diff --git a/.github/workflows/verify-on-container.yml b/.github/workflows/verify-on-container.yml index 9765d005..4bfad902 100644 --- a/.github/workflows/verify-on-container.yml +++ b/.github/workflows/verify-on-container.yml @@ -6,8 +6,8 @@ on: - push jobs: - ssh: - name: Connect to github.com + ssh-pem: + name: Connect to github.com (PEM format) runs-on: ubuntu-20.04 container: ubuntu:20.04 steps: @@ -20,7 +20,47 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l /root/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-pkcs8: + name: Connect to github.com (PKCS8 format) + runs-on: ubuntu-20.04 + container: ubuntu:20.04 + steps: + - name: Install packages + run: | + apt update + apt -y install openssh-client git + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_PKCS8 }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l /root/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-rfc4716: + name: Connect to github.com (RFC4716 format) + runs-on: ubuntu-20.04 + container: ubuntu:20.04 + steps: + - name: Install packages + run: | + apt update + apt -y install openssh-client git + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_RFC4716 }} known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l /root/.ssh diff --git a/.github/workflows/verify-on-macos-1015.yml b/.github/workflows/verify-on-macos-1015.yml index 4e7d2b97..d84eb554 100644 --- a/.github/workflows/verify-on-macos-1015.yml +++ b/.github/workflows/verify-on-macos-1015.yml @@ -6,8 +6,8 @@ on: - push jobs: - ssh: - name: Connect to github.com + ssh-pem: + name: Connect to github.com (PEM format) runs-on: macos-10.15 steps: - name: Checkout source codes @@ -15,7 +15,37 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-pkcs8: + name: Connect to github.com (PKCS8 format) + runs-on: macos-10.15 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_PKCS8 }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-rfc4716: + name: Connect to github.com (RFC4716 format) + runs-on: macos-10.15 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_RFC4716 }} known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh @@ -30,7 +60,7 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-ubuntu-1604.yml b/.github/workflows/verify-on-ubuntu-1604.yml index 3e200784..00e39fc2 100644 --- a/.github/workflows/verify-on-ubuntu-1604.yml +++ b/.github/workflows/verify-on-ubuntu-1604.yml @@ -6,8 +6,8 @@ on: - push jobs: - ssh: - name: Connect to github.com + ssh-pem: + name: Connect to github.com (PEM format) runs-on: ubuntu-16.04 steps: - name: Checkout source codes @@ -15,7 +15,37 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-pkcs8: + name: Connect to github.com (PKCS8 format) + runs-on: ubuntu-16.04 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_PKCS8 }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-rfc4716: + name: Connect to github.com (RFC4716 format) + runs-on: ubuntu-16.04 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_RFC4716 }} known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh @@ -30,7 +60,7 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-ubuntu-1804.yml b/.github/workflows/verify-on-ubuntu-1804.yml index 2b7c31c9..9aafc72d 100644 --- a/.github/workflows/verify-on-ubuntu-1804.yml +++ b/.github/workflows/verify-on-ubuntu-1804.yml @@ -6,8 +6,8 @@ on: - push jobs: - ssh: - name: Connect to github.com + ssh-pem: + name: Connect to github.com (PEM format) runs-on: ubuntu-18.04 steps: - name: Checkout source codes @@ -15,7 +15,37 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-pkcs8: + name: Connect to github.com (PKCS8 format) + runs-on: ubuntu-18.04 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_PKCS8 }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-rfc4716: + name: Connect to github.com (RFC4716 format) + runs-on: ubuntu-18.04 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_RFC4716 }} known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh @@ -30,7 +60,7 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-ubuntu-2004.yml b/.github/workflows/verify-on-ubuntu-2004.yml index 1b1d2c7c..2ea1aee1 100644 --- a/.github/workflows/verify-on-ubuntu-2004.yml +++ b/.github/workflows/verify-on-ubuntu-2004.yml @@ -6,8 +6,8 @@ on: - push jobs: - ssh: - name: Connect to github.com + ssh-pem: + name: Connect to github.com (PEM format) runs-on: ubuntu-20.04 steps: - name: Checkout source codes @@ -15,7 +15,37 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-pkcs8: + name: Connect to github.com (PKCS8 format) + runs-on: ubuntu-20.04 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_PKCS8 }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls -l ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-rfc4716: + name: Connect to github.com (RFC4716 format) + runs-on: ubuntu-20.04 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_RFC4716 }} known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls -l ~/.ssh @@ -30,7 +60,7 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional diff --git a/.github/workflows/verify-on-windows-server-2019.yml b/.github/workflows/verify-on-windows-server-2019.yml index 4afd0bd4..98ae64e3 100644 --- a/.github/workflows/verify-on-windows-server-2019.yml +++ b/.github/workflows/verify-on-windows-server-2019.yml @@ -6,8 +6,8 @@ on: - push jobs: - ssh: - name: Connect to github.com + ssh-pem: + name: Connect to github.com (PEM format) runs-on: windows-2019 steps: - name: Checkout source codes @@ -15,7 +15,37 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-pkcs8: + name: Connect to github.com (PKCS8 format) + runs-on: windows-2019 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_PKCS8 }} + known_hosts: ${{ secrets.KNOWN_HOSTS }} + - name: print created files + run: ls ~/.ssh + - name: git clone through SSH + run: git clone git@github.com:shimataro/ssh-key-action.git tmp + ssh-rfc4716: + name: Connect to github.com (RFC4716 format) + runs-on: windows-2019 + steps: + - name: Checkout source codes + uses: actions/checkout@v2 + - name: Install SSH key + uses: ./. + with: + key: ${{ secrets.SSH_KEY_RFC4716 }} known_hosts: ${{ secrets.KNOWN_HOSTS }} - name: print created files run: ls ~/.ssh @@ -30,7 +60,7 @@ jobs: - name: Install SSH key uses: ./. with: - key: ${{ secrets.SSH_KEY }} + key: ${{ secrets.SSH_KEY_PEM }} known_hosts: ${{ secrets.KNOWN_HOSTS }} name: ssh_key_name # optional config: | # optional @@ -39,6 +69,6 @@ jobs: User git IdentityFile ~/.ssh/ssh_key_name - name: print created files - run: ls ~/.ssh + run: ls -l ~/.ssh - name: git clone through SSH run: git clone github:shimataro/ssh-key-action.git tmp diff --git a/CHANGELOG.md b/CHANGELOG.md index b65bb09c..31cbf9be 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ### Added * Support Docker container (thanks [@kujaomega](https://github.com/kujaomega)) +* Support PKCS8/RFC4716 formats (thanks [@tats-u](https://github.com/tats-u)) ### Changed diff --git a/README.md b/README.md index 818d3b09..879a7e30 100644 --- a/README.md +++ b/README.md @@ -22,9 +22,7 @@ Useful for SCP, SFTP, and `rsync` over SSH in deployment script. Add your SSH key to your product secrets by clicking `Settings` - `Secrets` - `Add a new secret` beforehand. -**NOTE:** OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work due to OpenSSH version on VM. -Please use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`) instead. -In order to convert your key inline to PEM format simply use `ssh-keygen -p -m PEM -f ~/.ssh/id_rsa`. +PEM(RSA), PKCS8, and RFC4716(OpenSSH) formats are OK. ```yaml runs-on: ubuntu-latest @@ -85,9 +83,6 @@ steps: Check below: -* `Load key "/HOME/.ssh/id_rsa": invalid format`: - * OPENSSH format (key begins with `-----BEGIN OPENSSH PRIVATE KEY-----`) may not work. - * Use PEM format (begins with `-----BEGIN RSA PRIVATE KEY-----`). Convert it from OPENSSH format using `ssh-keygen -p -m PEM -f ~/.ssh/id_rsa` * `Host key verification failed.`: * Set `known_hosts` parameter correctly (use `ssh-keyscan` command). diff --git a/lib/index.js b/lib/index.js index 3a2345ae..12f3b5ec 100644 --- a/lib/index.js +++ b/lib/index.js @@ -430,8 +430,8 @@ function main() { const files = [ { name: core.getInput("name"), - contents: core.getInput("key", { - required: true, + contents: insertLf(core.getInput("key", { required: true }), { + append: true, }), options: { mode: 0o400, @@ -440,9 +440,10 @@ function main() { }, { name: "known_hosts", - contents: insertLf(core.getInput("known_hosts", { - required: true, - })), + contents: insertLf(core.getInput("known_hosts", { required: true }), { + prepend: true, + append: true, + }), options: { mode: 0o644, flag: "a", @@ -450,7 +451,10 @@ function main() { }, { name: "config", - contents: insertLf(core.getInput("config")), + contents: insertLf(core.getInput("config"), { + prepend: true, + append: true, + }), options: { mode: 0o644, flag: "a", @@ -505,19 +509,21 @@ function getHomeEnv() { } /** * prepend/append LF to value if not empty - * @param value the value to prepend LF - * @returns prepended value + * @param value the value to insert LF + * @param options options + * @returns new value */ -function insertLf(value) { +function insertLf(value, options) { + const normalizedOptions = Object.assign({ prepend: false, append: false }, options); let affectedValue = value; if (value.length === 0) { // do nothing if empty return ""; } - if (!affectedValue.startsWith("\n")) { + if (normalizedOptions.prepend && !affectedValue.startsWith("\n")) { affectedValue = `\n${affectedValue}`; } - if (!affectedValue.endsWith("\n")) { + if (normalizedOptions.append && !affectedValue.endsWith("\n")) { affectedValue = `${affectedValue}\n`; } return affectedValue; diff --git a/src/main.ts b/src/main.ts index b39d10c2..97c78e80 100644 --- a/src/main.ts +++ b/src/main.ts @@ -10,6 +10,13 @@ interface FileInfo options: fs.WriteFileOptions; } +/** options for insertLf() */ +interface InsertLfOptions +{ + prepend?: boolean; + append?: boolean; +} + /** * main function */ @@ -20,8 +27,8 @@ function main(): void const files: FileInfo[] = [ { name: core.getInput("name"), - contents: core.getInput("key", { - required: true, + contents: insertLf(core.getInput("key", {required: true}), { + append: true, }), options: { mode: 0o400, @@ -30,9 +37,10 @@ function main(): void }, { name: "known_hosts", - contents: insertLf(core.getInput("known_hosts", { - required: true, - })), + contents: insertLf(core.getInput("known_hosts", {required: true}), { + prepend: true, + append: true, + }), options: { mode: 0o644, flag: "a", @@ -40,7 +48,10 @@ function main(): void }, { name: "config", - contents: insertLf(core.getInput("config")), + contents: insertLf(core.getInput("config"), { + prepend: true, + append: true, + }), options: { mode: 0o644, flag: "a", @@ -111,11 +122,17 @@ function getHomeEnv(): string /** * prepend/append LF to value if not empty - * @param value the value to prepend LF - * @returns prepended value + * @param value the value to insert LF + * @param options options + * @returns new value */ -function insertLf(value: string): string +function insertLf(value: string, options: InsertLfOptions): string { + const normalizedOptions: Required = { + prepend: false, + append: false, + ...options, + }; let affectedValue = value; if(value.length === 0) @@ -123,11 +140,11 @@ function insertLf(value: string): string // do nothing if empty return ""; } - if(!affectedValue.startsWith("\n")) + if(normalizedOptions.prepend && !affectedValue.startsWith("\n")) { affectedValue = `\n${affectedValue}`; } - if(!affectedValue.endsWith("\n")) + if(normalizedOptions.append && !affectedValue.endsWith("\n")) { affectedValue = `${affectedValue}\n`; }