### SSH Host Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example demonstrating how to specify the SSH host address or IP. Supports single host, multiple hosts, and hosts with custom ports. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: deployuser key: ${{ secrets.SSH_KEY }} script: whoami ``` -------------------------------- ### Example of Using Captured Output Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Illustrates how to reference captured output from a previous step in a subsequent step using the `${{ steps.entrypoint.outputs.stdout }}` expression. ```yaml - run: echo "Previous step output: ${{ steps.entrypoint.outputs.stdout }}" ``` -------------------------------- ### Multi-Environment Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md This example demonstrates deploying to multiple environments (staging, production) using a matrix strategy. It dynamically selects the SSH host based on the environment. ```yaml jobs: deploy: strategy: matrix: [staging, production] environment: ${{ matrix.environment }} runs-on: ubuntu-latest steps: - uses: appleboy/ssh-action@v1 with: host: ${{ secrets[format('{0}_HOST', matrix.environment)] }} username: deploy key: ${{ secrets.SSH_KEY }} script: ./deploy.sh ``` -------------------------------- ### Complete SSH Action Workflow Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md This example demonstrates a complete GitHub Actions workflow that uses the SSH Action to deploy an application. It includes checking out the code, executing remote commands, and reporting the deployment status. ```yaml name: Deploy via SSH on: [push] jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Execute remote commands id: ssh uses: appleboy/ssh-action@v1 with: host: ${{ secrets.DEPLOY_HOST }} username: ${{ secrets.DEPLOY_USER }} key: ${{ secrets.SSH_PRIVATE_KEY }} port: 22 timeout: 60s command_timeout: 30m debug: false capture_stdout: true script: | set -e echo "Deploying application..." cd /home/deploy/app git pull origin main npm install npm run build npm run migrate systemctl restart app echo "Deployment complete" - name: Report deployment status if: always() run: | echo "Deployment output:" echo "${{ steps.ssh.outputs.stdout }}" ``` -------------------------------- ### SSH Port Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example showing how to specify the SSH port number. Can be used as a default or inline with hosts. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com port: 2222 username: deployuser key: ${{ secrets.SSH_KEY }} script: whoami ``` -------------------------------- ### SSH Timeout Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example setting a custom timeout for establishing the SSH connection. Supports various duration string formats. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} timeout: 60s script: whoami ``` -------------------------------- ### SSH Key Path Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example using a path to an SSH private key file on the GitHub Actions runner. This is an alternative to providing the key content directly. ```yaml - name: Run SSH commands uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key_path: ~/.ssh/id_rsa script: whoami ``` -------------------------------- ### SSH Password Authentication Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example using password-based authentication. The password should be stored in GitHub Secrets for security. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: deployuser password: ${{ secrets.SSH_PASSWORD }} script: whoami ``` -------------------------------- ### SSH Key from File Path Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Use this example when your SSH private key is stored as a file on the runner. The script first sets up the key file and then uses it for authentication. ```yaml name: Deploy using Key File on: [push] jobs: deploy: runs-on: ubuntu-latest steps: - name: Setup SSH key run: | mkdir -p ~/.ssh echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa - uses: appleboy/ssh-action@v1 with: host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USER }} key_path: ~/.ssh/id_rsa script: whoami ``` -------------------------------- ### Example Workflow Usage Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Demonstrates how to call the ssh-action in a GitHub Actions workflow with host, username, SSH key, and a script to execute. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} script: whoami ``` -------------------------------- ### Local Testing Setup for SSH Action Source: https://github.com/appleboy/ssh-action/blob/master/CLAUDE.md Set environment variables to simulate GitHub Actions inputs for testing the entrypoint.sh script locally. Ensure GITHUB_ACTION_PATH is set to the current directory. ```bash export INPUT_HOST="192.168.1.100" export INPUT_USERNAME="testuser" export INPUT_PASSWORD="testpass" export INPUT_PORT="22" export INPUT_SCRIPT="whoami" export GITHUB_ACTION_PATH="$(pwd)" ./entrypoint.sh ``` -------------------------------- ### SSH Configuration for Jump Host Source: https://github.com/appleboy/ssh-action/blob/master/README.md Example SSH client configuration to connect through a jump host. The `ProxyCommand` directive is key for establishing the connection. ```text Host Jumphost HostName Jumphost User ubuntu Port 22 IdentityFile ~/.ssh/keys/jump_host.pem Host FooServer HostName FooServer User ubuntu Port 22 ProxyCommand ssh -q -W %h:%p Jumphost ``` -------------------------------- ### SSH Public Key Authentication Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example for public key authentication using the raw content of an SSH private key. The key must be in PEM format. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_PRIVATE_KEY }} script: whoami ``` -------------------------------- ### Enable Debug Logging Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md To get more detailed logs for troubleshooting, set the `debug` parameter to `true`. This will provide verbose output during the action's execution. ```yaml debug: true ``` -------------------------------- ### SSH Key Passphrase Example Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example for using a passphrase to decrypt an encrypted SSH private key. The passphrase should be stored in GitHub Secrets. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} passphrase: ${{ secrets.SSH_PASSPHRASE }} script: whoami ``` -------------------------------- ### Sequential Host Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Explains the sequential mode for executing scripts on multiple hosts one after another. This mode ensures each script completes before the next one starts. ```text drone-ssh binary creates sequential connections: ├─ Connection to host1 → execute script → wait for completion ├─ Connection to host2 → execute script → wait for completion └─ Connection to host3 → execute script → wait for completion (one after another) ``` -------------------------------- ### Inputs and Outputs Reference Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/_MANIFEST.txt This section details all input parameters and output variables for the SSH Remote Commands GitHub Action. It includes parameter types, default values, requirements, and environment variable mappings, along with code examples for each parameter. ```APIDOC ## API Reference This document outlines the inputs and outputs for the SSH Remote Commands GitHub Action. ### Inputs The action supports over 42 input parameters categorized as follows: #### Connection Parameters (12 parameters) Details on parameters related to establishing SSH connections. #### Command Execution Parameters (10 parameters) Details on parameters controlling the execution of remote commands. #### Proxy/Jump Host Parameters (11 parameters) Details on parameters for configuring proxy or jump host connections. #### Binary and Runtime Parameters (2 parameters) Details on parameters related to the action's binary and runtime environment. ### Outputs #### Outputs Reference (1 output) Details on the single output variable provided by the action. ### Code Examples Code examples are provided for each parameter to demonstrate usage within GitHub Actions workflows. ``` -------------------------------- ### SSH Connection Through Proxy Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md Example of configuring an SSH connection to an internal host via a proxy server. Ensure all proxy and target host credentials and keys are correctly set as secrets. ```yaml - uses: appleboy/ssh-action@v1 with: host: internal.local username: ${{ secrets.USER }} key: ${{ secrets.KEY }} proxy_host: ${{ secrets.PROXY_HOST }} proxy_username: ${{ secrets.PROXY_USER }} proxy_key: ${{ secrets.PROXY_KEY }} script: whoami ``` -------------------------------- ### Run OpenSSH Server Docker Container Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md This command starts an OpenSSH server in a Docker container for testing purposes. It maps port 2222 and configures user access with password and public key authentication. ```bash docker run -d \ --name=openssh-server \ -p 2222:2222 \ -e USER_NAME=linuxserver.io \ -e PASSWORD_ACCESS=true \ -e PUBLIC_KEY="${PUBLIC_KEY}" \ lscr.io/linuxserver/openssh-server:latest ``` -------------------------------- ### Local Development: Running entrypoint.sh Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md This bash script shows how to execute the action's entrypoint script locally for testing. It sets necessary environment variables, including host, port, credentials, and the script to execute. ```bash # Run entrypoint.sh export INPUT_HOST="127.0.0.1" export INPUT_PORT="2222" export INPUT_USERNAME="testuser" export INPUT_PASSWORD="testpass" export INPUT_SCRIPT="whoami" export GITHUB_ACTION_PATH="$(pwd)" ./entrypoint.sh ``` -------------------------------- ### Document Deployment Steps Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Use clear step names and comments to document the purpose and details of your deployment actions, including references to external scripts. ```yaml # Good: Clear step names and comments - name: Deploy to production server # Performs blue/green deployment with health checks # See: scripts/deploy-prod.sh uses: appleboy/ssh-action@v1 with: host: ${{ secrets.PROD_HOST }} username: deploy key: ${{ secrets.SSH_KEY }} script_path: scripts/deploy-prod.sh ``` -------------------------------- ### Configuration and Mappings Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/_MANIFEST.txt This section details the mapping between action input parameters and environment variables, along with execution flow and host specification formats. ```APIDOC ## Configuration This document details the configuration options for the SSH Remote Commands GitHub Action. ### Input-to-Environment Variable Mapping Provides a complete mapping of all input parameters to their corresponding environment variables. ### Execution Flow Describes the execution flow and processing logic of the action. ### Host Specification Formats Details the various formats supported for specifying hosts. ### Tables - **Connection Settings**: Details 11 parameters related to connection settings. - **Command Execution Settings**: Details 10 parameters for command execution. - **Proxy/Jump Host Settings**: Details 11 parameters for proxy/jump host configurations. - **Binary and Compatibility Settings**: Details 2 parameters for binary and compatibility settings. ``` -------------------------------- ### Backup and Deploy Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md This snippet illustrates backing up the application directory before pulling the latest changes and restarting the application. It ensures data integrity by creating a timestamped backup. ```yaml - name: Backup and deploy uses: appleboy/ssh-action@v1 with: host: ${{ secrets.SSH_HOST }} username: deploy key: ${{ secrets.SSH_KEY }} script: | set -e BACKUP_DIR="/backups/$(date +%Y%m%d_%H%M%S)" mkdir -p "$BACKUP_DIR" cp -r /var/www/app "$BACKUP_DIR/" cd /var/www/app git pull origin main npm run build systemctl restart app ``` -------------------------------- ### Local Development: Setting up Test SSH Server Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md This bash script demonstrates how to set up a local SSH server using Docker for testing the action. It exposes port 2222 and configures a test user with a password. ```bash # Set up test SSH server docker run -d --name openssh \ -p 2222:2222 \ -e USER_NAME=testuser \ -e PASSWORD_ACCESS=true \ -e USER_PASSWORD=testpass \ lscr.io/linuxserver/openssh-server:latest ``` -------------------------------- ### SSH Action with Debug Mode Enabled Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Enable debug mode for the SSH action to get verbose logging output. This is helpful for troubleshooting connection or execution issues. ```yaml - uses: appleboy/ssh-action@v1 with: host: ${{ secrets.SSH_HOST }} username: deploy key: ${{ secrets.SSH_KEY }} debug: true script: whoami ``` -------------------------------- ### Full CI/CD Pipeline Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md This snippet shows a complete CI/CD workflow using the SSH action for staging deployment and verification. It includes steps for building, testing, deploying, and verifying the application. ```yaml name: CI/CD Pipeline on: push: branches: [main] pull_request: branches: [main] jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: '18' - run: npm install - run: npm run lint - run: npm run test - run: npm run build deploy: needs: test runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' steps: - uses: actions/checkout@v4 - name: Deploy to staging id: deploy uses: appleboy/ssh-action@v1 with: host: ${{ secrets.STAGING_HOST }} username: ${{ secrets.SSH_USER }} key: ${{ secrets.SSH_KEY }} script_path: scripts/deploy-staging.sh capture_stdout: true - name: Verify deployment run: | OUTPUT="${{ steps.deploy.outputs.stdout }}" if echo "$OUTPUT" | grep -q "Deployment successful"; then echo "Staging deployment verified ✓" else echo "Staging deployment failed ✗" exit 1 fi - name: Health check run: | curl -f https://staging.example.com/health || exit 1 - name: Notify success if: success() uses: slackapi/slack-github-action@v1 with: payload: |+ {"text": "Deployment successful: ${{ github.sha }}"} promote-to-production: needs: deploy runs-on: ubuntu-latest environment: production steps: - uses: actions/checkout@v4 - name: Deploy to production uses: appleboy/ssh-action@v1 with: host: ${{ secrets.PROD_HOST }} username: ${{ secrets.SSH_USER }} key: ${{ secrets.SSH_KEY }} sync: true # Sequential deployment to multiple servers script: | set -e cd /var/www/app git fetch origin git checkout ${{ github.sha }} npm install --production npm run migrate systemctl restart app systemctl restart nginx ``` -------------------------------- ### Get SSH Host Fingerprint Source: https://github.com/appleboy/ssh-action/blob/master/README.md Command to retrieve the SSH host key fingerprint. Replace `ed25519` with your key type and `example.com` with your host's domain or IP. ```sh ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' ' -f2 ``` -------------------------------- ### Docker Image Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md This snippet demonstrates deploying a Docker image to a server using SSH. It includes steps for building the image, logging into a registry, pulling the image, and running it as a container. ```yaml name: Deploy Docker Image on: [push] jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: docker/setup-buildx-action@v2 - name: Build Docker image uses: docker/build-push-action@v4 with: push: true tags: myregistry.azurecr.io/myapp:latest - name: Deploy to production uses: appleboy/ssh-action@v1 with: host: ${{ secrets.DOCKER_HOST }} username: ${{ secrets.DOCKER_USER }} key: ${{ secrets.SSH_KEY }} script: | set -e docker login -u ${{ secrets.REGISTRY_USER }} \ -p ${{ secrets.REGISTRY_PASSWORD }} \ myregistry.azurecr.io docker pull myregistry.azurecr.io/myapp:latest docker stop myapp || true docker rm myapp || true docker run -d \ --name myapp \ -p 8080:3000 \ myregistry.azurecr.io/myapp:latest docker ps | grep myapp ``` -------------------------------- ### Bash Script for Remote Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Example content of a bash script file to be executed on a remote server via SSH. Includes 'set -e' for immediate exit on error. ```bash #!/usr/bin/env bash set -e whoami pwd ls -al ``` -------------------------------- ### Configure Proxy/Jump Host Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md To connect through a proxy or jump host, specify `proxy_host`, `proxy_username`, and `proxy_key`. Enable `debug: true` for troubleshooting. ```yaml - uses: appleboy/ssh-action@v1 with: host: target-internal username: user key: ${{ secrets.SSH_KEY }} proxy_host: proxy.example.com proxy_username: proxy_user proxy_key: ${{ secrets.PROXY_KEY }} debug: true # Enable debug output script: whoami ``` -------------------------------- ### Debug SSH Connection Verbosity Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Use verbose output with `ssh -vvv` to get detailed debugging information about the SSH connection process. Helps diagnose various connection issues. ```bash # Check SSH daemon running ssh -vvv user@example.com # Verbose output for debugging ``` -------------------------------- ### Configure Proxy/Jump Host Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/configuration.md Set hostname, port, username, password, or SSH key for connecting through a proxy/jump host. Credentials should be stored in GitHub Secrets. ```yaml proxy_host: "your_proxy_host" proxy_port: "2222" proxy_username: "proxy_user" proxy_password: "${{ secrets.PROXY_PASSWORD }}" proxy_key: "${{ secrets.PROXY_KEY }}" proxy_passphrase: "${{ secrets.PROXY_PASSPHRASE }}" ``` -------------------------------- ### Optimize Script for Parallel Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Optimize scripts to run faster, for example, by executing tasks in parallel using `&` and `wait`. This can help avoid "Script execution timeout" errors. ```yaml # Or optimize script to run faster - uses: appleboy/ssh-action@v1 with: host: example.com username: user key: ${{ secrets.SSH_KEY }} script: | # Run in parallel task1 & task2 & task3 wait ``` -------------------------------- ### Basic Workflow with SSH Action Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md A minimal GitHub Actions workflow demonstrating the use of the ssh-action. It connects to a host and executes a 'whoami' command. ```yaml name: Deploy on: [push] jobs: deploy: runs-on: ubuntu-latest steps: - uses: appleboy/ssh-action@v1 with: host: ${{ secrets.SSH_HOST }} username: ${{ secrets.SSH_USER }} key: ${{ secrets.SSH_PRIVATE_KEY }} script: whoami ``` -------------------------------- ### Simple Deployment Workflow Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md A common workflow for deploying an application. It pulls the latest code, builds it, and restarts the application service. ```yaml - uses: appleboy/ssh-action@v1 with: host: ${{ secrets.HOST }} username: ${{ secrets.USER }} key: ${{ secrets.KEY }} script: | cd /app git pull origin main npm run build systemctl restart app ``` -------------------------------- ### Execute Command With Output Capture Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Shows how to capture the standard output of a command using `INPUT_CAPTURE_STDOUT=true`. The output is written to both logs and the `${GITHUB_OUTPUT}` file for use in subsequent steps. ```bash # entrypoint.sh lines 73-76 echo 'stdout<> "${GITHUB_OUTPUT}" "${TARGET}" "$@" | tee -a "${GITHUB_OUTPUT}" echo 'EOF' >> "${GITHUB_OUTPUT}" ``` -------------------------------- ### Bashrc Configuration for Non-Interactive Shells Source: https://github.com/appleboy/ssh-action/blob/master/README.md Example of a common Bash configuration that prevents commands from running in non-interactive shells. Commenting out the `[ -z "$PS1" ] && return` line or using absolute paths can resolve 'command not found' errors. ```sh # If not running interactively, don't do anything [ -z "$PS1" ] && return ``` -------------------------------- ### Check for Existing Binary Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md This script snippet checks if the target binary already exists and is executable. If so, it skips the download process, leveraging the caching strategy. ```bash if [[ -f "${TARGET}" ]] && [[ -x "${TARGET}" ]]; then echo "Binary ${CLIENT_BINARY} already exists, skipping download" fi ``` -------------------------------- ### Using ssh-action for Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md This snippet shows how to use the ssh-action to execute a deployment script on a remote server. It requires specifying the host, SSH key, and the script to run. ```yaml # Using ssh-action - uses: appleboy/ssh-action@v1 with: host: example.com key: ${{ secrets.SSH_KEY }} script: deploy.sh ``` -------------------------------- ### Multi-Host Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md Deploys an application to multiple hosts sequentially. The 'sync: true' option ensures commands are executed one host at a time. ```yaml - uses: appleboy/ssh-action@v1 with: host: "host1.com,host2.com,host3.com" username: ${{ secrets.USER }} key: ${{ secrets.KEY }} sync: true script: deploy.sh ``` -------------------------------- ### sync Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md When true and multiple hosts are specified in `host`, execute commands sequentially (one host at a time). Default behavior (false) executes commands on all hosts in parallel, which is faster but executes independently on each host. ```APIDOC ## sync ### Description When true and multiple hosts are specified in `host`, execute commands sequentially (one host at a time). Default behavior (false) executes commands on all hosts in parallel, which is faster but executes independently on each host. ### Environment Variable `INPUT_SYNC` ### Example - Parallel Execution (default) ```yaml - uses: appleboy/ssh-action@v1 with: host: host1.com,host2.com,host3.com username: ubuntu key: ${{ secrets.SSH_KEY }} script: deploy.sh # Runs on all three hosts simultaneously ``` ### Example - Sequential Execution ```yaml - uses: appleboy/ssh-action@v1 with: host: host1.com,host2.com,host3.com username: ubuntu key: ${{ secrets.SSH_KEY }} sync: true script: deploy.sh # Runs on host1 first, then host2, then host3 ``` ``` -------------------------------- ### Parallel execution on multiple hosts (default) Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Execute commands on all specified hosts in parallel when `sync` is false (default). This is faster but executes independently on each host. ```yaml - uses: appleboy/ssh-action@v1 with: host: host1.com,host2.com,host3.com username: ubuntu key: ${{ secrets.SSH_KEY }} script: deploy.sh # Runs on all three hosts simultaneously ``` -------------------------------- ### Copy SSH Public Key to Server Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Automates adding your public SSH key to the remote server's authorized_keys file. Ensure you replace 'user@example.com' with your actual username and host. ```bash ssh-copy-id -i ~/.ssh/id_ed25519.pub user@example.com ``` -------------------------------- ### Binary Download URL Construction Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Constructs the download URL and target path for the drone-ssh binary based on version, platform, and architecture. ```bash DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}" CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}" TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}" ``` -------------------------------- ### Configure Parallel Multi-Host Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md By default, the action deploys to multiple hosts in parallel. This is controlled by the `sync` parameter, which defaults to `false` for parallel execution. ```yaml sync: false ``` -------------------------------- ### Validate Downloaded Binary Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Executes the downloaded binary with the --version flag to ensure it is valid and executable. Logs an error if the version check fails. ```bash echo "======= CLI Version Information ======= ``` -------------------------------- ### Direct SSH Connection Architecture Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Illustrates a direct SSH connection from the GitHub Actions runner to the target server via the drone-ssh binary. This is the simplest connection method. ```text GitHub Actions Runner ↓ entrypoint.sh ↓ drone-ssh binary ↓ INPUT_HOST (target server) ``` -------------------------------- ### Configure Sequential Multi-Host Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/README.md To execute scripts sequentially across multiple hosts, set the `sync` parameter to `true`. This ensures one host completes before the next is processed. ```yaml sync: true ``` -------------------------------- ### Script Execution with Error Handling Source: https://github.com/appleboy/ssh-action/blob/master/CLAUDE.md Use 'set -e' at the beginning of your script to ensure execution stops immediately if any command fails. This mimics the behavior of a 'script_stop' option. ```yaml script: | #!/usr/bin/env bash set -e command1 command2 ``` -------------------------------- ### Download and Cache Binary Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Checks if the binary exists and is executable. If not, it downloads the binary with retries, validates its integrity, and makes it executable. ```bash if [[ -f "${TARGET}" ]] && [[ -x "${TARGET}" ]]; then echo "Binary ${CLIENT_BINARY} already exists, skipping download" else echo "Downloading ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}" INSECURE_OPTION="" if [[ "${INPUT_CURL_INSECURE}" == 'true' ]]; then INSECURE_OPTION="--insecure" fi curl -fsSL --retry 5 --keepalive-time 2 --location ${INSECURE_OPTION} \ "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}" if [[ ! -f "${TARGET}" ]] || [[ ! -s "${TARGET}" ]]; then log_error "Downloaded file is missing or empty: ${TARGET}" "${ERR_INVALID_BINARY}" fi chmod +x "${TARGET}" fi ``` -------------------------------- ### Copy Private Key to Clipboard (Ubuntu) Source: https://github.com/appleboy/ssh-action/blob/master/README.md Copies the RSA private key to the clipboard on Ubuntu for easy pasting into secrets. ```bash # Ubuntu xclip < ~/.ssh/id_rsa ``` -------------------------------- ### Deploy to Staging and Production Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Conditional deployment to staging or production environments based on the GitHub event and branch. ```yaml - name: Deploy to staging (test) if: github.event_name == 'pull_request' uses: appleboy/ssh-action@v1 with: host: ${{ secrets.STAGING_HOST }} username: user key: ${{ secrets.SSH_KEY }} script: deploy.sh - name: Deploy to production if: github.ref == 'refs/heads/main' uses: appleboy/ssh-action@v1 with: host: ${{ secrets.PROD_HOST }} username: user key: ${{ secrets.SSH_KEY }} script: deploy.sh ``` -------------------------------- ### Platform and Architecture Detection Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/architecture.md Shell script snippet for detecting the client's operating system and architecture, validating them against supported values. ```bash detect_client_info() { CLIENT_PLATFORM="${SSH_CLIENT_OS:-$(uname -s | tr '[:upper:]' '[:lower:]')}" CLIENT_ARCH="${SSH_CLIENT_ARCH:-$(uname -m)}" # Validate platform case "${CLIENT_PLATFORM}" in darwin | linux | windows) ;; *) log_error "Unknown platform: ${CLIENT_PLATFORM}" "${ERR_UNKNOWN_PLATFORM}" ;; esac # Map architecture case "${CLIENT_ARCH}" in x86_64* | i?86_64* | amd64*) CLIENT_ARCH="amd64" ;; aarch64* | arm64*) CLIENT_ARCH="arm64" ;; *) log_error "Unknown arch: ${CLIENT_ARCH}" "${ERR_UNKNOWN_ARCH}" ;; esac } ``` -------------------------------- ### Deploy Sequentially to Multiple Hosts Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Deploy to servers one at a time using a comma-separated list of hosts. Useful for rolling deployments or when health checks are needed between steps. ```yaml - uses: appleboy/ssh-action@v1 with: host: "primary.example.com,secondary.example.com,backup.example.com" username: deploy key: ${{ secrets.SSH_KEY }} sync: true script: | set -e cd /home/deploy/app git pull origin main npm install npm run build systemctl restart app ``` -------------------------------- ### Troubleshoot SSH Authentication Failures Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Commands to diagnose and fix 'Permission denied (publickey)' errors. This includes checking remote server permissions and verifying the presence of your public key in authorized_keys. ```bash # Check remote server permissions ssh user@host "ls -la ~/.ssh" # Should show: # drwx------ .ssh (700) # -rw------- authorized_keys (600) ``` ```bash # Verify your key is in authorized_keys ssh user@host "cat ~/.ssh/authorized_keys | grep $(cat ~/.ssh/id_ed25519.pub | cut -d' ' -f2)" ``` ```bash # Fix permissions on server ssh user@host "chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys" ``` -------------------------------- ### SSH Action with Proxy Host Configuration Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Use this snippet to connect to a target server through a proxy or jump host. Ensure the proxy host details and authentication credentials are correctly provided. ```yaml - uses: appleboy/ssh-action@v1 with: host: internal-server.local username: ubuntu key: ${{ secrets.SSH_KEY }} proxy_host: jumphost.example.com proxy_username: jump_user proxy_key: ${{ secrets.PROXY_KEY }} script: whoami ``` -------------------------------- ### Check File/Directory Permissions Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Use `ls -la` to check file and directory permissions. This is crucial for diagnosing "Permission denied" errors during command execution. ```bash # Check file/directory permissions ls -la /path/to/file ``` -------------------------------- ### Parallel Multi-Host Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Deploy to multiple hosts in parallel by providing a comma-separated list for `host`. `sync: false` is the default for parallel execution. ```yaml # Default: parallel execution (faster) - uses: appleboy/ssh-action@v1 with: host: "host1,host2,host3" username: user key: ${{ secrets.SSH_KEY }} sync: false # Parallel (default) script: deploy.sh ``` -------------------------------- ### Execute Commands on Multiple Hosts Source: https://github.com/appleboy/ssh-action/blob/master/README.md Runs commands on a comma-separated list of hosts. Ensure authentication details are provided for all hosts. ```yaml - name: Multiple hosts uses: appleboy/ssh-action@v1 with: host: "foo.com,bar.com" username: ${{ secrets.USERNAME }} key: ${{ secrets.KEY }} port: ${{ secrets.PORT }} script: | whoami ls -al ``` -------------------------------- ### Connection Parameters Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md These parameters configure the SSH connection to the remote host. ```APIDOC ## Connection Parameters ### `host` **Type**: `string` **Required**: Yes **Default**: None SSH host address or IP to connect to. Can be a single host, multiple hosts separated by commas, or include custom ports. **Environment Variable**: `INPUT_HOST` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: deployuser key: ${{ secrets.SSH_KEY }} script: whoami ``` --- ### `port` **Type**: `string` **Required**: No **Default**: `22` SSH port number for the connection. Can be specified inline per host when multiple hosts are used, otherwise serves as a default. **Environment Variable**: `INPUT_PORT` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com port: 2222 username: deployuser key: ${{ secrets.SSH_KEY }} script: whoami ``` --- ### `username` **Type**: `string` **Required**: Yes **Default**: None SSH username for authentication on the remote server. **Environment Variable**: `INPUT_USERNAME` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} script: whoami ``` --- ### `password` **Type**: `string` **Required**: No **Default**: None SSH password for password-based authentication. Should be stored in GitHub Secrets. Takes lower precedence than `key`. **Environment Variable**: `INPUT_PASSWORD` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: deployuser password: ${{ secrets.SSH_PASSWORD }} script: whoami ``` --- ### `key` **Type**: `string` **Required**: No **Default**: None Raw content of SSH private key for public key authentication. Must be in PEM format. Takes precedence over `password`. **Environment Variable**: `INPUT_KEY` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_PRIVATE_KEY }} script: whoami ``` --- ### `key_path` **Type**: `string` **Required**: No **Default**: None Path to SSH private key file on the GitHub Actions runner filesystem. Used as an alternative to the inline `key` parameter. **Environment Variable**: `INPUT_KEY_PATH` **Example**: ```yaml - name: Run SSH commands uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key_path: ~/.ssh/id_rsa script: whoami ``` --- ### `passphrase` **Type**: `string` **Required**: No **Default**: None Passphrase for decrypting SSH private key if it's encrypted. Required when using keys protected with a passphrase. **Environment Variable**: `INPUT_PASSPHRASE` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} passphrase: ${{ secrets.SSH_PASSPHRASE }} script: whoami ``` --- ### `timeout` **Type**: `duration string` **Required**: No **Default**: `30s` Maximum time to wait when establishing SSH connection to remote host. Format examples: `30s`, `1m`, `2m30s`, `90s`. **Environment Variable**: `INPUT_TIMEOUT` **Example**: ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} timeout: 60s script: whoami ``` ``` -------------------------------- ### Commands from File Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Load and execute shell commands from a script file within your repository. This is useful for complex scripts, reusability, and easier local testing. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: deploy key: ${{ secrets.SSH_KEY }} script_path: scripts/deploy.sh ``` ```bash #!/usr/bin/env bash set -e echo "Starting deployment..." cd /home/deploy/app git pull origin main npm install npm run build npm run migrate systemctl restart app echo "Deployment complete" ``` -------------------------------- ### SSH Action with Proxy Key Path Configuration Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Specify the path to the SSH private key file on the runner for proxy host authentication. This is an alternative to providing the key content directly. ```yaml - uses: appleboy/ssh-action@v1 with: host: internal-server.local username: ubuntu key: ${{ secrets.SSH_KEY }} proxy_host: jumphost.example.com proxy_username: jump_user proxy_key_path: ~/.ssh/proxy_key script: whoami ``` -------------------------------- ### Connect to Target Server via Proxy Host Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Establish a connection to a target server through a jump host. This is useful for accessing internal resources from a secure network. ```yaml - uses: appleboy/ssh-action@v1 with: host: internal-app.local username: appuser key: ${{ secrets.APP_SSH_KEY }} port: 22 proxy_host: jumphost.example.com proxy_username: jumpuser proxy_key: ${{ secrets.JUMP_SSH_KEY }} proxy_port: 22 script: | whoami hostname pwd ``` -------------------------------- ### Set SSH Key Permissions Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Ensures correct file permissions for SSH keys and directories. Private keys should have 600 permissions, public keys 644, the .ssh directory 700, and authorized_keys 600. ```bash # Local permissions (on development machine) chmod 600 ~/.ssh/id_ed25519 # Private key (read/write by owner only) chmod 644 ~/.ssh/id_ed25519.pub # Public key (readable by all) # Remote permissions (on SSH server) chmod 700 ~/.ssh # .ssh directory chmod 600 ~/.ssh/authorized_keys # authorized_keys file ``` -------------------------------- ### Execute Script on Windows Runners Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md On Windows runners, the action works directly. If issues persist, explicitly use `bash`. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: user key: ${{ secrets.SSH_KEY }} script: whoami ``` -------------------------------- ### Manually Add Public Key to Server Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Provides steps to manually add your public SSH key to the remote server. This involves copying the key, creating the .ssh directory with correct permissions, and appending the key to authorized_keys. ```bash # macOS pbcopy < ~/.ssh/id_ed25519.pub # Linux xclip < ~/.ssh/id_ed25519.pub ``` ```bash ssh user@example.com mkdir -p ~/.ssh chmod 700 ~/.ssh cat >> ~/.ssh/authorized_keys # paste public key and press Ctrl+D chmod 600 ~/.ssh/authorized_keys exit ``` ```bash ssh -i ~/.ssh/id_ed25519 user@example.com ``` -------------------------------- ### Check SSHD Configuration Syntax Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Perform a syntax check on the SSH daemon configuration file using `sshctl -T` (if available). Helps identify configuration errors causing connection problems. ```bash # Check sshd configuration sudo sshctl -T # Syntax check (if available) ``` -------------------------------- ### Multi-Host Parallel Deployment Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Deploy to multiple hosts simultaneously by providing a comma-separated list of hosts. Commands are executed in parallel, leading to faster deployments. ```yaml - uses: appleboy/ssh-action@v1 with: host: "app1.example.com,app2.example.com,app3.example.com" username: deploy key: ${{ secrets.SSH_KEY }} port: 22 script: | set -e cd /home/deploy/app git pull origin main npm install npm run build systemctl restart app ``` -------------------------------- ### Handle Deployment Errors Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Implement error handling by setting `continue-on-error: true` for the deployment step and checking its outcome in subsequent steps for rollback or notifications. ```yaml # Good: Proper error handling - name: Deploy application id: deploy continue-on-error: true uses: appleboy/ssh-action@v1 with: host: example.com username: user key: ${{ secrets.SSH_KEY }} script: deploy.sh - name: Handle errors if: steps.deploy.outcome == 'failure' run: | echo "Deployment failed" # Trigger rollback or notification ``` -------------------------------- ### Execute Commands on Multiple Hosts with Different Ports Source: https://github.com/appleboy/ssh-action/blob/master/README.md Runs commands on multiple hosts, specifying individual ports for each. Ensure the host string format is correct. ```yaml - name: Multiple hosts uses: appleboy/ssh-action@v1 with: host: "foo.com:1234,bar.com:5678" username: ${{ secrets.USERNAME }} key: ${{ secrets.KEY }} script: | whoami ls -al ``` -------------------------------- ### Automated Test Execution via GitHub Actions Source: https://github.com/appleboy/ssh-action/blob/master/CLAUDE.md Tests are automatically executed on push events through the .github/workflows/main.yml workflow. This process involves creating Docker containers with OpenSSH servers to test various scenarios. ```bash # Tests run automatically on push via .github/workflows/main.yml # Tests create Docker containers with openssh-server and test various scenarios ``` -------------------------------- ### Obtain Host Public Key Fingerprint Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/configuration.md Demonstrates how to obtain the SHA256 fingerprint of a target host's public key using `ssh-keyscan` and `ssh-keygen`. ```bash ssh-keyscan -t ed25519 example.com | ssh-keygen -l -f - -E sha256 ``` -------------------------------- ### Execute Command by Sourcing Shell Profile Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Fix "Command not found" errors in non-interactive shells by sourcing the shell profile (e.g., `~/.bashrc`) before executing the command. Ensure the profile is compatible with non-interactive shells. ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: user key: ${{ secrets.SSH_KEY }} script: | source ~/.bashrc npm test ``` -------------------------------- ### Test SSH Connection Locally Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/integration-guide.md Test SSH connection and proxy settings locally before integrating into GitHub Actions. ```bash # Before adding to GitHub Actions, test locally ssh -i ~/.ssh/id_ed25519 -v user@example.com # Test with proxy ssh -i ~/.ssh/id_ed25519 -v -J proxy@proxyhost user@targethost ``` -------------------------------- ### Configure Multiple Hosts with Custom Ports Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/configuration.md Specifies multiple target hosts, each with potentially custom inline ports. A fallback port can be defined for hosts without an inline port. ```yaml host: host1.com:2222,host2.com:5678,host3.com port: 22 ``` -------------------------------- ### SSH Deployment with Error Handling and Recovery Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/usage-examples.md Attempt a deployment using SSH, allowing the workflow to continue even if the deployment script fails. Subsequent steps can then check the deployment outcome and trigger rollbacks or verification. ```yaml - name: Attempt deployment id: deploy continue-on-error: true uses: appleboy/ssh-action@v1 with: host: ${{ secrets.SSH_HOST }} username: deploy key: ${{ secrets.SSH_KEY }} script: | set -e cd /app npm test npm run build systemctl restart app ``` ```yaml - name: Handle failure if: steps.deploy.outcome == 'failure' run: | echo "Deployment failed, rolling back..." # Trigger rollback workflow or steps ``` ```yaml - name: Verify success if: steps.deploy.outcome == 'success' run: echo "Deployment successful" ``` -------------------------------- ### Script File Execution Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Specify the path to a local file in the repository containing commands to execute on the remote server. ```APIDOC ## `script_path` ### Description Path to a local file in the repository containing commands to execute on the remote server. The file is read from the GitHub Actions runner filesystem. Both absolute and relative paths are supported. ### Type string ### Required No (either `script` or `script_path` required) ### Default None ### Environment Variable `INPUT_SCRIPT_FILE` (note: different from `script`) ### Example ```yaml - uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} script_path: scripts/deploy.sh ``` File contents (scripts/deploy.sh): ```bash #!/usr/bin/env bash set -e whoami pwd ls -al ``` ``` -------------------------------- ### capture_stdout Source: https://github.com/appleboy/ssh-action/blob/master/_autodocs/api-reference/inputs-outputs.md Capture standard output from commands and expose as action output for use in subsequent steps. When enabled, stdout is written to `${GITHUB_OUTPUT}` and accessible via `steps.{step_id}.outputs.stdout` in later steps. ```APIDOC ## capture_stdout ### Description Capture standard output from commands and expose as action output for use in subsequent steps. When enabled, stdout is written to `${GITHUB_OUTPUT}` and accessible via `steps.{step_id}.outputs.stdout` in later steps. ### Environment Variable `INPUT_CAPTURE_STDOUT` ### Example ```yaml - id: ssh uses: appleboy/ssh-action@v1 with: host: example.com username: ubuntu key: ${{ secrets.SSH_KEY }} capture_stdout: true script: | echo "version:1.2.3" hostname - name: Use captured output run: | echo "Captured output:" echo "${{ steps.ssh.outputs.stdout }}" ``` ```