Inicio Explorar Ayuda
Iniciar sesión
yt-dlp
/
ssh-agent
espejo de https://github.com/yt-dlp/ssh-agent
Seguir 2
Destacar 0
Fork 0
Archivos Incidencias 0 Wiki
Rama: master
Ramas Etiquetas
ssh-agent
/
index.js

index.js 4.3 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. const core = require('@actions/core');
    2. 

  2. const child_process = require('child_process');
    3. 

  3. const fs = require('fs');
    4. 

  4. const crypto = require('crypto');
    5. 

  5. const { home, sshAgent, sshAdd } = require('./paths.js');
    6. 

  6. 

  7. try {
    8. 

  8.     const privateKey = core.getInput('ssh-private-key');
    9. 

  9. 

  10.     if (!privateKey) {
    11. 

  11.         core.setFailed("The ssh-private-key argument is empty. Maybe the secret has not been configured, or you are using a wrong secret name in your workflow file.");
    12. 

  12. 

  13.         return;
    14. 

  14.     }
    15. 

  15. 

  16.     const homeSsh = home + '/.ssh';
    17. 

  17. 

  18.     console.log(`Adding GitHub.com keys to ${homeSsh}/known_hosts`);
    19. 

  19. 

  20.     fs.mkdirSync(homeSsh, { recursive: true });
    21. 

  21.     fs.appendFileSync(`${homeSsh}/known_hosts`, '\ngithub.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=\n');
    22. 

  22.     fs.appendFileSync(`${homeSsh}/known_hosts`, '\ngithub.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl\n');
    23. 

  23.     fs.appendFileSync(`${homeSsh}/known_hosts`, '\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n');
    24. 

  24. 

  25.     console.log("Starting ssh-agent");
    26. 

  26. 

  27.     const authSock = core.getInput('ssh-auth-sock');
    28. 

  28.     const sshAgentArgs = (authSock && authSock.length > 0) ? ['-a', authSock] : [];
    29. 

  29. 

  30.     // Extract auth socket path and agent pid and set them as job variables
    31. 

  31.     child_process.execFileSync(sshAgent, sshAgentArgs).toString().split("\n").forEach(function(line) {
    32. 

  32.         const matches = /^(SSH_AUTH_SOCK|SSH_AGENT_PID)=(.*); export \1/.exec(line);
    33. 

  33. 

  34.         if (matches && matches.length > 0) {
    35. 

  35.             // This will also set process.env accordingly, so changes take effect for this script
    36. 

  36.             core.exportVariable(matches[1], matches[2])
    37. 

  37.             console.log(`${matches[1]}=${matches[2]}`);
    38. 

  38.         }
    39. 

  39.     });
    40. 

  40. 

  41.     console.log("Adding private key(s) to agent");
    42. 

  42. 

  43.     privateKey.split(/(?=-----BEGIN)/).forEach(function(key) {
    44. 

  44.         child_process.execFileSync(sshAdd, ['-'], { input: key.trim() + "\n" });
    45. 

  45.     });
    46. 

  46. 

  47.     console.log("Key(s) added:");
    48. 

  48. 

  49.     child_process.execFileSync(sshAdd, ['-l'], { stdio: 'inherit' });
    50. 

  50. 

  51.     console.log('Configuring deployment key(s)');
    52. 

  52. 

  53.     child_process.execFileSync(sshAdd, ['-L']).toString().split(/\r?\n/).forEach(function(key) {
    54. 

  54.         const parts = key.match(/\bgithub\.com[:/]([_.a-z0-9-]+\/[_.a-z0-9-]+)/i);
    55. 

  55. 

  56.         if (!parts) {
    57. 

  57.             console.log(`Comment for (public) key '${key}' does not match GitHub URL pattern. Not treating it as a GitHub deploy key.`);
    58. 

  58. 

  59.             return;
    60. 

  60.         }
    61. 

  61. 

  62.         const sha256 = crypto.createHash('sha256').update(key).digest('hex');
    63. 

  63.         const ownerAndRepo = parts[1].replace(/\.git$/, '');
    64. 

  64. 

  65.         fs.writeFileSync(`${homeSsh}/key-${sha256}`, key + "\n", { mode: '600' });
    66. 

  66. 

  67.         child_process.execSync(`git config --global --replace-all url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "https://github.com/${ownerAndRepo}"`);
    68. 

  68.         child_process.execSync(`git config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "git@github.com:${ownerAndRepo}"`);
    69. 

  69.         child_process.execSync(`git config --global --add url."git@key-${sha256}.github.com:${ownerAndRepo}".insteadOf "ssh://git@github.com/${ownerAndRepo}"`);
    70. 

  70. 

  71.         const sshConfig = `\nHost key-${sha256}.github.com\n`
    72. 

  72.                               + `    HostName github.com\n`
    73. 

  73.                               + `    IdentityFile ${homeSsh}/key-${sha256}\n`
    74. 

  74.                               + `    IdentitiesOnly yes\n`;
    75. 

  75. 

  76.         fs.appendFileSync(`${homeSsh}/config`, sshConfig);
    77. 

  77. 

  78.         console.log(`Added deploy-key mapping: Use identity '${homeSsh}/key-${sha256}' for GitHub repository ${ownerAndRepo}`);
    79. 

  79.     });
    80. 

  80. 

  81. } catch (error) {
    82. 

  82. 

  83.     if (error.code == 'ENOENT') {
    84. 

  84.         console.log(`The '${error.path}' executable could not be found. Please make sure it is on your PATH and/or the necessary packages are installed.`);
    85. 

  85.         console.log(`PATH is set to: ${process.env.PATH}`);
    86. 

  86.     }
    87. 

  87. 

  88.     core.setFailed(error.message);
    89. 

  89. }
    90. 

  90.