GitHub action to deploy to some server via rsync and ssh
rsync
Over ssh
Sometimes, you might want to use rsync
inside GitHub actions, such as for deploying static assets to some old school webserver over ssh.
This is your action.
It allows you to transfer files from your working directory (/github/workspace
) to some server using rsync
over ssh
.
Helpfully, /github/workspace
includes a copy of your repository source, as well as any build artefacts left behind by previous workflow steps (= other actions you ran before).
GitHub actions is still in limited public beta and advises against usage in production.
This action requires ssh private keys (see secrets), and may thus be vulnerable. The ssh authentification may need improvement (see issues).
This action requires two secrets to authenticate over ssh:
SSH_PRIVATE_KEY
SSH_PUBLIC_KEY
You get both of these from the server you interact with.
Remember to never commit these keys, but provide them through the GitHub UI (repository settings/secrets).
This action requires three environment variables used to register the target server in $HOME/.ssh/known_hosts
.
This is to make sure that the action is talking to a trusted server.
known_hosts
verification currently fails and is overriden, see issue 1.
HOST_NAME
(the name of the server you wish to deploy to, such as foo.example.com
)HOST_IP
(the IP of the server you wish to deploy to, such as 111.111.11.111
)HOST_FINGERPRINT
(the fingerprint of the server you wish to deploy to, can have different formats)The HOST_NAME
is also used in the below required arguments.
rsync
requires:
SRC
: source directory, relative path from /github/workspace
[USER@]HOST::DEST
: target user (optional), target server, and directory from root on that target server.
Remember you can reuse the environment variable $HOST_NAME
.For action rsync
options, see entrypoint.sh
in the source.
For more options and documentation on rsync
, see https://rsync.samba.org.
action "Deploy with rsync" {
uses = "maxheld83/[email protected]"
needs = "Write sha"
secrets = [
"SSH_PRIVATE_KEY",
"SSH_PUBLIC_KEY"
]
env = {
HOST_NAME = "foo.example.com"
HOST_IP = "111.111.11.111"
HOST_FINGERPRINT = "ecdsa-sha2-nistp256 AAAA..."
}
args = [
"$GITHUB_WORKSPACE/index.html",
"alice@$HOST_NAME:path/to/destination"
]
}