ssh-key-action icon indicating copy to clipboard operation
ssh-key-action copied to clipboard

Published 20 hours ago verified publisher icon shimataro

Launch ssh-agent and add the keys (ssh-add)

Open ruudk opened this issue 5 years ago • 9 comments

Would be great to not having to use this action + https://github.com/webfactory/ssh-agent. But just 1 action that does both.

ruudk avatar Jan 16 '20 12:01 ruudk

@ruudk Do you mean that you want to launch ssh-agent and add keys using ssh-add? As far as I researched, webfactory/ssh-agent can do it.

shimataro avatar Jan 22 '20 13:01 shimataro

Yeah, I've been using both actions now, feels like 1 action could do both things.

ruudk avatar Jan 22 '20 14:01 ruudk

@ruudk Sorry, let me make sure what you mean again.

You want to:

  • launch ssh-agent, and
  • load your keys to the memory using ssh-add

Is that all? If so, you won't need my action. webfactory/ssh-agent is enough.

Or, also want to add keys in ~/.ssh or do something else?

shimataro avatar Jan 22 '20 14:01 shimataro

I need both, I'm using an app that checks if the key is on disk + requires it to be in ssh-agent later (because of git push somewhere in the process). So that's kinda silly. But maybe it's an edge case.

ruudk avatar Jan 22 '20 14:01 ruudk

@ruudk

requires it to be in ssh-agent later (because of git push somewhere in the process)

ssh-agent is not necessary for git push, this action (Install SSH Key) is enough.

shimataro avatar Jan 23 '20 14:01 shimataro

I also ran into this issue (because I need to pull a private bitbucket repo) and had to manually add

ssh-add -K ~/.ssh/id_rsa

I also have to add the following after the script because it seems that github secrets don't respect new lines at the end:

        echo "" >> ~/.ssh/id_rsa
        echo "" >> ~/.ssh/known_hosts

not adding the above two lines causes ssh-add to fail and also causes known_hosts to be invalid when other hosts get added.

kceb avatar Feb 22 '20 05:02 kceb

@kceb

I also have to add the following after the script because it seems that github secrets don't respect new lines at the end:

Yes, framework of action trims whitespaces. https://github.com/actions/toolkit/blob/d17d4a916377cc569a5c642b9d2f56c23d1ab620/packages/core/src/core.ts#L67-L74

My action prepends LF to secrets. So, it is not a problem as long as this action is used at last.

By the way, ssh-add is not necessary in order to use private repo. Below workflow will work.

steps:
- name: Install SSH key
  uses: shimataro/ssh-key-action@v2
  with:
    key: ${{ secrets.SSH_KEY }} # your private key
    known_hosts: |
      bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
- name: Clone private repo from Bitbucket
  run: git clone [email protected]:YOUR/REPOSITORY.git

shimataro avatar Feb 22 '20 06:02 shimataro

@shimataro thanks

could you clarify the following?

My action prepends LF to secrets. So, it is not a problem as long as this action is used at last.

I'm still facing issues when I use key: ${{ secrets.SSH_KEY }} # your private key, I find that I have to still append a newline to the id_rsa file.

my setup:

    - name: Install SSH key
      uses: shimataro/ssh-key-action@v2
      with:
        key: ${{ secrets.SSH_PRIVATE_KEY }}
        name: id_rsa
        known_hosts: |
          bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
    - name: Format SSH key and add to agent
      run: |
        chmod 600 ~/.ssh/id_rsa
        echo "" >> ~/.ssh/id_rsa
        echo "" >> ~/.ssh/known_hosts # I find I need this if I use something like this later on in the workflow: https://github.com/marketplace/actions/debugging-with-tmate

kceb avatar Feb 26 '20 02:02 kceb

@kceb

I'm still facing issues when I use key: ${{ secrets.SSH_KEY }} # your private key, I find that I have to still append a newline to the id_rsa file.

Yes, my action just prepends newline, not appends. If you need to edit something to known_hosts, please use any one of the followings.

  • run echo "" >>~/.ssh/known_hosts after installing SSH key, as you wrote
  • edit known_hosts before using my action

echo "" >> ~/.ssh/id_rsa

Is there a necessity to append newline to id_rsa?

shimataro avatar Feb 26 '20 07:02 shimataro