third/plugin-drone-ssh
1
0
Fork 0
mirror of https://github.com/appleboy/drone-ssh.git synced 2026-06-16 14:49:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: third/plugin-drone-ssh:v1.8.4
Branches Tags
third/plugin-drone-ssh:master
third/plugin-drone-ssh:v1.8.4 third/plugin-drone-ssh:v1.8.3 third/plugin-drone-ssh:v1.8.2 third/plugin-drone-ssh:v1.8.1 third/plugin-drone-ssh:v1.8.0 third/plugin-drone-ssh:v1.7.7 third/plugin-drone-ssh:v1.7.6 third/plugin-drone-ssh:v1.7.5 third/plugin-drone-ssh:v1.7.4 third/plugin-drone-ssh:v1.7.3 third/plugin-drone-ssh:v1.7.2 third/plugin-drone-ssh:v1.7.1 third/plugin-drone-ssh:v1.7.0 third/plugin-drone-ssh:v1.6.14 third/plugin-drone-ssh:v1.6.13 third/plugin-drone-ssh:v1.6.12 third/plugin-drone-ssh:v1.6.11 third/plugin-drone-ssh:v1.6.10 third/plugin-drone-ssh:v1.6.9 third/plugin-drone-ssh:v1.6.8 third/plugin-drone-ssh:v1.6.7 third/plugin-drone-ssh:v1.6.6 third/plugin-drone-ssh:v1.6.5 third/plugin-drone-ssh:v1.6.4 third/plugin-drone-ssh:v1.6.3 third/plugin-drone-ssh:v1.6.2 third/plugin-drone-ssh:v1.6.1 third/plugin-drone-ssh:v1.6.0 third/plugin-drone-ssh:v1.5.9 third/plugin-drone-ssh:v1.5.8 third/plugin-drone-ssh:v1.5.7 third/plugin-drone-ssh:v1.5.6 third/plugin-drone-ssh:v1.5.5 third/plugin-drone-ssh:v1.5.4 third/plugin-drone-ssh:v1.5.3 third/plugin-drone-ssh:v1.5.2 third/plugin-drone-ssh:v1.5.1 third/plugin-drone-ssh:v1.5.0 third/plugin-drone-ssh:v1.4.0 third/plugin-drone-ssh:v1.3.2 third/plugin-drone-ssh:v1.3.1 third/plugin-drone-ssh:v1.3.0 third/plugin-drone-ssh:v1.2.0 third/plugin-drone-ssh:v1.1.0 third/plugin-drone-ssh:v1.0.1 third/plugin-drone-ssh:v1.0.0
..
compare: third/plugin-drone-ssh:v1.6.4
Branches Tags
third/plugin-drone-ssh:master
third/plugin-drone-ssh:v1.8.4 third/plugin-drone-ssh:v1.8.3 third/plugin-drone-ssh:v1.8.2 third/plugin-drone-ssh:v1.8.1 third/plugin-drone-ssh:v1.8.0 third/plugin-drone-ssh:v1.7.7 third/plugin-drone-ssh:v1.7.6 third/plugin-drone-ssh:v1.7.5 third/plugin-drone-ssh:v1.7.4 third/plugin-drone-ssh:v1.7.3 third/plugin-drone-ssh:v1.7.2 third/plugin-drone-ssh:v1.7.1 third/plugin-drone-ssh:v1.7.0 third/plugin-drone-ssh:v1.6.14 third/plugin-drone-ssh:v1.6.13 third/plugin-drone-ssh:v1.6.12 third/plugin-drone-ssh:v1.6.11 third/plugin-drone-ssh:v1.6.10 third/plugin-drone-ssh:v1.6.9 third/plugin-drone-ssh:v1.6.8 third/plugin-drone-ssh:v1.6.7 third/plugin-drone-ssh:v1.6.6 third/plugin-drone-ssh:v1.6.5 third/plugin-drone-ssh:v1.6.4 third/plugin-drone-ssh:v1.6.3 third/plugin-drone-ssh:v1.6.2 third/plugin-drone-ssh:v1.6.1 third/plugin-drone-ssh:v1.6.0 third/plugin-drone-ssh:v1.5.9 third/plugin-drone-ssh:v1.5.8 third/plugin-drone-ssh:v1.5.7 third/plugin-drone-ssh:v1.5.6 third/plugin-drone-ssh:v1.5.5 third/plugin-drone-ssh:v1.5.4 third/plugin-drone-ssh:v1.5.3 third/plugin-drone-ssh:v1.5.2 third/plugin-drone-ssh:v1.5.1 third/plugin-drone-ssh:v1.5.0 third/plugin-drone-ssh:v1.4.0 third/plugin-drone-ssh:v1.3.2 third/plugin-drone-ssh:v1.3.1 third/plugin-drone-ssh:v1.3.0 third/plugin-drone-ssh:v1.2.0 third/plugin-drone-ssh:v1.1.0 third/plugin-drone-ssh:v1.0.1 third/plugin-drone-ssh:v1.0.0

1 Commits
v1.8.4 .. v1.6.4

Author SHA1 Message Date
Bo-Yi Wu 1efc71c743 chore(release): support multiple platform 2022-06-16 11:22:26 +08:00
31 changed files with 1188 additions and 2025 deletions
Expand all files Collapse all files
.dockerignore
-2
View File
@@ -1,2 +0,0 @@
*
!release/
.drone.jsonnet
+16
View File
@@ -0,0 +1,16 @@
local pipeline = import 'pipeline.libsonnet';
local name = 'drone-ssh';
[
pipeline.test,
pipeline.build(name, 'linux', 'amd64'),
pipeline.build(name, 'linux', 'arm64'),
pipeline.build(name, 'linux', 'arm'),
pipeline.release,
pipeline.notifications(depends_on=[
'linux-amd64',
'linux-arm64',
'linux-arm',
'release-binary',
]),
]
.drone.yml
+298
View File
@@ -0,0 +1,298 @@
---
kind: pipeline
name: testing
platform:
arch: amd64
os: linux
steps:
- commands:
- make vet
image: golang:1.18
name: vet
pull: always
volumes:
- name: gopath
path: /go
- image: robertstettner/drone-codecov
name: codecov
pull: always
settings:
token:
from_secret: codecov_token
volumes:
- name: gopath
temp: {}
---
depends_on:
- testing
kind: pipeline
name: linux-amd64
platform:
arch: amd64
os: linux
steps:
- commands:
- go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/amd64/drone-ssh
environment:
CGO_ENABLED: "0"
image: golang:1.18
name: build-push
pull: always
when:
event:
exclude:
- tag
- commands:
- go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}'
-a -o release/linux/amd64/drone-ssh
environment:
CGO_ENABLED: "0"
image: golang:1.18
name: build-tag
pull: always
when:
event:
- tag
- commands:
- ./release/linux/amd64/drone-ssh --help
image: golang:1.18
name: executable
pull: always
- image: plugins/docker:linux-amd64
name: dryrun
pull: always
settings:
cache_from: appleboy/drone-ssh
daemon_off: false
dockerfile: docker/Dockerfile.linux.amd64
dry_run: true
repo: appleboy/drone-ssh
tags: linux-amd64
when:
event:
- pull_request
- image: plugins/docker:linux-amd64
name: publish
pull: always
settings:
auto_tag: true
auto_tag_suffix: linux-amd64
cache_from: appleboy/drone-ssh
daemon_off: "false"
dockerfile: docker/Dockerfile.linux.amd64
password:
from_secret: docker_password
repo: appleboy/drone-ssh
username:
from_secret: docker_username
when:
event:
exclude:
- pull_request
trigger:
ref:
- refs/heads/master
- refs/pull/**
- refs/tags/**
---
depends_on:
- testing
kind: pipeline
name: linux-arm64
platform:
arch: arm64
os: linux
steps:
- commands:
- go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm64/drone-ssh
environment:
CGO_ENABLED: "0"
image: golang:1.18
name: build-push
pull: always
when:
event:
exclude:
- tag
- commands:
- go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}'
-a -o release/linux/arm64/drone-ssh
environment:
CGO_ENABLED: "0"
image: golang:1.18
name: build-tag
pull: always
when:
event:
- tag
- commands:
- ./release/linux/arm64/drone-ssh --help
image: golang:1.18
name: executable
pull: always
- image: plugins/docker:linux-arm64
name: dryrun
pull: always
settings:
cache_from: appleboy/drone-ssh
daemon_off: false
dockerfile: docker/Dockerfile.linux.arm64
dry_run: true
repo: appleboy/drone-ssh
tags: linux-arm64
when:
event:
- pull_request
- image: plugins/docker:linux-arm64
name: publish
pull: always
settings:
auto_tag: true
auto_tag_suffix: linux-arm64
cache_from: appleboy/drone-ssh
daemon_off: "false"
dockerfile: docker/Dockerfile.linux.arm64
password:
from_secret: docker_password
repo: appleboy/drone-ssh
username:
from_secret: docker_username
when:
event:
exclude:
- pull_request
trigger:
ref:
- refs/heads/master
- refs/pull/**
- refs/tags/**
---
depends_on:
- testing
kind: pipeline
name: linux-arm
platform:
arch: arm
os: linux
steps:
- commands:
- go build -v -ldflags '-X main.build=${DRONE_BUILD_NUMBER}' -a -o release/linux/arm/drone-ssh
environment:
CGO_ENABLED: "0"
image: golang:1.18
name: build-push
pull: always
when:
event:
exclude:
- tag
- commands:
- go build -v -ldflags '-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}'
-a -o release/linux/arm/drone-ssh
environment:
CGO_ENABLED: "0"
image: golang:1.18
name: build-tag
pull: always
when:
event:
- tag
- commands:
- ./release/linux/arm/drone-ssh --help
image: golang:1.18
name: executable
pull: always
- image: plugins/docker:linux-arm
name: dryrun
pull: always
settings:
cache_from: appleboy/drone-ssh
daemon_off: false
dockerfile: docker/Dockerfile.linux.arm
dry_run: true
repo: appleboy/drone-ssh
tags: linux-arm
when:
event:
- pull_request
- image: plugins/docker:linux-arm
name: publish
pull: always
settings:
auto_tag: true
auto_tag_suffix: linux-arm
cache_from: appleboy/drone-ssh
daemon_off: "false"
dockerfile: docker/Dockerfile.linux.arm
password:
from_secret: docker_password
repo: appleboy/drone-ssh
username:
from_secret: docker_username
when:
event:
exclude:
- pull_request
trigger:
ref:
- refs/heads/master
- refs/pull/**
- refs/tags/**
---
depends_on:
- testing
kind: pipeline
name: release-binary
platform:
arch: amd64
os: linux
steps:
- commands:
- export PATH=$PATH:$GOPATH/bin
- make release
image: techknowlogick/xgo:go-1.18.x
name: build-all-binary
pull: always
when:
event:
- tag
- image: plugins/github-release
name: deploy-all-binary
pull: always
settings:
api_key:
from_secret: github_release_api_key
files:
- dist/release/*
when:
event:
- tag
trigger:
ref:
- refs/tags/**
---
depends_on:
- linux-amd64
- linux-arm64
- linux-arm
- release-binary
kind: pipeline
name: notifications
platform:
arch: amd64
os: linux
steps:
- image: plugins/manifest
name: manifest
pull: always
settings:
ignore_missing: true
password:
from_secret: docker_password
spec: docker/manifest.tmpl
username:
from_secret: docker_username
trigger:
ref:
- refs/heads/master
- refs/tags/**
.github/workflows/codeql.yml
+17 -17
View File
@@ -13,12 +13,12 @@ name: "CodeQL"
on:
push:
branches: [master]
branches: [ master ]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
branches: [ master ]
schedule:
- cron: "41 23 * * 6"
- cron: '41 23 * * 6'
jobs:
analyze:
@@ -32,23 +32,23 @@ jobs:
strategy:
fail-fast: false
matrix:
language: ["go"]
language: [ 'go' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
.github/workflows/docker.yml
-104
View File
@@ -1,104 +0,0 @@
name: Docker Image
on:
push:
branches:
- master
tags:
- "v*"
pull_request:
branches:
- "master"
permissions:
contents: read
packages: write
security-events: write
jobs:
build-docker:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Setup go
uses: actions/setup-go@v6
with:
go-version-file: go.mod
check-latest: true
- name: Build binary
run: |
make build_linux_amd64
make build_linux_arm64
- name: Set up QEMU
uses: docker/setup-qemu-action@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
- name: Login to Docker Hub
uses: docker/login-action@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: docker-meta
uses: docker/metadata-action@v6
with:
images: |
${{ github.repository }}
ghcr.io/${{ github.repository }}
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Build image for scanning
uses: docker/build-push-action@v7
with:
context: .
file: docker/Dockerfile
platforms: linux/amd64
push: false
load: true
tags: drone-ssh:scan
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@v0.35.0
with:
image-ref: "drone-ssh:scan"
format: "sarif"
output: "trivy-image-results.sarif"
severity: "CRITICAL,HIGH"
exit-code: '1'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
if: always()
with:
sarif_file: "trivy-image-results.sarif"
category: "trivy-docker-image"
- name: Build and push
if: success()
uses: docker/build-push-action@v7
with:
context: .
platforms: linux/amd64,linux/arm64
file: docker/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker-meta.outputs.tags }}
labels: ${{ steps.docker-meta.outputs.labels }}
cache-from: type=registry,ref=ghcr.io/${{ github.repository }}:buildcache
cache-to: type=registry,ref=ghcr.io/${{ github.repository }}:buildcache,mode=max
.github/workflows/go.yml
+64
View File
@@ -0,0 +1,64 @@
name: Run Tests
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Setup go
uses: actions/setup-go@v3
with:
go-version: '^1'
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: v1.46.2
args: --verbose
# build:
# strategy:
# matrix:
# os: [ubuntu-latest]
# go: [ 1.18]
# include:
# - os: ubuntu-latest
# go-build: ~/.cache/go-build
# name: ${{ matrix.os }} @ Go ${{ matrix.go }}
# runs-on: ${{ matrix.os }}
# env:
# GO111MODULE: on
# GOPROXY: https://proxy.golang.org
# steps:
# - name: Set up Go ${{ matrix.go }}
# uses: actions/setup-go@v3
# with:
# go-version: ${{ matrix.go }}
# - name: Checkout Code
# uses: actions/checkout@v3
# with:
# ref: ${{ github.ref }}
# - uses: actions/cache@v3
# with:
# path: |
# ${{ matrix.go-build }}
# ~/go/pkg/mod
# key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
# restore-keys: |
# ${{ runner.os }}-go-
# - name: initial docker
# uses: docker-practice/actions-setup-docker@master
# - name: build all binaries
# run: |
# set -x
# make release
.github/workflows/goreleaser.yml
-34
View File
@@ -1,34 +0,0 @@
name: Goreleaser
on:
push:
tags:
- "*"
permissions:
contents: write
jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Setup go
uses: actions/setup-go@v6
with:
go-version-file: go.mod
check-latest: true
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v7
with:
# either 'goreleaser' (default) or 'goreleaser-pro'
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
.github/workflows/testing.yml
-55
View File
@@ -1,55 +0,0 @@
name: Lint and Testing
on:
push:
pull_request:
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Setup go
uses: actions/setup-go@v6
with:
go-version-file: go.mod
check-latest: true
- name: Setup golangci-lint
uses: golangci/golangci-lint-action@v9
with:
version: v2.11
args: --verbose
- uses: hadolint/hadolint-action@v3.3.0
name: hadolint for Dockerfile
with:
dockerfile: docker/Dockerfile
testing:
runs-on: ubuntu-latest
strategy:
matrix:
go-version: ["1.25", "1.26"]
container:
image: golang:${{ matrix.go-version }}-alpine
options: --sysctl net.ipv6.conf.all.disable_ipv6=0
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: setup sshd server
run: |
apk add git make curl perl bash build-base zlib-dev ucl-dev sudo gpg
make ssh-server
- name: testing
run: |
make test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v5
with:
flags: go-${{ matrix.go-version }}
.github/workflows/trivy.yml
-85
View File
@@ -1,85 +0,0 @@
name: Trivy Security Scan
on:
push:
branches:
- master
pull_request:
branches:
- master
schedule:
# Run daily at 00:00 UTC
- cron: "0 0 * * *"
workflow_dispatch:
permissions:
contents: read
security-events: write
jobs:
trivy-repo-scan:
name: Trivy Repository Scan
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Run Trivy vulnerability scanner (repo)
uses: aquasecurity/trivy-action@v0.35.0
with:
scan-type: "fs"
scan-ref: "."
format: "sarif"
output: "trivy-repo-results.sarif"
severity: "CRITICAL,HIGH"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
if: always()
with:
sarif_file: "trivy-repo-results.sarif"
trivy-image-scan:
name: Trivy Image Scan
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Setup go
uses: actions/setup-go@v6
with:
go-version-file: go.mod
check-latest: true
- name: Build binary
run: |
make build_linux_amd64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
- name: Build Docker image for scanning
uses: docker/build-push-action@v7
with:
context: .
file: docker/Dockerfile
platforms: linux/amd64
push: false
load: true
tags: drone-ssh:scan
- name: Run Trivy vulnerability scanner (image)
uses: aquasecurity/trivy-action@v0.35.0
with:
image-ref: "drone-ssh:scan"
format: "sarif"
output: "trivy-image-results.sarif"
severity: "CRITICAL,HIGH"
- name: Upload Trivy image scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
if: always()
with:
sarif_file: "trivy-image-results.sarif"
category: "trivy-image"
.gitignore
-1
View File
@@ -29,4 +29,3 @@ release
drone-ssh
.cover
dist
bin
.golangci.yaml
-114
View File
@@ -1,114 +0,0 @@
version: "2"
output:
sort-order:
- file
linters:
default: none
enable:
- bidichk
- bodyclose
- depguard
- errcheck
- forbidigo
- gocheckcompilerdirectives
- gocritic
- govet
- ineffassign
- mirror
- modernize
- nakedret
- nilnil
- nolintlint
- perfsprint
- revive
- staticcheck
- testifylint
- unconvert
- unparam
- unused
- usestdlibvars
- usetesting
- wastedassign
settings:
depguard:
rules:
main:
deny:
- pkg: io/ioutil
desc: use os or io instead
- pkg: golang.org/x/exp
desc: it's experimental and unreliable
- pkg: github.com/pkg/errors
desc: use builtin errors package instead
nolintlint:
allow-unused: false
require-explanation: true
require-specific: true
gocritic:
enabled-checks:
- equalFold
disabled-checks: []
revive:
severity: error
rules:
- name: blank-imports
- name: constant-logical-expr
- name: context-as-argument
- name: context-keys-type
- name: dot-imports
- name: empty-lines
- name: error-return
- name: error-strings
- name: exported
- name: identical-branches
- name: if-return
- name: increment-decrement
- name: modifies-value-receiver
- name: package-comments
- name: redefines-builtin-id
- name: superfluous-else
- name: time-naming
- name: unexported-return
- name: var-declaration
- name: var-naming
disabled: true
staticcheck:
checks:
- all
testifylint: {}
usetesting:
os-temp-dir: true
perfsprint:
concat-loop: false
govet:
enable:
- nilness
- unusedwrite
exclusions:
generated: lax
presets:
- comments
- common-false-positives
- legacy
- std-error-handling
rules:
- linters:
- errcheck
- staticcheck
- unparam
path: _test\.go
issues:
max-issues-per-linter: 0
max-same-issues: 0
formatters:
enable:
- gofmt
- gofumpt
- golines
settings:
gofumpt:
extra-rules: true
exclusions:
generated: lax
run:
timeout: 10m
.goreleaser.yaml
-123
View File
@@ -1,123 +0,0 @@
before:
hooks:
- go mod tidy
builds:
- env:
- CGO_ENABLED=0
goos:
- darwin
- linux
- windows
- freebsd
goarch:
- amd64
- arm
- arm64
goarm:
- "5"
- "6"
- "7"
ignore:
- goos: darwin
goarch: arm
- goos: darwin
goarch: ppc64le
- goos: darwin
goarch: s390x
- goos: windows
goarch: ppc64le
- goos: windows
goarch: s390x
- goos: windows
goarch: arm
goarm: "5"
- goos: windows
goarch: arm
goarm: "6"
- goos: windows
goarch: arm
goarm: "7"
- goos: windows
goarch: arm64
- goos: freebsd
goarch: ppc64le
- goos: freebsd
goarch: s390x
- goos: freebsd
goarch: arm
goarm: "5"
- goos: freebsd
goarch: arm
goarm: "6"
- goos: freebsd
goarch: arm
goarm: "7"
- goos: freebsd
goarch: arm64
flags:
- -trimpath
ldflags:
- -s -w
- -X main.Version={{.Version}}
binary: >-
{{ .ProjectName }}-
{{- if .IsSnapshot }}{{ .Branch }}-
{{- else }}{{- .Version }}-{{ end }}
{{- .Os }}-
{{- if eq .Arch "amd64" }}amd64
{{- else if eq .Arch "amd64_v1" }}amd64
{{- else if eq .Arch "386" }}386
{{- else }}{{ .Arch }}{{ end }}
{{- if .Arm }}-{{ .Arm }}{{ end }}
no_unique_dist_dir: true
hooks:
post:
- cmd: xz -k -9 {{ .Path }}
dir: ./dist/
archives:
- format: binary
name_template: "{{ .Binary }}"
allow_different_binary_count: true
checksum:
name_template: "checksums.txt"
extra_files:
- glob: ./**.xz
snapshot:
name_template: "{{ incpatch .Version }}"
release:
# You can add extra pre-existing files to the release.
# The filename on the release will be the last part of the path (base).
# If another file with the same name exists, the last one found will be used.
#
# Templates: allowed
extra_files:
- glob: ./**.xz
changelog:
use: github
groups:
- title: Features
regexp: "^.*feat[(\\w)]*:+.*$"
order: 0
- title: "Bug fixes"
regexp: "^.*fix[(\\w)]*:+.*$"
order: 1
- title: "Enhancements"
regexp: "^.*chore[(\\w)]*:+.*$"
order: 2
- title: "Refactor"
regexp: "^.*refactor[(\\w)]*:+.*$"
order: 3
- title: "Build process updates"
regexp: ^.*?(build|ci)(\(.+\))??!?:.+$
order: 4
- title: "Documentation updates"
regexp: ^.*?docs?(\(.+\))??!?:.+$
order: 4
- title: Others
order: 999
.hadolint.yaml
-3
View File
@@ -1,3 +0,0 @@
ignored:
- DL3018
- DL3008
DOCS.md
+88 -64
View File
@@ -5,14 +5,14 @@ author: appleboy
tags: [ deploy, publish, ssh ]
repo: appleboy/drone-ssh
logo: term.svg
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
---
Use the SSH plugin to execute commands on a remote server. The below pipeline configuration demonstrates simple usage:
```yaml
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -27,7 +27,7 @@ Example configuration in your `.drone.yml` file for multiple hosts:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host:
+ - foo.com
@@ -44,7 +44,7 @@ Example configuration for multiple hosts with different port:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host:
+ - foo.com:1234
@@ -61,7 +61,7 @@ Example configuration for command timeout, default value is 60 seconds:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -77,7 +77,7 @@ Example configuration for execute commands on a remote server using SSHProxyC
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -96,7 +96,7 @@ Example configuration using password from secrets:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -112,7 +112,7 @@ Example configuration using ssh key from secrets:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -128,28 +128,27 @@ Example configuration for exporting custom secrets:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
environment:
# MUST BE in UPPERCASE
COMMIT:
from_secret: commit
commit: ${DRONE_BUILD_NUMBER}
settings:
host: foo.com
username: root
password: 1234
port: 22
+ envs:
# can be in lowercase (uppercased in code)
- aws_access_key_id
- commit
script:
- echo $COMMIT
- export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
- echo $commit
```
Example configuration for stoping script after first failure:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -165,7 +164,7 @@ Example configuration for passphrase which protecting a private key:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
settings:
host: foo.com
username: root
@@ -178,56 +177,81 @@ Example configuration for passphrase which protecting a private key:
- echo "you can't see the steps."
```
Example configuration for forcing protocol to IPv4 only:
```diff
- name: ssh commands
image: ghcr.io/appleboy/drone-ssh
settings:
host: foo.com
username: root
password: 1234
port: 22
+ protocol: tcp4
script:
- echo hello
- echo world
```
## Secret Reference
| Key | Description |
|-----|-------------|
| `ssh_username` | account for target host user |
| `ssh_password` | password for target host user | |
| `ssh_passphrase` | The purpose of the passphrase is usually to encrypt the private key. |
| `ssh_key` | plain text of user private key |
| `proxy_ssh_username` | account for user of proxy server |
| `proxy_ssh_password` | password for user of proxy server |
| `proxy_ssh_passphrase` | The purpose of the passphrase is usually to encrypt the private key. |
| `proxy_ssh_key` | plain text of user private key for proxy server |
ssh_username
: account for target host user
ssh_password
: password for target host user
ssh_passphrase
: The purpose of the passphrase is usually to encrypt the private key.
ssh_key
: plain text of user private key
proxy_ssh_username
: account for user of proxy server
proxy_ssh_password
: password for user of proxy server
proxy_ssh_passphrase
: The purpose of the passphrase is usually to encrypt the private key.
proxy_ssh_key
: plain text of user private key for proxy server
## Parameter Reference
| Key | Description |
|-----|-------------|
| `host` | target hostname or IP |
| `port` | ssh port of target host |
| `protocol` | IP protocol to use: either tcp, tcp4 or tcp6 |
| `username` | account for target host user |
| `password` | password for target host user |
| `key` | plain text of user private key |
| `key_path` | key path of user private key |
| `envs` | custom secrets which are made available in the script section |
| `script` | execute commands on a remote server |
| `script_stop` | stop script after first failure |
| `timeout` | Timeout is the maximum amount of time for the ssh connection to establish, default is 30 seconds. |
| `command_timeout` | Command timeout is the maximum amount of time for the execute commands, default is 10 minutes. |
| `proxy_host` | proxy hostname or IP |
| `proxy_port` | ssh port of proxy host |
| `proxy_protocol` | IP protocol to use for the proxy: either tcp, tcp4 or tcp6 |
| `proxy_username` | account for proxy host user |
| `proxy_password` | password for proxy host user |
| `proxy_key` | plain text of proxy private key |
| `proxy_key_path` | key path of proxy private key |
host
: target hostname or IP
port
: ssh port of target host
username
: account for target host user
password
: password for target host user
key
: plain text of user private key
key_path
: key path of user private key
envs
: custom secrets which are made available in the script section
script
: execute commands on a remote server
script_stop
: stop script after first failure
timeout
: Timeout is the maximum amount of time for the ssh connection to establish, default is 30 seconds.
command_timeout
: Command timeout is the maximum amount of time for the execute commands, default is 10 minutes.
proxy_host
: proxy hostname or IP
proxy_port
: ssh port of proxy host
proxy_username
: account for proxy host user
proxy_password
: password for proxy host user
proxy_key
: plain text of proxy private key
proxy_key_path
: key path of proxy private key
Makefile
+30 -28
View File
@@ -1,19 +1,18 @@
DIST := dist
EXECUTABLE := drone-ssh
GOFMT ?= gofumpt -l
GOFMT ?= gofumpt -l -s
DIST := dist
DIST_DIRS := $(DIST)/binaries $(DIST)/release
GO ?= go
SHASUM ?= shasum -a 256
GOFILES := $(shell find . -name "*.go" -type f)
HAS_GO = $(shell hash $(GO) > /dev/null 2>&1 && echo "GO" || echo "NOGO" )
XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
XGO_VERSION := go-1.19.x
GXZ_PAGAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11
XGO_VERSION := go-1.18.x
GXZ_PAGAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.10
LINUX_ARCHS ?= linux/amd64,linux/arm64
DARWIN_ARCHS ?= darwin-10.12/amd64,darwin-10.12/arm64
WINDOWS_ARCHS ?= windows/*
DARWIN_ARCHS ?= darwin-12/amd64,darwin-12/arm64
WINDOWS_ARCHS ?= windows/amd64
ifneq ($(shell uname), Darwin)
EXTLDFLAGS = -extldflags "-static" $(null)
@@ -40,10 +39,24 @@ else
EXECUTABLE ?= $(EXECUTABLE)
endif
STORED_VERSION_FILE := VERSION
ifneq ($(DRONE_TAG),)
VERSION ?= $(DRONE_TAG)
VERSION ?= $(subst v,,$(DRONE_TAG))
RELASE_VERSION ?= $(VERSION)
else
VERSION ?= $(shell git describe --tags --always || git rev-parse --short HEAD)
ifneq ($(DRONE_BRANCH),)
VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
else
VERSION ?= master
endif
STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null)
ifneq ($(STORED_VERSION),)
RELASE_VERSION ?= $(STORED_VERSION)
else
RELASE_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
endif
endif
TAGS ?=
@@ -53,9 +66,9 @@ all: build
fmt:
@hash gofumpt > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) install mvdan.cc/gofumpt; \
$(GO) get -u mvdan.cc/gofumpt; \
fi
$(GOFMT) -w $(GOFILES)
$(GOFMT) -w $(SOURCES)
vet:
$(GO) vet ./...
@@ -63,25 +76,25 @@ vet:
.PHONY: fmt-check
fmt-check:
@hash gofumpt > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
$(GO) install mvdan.cc/gofumpt; \
$(GO) get -u mvdan.cc/gofumpt; \
fi
@diff=$$($(GOFMT) -d $(GOFILES)); \
@diff=$$($(GOFMT) -d $(SOURCES)); \
if [ -n "$$diff" ]; then \
echo "Please run 'make fmt' and commit the result:"; \
echo "$${diff}"; \
exit 1; \
fi;
test:
test: fmt-check
@$(GO) test -v -cover -coverprofile coverage.txt ./... && echo "\n==>\033[32m Ok\033[m\n" || exit 1
install: $(GOFILES)
install: $(SOURCES)
$(GO) install -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)'
build: $(EXECUTABLE)
$(EXECUTABLE): $(GOFILES)
$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o bin/$@
$(EXECUTABLE): $(SOURCES)
$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
build_linux_amd64:
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/amd64/$(DEPLOY_IMAGE)
@@ -104,21 +117,10 @@ ssh-server:
cat tests/.ssh/test.pub >> /home/drone-scp/.ssh/authorized_keys
chmod 600 /home/drone-scp/.ssh/authorized_keys
chown -R drone-scp /home/drone-scp/.ssh
# add public key to root user
mkdir -p /root/.ssh
chmod 700 /root/.ssh
cat tests/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
cat tests/.ssh/test.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
# Append the following entry to run ALL command without a password for a user named drone-scp:
cat tests/sudoers >> /etc/sudoers.d/sudoers
# install ssh and start server
apk add --update openssh openrc
rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
sed -i 's/^#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/g' /etc/ssh/sshd_config
sed -i 's/^#ListenAddress ::/ListenAddress ::/g' /etc/ssh/sshd_config
./tests/entrypoint.sh /usr/sbin/sshd -D &
coverage:
@@ -131,7 +133,7 @@ deps-backend:
$(GO) install $(XGO_PACKAGE)
.PHONY: release
release: release-linux release-darwin release-windows release-copy release-compress release-check
release: release-windows release-linux release-darwin release-copy release-compress release-check
$(DIST_DIRS):
mkdir -p $(DIST_DIRS)
README.md
+24 -48
View File
@@ -1,42 +1,30 @@
# drone-ssh
> **English** | [繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
![sshlog](images/ssh.png)
[![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
[![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml)
[![Trivy Security Scan](https://github.com/appleboy/drone-ssh/actions/workflows/trivy.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/trivy.yml)
[![Build Status](https://cloud.drone.io/api/badges/appleboy/drone-ssh/status.svg)](https://cloud.drone.io/appleboy/drone-ssh)
[![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
[![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
[![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
[![micro badger](https://images.microbadger.com/badges/image/appleboy/drone-ssh.svg)](https://microbadger.com/images/appleboy/drone-ssh "Get your own image badge on microbadger.com")
A Drone plugin for executing commands on remote hosts via SSH. For usage instructions and a list of available options, please refer to [the documentation](http://plugins.drone.io/appleboy/drone-ssh/).
Drone plugin to execute commands on a remote host through SSH. For the usage
information and a listing of the available options please take a look at [the docs](http://plugins.drone.io/appleboy/drone-ssh/).
**Note: Please update your Drone image config path to `appleboy/drone-ssh`. The `plugins/ssh` image is no longer maintained.**
**Note: Please update your image config path to `appleboy/drone-ssh` for drone. `plugins/ssh` is no longer maintained.**
![demo](./images/demo2017.05.10.gif)
## Table of Contents
## Breaking changes
- [drone-ssh](#drone-ssh)
- [Table of Contents](#table-of-contents)
- [Breaking Changes](#breaking-changes)
- [Build or Download a Binary](#build-or-download-a-binary)
- [Docker](#docker)
- [Usage](#usage)
- [Mount Key from File Path](#mount-key-from-file-path)
- [Configuration](#configuration)
## Breaking Changes
As of `v1.5.0`, the command timeout flag has changed to use the `Duration` format. See the following example:
`v1.5.0`: change command timeout flag to `Duration`. See the following setting:
```diff
pipeline:
scp:
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-scp
settings:
host:
- example1.com
@@ -51,21 +39,21 @@ pipeline:
- echo "Hello World"
```
## Build or Download a Binary
## Build or Download a binary
Pre-compiled binaries are available on the [releases page](https://github.com/appleboy/drone-ssh/releases), supporting the following operating systems:
The pre-compiled binaries can be downloaded from [release page](https://github.com/appleboy/drone-ssh/releases). Support the following OS type.
- Windows amd64/386
- Linux arm/amd64/386
- macOS (Darwin) amd64/386
* Windows amd64/386
* Linux arm/amd64/386
* Darwin amd64/386
If you have `Go` installed:
With `Go` installed
```sh
go install github.com/appleboy/drone-ssh@latest
go get -u -v github.com/appleboy/drone-ssh
```
Or build the binary manually with the following commands:
or build the binary with the following command:
```sh
export GOOS=linux
@@ -80,7 +68,7 @@ go build -v -a -tags netgo -o release/linux/amd64/drone-ssh .
## Docker
Build the Docker image with the following command:
Build the docker image with the following commands:
```sh
make docker
@@ -88,7 +76,7 @@ make docker
## Usage
Run from your working directory:
Execute from the working directory:
```sh
docker run --rm \
@@ -98,21 +86,21 @@ docker run --rm \
-e PLUGIN_SCRIPT=whoami \
-v $(pwd):$(pwd) \
-w $(pwd) \
ghcr.io/appleboy/drone-ssh
appleboy/drone-ssh
```
## Mount Key from File Path
## Mount key from file path
Make sure to enable `trusted` mode in your project settings (for [Drone 0.8 version](https://0-8-0.docs.drone.io/)).
Please make sure that enable the `trusted` mode in project setting for [drone 0.8 version](https://0-8-0.docs.drone.io/).
![trusted mode](./images/trust.png)
Mount the private key in the `volumes` section of your `.drone.yml` config:
Mount private key in `volumes` setting of `.drone.yml` config
```diff
pipeline:
ssh:
image: ghcr.io/appleboy/drone-ssh
image: appleboy/drone-ssh
host: xxxxx.com
username: deploy
+ volumes:
@@ -122,16 +110,4 @@ pipeline:
- echo "test ssh"
```
See details in [this issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928).
## Configuration
See [DOCS.md](./DOCS.md) for examples and full configuration options.
Configuration options are loaded from multiple sources:
0. Hardcoded drone-ssh defaults. See [main.go CLI Flags](https://github.com/appleboy/drone-ssh/blob/6d9d6acc6aef1f9166118c6ba8bd214d3a582bdb/main.go#L39) for more information.
1. From a dotenv file at a path specified by the `PLUGIN_ENV_FILE` environment variable.
2. From your `.drone.yml` Drone configuration.
Later sources override earlier ones. For example, if `PORT` is set in an `.env` file committed in the repository or created by previous test steps, it will override the default set in `main.go`.
See the detail of [issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928).
README.zh-cn.md
-141
View File
@@ -1,141 +0,0 @@
# drone-ssh
> [English](./README.md) | [繁體中文](./README.zh-tw.md) | **简体中文**
![sshlog](images/ssh.png)
<!-- 图片说明:SSH 日志画面,内容与原文一致 -->
[![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
[![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml)
[![Trivy Security Scan](https://github.com/appleboy/drone-ssh/actions/workflows/trivy.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/trivy.yml)
[![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
[![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
[![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
Drone 插件,可通过 SSH 在远程主机执行命令。使用方法和可用选项请参考[官方文档](http://plugins.drone.io/appleboy/drone-ssh/)。
**注意:请将 Drone 的 image config 路径更新为 `appleboy/drone-ssh`。`plugins/ssh` 已不再维护。**
![demo](./images/demo2017.05.10.gif)
<!-- 图片说明:SSH 命令执行演示动画,内容与原文一致 -->
## 目录
- [drone-ssh](#drone-ssh)
- [目录](#目录)
- [重大变更](#重大变更)
- [构建或下载二进制文件](#构建或下载二进制文件)
- [Docker](#docker)
- [使用方法](#使用方法)
- [通过文件路径挂载密钥](#通过文件路径挂载密钥)
- [配置说明](#配置说明)
## 重大变更
`v1.5.0`:将命令超时参数更改为 `Duration` 格式。设置示例如下:
```diff
pipeline:
scp:
image: ghcr.io/appleboy/drone-ssh
settings:
host:
- example1.com
- example2.com
username: ubuntu
password:
from_secret: ssh_password
port: 22
- command_timeout: 120
+ command_timeout: 2m
script:
- echo "Hello World"
```
## 构建或下载二进制文件
可在[发布页面](https://github.com/appleboy/drone-ssh/releases)下载预编译的二进制文件,支持以下操作系统:
- Windows amd64/386
- Linux arm/amd64/386
- macOS (Darwin) amd64/386
如已安装 `Go`,可执行:
```sh
go install github.com/appleboy/drone-ssh@latest
```
或使用以下命令手动构建二进制文件:
```sh
export GOOS=linux
export GOARCH=amd64
export CGO_ENABLED=0
export GO111MODULE=on
go test -cover ./...
go build -v -a -tags netgo -o release/linux/amd64/drone-ssh .
```
## Docker
可使用以下命令构建 Docker 镜像:
```sh
make docker
```
## 使用方法
在工作目录下执行:
```sh
docker run --rm \
-e PLUGIN_HOST=foo.com \
-e PLUGIN_USERNAME=root \
-e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
-e PLUGIN_SCRIPT=whoami \
-v $(pwd):$(pwd) \
-w $(pwd) \
ghcr.io/appleboy/drone-ssh
```
## 通过文件路径挂载密钥
请确保已在项目设置中启用 `trusted` 模式(适用于 [Drone 0.8 版本](https://0-8-0.docs.drone.io/))。
![trusted mode](./images/trust.png)
`.drone.yml` 配置文件的 `volumes` 部分挂载私钥:
```diff
pipeline:
ssh:
image: ghcr.io/appleboy/drone-ssh
host: xxxxx.com
username: deploy
+ volumes:
+ - /root/drone_rsa:/root/ssh/drone_rsa
key_path: /root/ssh/drone_rsa
script:
- echo "test ssh"
```
详情请参考 [此 issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928)。
## 配置说明
更多示例和完整配置选项请参考 [DOCS.md](./DOCS.md)。
配置选项来源如下:
0. 内置 drone-ssh 默认值。详见 [main.go CLI Flags](https://github.com/appleboy/drone-ssh/blob/6d9d6acc6aef1f9166118c6ba8bd214d3a582bdb/main.go#L39)。
1.`PLUGIN_ENV_FILE` 环境变量指定的 dotenv 文件。
2. `.drone.yml` Drone 配置文件。
后面的来源会覆盖前面的设置。例如,`.env` 文件中的 `PORT` 会覆盖 main.go 的默认值。
README.zh-tw.md
-141
View File
@@ -1,141 +0,0 @@
# drone-ssh
> [English](./README.md) | **繁體中文** | [简体中文](./README.zh-cn.md)
![sshlog](images/ssh.png)
<!-- 圖片說明:SSH 日誌畫面,圖片內容與原文相同 -->
[![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
[![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml)
[![Trivy Security Scan](https://github.com/appleboy/drone-ssh/actions/workflows/trivy.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/trivy.yml)
[![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
[![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
[![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
Drone 外掛程式,可透過 SSH 在遠端主機執行指令。使用方式與可用選項請參考[官方文件](http://plugins.drone.io/appleboy/drone-ssh/)。
**注意:請將 Drone 的 image config 路徑更新為 `appleboy/drone-ssh`。`plugins/ssh` 已不再維護。**
![demo](./images/demo2017.05.10.gif)
<!-- 圖片說明:SSH 指令執行示意動畫,內容與原文相同 -->
## 目錄
- [drone-ssh](#drone-ssh)
- [目錄](#目錄)
- [重大變更](#重大變更)
- [建置或下載執行檔](#建置或下載執行檔)
- [Docker](#docker)
- [使用方式](#使用方式)
- [以檔案路徑掛載金鑰](#以檔案路徑掛載金鑰)
- [設定說明](#設定說明)
## 重大變更
`v1.5.0`:將指令逾時參數改為 `Duration` 格式。設定範例如下:
```diff
pipeline:
scp:
image: ghcr.io/appleboy/drone-ssh
settings:
host:
- example1.com
- example2.com
username: ubuntu
password:
from_secret: ssh_password
port: 22
- command_timeout: 120
+ command_timeout: 2m
script:
- echo "Hello World"
```
## 建置或下載執行檔
可於[發行頁面](https://github.com/appleboy/drone-ssh/releases)下載預先編譯的執行檔,支援以下作業系統:
- Windows amd64/386
- Linux arm/amd64/386
- macOS (Darwin) amd64/386
若已安裝 `Go`,可執行:
```sh
go install github.com/appleboy/drone-ssh@latest
```
或使用下列指令手動建置執行檔:
```sh
export GOOS=linux
export GOARCH=amd64
export CGO_ENABLED=0
export GO111MODULE=on
go test -cover ./...
go build -v -a -tags netgo -o release/linux/amd64/drone-ssh .
```
## Docker
可使用下列指令建置 Docker 映像檔:
```sh
make docker
```
## 使用方式
於工作目錄下執行:
```sh
docker run --rm \
-e PLUGIN_HOST=foo.com \
-e PLUGIN_USERNAME=root \
-e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
-e PLUGIN_SCRIPT=whoami \
-v $(pwd):$(pwd) \
-w $(pwd) \
ghcr.io/appleboy/drone-ssh
```
## 以檔案路徑掛載金鑰
請確認已於專案設定中啟用 `trusted` 模式(適用於 [Drone 0.8 版本](https://0-8-0.docs.drone.io/))。
![trusted mode](./images/trust.png)
`.drone.yml` 設定檔的 `volumes` 區段掛載私鑰:
```diff
pipeline:
ssh:
image: ghcr.io/appleboy/drone-ssh
host: xxxxx.com
username: deploy
+ volumes:
+ - /root/drone_rsa:/root/ssh/drone_rsa
key_path: /root/ssh/drone_rsa
script:
- echo "test ssh"
```
詳情請參考 [此 issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928)。
## 設定說明
更多範例與完整設定選項請參考 [DOCS.md](./DOCS.md)。
設定選項來源如下:
0. 內建 drone-ssh 預設值。詳見 [main.go CLI Flags](https://github.com/appleboy/drone-ssh/blob/6d9d6acc6aef1f9166118c6ba8bd214d3a582bdb/main.go#L39)。
1.`PLUGIN_ENV_FILE` 環境變數指定的 dotenv 檔案。
2. `.drone.yml` Drone 設定檔。
後面的來源會覆蓋前面的設定。例如,`.env` 檔案中的 `PORT` 會覆蓋 main.go 的預設值。
docker/Dockerfile
-37
View File
@@ -1,37 +0,0 @@
FROM alpine:3.21
ARG TARGETOS
ARG TARGETARCH
LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
org.label-schema.name="SSH Plugin" \
org.label-schema.vendor="Bo-Yi Wu" \
org.label-schema.schema-version="1.0"
LABEL org.opencontainers.image.source=https://github.com/appleboy/drone-ssh
LABEL org.opencontainers.image.description="Execute commands on a remote host through SSH"
LABEL org.opencontainers.image.licenses=MIT
RUN apk add --no-cache ca-certificates tzdata && \
rm -rf /var/cache/apk/*
RUN addgroup \
-S -g 1000 \
deploy && \
adduser \
-S -H -D \
-h /home/deploy \
-s /bin/sh \
-u 1000 \
-G deploy \
deploy
RUN mkdir -p /home/deploy && \
chown deploy:deploy /home/deploy
# deploy:deploy
USER 1000:1000
COPY release/${TARGETOS}/${TARGETARCH}/drone-ssh /bin/
ENTRYPOINT ["/bin/drone-ssh"]
docker/Dockerfile.linux.amd64
+12
View File
@@ -0,0 +1,12 @@
FROM plugins/base:linux-amd64
LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
org.label-schema.name="Drone SSH" \
org.label-schema.vendor="Bo-Yi Wu" \
org.label-schema.schema-version="1.0"
RUN apk add --no-cache ca-certificates && \
rm -rf /var/cache/apk/*
ADD release/linux/amd64/drone-ssh /bin/
ENTRYPOINT ["/bin/drone-ssh"]
docker/Dockerfile.linux.arm
+12
View File
@@ -0,0 +1,12 @@
FROM plugins/base:linux-arm
LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
org.label-schema.name="Drone SSH" \
org.label-schema.vendor="Bo-Yi Wu" \
org.label-schema.schema-version="1.0"
RUN apk add --no-cache ca-certificates && \
rm -rf /var/cache/apk/*
ADD release/linux/arm/drone-ssh /bin/
ENTRYPOINT ["/bin/drone-ssh"]
docker/Dockerfile.linux.arm64
+12
View File
@@ -0,0 +1,12 @@
FROM plugins/base:linux-arm64
LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
org.label-schema.name="Drone SSH" \
org.label-schema.vendor="Bo-Yi Wu" \
org.label-schema.schema-version="1.0"
RUN apk add --no-cache ca-certificates && \
rm -rf /var/cache/apk/*
ADD release/linux/arm64/drone-ssh /bin/
ENTRYPOINT ["/bin/drone-ssh"]
docker/Dockerfile.windows.amd64
+9
View File
@@ -0,0 +1,9 @@
FROM microsoft/nanoserver:10.0.14393.1884
LABEL maintainer="Bo-Yi Wu <appleboy.tw@gmail.com>" \
org.label-schema.name="Drone SSH" \
org.label-schema.vendor="Bo-Yi Wu" \
org.label-schema.schema-version="1.0"
ADD drone-ssh.exe /drone-ssh.exe
ENTRYPOINT [ "\\drone-ssh.exe" ]
docker/manifest.tmpl
+25
View File
@@ -0,0 +1,25 @@
image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
{{#if build.tags}}
tags:
{{#each build.tags}}
- {{this}}
{{/each}}
{{/if}}
manifests:
-
image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
platform:
architecture: amd64
os: linux
-
image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
platform:
architecture: arm64
os: linux
variant: v8
-
image: appleboy/drone-ssh:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
platform:
architecture: arm
os: linux
variant: v7
go.mod
+10 -57
View File
@@ -1,69 +1,22 @@
module github.com/appleboy/drone-ssh
go 1.25.9
go 1.18
require (
github.com/appleboy/easyssh-proxy v1.5.2
github.com/joho/godotenv v1.5.1
github.com/stretchr/testify v1.11.1
github.com/testcontainers/testcontainers-go v0.42.0
github.com/urfave/cli/v2 v2.27.7
github.com/yassinebenaid/godump v0.11.1
golang.org/x/crypto v0.49.0
github.com/appleboy/easyssh-proxy v1.3.9
github.com/joho/godotenv v1.4.0
github.com/stretchr/testify v1.7.2
github.com/urfave/cli v1.22.9
golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e
)
require (
dario.cat/mergo v1.0.2 // indirect
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/ScaleFT/sshkeys v1.4.0 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/containerd/errdefs v1.0.0 // indirect
github.com/containerd/errdefs/pkg v0.3.0 // indirect
github.com/containerd/log v0.1.0 // indirect
github.com/containerd/platforms v0.2.1 // indirect
github.com/cpuguy83/dockercfg v0.3.2 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
github.com/davecgh/go-spew v1.1.0 // indirect
github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect
github.com/distribution/reference v0.6.0 // indirect
github.com/docker/go-connections v0.6.0 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/ebitengine/purego v0.10.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/klauspost/compress v1.18.5 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/magiconair/properties v1.8.10 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/go-archive v0.2.0 // indirect
github.com/moby/moby/api v1.54.1 // indirect
github.com/moby/moby/client v0.4.0 // indirect
github.com/moby/patternmatcher v0.6.1 // indirect
github.com/moby/sys/sequential v0.6.0 // indirect
github.com/moby/sys/user v0.4.0 // indirect
github.com/moby/sys/userns v0.1.0 // indirect
github.com/moby/term v0.5.2 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/shirou/gopsutil/v4 v4.26.3 // indirect
github.com/sirupsen/logrus v1.9.4 // indirect
github.com/tklauser/go-sysconf v0.3.16 // indirect
github.com/tklauser/numcpus v0.11.0 // indirect
github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
go.opentelemetry.io/otel v1.41.0 // indirect
go.opentelemetry.io/otel/metric v1.41.0 // indirect
go.opentelemetry.io/otel/trace v1.41.0 // indirect
golang.org/x/sys v0.43.0 // indirect
golang.org/x/sys v0.0.0-20220614162138-6c1b26c55098 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
go.sum
+39 -144
View File
@@ -1,153 +1,48 @@
dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk=
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg=
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
github.com/ScaleFT/sshkeys v1.4.0 h1:Yqd0cKA5PUvwV0dgRI67BDHGTsMHtGQBZbLXh1dthmE=
github.com/ScaleFT/sshkeys v1.4.0/go.mod h1:GineMkS8SEiELq8q5DzA2Wnrw65SqdD9a+hm8JOU1I4=
github.com/appleboy/easyssh-proxy v1.5.2 h1:Fe4/RMNtoU/l36w5DvOEyMX3VcpwUbqZYBdPugqODOs=
github.com/appleboy/easyssh-proxy v1.5.2/go.mod h1:cv8OlpCbAdxVNYgY/vQcM7f/Ep51UG5oyLK+J2kZhEc=
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI=
github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M=
github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE=
github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk=
github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A=
github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw=
github.com/cpuguy83/dockercfg v0.3.2 h1:DlJTyZGBDlXqUZ2Dk2Q3xHs/FtnooJJVaad2S9GKorA=
github.com/cpuguy83/dockercfg v0.3.2/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc=
github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3sHPnBo=
github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5 h1:VauE2GcJNZFun2Och6tIT2zJZK1v6jxALQDA9BIji/E=
github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o=
github.com/appleboy/easyssh-proxy v1.3.9 h1:b+sVSTz+cVFvfA23HQywMMpm0s5g3gH7jYdBcQqaCQI=
github.com/appleboy/easyssh-proxy v1.3.9/go.mod h1:G1eQomBEME7NWKA3hE49s5HsT44S5fn0aBxX7k9Yjug=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU=
github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
github.com/docker/go-connections v0.6.0 h1:LlMG9azAe1TqfR7sO+NJttz1gy6KO7VJBh+pMmjSD94=
github.com/docker/go-connections v0.6.0/go.mod h1:AahvXYshr6JgfUJGdDCs2b5EZG/vmaMAntpSFH5BFKE=
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/ebitengine/purego v0.10.0 h1:QIw4xfpWT6GWTzaW5XEKy3HXoqrJGx1ijYHzTF0/ISU=
github.com/ebitengine/purego v0.10.0/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/klauspost/compress v1.18.5 h1:/h1gH5Ce+VWNLSWqPzOVn6XBO+vJbCNGvjoaGBFW2IE=
github.com/klauspost/compress v1.18.5/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
github.com/magiconair/properties v1.8.10 h1:s31yESBquKXCV9a/ScB3ESkOjUYYv+X0rg8SYxI99mE=
github.com/magiconair/properties v1.8.10/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
github.com/moby/go-archive v0.2.0 h1:zg5QDUM2mi0JIM9fdQZWC7U8+2ZfixfTYoHL7rWUcP8=
github.com/moby/go-archive v0.2.0/go.mod h1:mNeivT14o8xU+5q1YnNrkQVpK+dnNe/K6fHqnTg4qPU=
github.com/moby/moby/api v1.54.1 h1:TqVzuJkOLsgLDDwNLmYqACUuTehOHRGKiPhvH8V3Nn4=
github.com/moby/moby/api v1.54.1/go.mod h1:+RQ6wluLwtYaTd1WnPLykIDPekkuyD/ROWQClE83pzs=
github.com/moby/moby/client v0.4.0 h1:S+2XegzHQrrvTCvF6s5HFzcrywWQmuVnhOXe2kiWjIw=
github.com/moby/moby/client v0.4.0/go.mod h1:QWPbvWchQbxBNdaLSpoKpCdf5E+WxFAgNHogCWDoa7g=
github.com/moby/patternmatcher v0.6.1 h1:qlhtafmr6kgMIJjKJMDmMWq7WLkKIo23hsrpR3x084U=
github.com/moby/patternmatcher v0.6.1/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
github.com/moby/sys/sequential v0.6.0 h1:qrx7XFUd/5DxtqcoH1h438hF5TmOvzC/lspjy7zgvCU=
github.com/moby/sys/sequential v0.6.0/go.mod h1:uyv8EUTrca5PnDsdMGXhZe6CCe8U/UiTWd+lL+7b/Ko=
github.com/moby/sys/user v0.4.0 h1:jhcMKit7SA80hivmFJcbB1vqmw//wU61Zdui2eQXuMs=
github.com/moby/sys/user v0.4.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs=
github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g=
github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28=
github.com/moby/term v0.5.2 h1:6qk3FJAFDs6i/q3W/pQ97SX192qKfZgGjCQqfCJkgzQ=
github.com/moby/term v0.5.2/go.mod h1:d3djjFCrjnB+fl8NJux+EJzu0msscUP+f8it8hPkFLc=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/shirou/gopsutil/v4 v4.26.3 h1:2ESdQt90yU3oXF/CdOlRCJxrP+Am1aBYubTMTfxJ1qc=
github.com/shirou/gopsutil/v4 v4.26.3/go.mod h1:LZ6ewCSkBqUpvSOf+LsTGnRinC6iaNUNMGBtDkJBaLQ=
github.com/sirupsen/logrus v1.9.4 h1:TsZE7l11zFCLZnZ+teH4Umoq5BhEIfIzfRDZ1Uzql2w=
github.com/sirupsen/logrus v1.9.4/go.mod h1:ftWc9WdOfJ0a92nsE2jF5u5ZwH8Bv2zdeOC42RjbV2g=
github.com/stretchr/objx v0.5.3 h1:jmXUvGomnU1o3W/V5h2VEradbpJDwGrzugQQvL0POH4=
github.com/stretchr/objx v0.5.3/go.mod h1:rDQraq+vQZU7Fde9LOZLr8Tax6zZvy4kuNKF+QYS+U0=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/testcontainers/testcontainers-go v0.42.0 h1:He3IhTzTZOygSXLJPMX7n44XtK+qhjat1nI9cneBbUY=
github.com/testcontainers/testcontainers-go v0.42.0/go.mod h1:vZjdY1YmUA1qEForxOIOazfsrdyORJAbhi0bp8plN30=
github.com/tklauser/go-sysconf v0.3.16 h1:frioLaCQSsF5Cy1jgRBrzr6t502KIIwQ0MArYICU0nA=
github.com/tklauser/go-sysconf v0.3.16/go.mod h1:/qNL9xxDhc7tx3HSRsLWNnuzbVfh3e7gh/BmM179nYI=
github.com/tklauser/numcpus v0.11.0 h1:nSTwhKH5e1dMNsCdVBukSZrURJRoHbSEQjdEbY+9RXw=
github.com/tklauser/numcpus v0.11.0/go.mod h1:z+LwcLq54uWZTX0u/bGobaV34u6V7KNlTZejzM6/3MQ=
github.com/urfave/cli/v2 v2.27.7 h1:bH59vdhbjLv3LAvIu6gd0usJHgoTTPhCFib8qqOwXYU=
github.com/urfave/cli/v2 v2.27.7/go.mod h1:CyNAG/xg+iAOg0N4MPGZqVmv2rCoP267496AOXUZjA4=
github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 h1:FnBeRrxr7OU4VvAzt5X7s6266i6cSVkkFPS0TuXWbIg=
github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
github.com/yassinebenaid/godump v0.11.1 h1:SPujx/XaYqGDfmNh7JI3dOyCUVrG0bG2duhO3Eh2EhI=
github.com/yassinebenaid/godump v0.11.1/go.mod h1:dc/0w8wmg6kVIvNGAzbKH1Oa54dXQx8SNKh4dPRyW44=
github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ=
go.opentelemetry.io/otel v1.41.0 h1:YlEwVsGAlCvczDILpUXpIpPSL/VPugt7zHThEMLce1c=
go.opentelemetry.io/otel v1.41.0/go.mod h1:Yt4UwgEKeT05QbLwbyHXEwhnjxNO6D8L5PQP51/46dE=
go.opentelemetry.io/otel/metric v1.41.0 h1:rFnDcs4gRzBcsO9tS8LCpgR0dxg4aaxWlJxCno7JlTQ=
go.opentelemetry.io/otel/metric v1.41.0/go.mod h1:xPvCwd9pU0VN8tPZYzDZV/BMj9CM9vs00GuBjeKhJps=
go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
go.opentelemetry.io/otel/sdk/metric v1.35.0 h1:1RriWBmCKgkeHEhM7a2uMjMUfP7MsOF5JpUCaEqEI9o=
go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
go.opentelemetry.io/otel/trace v1.41.0 h1:Vbk2co6bhj8L59ZJ6/xFTskY+tGAbOnCtQGVVa9TIN0=
go.opentelemetry.io/otel/trace v1.41.0/go.mod h1:U1NU4ULCoxeDKc09yCWdWe+3QoyweJcISEVa1RBzOis=
golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI=
golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU=
golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s=
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
github.com/urfave/cli v1.22.9 h1:cv3/KhXGBGjEXLC4bH0sLuJ9BewaAbpk5oyMOveu4pw=
github.com/urfave/cli v1.22.9/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e h1:T8NU3HyQ8ClP4SEE+KbFlg6n0NhuTsN4MyznaarGsZM=
golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20220614162138-6c1b26c55098 h1:PgOr27OhUx2IRqGJ2RxAWI4dJQ7bi9cSrB82uzFzfUA=
golang.org/x/sys v0.0.0-20220614162138-6c1b26c55098/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
pgregory.net/rapid v1.2.0 h1:keKAYRcjm+e1F0oAuU5F5+YPAWcyxNNRK2wud503Gnk=
pgregory.net/rapid v1.2.0/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04=
main.go
+133 -247
View File
@@ -3,13 +3,11 @@ package main
import (
"log"
"os"
"strconv"
"time"
easyssh "github.com/appleboy/easyssh-proxy"
"github.com/appleboy/easyssh-proxy"
"github.com/joho/godotenv"
"github.com/urfave/cli/v2"
"github.com/yassinebenaid/godump"
"github.com/urfave/cli"
)
// Version set at compile-time
@@ -28,8 +26,8 @@ func main() {
app := cli.NewApp()
app.Name = "Drone SSH"
app.Usage = "Executing remote ssh commands"
app.Copyright = "Copyright (c) " + strconv.Itoa(time.Now().Year()) + " Bo-Yi Wu"
app.Authors = []*cli.Author{
app.Copyright = "Copyright (c) 2019 Bo-Yi Wu"
app.Authors = []cli.Author{
{
Name: "Bo-Yi Wu",
Email: "appleboy.tw@gmail.com",
@@ -38,247 +36,157 @@ func main() {
app.Action = run
app.Version = Version
app.Flags = []cli.Flag{
&cli.StringSliceFlag{
Name: "host",
Aliases: []string{"H"},
cli.StringFlag{
Name: "ssh-key",
Usage: "private ssh key",
EnvVar: "PLUGIN_SSH_KEY,PLUGIN_KEY,SSH_KEY,KEY,INPUT_KEY",
},
cli.StringFlag{
Name: "ssh-passphrase",
Usage: "The purpose of the passphrase is usually to encrypt the private key.",
EnvVar: "PLUGIN_SSH_PASSPHRASE,PLUGIN_PASSPHRASE,SSH_PASSPHRASE,PASSPHRASE,INPUT_PASSPHRASE",
},
cli.StringFlag{
Name: "key-path,i",
Usage: "ssh private key path",
EnvVar: "PLUGIN_KEY_PATH,SSH_KEY_PATH,INPUT_KEY_PATH",
},
cli.StringFlag{
Name: "username,user,u",
Usage: "connect as user",
EnvVar: "PLUGIN_USERNAME,PLUGIN_USER,SSH_USERNAME,USERNAME,INPUT_USERNAME",
Value: "root",
},
cli.StringFlag{
Name: "password,P",
Usage: "user password",
EnvVar: "PLUGIN_PASSWORD,SSH_PASSWORD,PASSWORD,INPUT_PASSWORD",
},
cli.StringSliceFlag{
Name: "ciphers",
Usage: "The allowed cipher algorithms. If unspecified then a sensible",
EnvVar: "PLUGIN_CIPHERS,SSH_CIPHERS,CIPHERS,INPUT_CIPHERS",
},
cli.BoolFlag{
Name: "useInsecureCipher",
Usage: "include more ciphers with use_insecure_cipher",
EnvVar: "PLUGIN_USE_INSECURE_CIPHER,SSH_USE_INSECURE_CIPHER,USE_INSECURE_CIPHER,INPUT_USE_INSECURE_CIPHER",
},
cli.StringFlag{
Name: "fingerprint",
Usage: "fingerprint SHA256 of the host public key, default is to skip verification",
EnvVar: "PLUGIN_FINGERPRINT,SSH_FINGERPRINT,FINGERPRINT,INPUT_FINGERPRINT",
},
cli.StringSliceFlag{
Name: "host,H",
Usage: "connect to host",
EnvVars: []string{"PLUGIN_HOST", "SSH_HOST", "INPUT_HOST"},
EnvVar: "PLUGIN_HOST,SSH_HOST,HOST,INPUT_HOST",
FilePath: ".host",
},
&cli.IntFlag{
Name: "port",
Aliases: []string{"p"},
Usage: "connect to port",
EnvVars: []string{"PLUGIN_PORT", "SSH_PORT", "INPUT_PORT"},
Value: 22,
cli.IntFlag{
Name: "port,p",
Usage: "connect to port",
EnvVar: "PLUGIN_PORT,SSH_PORT,PORT,INPUT_PORT",
Value: 22,
},
&cli.StringFlag{
Name: "protocol",
Usage: "The IP protocol to use. Valid values are \"tcp\". \"tcp4\" or \"tcp6\". Default to tcp.",
EnvVars: []string{"PLUGIN_PROTOCOL", "SSH_PROTOCOL", "INPUT_PROTOCOL"},
Value: "tcp",
cli.BoolFlag{
Name: "sync",
Usage: "sync mode",
EnvVar: "PLUGIN_SYNC,SYNC,INPUT_SYNC",
},
&cli.StringFlag{
Name: "username",
Aliases: []string{"user", "u"},
Usage: "connect as user",
EnvVars: []string{"PLUGIN_USERNAME", "PLUGIN_USER", "SSH_USERNAME", "INPUT_USERNAME"},
Value: "root",
cli.DurationFlag{
Name: "timeout,t",
Usage: "connection timeout",
EnvVar: "PLUGIN_TIMEOUT,SSH_TIMEOUT,TIMEOUT,INPUT_TIMEOUT",
Value: 30 * time.Second,
},
&cli.StringFlag{
Name: "password",
Aliases: []string{"P"},
Usage: "user password",
EnvVars: []string{"PLUGIN_PASSWORD", "SSH_PASSWORD", "INPUT_PASSWORD"},
cli.DurationFlag{
Name: "command.timeout,T",
Usage: "command timeout",
EnvVar: "PLUGIN_COMMAND_TIMEOUT,SSH_COMMAND_TIMEOUT,COMMAND_TIMEOUT,INPUT_COMMAND_TIMEOUT",
Value: 10 * time.Minute,
},
&cli.DurationFlag{
Name: "timeout",
Aliases: []string{"t"},
Usage: "connection timeout",
EnvVars: []string{"PLUGIN_TIMEOUT", "SSH_TIMEOUT", "INPUT_TIMEOUT"},
Value: 30 * time.Second,
cli.StringSliceFlag{
Name: "script,s",
Usage: "execute commands",
EnvVar: "PLUGIN_SCRIPT,SSH_SCRIPT,SCRIPT",
},
&cli.StringFlag{
Name: "ssh-key",
Usage: "private ssh key",
EnvVars: []string{"PLUGIN_SSH_KEY", "PLUGIN_KEY", "SSH_KEY", "INPUT_KEY"},
cli.StringFlag{
Name: "script.string",
Usage: "execute single commands for github action",
EnvVar: "INPUT_SCRIPT",
},
&cli.StringFlag{
Name: "ssh-passphrase",
Usage: "The purpose of the passphrase is usually to encrypt the private key.",
EnvVars: []string{
"PLUGIN_SSH_PASSPHRASE",
"PLUGIN_PASSPHRASE",
"SSH_PASSPHRASE",
"INPUT_PASSPHRASE",
},
cli.BoolFlag{
Name: "script.stop",
Usage: "stop script after first failure",
EnvVar: "PLUGIN_SCRIPT_STOP,STOP,INPUT_SCRIPT_STOP",
},
&cli.StringFlag{
Name: "key-path",
Aliases: []string{"i"},
Usage: "ssh private key path",
EnvVars: []string{"PLUGIN_KEY_PATH", "SSH_KEY_PATH", "INPUT_KEY_PATH"},
cli.StringFlag{
Name: "proxy.ssh-key",
Usage: "private ssh key of proxy",
EnvVar: "PLUGIN_PROXY_SSH_KEY,PLUGIN_PROXY_KEY,PROXY_SSH_KEY,INPUT_PROXY_KEY",
},
&cli.StringSliceFlag{
Name: "ciphers",
Usage: "The allowed cipher algorithms. If unspecified then a sensible",
EnvVars: []string{"PLUGIN_CIPHERS", "SSH_CIPHERS", "INPUT_CIPHERS"},
cli.StringFlag{
Name: "proxy.ssh-passphrase",
Usage: "The purpose of the passphrase is usually to encrypt the private key.",
EnvVar: "PLUGIN_PROXY_SSH_PASSPHRASE,PLUGIN_PROXY_PASSPHRASE,PROXY_SSH_PASSPHRASE,PROXY_PASSPHRASE,INPUT_PROXY_PASSPHRASE",
},
&cli.BoolFlag{
Name: "useInsecureCipher",
Usage: "include more ciphers with use_insecure_cipher",
EnvVars: []string{
"PLUGIN_USE_INSECURE_CIPHER",
"SSH_USE_INSECURE_CIPHER",
"INPUT_USE_INSECURE_CIPHER",
},
cli.StringFlag{
Name: "proxy.key-path",
Usage: "ssh private key path of proxy",
EnvVar: "PLUGIN_PROXY_KEY_PATH,PROXY_SSH_KEY_PATH,INPUT_PROXY_KEY_PATH",
},
&cli.StringFlag{
Name: "fingerprint",
Usage: "fingerprint SHA256 of the host public key, default is to skip verification",
EnvVars: []string{"PLUGIN_FINGERPRINT", "SSH_FINGERPRINT", "INPUT_FINGERPRINT"},
cli.StringFlag{
Name: "proxy.username",
Usage: "connect as user of proxy",
EnvVar: "PLUGIN_PROXY_USERNAME,PLUGIN_PROXY_USER,PROXY_SSH_USERNAME,INPUT_PROXY_USERNAME",
Value: "root",
},
&cli.BoolFlag{
Name: "sync",
Usage: "sync mode",
EnvVars: []string{"PLUGIN_SYNC", "INPUT_SYNC"},
cli.StringFlag{
Name: "proxy.password",
Usage: "user password of proxy",
EnvVar: "PLUGIN_PROXY_PASSWORD,PROXY_SSH_PASSWORD,INPUT_PROXY_PASSWORD",
},
&cli.DurationFlag{
Name: "command.timeout",
Aliases: []string{"T"},
Usage: "command timeout",
EnvVars: []string{
"PLUGIN_COMMAND_TIMEOUT",
"SSH_COMMAND_TIMEOUT",
"INPUT_COMMAND_TIMEOUT",
},
Value: 10 * time.Minute,
cli.StringFlag{
Name: "proxy.host",
Usage: "connect to host of proxy",
EnvVar: "PLUGIN_PROXY_HOST,PROXY_SSH_HOST,INPUT_PROXY_HOST",
},
&cli.StringSliceFlag{
Name: "script",
Aliases: []string{"s"},
Usage: "execute commands",
EnvVars: []string{"PLUGIN_SCRIPT", "SSH_SCRIPT"},
cli.StringFlag{
Name: "proxy.port",
Usage: "connect to port of proxy",
EnvVar: "PLUGIN_PROXY_PORT,PROXY_SSH_PORT,INPUT_PROXY_PORT",
Value: "22",
},
&cli.StringFlag{
Name: "script.string",
Usage: "execute single commands for github action",
EnvVars: []string{"INPUT_SCRIPT"},
cli.DurationFlag{
Name: "proxy.timeout",
Usage: "proxy connection timeout",
EnvVar: "PLUGIN_PROXY_TIMEOUT,PROXY_SSH_TIMEOUT,INPUT_PROXY_TIMEOUT",
},
&cli.StringFlag{
Name: "script.file",
Usage: "execute commands from a file for github action",
EnvVars: []string{"PLUGIN_SCRIPT_FILE", "INPUT_SCRIPT_FILE"},
cli.StringSliceFlag{
Name: "proxy.ciphers",
Usage: "The allowed cipher algorithms. If unspecified then a sensible",
EnvVar: "PLUGIN_PROXY_CIPHERS,SSH_PROXY_CIPHERS,PROXY_CIPHERS,INPUT_PROXY_CIPHERS",
},
&cli.BoolFlag{
Name: "script.stop",
Usage: "stop script after first failure",
EnvVars: []string{"PLUGIN_SCRIPT_STOP", "INPUT_SCRIPT_STOP"},
cli.BoolFlag{
Name: "proxy.useInsecureCipher",
Usage: "include more ciphers with use_insecure_cipher",
EnvVar: "PLUGIN_PROXY_USE_INSECURE_CIPHER,SSH_PROXY_USE_INSECURE_CIPHER,PROXY_USE_INSECURE_CIPHER,INPUT_PROXY_USE_INSECURE_CIPHER",
},
&cli.StringFlag{
Name: "proxy.host",
Usage: "connect to host of proxy",
EnvVars: []string{"PLUGIN_PROXY_HOST", "PROXY_SSH_HOST", "INPUT_PROXY_HOST"},
cli.StringFlag{
Name: "proxy.fingerprint",
Usage: "fingerprint SHA256 of the host public key, default is to skip verification",
EnvVar: "PLUGIN_PROXY_FINGERPRINT,SSH_PROXY_FINGERPRINT,PROXY_FINGERPRINT,INPUT_PROXY_FINGERPRINT",
},
&cli.StringFlag{
Name: "proxy.port",
Usage: "connect to port of proxy",
EnvVars: []string{"PLUGIN_PROXY_PORT", "PROXY_SSH_PORT", "INPUT_PROXY_PORT"},
Value: "22",
cli.StringSliceFlag{
Name: "envs",
Usage: "pass environment variable to shell script",
EnvVar: "PLUGIN_ENVS,INPUT_ENVS",
},
&cli.StringFlag{
Name: "proxy.protocol",
Usage: "The IP protocol to use for the proxy. Valid values are \"tcp\". \"tcp4\" or \"tcp6\". Default to tcp.",
EnvVars: []string{
"PLUGIN_PROXY_PROTOCOL",
"SSH_PROXY_PROTOCOL",
"INPUT_PROXY_PROTOCOL",
},
Value: "tcp",
},
&cli.StringFlag{
Name: "proxy.username",
Usage: "connect as user of proxy",
EnvVars: []string{
"PLUGIN_PROXY_USERNAME",
"PLUGIN_PROXY_USER",
"PROXY_SSH_USERNAME",
"INPUT_PROXY_USERNAME",
},
Value: "root",
},
&cli.StringFlag{
Name: "proxy.password",
Usage: "user password of proxy",
EnvVars: []string{
"PLUGIN_PROXY_PASSWORD",
"PROXY_SSH_PASSWORD",
"INPUT_PROXY_PASSWORD",
},
},
&cli.StringFlag{
Name: "proxy.ssh-key",
Usage: "private ssh key of proxy",
EnvVars: []string{
"PLUGIN_PROXY_SSH_KEY",
"PLUGIN_PROXY_KEY",
"PROXY_SSH_KEY",
"INPUT_PROXY_KEY",
},
},
&cli.StringFlag{
Name: "proxy.ssh-passphrase",
Usage: "The purpose of the passphrase is usually to encrypt the private key.",
EnvVars: []string{
"PLUGIN_PROXY_SSH_PASSPHRASE",
"PLUGIN_PROXY_PASSPHRASE",
"PROXY_SSH_PASSPHRASE",
"INPUT_PROXY_PASSPHRASE",
},
},
&cli.StringFlag{
Name: "proxy.key-path",
Usage: "ssh private key path of proxy",
EnvVars: []string{
"PLUGIN_PROXY_KEY_PATH",
"PROXY_SSH_KEY_PATH",
"INPUT_PROXY_KEY_PATH",
},
},
&cli.DurationFlag{
Name: "proxy.timeout",
Usage: "proxy connection timeout",
EnvVars: []string{"PLUGIN_PROXY_TIMEOUT", "PROXY_SSH_TIMEOUT", "INPUT_PROXY_TIMEOUT"},
},
&cli.StringSliceFlag{
Name: "proxy.ciphers",
Usage: "The allowed cipher algorithms. If unspecified then a sensible",
EnvVars: []string{"PLUGIN_PROXY_CIPHERS", "PROXY_SSH_CIPHERS", "INPUT_PROXY_CIPHERS"},
},
&cli.BoolFlag{
Name: "proxy.useInsecureCipher",
Usage: "include more ciphers with use_insecure_cipher",
EnvVars: []string{
"PLUGIN_PROXY_USE_INSECURE_CIPHER",
"PROXY_SSH_USE_INSECURE_CIPHER",
"INPUT_PROXY_USE_INSECURE_CIPHER",
},
},
&cli.StringFlag{
Name: "proxy.fingerprint",
Usage: "fingerprint SHA256 of the host public key, default is to skip verification",
EnvVars: []string{
"PLUGIN_PROXY_FINGERPRINT",
"PROXY_SSH_FINGERPRINT",
"PROXY_FINGERPRINT",
"INPUT_PROXY_FINGERPRINT",
},
},
&cli.StringSliceFlag{
Name: "envs",
Usage: "pass environment variable to shell script",
EnvVars: []string{"PLUGIN_ENVS", "INPUT_ENVS"},
},
&cli.BoolFlag{
Name: "debug",
Usage: "debug mode",
EnvVars: []string{"PLUGIN_DEBUG", "INPUT_DEBUG", "DEBUG"},
},
&cli.StringFlag{
Name: "envs.format",
Usage: "flexible configuration of environment value transfer",
EnvVars: []string{"PLUGIN_ENVS_FORMAT", "INPUT_ENVS_FORMAT"},
Value: envsFormat,
},
&cli.BoolFlag{
Name: "allenvs",
Usage: "pass all environment variable to shell script",
EnvVars: []string{"PLUGIN_ALLENVS", "INPUT_ALLENVS"},
},
&cli.BoolFlag{
Name: "request-pty",
Usage: "request a pseudo-terminal from the server",
EnvVars: []string{"PLUGIN_REQUEST_PTY", "INPUT_REQUEST_PTY"},
cli.BoolFlag{
Name: "debug",
Usage: "debug mode",
EnvVar: "PLUGIN_DEBUG,DEBUG,INPUT_DEBUG",
},
}
@@ -325,19 +233,6 @@ func run(c *cli.Context) error {
if s := c.String("script.string"); s != "" {
scripts = append(scripts, s)
}
if f := c.String("script.file"); f != "" {
// check file exists
if _, err := os.Stat(f); err != nil {
return err
}
s, err := os.ReadFile(f)
if err != nil {
return err
}
scripts = append(scripts, string(s))
}
plugin := Plugin{
Config: Config{
Key: c.String("ssh-key"),
@@ -348,19 +243,15 @@ func run(c *cli.Context) error {
Fingerprint: c.String("fingerprint"),
Host: c.StringSlice("host"),
Port: c.Int("port"),
Protocol: easyssh.Protocol(c.String("protocol")),
Timeout: c.Duration("timeout"),
CommandTimeout: c.Duration("command.timeout"),
Script: scripts,
ScriptStop: c.Bool("script.stop"),
Envs: c.StringSlice("envs"),
EnvsFormat: c.String("envs.format"),
Debug: c.Bool("debug"),
Sync: c.Bool("sync"),
Ciphers: c.StringSlice("ciphers"),
UseInsecureCipher: c.Bool("useInsecureCipher"),
AllEnvs: c.Bool("allenvs"),
RequireTty: c.Bool("request-pty"),
Proxy: easyssh.DefaultConfig{
Key: c.String("proxy.ssh-key"),
KeyPath: c.String("proxy.key-path"),
@@ -370,7 +261,6 @@ func run(c *cli.Context) error {
Fingerprint: c.String("proxy.fingerprint"),
Server: c.String("proxy.host"),
Port: c.String("proxy.port"),
Protocol: easyssh.Protocol(c.String("proxy.protocol")),
Timeout: c.Duration("proxy.timeout"),
Ciphers: c.StringSlice("proxy.ciphers"),
UseInsecureCipher: c.Bool("proxy.useInsecureCipher"),
@@ -379,9 +269,5 @@ func run(c *cli.Context) error {
Writer: os.Stdout,
}
if plugin.Config.Debug {
_ = godump.Dump(plugin)
}
return plugin.Exec()
}
pipeline.libsonnet
+229
View File
@@ -0,0 +1,229 @@
{
test:: {
kind: 'pipeline',
name: 'testing',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'vet',
image: 'golang:1.18',
pull: 'always',
commands: [
'make vet',
],
volumes: [
{
name: 'gopath',
path: '/go',
},
],
},
// {
// name: 'test',
// image: 'golang:1.18-alpine',
// pull: 'always',
// commands: [
// 'apk add git make curl perl bash build-base zlib-dev ucl-dev',
// 'make ssh-server',
// 'make test',
// 'make coverage',
// ],
// volumes: [
// {
// name: 'gopath',
// path: '/go',
// },
// ],
// },
{
name: 'codecov',
image: 'robertstettner/drone-codecov',
pull: 'always',
settings: {
token: { 'from_secret': 'codecov_token' },
},
},
],
volumes: [
{
name: 'gopath',
temp: {},
},
],
},
build(name, os='linux', arch='amd64'):: {
kind: 'pipeline',
name: os + '-' + arch,
platform: {
os: os,
arch: arch,
},
steps: [
{
name: 'build-push',
image: 'golang:1.18',
pull: 'always',
environment: {
CGO_ENABLED: '0',
},
commands: [
'go build -v -ldflags \'-X main.build=${DRONE_BUILD_NUMBER}\' -a -o release/' + os + '/' + arch + '/' + name,
],
when: {
event: {
exclude: [ 'tag' ],
},
},
},
{
name: 'build-tag',
image: 'golang:1.18',
pull: 'always',
environment: {
CGO_ENABLED: '0',
},
commands: [
'go build -v -ldflags \'-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}\' -a -o release/' + os + '/' + arch + '/' + name,
],
when: {
event: [ 'tag' ],
},
},
{
name: 'executable',
image: 'golang:1.18',
pull: 'always',
commands: [
'./release/' + os + '/' + arch + '/' + name + ' --help',
],
},
{
name: 'dryrun',
image: 'plugins/docker:' + os + '-' + arch,
pull: 'always',
settings: {
daemon_off: false,
dry_run: true,
tags: os + '-' + arch,
dockerfile: 'docker/Dockerfile.' + os + '.' + arch,
repo: 'appleboy/' + name,
cache_from: 'appleboy/' + name,
},
when: {
event: [ 'pull_request' ],
},
},
{
name: 'publish',
image: 'plugins/docker:' + os + '-' + arch,
pull: 'always',
settings: {
daemon_off: 'false',
auto_tag: true,
auto_tag_suffix: os + '-' + arch,
dockerfile: 'docker/Dockerfile.' + os + '.' + arch,
repo: 'appleboy/' + name,
cache_from: 'appleboy/' + name,
username: { 'from_secret': 'docker_username' },
password: { 'from_secret': 'docker_password' },
},
when: {
event: {
exclude: [ 'pull_request' ],
},
},
},
],
depends_on: [
'testing',
],
trigger: {
ref: [
'refs/heads/master',
'refs/pull/**',
'refs/tags/**',
],
},
},
release:: {
kind: 'pipeline',
name: 'release-binary',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'build-all-binary',
image: 'techknowlogick/xgo:go-1.18.x',
pull: 'always',
commands: [
'export PATH=$PATH:$GOPATH/bin',
'make release'
],
when: {
event: [ 'tag' ],
},
},
{
name: 'deploy-all-binary',
image: 'plugins/github-release',
pull: 'always',
settings: {
files: [ 'dist/release/*' ],
api_key: { 'from_secret': 'github_release_api_key' },
},
when: {
event: [ 'tag' ],
},
},
],
depends_on: [
'testing',
],
trigger: {
ref: [
'refs/tags/**',
],
},
},
notifications(os='linux', arch='amd64', depends_on=[]):: {
kind: 'pipeline',
name: 'notifications',
platform: {
os: os,
arch: arch,
},
steps: [
{
name: 'manifest',
image: 'plugins/manifest',
pull: 'always',
settings: {
username: { from_secret: 'docker_username' },
password: { from_secret: 'docker_password' },
spec: 'docker/manifest.tmpl',
ignore_missing: true,
},
},
],
depends_on: depends_on,
trigger: {
ref: [
'refs/heads/master',
'refs/tags/**',
],
},
},
signature(key):: {
kind: 'signature',
hmac: key,
}
}
plugin.go
+55 -135
View File
@@ -10,16 +10,14 @@ import (
"sync"
"time"
easyssh "github.com/appleboy/easyssh-proxy"
"github.com/appleboy/easyssh-proxy"
)
var (
errMissingHost = errors.New("error: missing server host")
errMissingPasswordOrKey = errors.New(
"error: can't connect without a private SSH key or password",
)
errCommandTimeOut = errors.New("error: command timeout")
envsFormat = "export {NAME}={VALUE}"
errMissingHost = errors.New("Error: missing server host")
errMissingPasswordOrKey = errors.New("Error: can't connect without a private SSH key or password")
errCommandTimeOut = errors.New("Error: command timeout")
errSetPasswordandKey = errors.New("can't set password and key at the same time")
)
type (
@@ -32,7 +30,6 @@ type (
Password string
Host []string
Port int
Protocol easyssh.Protocol
Fingerprint string
Timeout time.Duration
CommandTimeout time.Duration
@@ -44,9 +41,6 @@ type (
Sync bool
Ciphers []string
UseInsecureCipher bool
EnvsFormat string
AllEnvs bool
RequireTty bool
}
// Plugin structure
@@ -57,15 +51,13 @@ type (
)
func escapeArg(arg string) string {
return "'" + strings.ReplaceAll(arg, "'", `'\''`) + "'"
return "'" + strings.Replace(arg, "'", `'\''`, -1) + "'"
}
func (p Plugin) hostPort(host string) (string, string) {
hosts := strings.Split(host, ":")
port := strconv.Itoa(p.Config.Port)
if len(hosts) > 1 &&
(p.Config.Protocol == easyssh.PROTOCOL_TCP ||
p.Config.Protocol == easyssh.PROTOCOL_TCP4) {
if len(hosts) > 1 {
host = hosts[0]
port = hosts[1]
}
@@ -74,7 +66,6 @@ func (p Plugin) hostPort(host string) (string, string) {
}
func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
defer wg.Done()
host, port := p.hostPort(host)
// Create MakeConfig instance with remote username, server address and path to private key.
ssh := &easyssh.MakeConfig{
@@ -82,7 +73,6 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
User: p.Config.Username,
Password: p.Config.Password,
Port: port,
Protocol: p.Config.Protocol,
Key: p.Config.Key,
KeyPath: p.Config.KeyPath,
Passphrase: p.Config.Passphrase,
@@ -90,13 +80,11 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
Ciphers: p.Config.Ciphers,
Fingerprint: p.Config.Fingerprint,
UseInsecureCipher: p.Config.UseInsecureCipher,
RequestPty: p.Config.RequireTty,
Proxy: easyssh.DefaultConfig{
Server: p.Config.Proxy.Server,
User: p.Config.Proxy.User,
Password: p.Config.Proxy.Password,
Port: p.Config.Proxy.Port,
Protocol: p.Config.Proxy.Protocol,
Key: p.Config.Proxy.Key,
KeyPath: p.Config.Proxy.KeyPath,
Passphrase: p.Config.Proxy.Passphrase,
@@ -107,102 +95,72 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
},
}
if p.Config.Debug {
p.log(host, "======CMD======")
p.log(host, strings.Join(p.Config.Script, "\n"))
p.log(host, "======END======")
}
p.log(host, "======CMD======")
p.log(host, strings.Join(p.Config.Script, "\n"))
p.log(host, "======END======")
env := []string{}
if p.Config.AllEnvs {
allenvs := findEnvs("DRONE_", "PLUGIN_", "INPUT_", "GITHUB_")
p.Config.Envs = append(p.Config.Envs, allenvs...)
}
for _, key := range p.Config.Envs {
key = strings.ToUpper(key)
if val, found := os.LookupEnv(key); found {
env = append(
env,
p.format(p.Config.EnvsFormat, "{NAME}", key, "{VALUE}", escapeArg(val)),
)
env = append(env, key+"="+escapeArg(val))
}
}
if p.Config.Debug && len(env) > 0 {
p.Config.Script = append(env, p.scriptCommands()...)
if p.Config.Debug {
p.log(host, "======ENV======")
p.log(host, strings.Join(env, "\n"))
p.log(host, "======END======")
}
env = append(env, p.scriptCommands()...)
p.Config.Script = env
stdoutChan, stderrChan, doneChan, errChan, err := ssh.Stream(
strings.Join(p.Config.Script, "\n"),
p.Config.CommandTimeout,
)
stdoutChan, stderrChan, doneChan, errChan, err := ssh.Stream(strings.Join(p.Config.Script, "\n"), p.Config.CommandTimeout)
if err != nil {
errChannel <- err
return
}
// read from the output channel until the done signal is passed
var isTimeout bool
loop:
for {
select {
case isTimeout = <-doneChan:
break loop
case outline := <-stdoutChan:
if outline != "" {
p.log(host, outline)
} else {
// read from the output channel until the done signal is passed
isTimeout := true
loop:
for {
select {
case isTimeout = <-doneChan:
break loop
case outline := <-stdoutChan:
p.log(host, "out:", outline)
case errline := <-stderrChan:
p.log(host, "err:", errline)
case err = <-errChan:
}
case errline := <-stderrChan:
if errline != "" {
p.log(host, errline)
}
case err = <-errChan:
}
// get exit code or command error.
if err != nil {
errChannel <- err
}
// command time out
if !isTimeout {
errChannel <- errCommandTimeOut
}
}
// get exit code or command error.
if err != nil {
errChannel <- err
}
// command time out
if !isTimeout {
errChannel <- errCommandTimeOut
}
wg.Done()
}
// format string
func (p Plugin) format(format string, args ...string) string {
r := strings.NewReplacer(args...)
return r.Replace(format)
}
func (p Plugin) getWriter() io.Writer {
if p.Writer != nil {
return p.Writer
func (p Plugin) log(host string, message ...interface{}) {
if p.Writer == nil {
p.Writer = os.Stdout
}
return os.Stdout
}
// log output to console
func (p Plugin) log(host string, message ...any) {
w := p.getWriter()
if count := len(p.Config.Host); count == 1 {
fmt.Fprintf(w, "%s", fmt.Sprintln(message...))
return
fmt.Fprintf(p.Writer, "%s", fmt.Sprintln(message...))
} else {
fmt.Fprintf(p.Writer, "%s: %s", host, fmt.Sprintln(message...))
}
fmt.Fprintf(w, "%s: %s", host, fmt.Sprintln(message...))
}
// Exec executes the plugin.
func (p Plugin) Exec() error {
p.Config.Host = trimValues(p.Config.Host)
if len(p.Config.Host) == 0 {
return errMissingHost
}
@@ -211,22 +169,18 @@ func (p Plugin) Exec() error {
return errMissingPasswordOrKey
}
if p.Config.EnvsFormat == "" {
p.Config.EnvsFormat = envsFormat
if len(p.Config.Key) != 0 && len(p.Config.Password) != 0 {
return errSetPasswordandKey
}
wg := sync.WaitGroup{}
wg.Add(len(p.Config.Host))
errChannel := make(chan error)
finished := make(chan struct{})
if p.Config.Sync {
go func() {
for _, host := range p.Config.Host {
p.exec(host, &wg, errChannel)
}
}()
} else {
for _, host := range p.Config.Host {
for _, host := range p.Config.Host {
if p.Config.Sync {
p.exec(host, &wg, errChannel)
} else {
go p.exec(host, &wg, errChannel)
}
}
@@ -244,10 +198,9 @@ func (p Plugin) Exec() error {
}
}
w := p.getWriter()
fmt.Fprintln(w, "===============================================")
fmt.Fprintln(w, "✅ Successfully executed commands to all hosts.")
fmt.Fprintln(w, "===============================================")
fmt.Println("==============================================")
fmt.Println("✅ Successfully executed commands to all host.")
fmt.Println("==============================================")
return nil
}
@@ -272,42 +225,9 @@ func (p Plugin) scriptCommands() []string {
}
commands = append(commands, cmd)
if p.Config.ScriptStop && cmd[(len(cmd)-1):] != "\\" {
commands = append(
commands,
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
)
commands = append(commands, "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;")
}
}
return commands
}
func trimValues(keys []string) []string {
var newKeys []string
for _, value := range keys {
value = strings.TrimSpace(value)
if len(value) == 0 {
continue
}
newKeys = append(newKeys, value)
}
return newKeys
}
// Find all envs from specified prefix
func findEnvs(prefix ...string) []string {
envs := []string{}
for _, e := range os.Environ() {
for _, p := range prefix {
if strings.HasPrefix(e, p) {
e = strings.Split(e, "=")[0]
envs = append(envs, e)
break
}
}
}
return envs
}
plugin_test.go
+115 -443
View File
@@ -2,8 +2,8 @@ package main
import (
"bytes"
"context"
"io"
"io/ioutil"
"os"
"reflect"
"strings"
@@ -12,9 +12,6 @@ import (
"github.com/appleboy/easyssh-proxy"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/testcontainers/testcontainers-go"
"github.com/testcontainers/testcontainers-go/wait"
"golang.org/x/crypto/ssh"
)
@@ -23,7 +20,7 @@ func TestMissingHostOrUser(t *testing.T) {
err := plugin.Exec()
require.Error(t, err)
assert.NotNil(t, err)
assert.Equal(t, errMissingHost, err)
}
@@ -38,10 +35,27 @@ func TestMissingKeyOrPassword(t *testing.T) {
err := plugin.Exec()
require.Error(t, err)
assert.NotNil(t, err)
assert.Equal(t, errMissingPasswordOrKey, err)
}
func TestSetPasswordAndKey(t *testing.T) {
plugin := Plugin{
Config{
Host: []string{"localhost"},
Username: "ubuntu",
Password: "1234",
Key: "1234",
},
os.Stdout,
}
err := plugin.Exec()
assert.NotNil(t, err)
assert.Equal(t, errSetPasswordandKey, err)
}
func TestIncorrectPassword(t *testing.T) {
plugin := Plugin{
Config: Config{
@@ -55,7 +69,7 @@ func TestIncorrectPassword(t *testing.T) {
}
err := plugin.Exec()
assert.Error(t, err)
assert.NotNil(t, err)
}
func TestSSHScriptFromRawKey(t *testing.T) {
@@ -98,7 +112,7 @@ ib4KbP5ovZlrjL++akMQ7V2fHzuQIFWnCkDA5c2ZAqzlM+ZN+HRG7gWur7Bt4XH1
}
err := plugin.Exec()
assert.NoError(t, err)
assert.Nil(t, err)
}
func TestSSHScriptFromKeyFile(t *testing.T) {
@@ -114,61 +128,23 @@ func TestSSHScriptFromKeyFile(t *testing.T) {
}
err := plugin.Exec()
assert.NoError(t, err)
}
func TestSSHIPv4Only(t *testing.T) {
plugin := Plugin{
Config: Config{
Host: []string{"localhost", "127.0.0.1"},
Username: "drone-scp",
Port: 22,
Protocol: easyssh.PROTOCOL_TCP4,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{"whoami", "ls -al"},
CommandTimeout: 60 * time.Second,
},
}
err := plugin.Exec()
assert.NoError(t, err)
}
func TestSSHIPv6OnlyError(t *testing.T) {
plugin := Plugin{
Config: Config{
Host: []string{"127.0.0.1"},
Username: "drone-scp",
Port: 22,
Protocol: easyssh.PROTOCOL_TCP6,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{"whoami", "ls -al"},
CommandTimeout: 60 * time.Second,
},
}
err := plugin.Exec()
assert.Error(t, err)
assert.Nil(t, err)
}
func TestStreamFromSSHCommand(t *testing.T) {
plugin := Plugin{
Config: Config{
Host: []string{"localhost", "127.0.0.1"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{
"whoami",
"for i in {1..5}; do echo ${i}; sleep 1; done",
"echo 'done'",
},
Host: []string{"localhost", "127.0.0.1"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{"whoami", "for i in {1..5}; do echo ${i}; sleep 1; done", "echo 'done'"},
CommandTimeout: 60 * time.Second,
},
}
err := plugin.Exec()
assert.NoError(t, err)
assert.Nil(t, err)
}
func TestSSHScriptWithError(t *testing.T) {
@@ -185,7 +161,7 @@ func TestSSHScriptWithError(t *testing.T) {
err := plugin.Exec()
// Process exited with status 1
assert.Error(t, err)
assert.NotNil(t, err)
}
func TestSSHCommandTimeOut(t *testing.T) {
@@ -201,7 +177,7 @@ func TestSSHCommandTimeOut(t *testing.T) {
}
err := plugin.Exec()
assert.Error(t, err)
assert.NotNil(t, err)
}
func TestProxyCommand(t *testing.T) {
@@ -223,7 +199,7 @@ func TestProxyCommand(t *testing.T) {
}
err := plugin.Exec()
assert.NoError(t, err)
assert.Nil(t, err)
}
func TestSSHCommandError(t *testing.T) {
@@ -239,7 +215,7 @@ func TestSSHCommandError(t *testing.T) {
}
err := plugin.Exec()
assert.Error(t, err)
assert.NotNil(t, err)
}
func TestSSHCommandExitCodeError(t *testing.T) {
@@ -261,11 +237,11 @@ func TestSSHCommandExitCodeError(t *testing.T) {
}
err := plugin.Exec()
assert.Error(t, err)
assert.NotNil(t, err)
}
func TestSetENV(t *testing.T) {
t.Setenv("FOO", `' 1) '`)
os.Setenv("FOO", `' 1) '`)
plugin := Plugin{
Config: Config{
Host: []string{"localhost"},
@@ -286,28 +262,21 @@ func TestSetENV(t *testing.T) {
}
err := plugin.Exec()
assert.NoError(t, err)
assert.Nil(t, err)
}
func TestSetExistingENV(t *testing.T) {
t.Setenv("FOO", "Value for foo")
t.Setenv("BAR", "")
os.Setenv("FOO", "Value for foo")
os.Setenv("BAR", "")
plugin := Plugin{
Config: Config{
Host: []string{"localhost"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Envs: []string{"foo", "bar", "baz"},
Debug: true,
Script: []string{
"export FOO",
"export BAR",
"export BAZ",
"env | grep -q '^FOO=Value for foo$'",
"env | grep -q '^BAR=$'",
"if env | grep -q BAZ; then false; else true; fi",
},
Host: []string{"localhost"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Envs: []string{"foo", "bar", "baz"},
Debug: true,
Script: []string{"export FOO", "export BAR", "export BAZ", "env | grep -q '^FOO=Value for foo$'", "env | grep -q '^BAR=$'", "if env | grep -q BAZ; then false; else true; fi"},
CommandTimeout: 1 * time.Second,
Proxy: easyssh.DefaultConfig{
Server: "localhost",
@@ -319,28 +288,24 @@ func TestSetExistingENV(t *testing.T) {
}
err := plugin.Exec()
assert.NoError(t, err)
assert.Nil(t, err)
}
func TestSyncMode(t *testing.T) {
plugin := Plugin{
Config: Config{
Host: []string{"localhost", "127.0.0.1"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{
"whoami",
"for i in {1..3}; do echo ${i}; sleep 1; done",
"echo 'done'",
},
Host: []string{"localhost", "127.0.0.1"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{"whoami", "for i in {1..3}; do echo ${i}; sleep 1; done", "echo 'done'"},
CommandTimeout: 60 * time.Second,
Sync: true,
},
}
err := plugin.Exec()
assert.NoError(t, err)
assert.Nil(t, err)
}
func Test_escapeArg(t *testing.T) {
@@ -384,20 +349,17 @@ func TestCommandOutput(t *testing.T) {
whoami
uname
localhost: ======END======
localhost: /home/drone-scp
localhost: drone-scp
localhost: Linux
localhost: out: /home/drone-scp
localhost: out: drone-scp
localhost: out: Linux
127.0.0.1: ======CMD======
127.0.0.1: pwd
whoami
uname
127.0.0.1: ======END======
127.0.0.1: /home/drone-scp
127.0.0.1: drone-scp
127.0.0.1: Linux
===============================================
✅ Successfully executed commands to all hosts.
===============================================
127.0.0.1: out: /home/drone-scp
127.0.0.1: out: drone-scp
127.0.0.1: out: Linux
`
)
@@ -414,13 +376,12 @@ func TestCommandOutput(t *testing.T) {
},
CommandTimeout: 60 * time.Second,
Sync: true,
Debug: true,
},
Writer: &buffer,
}
err := plugin.Exec()
require.NoError(t, err)
assert.Nil(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
@@ -443,18 +404,19 @@ func TestWrongFingerprint(t *testing.T) {
}
err := plugin.Exec()
assert.Error(t, err)
assert.NotNil(t, err)
}
func getHostPublicKeyFile(keypath string) (ssh.PublicKey, error) {
var pubkey ssh.PublicKey
var err error
buf, err := os.ReadFile(keypath)
buf, err := ioutil.ReadFile(keypath)
if err != nil {
return nil, err
}
pubkey, _, _, _, err = ssh.ParseAuthorizedKey(buf)
if err != nil {
return nil, err
}
@@ -466,15 +428,15 @@ func TestFingerprint(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
drone-scp
===============================================
✅ Successfully executed commands to all hosts.
===============================================
======CMD======
whoami
======END======
out: drone-scp
`
)
hostKey, err := getHostPublicKeyFile("/etc/ssh/ssh_host_rsa_key.pub")
require.NoError(t, err)
assert.NoError(t, err)
plugin := Plugin{
Config: Config{
@@ -492,38 +454,7 @@ func TestFingerprint(t *testing.T) {
}
err = plugin.Exec()
require.NoError(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
func TestScriptStopWithMultipleHostAndSyncMode(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
mkdir: can't create directory 'a/b/c': No such file or directory
`
)
plugin := Plugin{
Config: Config{
Host: []string{"", "localhost"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{
"mkdir a/b/c",
"mkdir d/e/f",
},
CommandTimeout: 10 * time.Second,
ScriptStop: true,
Sync: true,
},
Writer: &buffer,
}
err := plugin.Exec()
require.Error(t, err)
assert.Nil(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
@@ -531,7 +462,11 @@ func TestScriptStop(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
mkdir: can't create directory 'a/b/c': No such file or directory
======CMD======
mkdir a/b/c
mkdir d/e/f
======END======
err: mkdir: can't create directory 'a/b/c': No such file or directory
`
)
@@ -552,7 +487,7 @@ func TestScriptStop(t *testing.T) {
}
err := plugin.Exec()
require.Error(t, err)
assert.NotNil(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
@@ -561,8 +496,12 @@ func TestNoneScriptStop(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
mkdir: can't create directory 'a/b/c': No such file or directory
mkdir: can't create directory 'd/e/f': No such file or directory
======CMD======
mkdir a/b/c
mkdir d/e/f
======END======
err: mkdir: can't create directory 'a/b/c': No such file or directory
err: mkdir: can't create directory 'd/e/f': No such file or directory
`
)
@@ -582,7 +521,7 @@ func TestNoneScriptStop(t *testing.T) {
}
err := plugin.Exec()
require.Error(t, err)
assert.NotNil(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
@@ -601,34 +540,31 @@ func TestEnvOutput(t *testing.T) {
echo "[${ENV_7}]"
======END======
======ENV======
export ENV_1='test'
export ENV_2='test test'
export ENV_3='test '
export ENV_4=' test test '
export ENV_5='test'\'''
export ENV_6='test"'
export ENV_7='test,!#;?.@$~'\''"'
ENV_1='test'
ENV_2='test test'
ENV_3='test '
ENV_4=' test test '
ENV_5='test'\'''
ENV_6='test"'
ENV_7='test,!#;?.@$~'\''"'
======END======
[test]
[test test]
[test ]
[ test test ]
[test']
[test"]
[test,!#;?.@$~'"]
===============================================
✅ Successfully executed commands to all hosts.
===============================================
out: [test]
out: [test test]
out: [test ]
out: [ test test ]
out: [test']
out: [test"]
out: [test,!#;?.@$~'"]
`
)
t.Setenv("ENV_1", `test`)
t.Setenv("ENV_2", `test test`)
t.Setenv("ENV_3", `test `)
t.Setenv("ENV_4", ` test test `)
t.Setenv("ENV_5", `test'`)
t.Setenv("ENV_6", `test"`)
t.Setenv("ENV_7", `test,!#;?.@$~'"`)
os.Setenv("ENV_1", `test`)
os.Setenv("ENV_2", `test test`)
os.Setenv("ENV_3", `test `)
os.Setenv("ENV_4", ` test test `)
os.Setenv("ENV_5", `test'`)
os.Setenv("ENV_6", `test"`)
os.Setenv("ENV_7", `test,!#;?.@$~'"`)
plugin := Plugin{
Config: Config{
@@ -660,14 +596,13 @@ func TestEnvOutput(t *testing.T) {
}
err := plugin.Exec()
require.NoError(t, err)
assert.Nil(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
func unindent(text string) string {
text = strings.ReplaceAll(text, "\r\n", "\n")
return strings.TrimSpace(strings.ReplaceAll(text, "\t", ""))
return strings.TrimSpace(strings.Replace(text, "\t", "", -1))
}
func TestPlugin_scriptCommands(t *testing.T) {
@@ -697,12 +632,7 @@ func TestPlugin_scriptCommands(t *testing.T) {
ScriptStop: true,
},
},
want: []string{
"mkdir a",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
"mkdir b",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
},
want: []string{"mkdir a", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir b", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;"},
},
{
name: "normal testing 2",
@@ -712,14 +642,7 @@ func TestPlugin_scriptCommands(t *testing.T) {
ScriptStop: true,
},
},
want: []string{
"mkdir a",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
"mkdir c",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
"mkdir b",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
},
want: []string{"mkdir a", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir c", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir b", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;"},
},
// See: https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
{
@@ -730,13 +653,7 @@ func TestPlugin_scriptCommands(t *testing.T) {
ScriptStop: true,
},
},
want: []string{
"ls \\",
"-lah",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
"mkdir a",
"DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;",
},
want: []string{"ls \\", "-lah", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;", "mkdir a", "DRONE_SSH_PREV_COMMAND_EXIT_CODE=$? ; if [ $DRONE_SSH_PREV_COMMAND_EXIT_CODE -ne 0 ]; then exit $DRONE_SSH_PREV_COMMAND_EXIT_CODE; fi;"},
},
{
name: "trim space",
@@ -766,8 +683,12 @@ func TestUseInsecureCipher(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
mkdir: can't create directory 'a/b/c': No such file or directory
mkdir: can't create directory 'd/e/f': No such file or directory
======CMD======
mkdir a/b/c
mkdir d/e/f
======END======
err: mkdir: can't create directory 'a/b/c': No such file or directory
err: mkdir: can't create directory 'd/e/f': No such file or directory
`
)
@@ -788,7 +709,7 @@ func TestUseInsecureCipher(t *testing.T) {
}
err := plugin.Exec()
require.Error(t, err)
assert.NotNil(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
@@ -825,8 +746,7 @@ func TestPlugin_hostPort(t *testing.T) {
name: "different port",
fields: fields{
Config: Config{
Port: 22,
Protocol: easyssh.PROTOCOL_TCP4,
Port: 22,
},
},
args: args{
@@ -835,20 +755,6 @@ func TestPlugin_hostPort(t *testing.T) {
wantHost: "localhost",
wantPort: "443",
},
{
name: "ipv6",
fields: fields{
Config: Config{
Port: 22,
Protocol: easyssh.PROTOCOL_TCP6,
},
},
args: args{
h: "::1",
},
wantHost: "::1",
wantPort: "22",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
@@ -866,237 +772,3 @@ func TestPlugin_hostPort(t *testing.T) {
})
}
}
func TestFindEnvs(t *testing.T) {
t.Setenv("DRONETEST_INPUT_FOO", "dummyValue")
t.Setenv("DRONETEST_INPUT_BAR", "dummyValue")
t.Setenv("DRONETEST_NO_PREFIX", "dummyValue")
t.Setenv("DRONETEST_INPUT_FOOBAR", "dummyValue")
t.Run("Find single prefix", func(t *testing.T) {
result := findEnvs("DRONETEST_INPUT_")
assert.ElementsMatch(
t,
[]string{"DRONETEST_INPUT_FOO", "DRONETEST_INPUT_BAR", "DRONETEST_INPUT_FOOBAR"},
result,
)
})
t.Run("Find multiple prefixes", func(t *testing.T) {
result := findEnvs("DRONETEST_INPUT_", "DRONETEST_NO_PREFIX")
assert.ElementsMatch(
t,
[]string{
"DRONETEST_INPUT_FOO",
"DRONETEST_INPUT_BAR",
"DRONETEST_NO_PREFIX",
"DRONETEST_INPUT_FOOBAR",
},
result,
)
})
t.Run("Find non-existing prefix", func(t *testing.T) {
result := findEnvs("ZZZZNONEXISTING_")
assert.Empty(t, result)
})
}
func TestAllEnvs(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
[foobar]
[foobar]
[foobar]
===============================================
✅ Successfully executed commands to all hosts.
===============================================
`
)
t.Setenv("INPUT_1", `foobar`)
t.Setenv("GITHUB_2", `foobar`)
t.Setenv("PLUGIN_3", `foobar`)
plugin := Plugin{
Config: Config{
Host: []string{"localhost"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/test",
Passphrase: "1234",
AllEnvs: true,
Script: []string{
`echo "[${INPUT_1}]"`,
`echo "[${GITHUB_2}]"`,
`echo "[${PLUGIN_3}]"`,
},
CommandTimeout: 10 * time.Second,
Proxy: easyssh.DefaultConfig{
Server: "localhost",
User: "drone-scp",
Port: "22",
KeyPath: "./tests/.ssh/id_rsa",
},
},
Writer: &buffer,
}
err := plugin.Exec()
require.NoError(t, err)
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
type SSHTestConfig struct {
Env map[string]string
AuthMethod string // "key" or "password"
KeyPath string
Password string
Script []string
Expected string
SudoAccess bool
InsecureCipher bool
RequireTty bool
CommandTimeout time.Duration
}
func runSSHContainerTest(t *testing.T, cfg SSHTestConfig) {
t.Helper()
ctx := context.Background()
req := testcontainers.ContainerRequest{
Image: "linuxserver/openssh-server:latest",
ExposedPorts: []string{"2222/tcp"},
Env: cfg.Env,
WaitingFor: wait.ForListeningPort("2222/tcp").WithStartupTimeout(180 * time.Second),
}
sshContainer, err := testcontainers.GenericContainer(
ctx,
testcontainers.GenericContainerRequest{
ContainerRequest: req,
Started: true,
},
)
if err != nil {
t.Skipf(
"Could not start container with image %s: %v. Check Docker environment and image availability. Skipping test.",
req.Image,
err,
)
}
defer func() {
if err := sshContainer.Terminate(ctx); err != nil {
t.Logf("Could not terminate container: %v", err)
}
}()
host, err := sshContainer.Host(ctx)
if err != nil {
t.Fatalf("Could not get container host: %v", err)
}
port, err := sshContainer.MappedPort(ctx, "2222/tcp")
if err != nil {
t.Fatalf("Could not get container mapped port 2222/tcp: %v", err)
}
var buffer bytes.Buffer
pluginCfg := Config{
Host: []string{host},
Username: "testuser",
Port: int(port.Num()),
Script: cfg.Script,
CommandTimeout: cfg.CommandTimeout,
UseInsecureCipher: cfg.InsecureCipher,
RequireTty: cfg.RequireTty,
}
if pluginCfg.CommandTimeout == 0 {
pluginCfg.CommandTimeout = 10 * time.Second
}
switch cfg.AuthMethod {
case "key":
pluginCfg.KeyPath = cfg.KeyPath
case "password":
pluginCfg.Password = cfg.Password
}
plugin := Plugin{
Config: pluginCfg,
Writer: &buffer,
}
require.NoError(t, plugin.Exec())
assert.Equal(t, unindent(cfg.Expected), unindent(buffer.String()))
}
func TestSudoCommand(t *testing.T) {
pubKey, err := os.ReadFile("./tests/.ssh/id_rsa.pub")
if err != nil {
t.Fatalf("Could not read public key file: %v", err)
}
runSSHContainerTest(t, SSHTestConfig{
Env: map[string]string{
"USER_NAME": "testuser",
"PASSWORD_ACCESS": "false",
"SUDO_ACCESS": "true",
"PUBLIC_KEY": string(pubKey),
},
AuthMethod: "key",
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{`sudo su - -c "whoami"`},
Expected: "root\n===============================================\n✅ Successfully executed commands to all hosts.\n===============================================",
SudoAccess: true,
InsecureCipher: true,
RequireTty: true,
CommandTimeout: 10 * time.Second,
})
}
func TestSSHWithTestcontainers(t *testing.T) {
runSSHContainerTest(t, SSHTestConfig{
Env: map[string]string{
"USER_NAME": "testuser",
"USER_PASSWORD": "testpass",
"PASSWORD_ACCESS": "true",
"SUDO_ACCESS": "false",
},
AuthMethod: "password",
Password: "testpass",
Script: []string{"whoami"},
Expected: "testuser\n===============================================\n✅ Successfully executed commands to all hosts.\n===============================================",
InsecureCipher: true,
CommandTimeout: 60 * time.Second,
})
}
func TestCommandWithIPv6(t *testing.T) {
var (
buffer bytes.Buffer
expected = `
drone-scp
===============================================
✅ Successfully executed commands to all hosts.
===============================================
`
)
plugin := Plugin{
Config: Config{
Host: []string{"::1"},
Username: "drone-scp",
Port: 22,
KeyPath: "./tests/.ssh/id_rsa",
Script: []string{
"whoami",
},
Protocol: easyssh.PROTOCOL_TCP6,
CommandTimeout: 10 * time.Second,
},
Writer: &buffer,
}
require.NoError(t, plugin.Exec())
assert.Equal(t, unindent(expected), unindent(buffer.String()))
}
tests/sudoers
-2
View File
@@ -1,2 +0,0 @@
Defaults requiretty
drone-scp ALL=(ALL) NOPASSWD:ALL