Skip to content

Commit

Permalink
feat: Add rsync filtering and optimize SFTP deployment process
Browse files Browse the repository at this point in the history 
- Introduced rsync support with customizable `rsyncArgs` for file filtering.
- Ensured only filtered content is uploaded, avoiding `filtered_upload` folder inclusion.
- Updated documentation to reflect the latest changes and usage examples.
  • Loading branch information
@wlixcc
wlixcc committed Dec 31, 2024
1 parent 89e97d7 commit 896dcfc
Show file tree
Hide file tree
Showing 5 changed files with 169 additions and 84 deletions.
11 changes: 7 additions & 4 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,15 @@ jobs:
- name: deploy file to server
uses: ./ # Uses an action in the root directory
with:
username: 'wl'
server: '${{ secrets.MAC_IP }}'
username: '${{ secrets.USER }}'
server: '${{ secrets.SERVER_IP }}'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './*'
remote_path: '/Users/wl/Downloads/t/a'
remote_path: '/tmp/testAction'
sftpArgs: '-o ConnectTimeout=5'
rsyncArgs: '--exclude *.yml'


# sftp_only: true
password: ${{secrets.SSH_PASSWORD}}
# password: ${{secrets.SSH_PASSWORD}}
# delete_remote_files: true
21 changes: 9 additions & 12 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,12 @@
# Container image that runs your code
FROM alpine:3.13
# Use an up-to-date and secure Alpine version
FROM alpine:3.18

# Copies your code file from your action repository to the filesystem path `/` of the container
COPY entrypoint.sh /entrypoint.sh

#Make sure to make you entrypoint.sh file executable:
RUN chmod 777 entrypoint.sh

RUN apk update
RUN apk add --no-cache openssh
# Install required packages in one RUN statement to reduce image layers
RUN apk update && apk add --no-cache rsync sshpass openssh

# Copy entrypoint script and set correct permissions
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# Code file to execute when the docker container starts up (`entrypoint.sh`)
ENTRYPOINT ["/entrypoint.sh"]
# Set the entrypoint for the container
ENTRYPOINT ["/bin/sh", "/entrypoint.sh"]
182 changes: 116 additions & 66 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,114 +1,164 @@
# SFTP Deploy action

> Use this action to deploy your files to server using `SSH Private Key`
# SFTP Deploy Action

> 使用此`action`部署你的项目到服务器上,中文介绍链接:[使用Github Action 部署项目到云服务器](https://zhuanlan.zhihu.com/p/107545396)
> Use this action to deploy your files to a server using `SSH Private Key`
## 1. Inputs
> 使用此 `action` 部署你的项目到服务器上,中文介绍链接:[使用Github Action 部署项目到云服务器](https://zhuanlan.zhihu.com/p/107545396)
| Name | Required | Default | Description |
|------------------------|----------------------|---------|-----------------------------------------------|
`username` | yes| | SSH username
`server` | yes| | Remote host
`port`| yes | 22 | Remote host port
`ssh_private_key`| no| | You can copy private key from your `ssh_private_key` file, and save to`repo/settings/secrets`![](./resource/secret.jpg)
`local_path`| yes| ./* | `local_path` of you project, if you want put single file:use path like `./myfile`, if you want put directory: use path like `./static/*`, it will put all files under `static` directory. Default to `./*`(will put all files in your repo).
`remote_path`|yes|| Remote path
`sftp_only`| no| | If your port only accepts the sftp protocol, set this option to `true`. However, please note that when this option is set to `true`, the remote folder will not be created automatically.
<strike>args</strike> `sftpArgs` | no| | other args yor want to use of sftp, E.g.`-o ConnectTimeout=5`
`delete_remote_files` | no | false | Set to `true` will delete remote path folder and all files in it.
`password`| no| | SSH passsword,If a password is set, `ssh_private_key` is ignored. `for @v1.2.4 and greater`
---

> **Warning**
## 🚀 **1. Inputs**

> Be careful when use `delete_remote_files`, This will delete remote path folder and all files in it
| Name | Required | Default | Description |
|------------------------|----------|---------|----------------------------------------------------------------------------------------------------------------------|
| `username` | yes | | SSH username |
| `server` | yes | | Remote host |
| `port` | yes | 22 | Remote host port |
| `ssh_private_key` | no | | You can copy the private key from your `ssh_private_key` file and save it to `repo/settings/secrets`<br> ![](./resource/secret.jpg) |
| `local_path` | yes | `./*` | Local path of your project. <br> - Single file: `./myfile` <br> - Directory: `./static/*` <br> Default: `./*` (will put all files in your repo). |
| `remote_path` | yes | | The target folder on the remote server. |
| `sftp_only` | no | | If your port only accepts the sftp protocol, set this option to `true`. However, when set to `true`, the remote folder won't be automatically created. |
| `sftpArgs` | no | | Extra arguments you want to pass to `sftp`, for example: `-o ConnectTimeout=5` |
| `delete_remote_files` | no | false | Set to `true` to delete the remote path folder and all files in it **before** uploading. |
| `password` | no | | SSH password. If a password is set, `ssh_private_key` is ignored. *(for @v1.2.4 and greater)* |
| `rsyncArgs` | no | | Additional arguments for the `rsync` command. You can customize file synchronization behavior, such as excluding files or directories. Example: `--exclude=node_modules --exclude=.git --exclude=*.log`. *(for @v1.2.5 and greater)* |

-----
> ⚠️ **Warning:**
> Be careful when using `delete_remote_files`. This will **permanently delete** the remote path folder and all files in it **before** uploading.
## 2.Action Examples
---

## 📦 **2. Action Examples**

### **🔹 Basic Example**

```yaml
on: [push]

jobs:
deploy_job:
deploy_job:
runs-on: ubuntu-latest
name: deploy
name: Deploy Files
steps:
- name: Checkout
- name: Checkout
uses: actions/checkout@v2
- name: deploy file
uses: wlixcc/[email protected]

- name: Deploy to Server
uses: wlixcc/[email protected]
with:
username: 'root'
server: 'your server ip'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './static/*'
remote_path: '/var/www/app'
sftpArgs: '-o ConnectTimeout=5'
username: 'root'
server: 'your server ip'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './static/*'
remote_path: '/var/www/app'
sftpArgs: '-o ConnectTimeout=5'
```
---
### **🔹 Example with rsyncArgs**
```yaml
on: [push]

jobs:
deploy_job:
deploy_job:
runs-on: ubuntu-latest
name: deploy
name: Deploy with rsync exclude
steps:
- name: Checkout
- name: Checkout
uses: actions/checkout@v2
- name: Deploy file
uses: wlixcc/[email protected]

- name: Deploy with Exclude Patterns
uses: wlixcc/[email protected]
with:
username: ${{ secrets.FTP_USERNAME }}
server: ${{ secrets.FTP_SERVER }}
port: ${{ secrets.FTP_PORT }}
local_path: './static/*'
remote_path: '/var/www/app'
sftp_only: true
password: ${{ secrets.FTP_PASSWORD }}
username: 'root'
server: 'your server ip'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './'
remote_path: '/var/www/app'
rsyncArgs: '--exclude=node_modules --exclude=.git --exclude=*.log'
sftpArgs: '-o ConnectTimeout=5'
```
## 3. [Deploy React App Example](https://github.com/wlixcc/React-Deploy)
---
### **🔹 Example with Password Authentication**
```yaml
on: [push]

jobs:
deploy_job:
deploy_job:
runs-on: ubuntu-latest
name: build&deploy
name: Deploy with Password
steps:
# To use this repository's private action, you must check out the repository
- name: Checkout
- name: Checkout
uses: actions/checkout@v2

- name: Install Dependencies
- name: Deploy with Password
uses: wlixcc/[email protected]
with:
username: ${{ secrets.FTP_USERNAME }}
server: ${{ secrets.FTP_SERVER }}
port: ${{ secrets.FTP_PORT }}
local_path: './static/*'
remote_path: '/var/www/app'
sftp_only: true
password: ${{ secrets.FTP_PASSWORD }}
```
---
## 🌐 **3. [Deploy React App Example](https://github.com/wlixcc/React-Deploy)**
```yaml
on: [push]

jobs:
deploy_job:
runs-on: ubuntu-latest
name: Build & Deploy React App
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Install Dependencies
run: yarn
- name: Build

- name: Build
run: yarn build

- name: deploy file to server
uses: wlixcc/[email protected].4
- name: Deploy Build Folder
uses: wlixcc/[email protected].5
with:
username: 'root'
server: '${{ secrets.SERVER_IP }}'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './build/*'
remote_path: '/var/www/react-app'
sftpArgs: '-o ConnectTimeout=5'
username: 'root'
server: '${{ secrets.SERVER_IP }}'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './build/*'
remote_path: '/var/www/react-app'
rsyncArgs: '--exclude=*.map'
sftpArgs: '-o ConnectTimeout=5'
```
![](./resource/reactExample.jpg)
--------
![](./resource/reactExample.jpg)
---
## 🛡️ **4. Invalid format? You need to keep the format**
If you use the **Ed25519** algorithm to generate an SSH key pair:
```sh
ssh-keygen -t ed25519 -C "[email protected]"
```

⚠️ **Important:**
The last line of the private key **must remain a blank line** when adding it to **Repository Secrets**.
If you remove it, you might encounter an `invalid format` error.

![](./resource/keepformat.jpg)

## 4.Invalid format? You need keep format
---

If you use the Ed25519 algorithm to generate an SSH key pair `ssh-keygen -t ed25519 -C "[email protected]"`,
you need to note that the last line of the private key is a blank line. You need to keep this line when adding Repository secrets, otherwise it may lead to an `invalid format` error.
![](./resource/keepformat.jpg)


9 changes: 9 additions & 0 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,13 @@ inputs:
password:
description: "SSH passsword,If a password is set, the secret key pair is ignored"
required: false
rsyncArgs:
description: "Additional arguments for the rsync command.
You can use this parameter to customize the rsync behavior, such as excluding files or directories.
Example: '--exclude=node_modules --exclude=.git --exclude=*.log'.
If set, these arguments will be passed directly to the rsync command."
required: false
default: ""


runs:
Expand All @@ -52,6 +59,8 @@ runs:
- ${{ inputs.sftpArgs }}
- ${{ inputs.delete_remote_files }}
- ${{ inputs.password }}
- ${{ inputs.rsyncArgs }}


branding:
icon: 'upload-cloud'
Expand Down
30 changes: 28 additions & 2 deletions entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,42 @@ set -eu
TEMP_SSH_PRIVATE_KEY_FILE='../private_key.pem'
TEMP_SFTP_FILE='../sftp'

# 定义一个本地临时目录,用于 rsync 过滤后存放文件
RSYNC_LOCAL_DEST="../filtered_upload"

RSYNC_ARGS="${11}"

# 如果用户“未”设置 exclude(EXCLUDE_PATTERNS 为空),则直接进入原逻辑
if [ -z "$RSYNC_ARGS" ]; then
echo "===> No rsync args provided, skip rsync filtering..."
else
echo "===> rsync args detected, start rsync filtering..."

# 先清理并创建该临时目录
rm -rf "$RSYNC_LOCAL_DEST"
mkdir -p "$RSYNC_LOCAL_DEST"

# 6) 打印完整的 rsync 命令,方便调试
echo "===> rsync command: rsync -av $RSYNC_ARGS $5 $RSYNC_LOCAL_DEST/"

# 执行 rsync 命令
rsync -av $RSYNC_ARGS $5 $RSYNC_LOCAL_DEST/

# 将 $5 替换为过滤后的目录下的所有文件,这样后面原脚本里 put -r $5 $6 就无需改动其他地方
set -- "$1" "$2" "$3" "$4" "$RSYNC_LOCAL_DEST/*" "$6" "$7" "$8" "$9" "${10}"

echo "===> Done rsync filtering. Continue original script..."
fi

# make sure remote path is not empty
if [ -z "$6" ]; then
echo 'remote_path is empty'
exit 1
fi

# use password
if [ -z != ${10} ]; then
if [ -n "${10}" ]; then
echo 'use sshpass'
apk add sshpass

if test $9 == "true";then
echo 'Start delete remote files'
Expand Down

0 comments on commit 896dcfc

Please sign in to comment.