasswordOrKey, err)
 }
 
-func TestSetPasswordAndKey(t *testing.T) {
-	plugin := Plugin{
-		Config{
-			Host:     []string{"localhost"},
-			Username: "ubuntu",
-			Password: "1234",
-			Key:      "1234",
-		},
-		os.Stdout,
-	}
-
-	err := plugin.Exec()
-
-	assert.NotNil(t, err)
-	assert.Equal(t, errSetPasswordandKey, err)
-}
-
 func TestIncorrectPassword(t *testing.T) {
 	plugin := Plugin{
 		Config: Config{
@@ -130,6 +113,40 @@ func TestSSHScriptFromKeyFile(t *testing.T) {
 	assert.Nil(t, err)
 }
 
+func TestSSHIPv4Only(t *testing.T) {
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost", "127.0.0.1"},
+			Username:       "drone-scp",
+			Port:           22,
+			Protocol:       easyssh.PROTOCOL_TCP4,
+			KeyPath:        "./tests/.ssh/id_rsa",
+			Script:         []string{"whoami", "ls -al"},
+			CommandTimeout: 60 * time.Second,
+		},
+	}
+
+	err := plugin.Exec()
+	assert.Nil(t, err)
+}
+
+func TestSSHIPv6OnlyError(t *testing.T) {
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"127.0.0.1"},
+			Username:       "drone-scp",
+			Port:           22,
+			Protocol:       easyssh.PROTOCOL_TCP6,
+			KeyPath:        "./tests/.ssh/id_rsa",
+			Script:         []string{"whoami", "ls -al"},
+			CommandTimeout: 60 * time.Second,
+		},
+	}
+
+	err := plugin.Exec()
+	assert.NotNil(t, err)
+}
+
 func TestStreamFromSSHCommand(t *testing.T) {
 	plugin := Plugin{
 		Config: Config{
@@ -457,6 +474,41 @@ func TestFingerprint(t *testing.T) {
 	assert.Equal(t, unindent(expected), unindent(buffer.String()))
 }
 
+func TestScriptStopWithMultipleHostAndSyncMode(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+			======CMD======
+			mkdir a/b/c
+			mkdir d/e/f
+			======END======
+			err: mkdir: can't create directory 'a/b/c': No such file or directory
+		`
+	)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"", "localhost"},
+			Username: "drone-scp",
+			Port:     22,
+			KeyPath:  "./tests/.ssh/id_rsa",
+			Script: []string{
+				"mkdir a/b/c",
+				"mkdir d/e/f",
+			},
+			CommandTimeout: 10 * time.Second,
+			ScriptStop:     true,
+			Sync:           true,
+		},
+		Writer: &buffer,
+	}
+
+	err := plugin.Exec()
+	assert.NotNil(t, err)
+
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}
+
 func TestScriptStop(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
@@ -539,13 +591,13 @@ func TestEnvOutput(t *testing.T) {
 			echo "[${ENV_7}]"
 			======END======
 			======ENV======
-			ENV_1='test'
-			ENV_2='test test'
-			ENV_3='test '
-			ENV_4='  test  test  '
-			ENV_5='test'\'''
-			ENV_6='test"'
-			ENV_7='test,!#;?.@$~'\''"'
+			export ENV_1='test'
+			export ENV_2='test test'
+			export ENV_3='test '
+			export ENV_4='  test  test  '
+			export ENV_5='test'\'''
+			export ENV_6='test"'
+			export ENV_7='test,!#;?.@$~'\''"'
 			======END======
 			out: [test]
 			out: [test test]
@@ -745,7 +797,8 @@ func TestPlugin_hostPort(t *testing.T) {
 			name: "different port",
 			fields: fields{
 				Config: Config{
-					Port: 22,
+					Port:     22,
+					Protocol: easyssh.PROTOCOL_TCP4,
 				},
 			},
 			args: args{
@@ -754,6 +807,20 @@ func TestPlugin_hostPort(t *testing.T) {
 			wantHost: "localhost",
 			wantPort: "443",
 		},
+		{
+			name: "ipv6",
+			fields: fields{
+				Config: Config{
+					Port:     22,
+					Protocol: easyssh.PROTOCOL_TCP6,
+				},
+			},
+			args: args{
+				h: "::1",
+			},
+			wantHost: "::1",
+			wantPort: "22",
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -771,3 +838,160 @@ func TestPlugin_hostPort(t *testing.T) {
 		})
 	}
 }
+
+func TestFindEnvs(t *testing.T) {
+	testEnvs := []string{
+		"INPUT_FOO",
+		"INPUT_BAR",
+		"NO_PREFIX",
+		"INPUT_FOOBAR",
+	}
+
+	origEnviron := os.Environ()
+	os.Clearenv()
+	for _, env := range testEnvs {
+		os.Setenv(env, "dummyValue")
+	}
+
+	defer func() {
+		os.Clearenv()
+		for _, env := range origEnviron {
+			pair := strings.SplitN(env, "=", 2)
+			os.Setenv(pair[0], pair[1])
+		}
+	}()
+
+	t.Run("Find single prefix", func(t *testing.T) {
+		expected := []string{"INPUT_FOO", "INPUT_BAR", "INPUT_FOOBAR"}
+		result := findEnvs("INPUT_")
+		if !reflect.DeepEqual(result, expected) {
+			t.Errorf("Expected %v, but got %v", expected, result)
+		}
+	})
+
+	t.Run("Find multiple prefixes", func(t *testing.T) {
+		expected := []string{"INPUT_FOO", "INPUT_BAR", "NO_PREFIX", "INPUT_FOOBAR"}
+		result := findEnvs("INPUT_", "NO_PREFIX")
+		if !reflect.DeepEqual(result, expected) {
+			t.Errorf("Expected %v, but got %v", expected, result)
+		}
+	})
+
+	t.Run("Find non-existing prefix", func(t *testing.T) {
+		expected := []string{}
+		result := findEnvs("NON_EXISTING_")
+		if !reflect.DeepEqual(result, expected) {
+			t.Errorf("Expected %v, but got %v", expected, result)
+		}
+	})
+}
+
+func TestAllEnvs(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+======CMD======
+echo "[${INPUT_1}]"
+echo "[${GITHUB_2}]"
+echo "[${PLUGIN_3}]"
+======END======
+out: [foobar]
+out: [foobar]
+out: [foobar]
+		`
+	)
+
+	os.Setenv("INPUT_1", `foobar`)
+	os.Setenv("GITHUB_2", `foobar`)
+	os.Setenv("PLUGIN_3", `foobar`)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:       []string{"localhost"},
+			Username:   "drone-scp",
+			Port:       22,
+			KeyPath:    "./tests/.ssh/test",
+			Passphrase: "1234",
+			AllEnvs:    true,
+			Script: []string{
+				`echo "[${INPUT_1}]"`,
+				`echo "[${GITHUB_2}]"`,
+				`echo "[${PLUGIN_3}]"`,
+			},
+			CommandTimeout: 10 * time.Second,
+			Proxy: easyssh.DefaultConfig{
+				Server:  "localhost",
+				User:    "drone-scp",
+				Port:    "22",
+				KeyPath: "./tests/.ssh/id_rsa",
+			},
+		},
+		Writer: &buffer,
+	}
+
+	err := plugin.Exec()
+	assert.Nil(t, err)
+
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}
+
+func TestSudoCommand(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+			======CMD======
+			sudo su - -c "whoami"
+			======END======
+			out: root
+		`
+	)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"localhost"},
+			Username: "drone-scp",
+			Port:     22,
+			KeyPath:  "./tests/.ssh/id_rsa",
+			Script: []string{
+				`sudo su - -c "whoami"`,
+			},
+			CommandTimeout: 10 * time.Second,
+			RequireTty:     true,
+		},
+		Writer: &buffer,
+	}
+
+	assert.Nil(t, plugin.Exec())
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}
+
+// TODO: TestCommandWithIPv6 is not working on github actions.
+// func TestCommandWithIPv6(t *testing.T) {
+// 	var (
+// 		buffer   bytes.Buffer
+// 		expected = `
+// 			======CMD======
+// 			whoami
+// 			======END======
+// 			out: drone-scp
+// 		`
+// 	)
+
+// 	plugin := Plugin{
+// 		Config: Config{
+// 			Host:     []string{"::1"},
+// 			Username: "drone-scp",
+// 			Port:     22,
+// 			KeyPath:  "./tests/.ssh/id_rsa",
+// 			Script: []string{
+// 				"whoami",
+// 			},
+// 			Protocol:       easyssh.PROTOCOL_TCP6,
+// 			CommandTimeout: 10 * time.Second,
+// 		},
+// 		Writer: &buffer,
+// 	}
+
+// 	assert.Nil(t, plugin.Exec())
+// 	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+// }

tests/sudoers

@@ -0,0 +1,2 @@
+Defaults        requiretty
+drone-scp ALL=(ALL) NOPASSWD:ALL