From 8ab201b37db8f1dff66588fecb9e198b02f962e6 Mon Sep 17 00:00:00 2001 From: FarisZR <35614734+FarisZR@users.noreply.github.com> Date: Thu, 11 May 2023 20:01:43 +0300 Subject: [PATCH 1/4] Switch to a composite action --- Dockerfile | 5 -- action.yml | 107 +++++++++++++++++++++++++++++++++++++++++-- docker-entrypoint.sh | 104 ----------------------------------------- 3 files changed, 104 insertions(+), 112 deletions(-) delete mode 100644 Dockerfile delete mode 100755 docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index bf1561d..0000000 --- a/Dockerfile +++ /dev/null @@ -1,5 +0,0 @@ -FROM docker:cli - -COPY docker-entrypoint.sh /docker-entrypoint.sh - -ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/action.yml b/action.yml index f9088c2..19b4532 100644 --- a/action.yml +++ b/action.yml @@ -18,9 +18,11 @@ inputs: compose_file_path: description: path for Docker compose file used. Default is is repo root(docker-compose.yml) required: false + default: "docker-compose.yml" ssh_port: description: The ssh port of the server. Default is 22 required: false + default: "22" upload_directory: description: when enabled, uploads entire docker directory, useful for configuration files needed along the container required: false @@ -44,11 +46,110 @@ inputs: required: false runs: - using: docker - image: 'Dockerfile' + using: "composite" + steps: + - name: Check remote docker host address + if: ${{ inputs.remote_docker_host == '' }} + shell: bash + run: | + echo "::error title=⛔ error hint::No docker host specified, we can't connect to the server without knowing the address!" + exit 1 + - name: "Check SSH keys" + if: ${{ inputs.tailscale_ssh == '' }} + run: | + echo "Normal SSH mode, checking SSH keys" + if [ -z "$INPUT_SSH_PUBLIC_KEY" ]; then + echo echo "::error title=⛔ error hint::No public SSH key specified" + exit 1 + fi + + if [ -z "$INPUT_SSH_PRIVATE_KEY" ]; then + echo echo "::error title=⛔ error hint::No private SSH key specified" + exit 1 + fi + + - name: Check command arguments + if: ${{ inputs.args == '' }} + shell: bash + run: | + echo "::error title=⛔ error hint::No command arguments specified, these are required to execute the docker-compose / docker stack command!" + exit 1 + + - name: "Set DOCKER_HOST and SSH_HOST" + run: | + DOCKER_HOST=ssh://\${INPUT_REMOTE_DOCKER_HOST}:\${INPUT_SSH_PORT} + SSH_HOST=\${INPUT_REMOTE_DOCKER_HOST#*@} + + - name: starting SSH agent + run: | + mkdir -p ~/.ssh + eval $(ssh-agent) + + - name: "Register SSH keys" + if: ${{ inputs.tailscale_ssh == '' }} + run: | + echo "Registering SSH keys..." + ls ~/.ssh + printf '%s\n' "$INPUT_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + printf '%s\n' "$INPUT_SSH_PUBLIC_KEY" > ~/.ssh/id_rsa.pub + chmod 600 ~/.ssh/id_rsa.pub + #chmod 600 "~/.ssh" + eval $(ssh-agent) + ssh-add ~/.ssh/id_rsa + echo "Adding known hosts" + ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> ~/.ssh/known_hosts + ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> /etc/ssh/ssh_known_hosts + + - name: "Create docker context" + run: | + docker context create remote --docker "host=ssh://$INPUT_REMOTE_DOCKER_HOST:$INPUT_SSH_PORT" + docker context use remote + + - name: "Check docker compose directory" + if: ${{ inputs.upload_directory }} + run: | + if [ -z "$INPUT_DOCKER_COMPOSE_DIRECTORY" ]; + then + echo "::error title=⛔ error hint::No docker directory specified, this is required to know which diretory to upload" + exit 1 + fi + + - name: "Upload directory" + if: ${{ inputs.upload_directory }} + run: | + tar cjvf - -C "$GITHUB_WORKSPACE" "$INPUT_DOCKER_COMPOSE_DIRECTORY" | ssh -o StrictHostKeyChecking=no "$INPUT_REMOTE_DOCKER_HOST" -p "$INPUT_SSH_PORT" 'tar -xjvf -' + echo "Upload finished" + + - name: "Run post upload command" + if: ${{ inputs.post_upload_command }} + run: | + then + echo "::notice Upload post command specified, running. $INPUT_POST_UPLOAD_COMMAND" + ssh -o StrictHostKeyChecking=no "$INPUT_REMOTE_DOCKER_HOST" -p "$INPUT_SSH_PORT" "eval $INPUT_POST_UPLOAD_COMMAND" + + - name: "Connect to docker registry" + if: ${{ inputs.docker_login_user && inputs.docker_login_password &&inputs.docker_login_registry }} + run: | + echo "::notice Connecting to $INPUT_REMOTE_DOCKER_HOST... Command: docker login" + docker login -u "$INPUT_DOCKER_LOGIN_USER" -p "$INPUT_DOCKER_LOGIN_PASSWORD" "$INPUT_DOCKER_LOGIN_REGISTRY" + + - name: "Deploy Stack file to swarm" + if: ${{ inputs.docker_swarm }} + run: | + echo "docker swarm mode enabled, using docker stack command" + echo "Command: docker ${INPUT_ARGS} stack deploy --compose-file ${INPUT_COMPOSE_FILE_PATH}" + docker ${INPUT_ARGS} stack deploy --compose-file ${INPUT_COMPOSE_FILE_PATH} + + - name: "Deploy Compose file" + if: ${{ inputs.docker_swarm = '' }} + run: | + echo "::notice Command: docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull" + docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull + echo "::notice Command: docker compose -f ${INPUT_COMPOSE_FILE_PATH} ${INPUT_ARGS}" + docker compose -f ${INPUT_COMPOSE_FILE_PATH} ${INPUT_ARGS} branding: icon: upload-cloud color: orange - diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh deleted file mode 100755 index 2eb6b3a..0000000 --- a/docker-entrypoint.sh +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/sh -set -eu - -if [ -z "$INPUT_REMOTE_DOCKER_HOST" ]; then - echo "Input remote_docker_host is required!" - exit 1 -fi - -# Ignore SSH keys when using Tailscale SSH -if [ -n "$INPUT_TAILSCALE_SSH" ]; -then - echo "Tailscale SSH mode enabled, Manual SSH keys not required" -else - echo "Normal SSH mode, checking SSH keys" - if [ -z "$INPUT_SSH_PUBLIC_KEY" ]; then - echo "Input ssh_public_key is required!" - exit 1 - fi - - if [ -z "$INPUT_SSH_PRIVATE_KEY" ]; then - echo "Input ssh_private_key is required!" - exit 1 - fi -fi - -if [ -z "$INPUT_ARGS" ]; then - echo "Input input_args is required!" - exit 1 -fi - -if [ -z "$INPUT_COMPOSE_FILE_PATH" ]; then - INPUT_COMPOSE_FILE_PATH=docker-compose.yml -fi - -if [ -z "$INPUT_SSH_PORT" ]; then - INPUT_SSH_PORT=22 -fi - -DOCKER_HOST=ssh://${INPUT_REMOTE_DOCKER_HOST}:${INPUT_SSH_PORT} - -SSH_HOST=${INPUT_REMOTE_DOCKER_HOST#*@} - - -if [ -n "$INPUT_TAILSCALE_SSH" ]; -then - echo "Using Tailscale SSH, Skipping Manual SSH key registeration" - mkdir -p ~/.ssh - eval $(ssh-agent) -else - echo "Registering SSH keys..." - # register the private key with the agent, when not using Tailscale - mkdir -p ~/.ssh - ls ~/.ssh - printf '%s\n' "$INPUT_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - printf '%s\n' "$INPUT_SSH_PUBLIC_KEY" > ~/.ssh/id_rsa.pub - chmod 600 ~/.ssh/id_rsa.pub - #chmod 600 "~/.ssh" - eval $(ssh-agent) - ssh-add ~/.ssh/id_rsa - echo "Add known hosts" - ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> ~/.ssh/known_hosts - ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> /etc/ssh/ssh_known_hosts -fi - -# set context -echo "Create docker context" -docker context create remote --docker "host=ssh://$INPUT_REMOTE_DOCKER_HOST:$INPUT_SSH_PORT" -docker context use remote - -if [ -n "$INPUT_UPLOAD_DIRECTORY" ]; -then - echo "upload_directory enabled" - if [ -z "$INPUT_DOCKER_COMPOSE_DIRECTORY" ]; - then - echo "Input docker_compose_directory is required when upload_directory is enabled!" - exit 1 - fi - tar cjvf - -C "$GITHUB_WORKSPACE" "$INPUT_DOCKER_COMPOSE_DIRECTORY" | ssh -o StrictHostKeyChecking=no "$INPUT_REMOTE_DOCKER_HOST" -p "$INPUT_SSH_PORT" 'tar -xjvf -' - echo "Upload finished" - if [ -n "$INPUT_POST_UPLOAD_COMMAND" ]; - then - echo "Upload post command specified, runnig. $INPUT_POST_UPLOAD_COMMAND" - ssh -o StrictHostKeyChecking=no "$INPUT_REMOTE_DOCKER_HOST" -p "$INPUT_SSH_PORT" "eval $INPUT_POST_UPLOAD_COMMAND" - fi -fi - -if [ -n "$INPUT_DOCKER_LOGIN_PASSWORD" ] || [ -n "$INPUT_DOCKER_LOGIN_USER" ] || [ -n "$INPUT_DOCKER_LOGIN_REGISTRY" ]; then - echo "Connecting to $INPUT_REMOTE_DOCKER_HOST... Command: docker login" - docker login -u "$INPUT_DOCKER_LOGIN_USER" -p "$INPUT_DOCKER_LOGIN_PASSWORD" "$INPUT_DOCKER_LOGIN_REGISTRY" -fi - -if [ -n "$INPUT_DOCKER_SWARM" ]; -then - echo "docker swarm mode enabled, using docker stack command" - echo "Command: docker ${INPUT_ARGS} stack deploy --compose-file ${INPUT_COMPOSE_FILE_PATH}" - docker ${INPUT_ARGS} stack deploy --compose-file ${INPUT_COMPOSE_FILE_PATH} -else - echo "Command: docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull" - docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull - - echo "Command: docker compose -f ${INPUT_COMPOSE_FILE_PATH} ${INPUT_ARGS}" - docker compose -f ${INPUT_COMPOSE_FILE_PATH} ${INPUT_ARGS} -fi From 196caa55b46657e77a4ac28188e474dcd63e4c0d Mon Sep 17 00:00:00 2001 From: FarisZR <35614734+FarisZR@users.noreply.github.com> Date: Thu, 6 Jul 2023 01:21:31 +0300 Subject: [PATCH 2/4] always add known host --- action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 19b4532..c76c6e4 100644 --- a/action.yml +++ b/action.yml @@ -98,7 +98,10 @@ runs: #chmod 600 "~/.ssh" eval $(ssh-agent) ssh-add ~/.ssh/id_rsa - echo "Adding known hosts" + + - name: Adding known host + shell: bash + run: | ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> ~/.ssh/known_hosts ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> /etc/ssh/ssh_known_hosts From d1a0278c9beb756d3abef13eb14cd64b96ec2b12 Mon Sep 17 00:00:00 2001 From: FarisZR <35614734+FarisZR@users.noreply.github.com> Date: Thu, 6 Jul 2023 01:21:39 +0300 Subject: [PATCH 3/4] specifiy shell for all steps --- action.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/action.yml b/action.yml index c76c6e4..63f84ff 100644 --- a/action.yml +++ b/action.yml @@ -77,17 +77,20 @@ runs: exit 1 - name: "Set DOCKER_HOST and SSH_HOST" + shell: bash run: | DOCKER_HOST=ssh://\${INPUT_REMOTE_DOCKER_HOST}:\${INPUT_SSH_PORT} SSH_HOST=\${INPUT_REMOTE_DOCKER_HOST#*@} - name: starting SSH agent + shell: bash run: | mkdir -p ~/.ssh eval $(ssh-agent) - name: "Register SSH keys" if: ${{ inputs.tailscale_ssh == '' }} + shell: bash run: | echo "Registering SSH keys..." ls ~/.ssh @@ -106,11 +109,13 @@ runs: ssh-keyscan -p $INPUT_SSH_PORT "$SSH_HOST" >> /etc/ssh/ssh_known_hosts - name: "Create docker context" + shell: bash run: | docker context create remote --docker "host=ssh://$INPUT_REMOTE_DOCKER_HOST:$INPUT_SSH_PORT" docker context use remote - name: "Check docker compose directory" + shell: bash if: ${{ inputs.upload_directory }} run: | if [ -z "$INPUT_DOCKER_COMPOSE_DIRECTORY" ]; @@ -120,12 +125,14 @@ runs: fi - name: "Upload directory" + shell: bash if: ${{ inputs.upload_directory }} run: | tar cjvf - -C "$GITHUB_WORKSPACE" "$INPUT_DOCKER_COMPOSE_DIRECTORY" | ssh -o StrictHostKeyChecking=no "$INPUT_REMOTE_DOCKER_HOST" -p "$INPUT_SSH_PORT" 'tar -xjvf -' echo "Upload finished" - name: "Run post upload command" + shell: bash if: ${{ inputs.post_upload_command }} run: | then @@ -133,6 +140,7 @@ runs: ssh -o StrictHostKeyChecking=no "$INPUT_REMOTE_DOCKER_HOST" -p "$INPUT_SSH_PORT" "eval $INPUT_POST_UPLOAD_COMMAND" - name: "Connect to docker registry" + shell: bash if: ${{ inputs.docker_login_user && inputs.docker_login_password &&inputs.docker_login_registry }} run: | echo "::notice Connecting to $INPUT_REMOTE_DOCKER_HOST... Command: docker login" @@ -140,6 +148,7 @@ runs: - name: "Deploy Stack file to swarm" if: ${{ inputs.docker_swarm }} + shell: bash run: | echo "docker swarm mode enabled, using docker stack command" echo "Command: docker ${INPUT_ARGS} stack deploy --compose-file ${INPUT_COMPOSE_FILE_PATH}" @@ -147,6 +156,7 @@ runs: - name: "Deploy Compose file" if: ${{ inputs.docker_swarm = '' }} + shell: bash run: | echo "::notice Command: docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull" docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull From eb33e354346063e3750a7206e97155dc27cf0508 Mon Sep 17 00:00:00 2001 From: FarisZR <35614734+FarisZR@users.noreply.github.com> Date: Thu, 6 Jul 2023 01:38:30 +0300 Subject: [PATCH 4/4] fix some typos --- action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 63f84ff..7f32253 100644 --- a/action.yml +++ b/action.yml @@ -57,6 +57,7 @@ runs: - name: "Check SSH keys" if: ${{ inputs.tailscale_ssh == '' }} + shell: bash run: | echo "Normal SSH mode, checking SSH keys" if [ -z "$INPUT_SSH_PUBLIC_KEY" ]; then @@ -155,7 +156,7 @@ runs: docker ${INPUT_ARGS} stack deploy --compose-file ${INPUT_COMPOSE_FILE_PATH} - name: "Deploy Compose file" - if: ${{ inputs.docker_swarm = '' }} + if: ${{ inputs.docker_swarm == '' }} shell: bash run: | echo "::notice Command: docker compose -f ${INPUT_COMPOSE_FILE_PATH} pull"