@@ -118,8 +118,8 @@ exports.issueCommand = issueCommand;
118
118
const core = __webpack_require__ ( 470 ) ;
119
119
const child_process = __webpack_require__ ( 129 ) ;
120
120
const fs = __webpack_require__ ( 747 ) ;
121
- const os = __webpack_require__ ( 87 ) ;
122
121
const crypto = __webpack_require__ ( 417 ) ;
122
+ const { home, sshAgent, sshAdd } = __webpack_require__ ( 972 ) ;
123
123
124
124
try {
125
125
const privateKey = core . getInput ( 'ssh-private-key' ) ;
@@ -130,77 +130,66 @@ try {
130
130
return ;
131
131
}
132
132
133
- var home ;
134
-
135
- if ( process . env [ 'OS' ] == 'Windows_NT' ) {
136
- console . log ( 'Preparing ssh-agent service on Windows' ) ;
137
- child_process . execSync ( 'sc config ssh-agent start=demand' , { stdio : 'inherit' } ) ;
138
-
139
- home = os . homedir ( ) ;
140
- } else {
141
- // Use getent() system call, since this is what ssh does; makes a difference in Docker-based
142
- // Action runs, where $HOME is different from the pwent
143
- var { homedir : home } = os . userInfo ( ) ;
144
- }
145
-
146
133
const homeSsh = home + '/.ssh' ;
147
134
148
135
console . log ( `Adding GitHub.com keys to ${ homeSsh } /known_hosts` ) ;
136
+
149
137
fs . mkdirSync ( homeSsh , { recursive : true } ) ;
150
138
fs . appendFileSync ( `${ homeSsh } /known_hosts` , '\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n' ) ;
151
139
fs . appendFileSync ( `${ homeSsh } /known_hosts` , '\ngithub.com ssh-dss AAAAB3NzaC1kc3MAAACBANGFW2P9xlGU3zWrymJgI/lKo//ZW2WfVtmbsUZJ5uyKArtlQOT2+WRhcg4979aFxgKdcsqAYW3/LS1T2km3jYW/vr4Uzn+dXWODVk5VlUiZ1HFOHf6s6ITcZvjvdbp6ZbpM+DuJT7Bw+h5Fx8Qt8I16oCZYmAPJRtu46o9C2zk1AAAAFQC4gdFGcSbp5Gr0Wd5Ay/jtcldMewAAAIATTgn4sY4Nem/FQE+XJlyUQptPWMem5fwOcWtSXiTKaaN0lkk2p2snz+EJvAGXGq9dTSWHyLJSM2W6ZdQDqWJ1k+cL8CARAqL+UMwF84CR0m3hj+wtVGD/J4G5kW2DBAf4/bqzP4469lT+dF2FRQ2L9JKXrCWcnhMtJUvua8dvnwAAAIB6C4nQfAA7x8oLta6tT+oCk2WQcydNsyugE8vLrHlogoWEicla6cWPk7oXSspbzUcfkjN3Qa6e74PhRkc7JdSdAlFzU3m7LMkXo1MHgkqNX8glxWNVqBSc0YRdbFdTkL0C6gtpklilhvuHQCdbgB3LBAikcRkDp+FCVkUgPC/7Rw==\n' ) ;
152
140
153
141
console . log ( "Starting ssh-agent" ) ;
142
+
154
143
const authSock = core . getInput ( 'ssh-auth-sock' ) ;
155
- let sshAgentOutput = ''
156
- if ( authSock && authSock . length > 0 ) {
157
- sshAgentOutput = child_process . execFileSync ( 'ssh-agent' , [ '-a' , authSock ] ) ;
158
- } else {
159
- sshAgentOutput = child_process . execFileSync ( 'ssh-agent' )
160
- }
144
+ const sshAgentArgs = ( authSock && authSock . length > 0 ) ? [ '-a' , authSock ] : [ ] ;
161
145
162
146
// Extract auth socket path and agent pid and set them as job variables
163
- const lines = sshAgentOutput . toString ( ) . split ( "\n" )
164
- for ( const lineNumber in lines ) {
165
- const matches = / ^ ( S S H _ A U T H _ S O C K | S S H _ A G E N T _ P I D ) = ( . * ) ; e x p o r t \1 / . exec ( lines [ lineNumber ] )
147
+ child_process . execFileSync ( sshAgent , sshAgentArgs ) . toString ( ) . split ( "\n" ) . forEach ( function ( line ) {
148
+ const matches = / ^ ( S S H _ A U T H _ S O C K | S S H _ A G E N T _ P I D ) = ( . * ) ; e x p o r t \1 / . exec ( line ) ;
149
+
166
150
if ( matches && matches . length > 0 ) {
151
+ // This will also set process.env accordingly, so changes take effect for this script
167
152
core . exportVariable ( matches [ 1 ] , matches [ 2 ] )
153
+ console . log ( `${ matches [ 1 ] } =${ matches [ 2 ] } ` ) ;
168
154
}
169
- }
155
+ } ) ;
156
+
157
+ console . log ( "Adding private key(s) to agent" ) ;
170
158
171
- console . log ( "Adding private key to agent" ) ;
172
159
privateKey . split ( / (? = - - - - - B E G I N ) / ) . forEach ( function ( key ) {
173
- child_process . execSync ( 'ssh-add -' , { input : key . trim ( ) + "\n" } ) ;
160
+ child_process . execFileSync ( sshAdd , [ '-' ] , { input : key . trim ( ) + "\n" } ) ;
174
161
} ) ;
175
162
176
- console . log ( "Keys added:" ) ;
177
- child_process . execSync ( 'ssh-add -l' , { stdio : 'inherit' } ) ;
163
+ console . log ( "Key(s) added:" ) ;
164
+
165
+ child_process . execFileSync ( sshAdd , [ '-l' ] , { stdio : 'inherit' } ) ;
166
+
167
+ console . log ( 'Configuring deployment key(s)' ) ;
178
168
179
- child_process . execFileSync ( 'ssh-add' , [ '-L' ] ) . toString ( ) . split ( / \r ? \n / ) . forEach ( function ( key ) {
180
- let parts = key . match ( / \b g i t h u b .c o m [: / ] ( . * ) (?: \. g i t ) ? \b / ) ;
169
+ child_process . execFileSync ( sshAdd , [ '-L' ] ) . toString ( ) . split ( / \r ? \n / ) . forEach ( function ( key ) {
170
+ const parts = key . match ( / \b g i t h u b \ .c o m [: / ] ( [ _ . a - z 0 - 9 - ] + \/ [ _ . a - z 0 - 9 - ] + ) / ) ;
181
171
182
- if ( parts == null ) {
172
+ if ( ! parts ) {
183
173
return ;
184
174
}
185
175
186
- let ownerAndRepo = parts [ 1 ] ;
187
- let sha256 = crypto . createHash ( 'sha256' ) . update ( key ) . digest ( 'hex ') ;
176
+ const sha256 = crypto . createHash ( 'sha256' ) . update ( key ) . digest ( 'hex' ) ;
177
+ const ownerAndRepo = parts [ 1 ] . replace ( / \. g i t $ / , ' ') ;
188
178
189
- fs . writeFileSync ( `${ homeSsh } /${ sha256 } ` , key + "\n" , { mode : '600' } ) ;
179
+ fs . writeFileSync ( `${ homeSsh } /key- ${ sha256 } ` , key + "\n" , { mode : '600' } ) ;
190
180
191
- child_process . execSync ( `git config --global --replace-all url."git@${ sha256 } :${ ownerAndRepo } ".insteadOf "https://github.com/${ ownerAndRepo } "` ) ;
192
- child_process . execSync ( `git config --global --add url."git@${ sha256 } :${ ownerAndRepo } ".insteadOf "[email protected] :${ ownerAndRepo } "` ) ;
193
- child_process . execSync ( `git config --global --add url."git@${ sha256 } :${ ownerAndRepo } ".insteadOf "ssh://[email protected] /${ ownerAndRepo } "` ) ;
181
+ child_process . execSync ( `git config --global --replace-all url."git@key- ${ sha256 } .github.com :${ ownerAndRepo } ".insteadOf "https://github.com/${ ownerAndRepo } "` ) ;
182
+ child_process . execSync ( `git config --global --add url."git@key- ${ sha256 } .github.com :${ ownerAndRepo } ".insteadOf "[email protected] :${ ownerAndRepo } "` ) ;
183
+ child_process . execSync ( `git config --global --add url."git@key- ${ sha256 } .github.com :${ ownerAndRepo } ".insteadOf "ssh://[email protected] /${ ownerAndRepo } "` ) ;
194
184
195
- let sshConfig = `\nHost ${ sha256 } \n`
185
+ const sshConfig = `\nHost key- ${ sha256 } .github.com \n`
196
186
+ ` HostName github.com\n`
197
- + ` User git\n`
198
- + ` IdentityFile ${ homeSsh } /${ sha256 } \n`
187
+ + ` IdentityFile ${ homeSsh } /key-${ sha256 } \n`
199
188
+ ` IdentitiesOnly yes\n` ;
200
189
201
190
fs . appendFileSync ( `${ homeSsh } /config` , sshConfig ) ;
202
191
203
- console . log ( `Added deploy-key mapping: Use key " ${ key } " for GitHub repository ${ ownerAndRepo } ` ) ;
192
+ console . log ( `Added deploy-key mapping: Use identity ' ${ homeSsh } / key- ${ sha256 } ' for GitHub repository ${ ownerAndRepo } ` ) ;
204
193
} ) ;
205
194
206
195
} catch ( error ) {
@@ -573,6 +562,31 @@ module.exports = require("path");
573
562
574
563
module . exports = require ( "fs" ) ;
575
564
565
+ /***/ } ) ,
566
+
567
+ /***/ 972 :
568
+ /***/ ( function ( module , __unusedexports , __webpack_require__ ) {
569
+
570
+ const os = __webpack_require__ ( 87 ) ;
571
+
572
+ module . exports = ( process . env [ 'OS' ] != 'Windows_NT' ) ? {
573
+
574
+ // Use getent() system call, since this is what ssh does; makes a difference in Docker-based
575
+ // Action runs, where $HOME is different from the pwent
576
+ home : os . userInfo ( ) . homedir ,
577
+ sshAgent : 'ssh-agent' ,
578
+ sshAdd : 'ssh-add'
579
+
580
+ } : {
581
+
582
+ home : os . homedir ( ) ,
583
+ sshAgent : 'c://progra~1//git//usr//bin//ssh-agent.exe' ,
584
+ sshAdd : 'c://progra~1//git//usr//bin//ssh-add.exe'
585
+
586
+ } ;
587
+
588
+
589
+
576
590
/***/ } )
577
591
578
592
/******/ } ) ;
0 commit comments