From 896dcfc555b4cbe36a4acc9bc0827ab474d429fc Mon Sep 17 00:00:00 2001
From: wl <356485255@qq.com>
Date: Tue, 31 Dec 2024 11:39:56 +0800
Subject: [PATCH] feat: Add rsync filtering and optimize SFTP deployment
process - Introduced rsync support with customizable `rsyncArgs` for file
filtering. - Ensured only filtered content is uploaded, avoiding
`filtered_upload` folder inclusion. - Updated documentation to reflect the
latest changes and usage examples.
---
.github/workflows/main.yml | 11 ++-
Dockerfile | 21 ++---
README.md | 182 +++++++++++++++++++++++--------------
action.yml | 9 ++
entrypoint.sh | 30 +++++-
5 files changed, 169 insertions(+), 84 deletions(-)
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 7a04b0d..e68ea25 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -12,12 +12,15 @@ jobs:
- name: deploy file to server
uses: ./ # Uses an action in the root directory
with:
- username: 'wl'
- server: '${{ secrets.MAC_IP }}'
+ username: '${{ secrets.USER }}'
+ server: '${{ secrets.SERVER_IP }}'
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
local_path: './*'
- remote_path: '/Users/wl/Downloads/t/a'
+ remote_path: '/tmp/testAction'
sftpArgs: '-o ConnectTimeout=5'
+ rsyncArgs: '--exclude *.yml'
+
+
# sftp_only: true
- password: ${{secrets.SSH_PASSWORD}}
+ # password: ${{secrets.SSH_PASSWORD}}
# delete_remote_files: true
diff --git a/Dockerfile b/Dockerfile
index 50b7d97..cc403bc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,15 +1,12 @@
-# Container image that runs your code
-FROM alpine:3.13
+# Use an up-to-date and secure Alpine version
+FROM alpine:3.18
-# Copies your code file from your action repository to the filesystem path `/` of the container
-COPY entrypoint.sh /entrypoint.sh
-
-#Make sure to make you entrypoint.sh file executable:
-RUN chmod 777 entrypoint.sh
-
-RUN apk update
-RUN apk add --no-cache openssh
+# Install required packages in one RUN statement to reduce image layers
+RUN apk update && apk add --no-cache rsync sshpass openssh
+# Copy entrypoint script and set correct permissions
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
-# Code file to execute when the docker container starts up (`entrypoint.sh`)
-ENTRYPOINT ["/entrypoint.sh"]
+# Set the entrypoint for the container
+ENTRYPOINT ["/bin/sh", "/entrypoint.sh"]
\ No newline at end of file
diff --git a/README.md b/README.md
index 834974b..d79f79e 100644
--- a/README.md
+++ b/README.md
@@ -1,114 +1,164 @@
-# SFTP Deploy action
-> Use this action to deploy your files to server using `SSH Private Key`
+# SFTP Deploy Action
-> 使用此`action`部署你的项目到服务器上,中文介绍链接:[使用Github Action 部署项目到云服务器](https://zhuanlan.zhihu.com/p/107545396)
+> Use this action to deploy your files to a server using `SSH Private Key`
-## 1. Inputs
+> 使用此 `action` 部署你的项目到服务器上,中文介绍链接:[使用Github Action 部署项目到云服务器](https://zhuanlan.zhihu.com/p/107545396)
-| Name | Required | Default | Description |
-|------------------------|----------------------|---------|-----------------------------------------------|
-`username` | yes| | SSH username
-`server` | yes| | Remote host
-`port`| yes | 22 | Remote host port
-`ssh_private_key`| no| | You can copy private key from your `ssh_private_key` file, and save to`repo/settings/secrets`
-`local_path`| yes| ./* | `local_path` of you project, if you want put single file:use path like `./myfile`, if you want put directory: use path like `./static/*`, it will put all files under `static` directory. Default to `./*`(will put all files in your repo).
-`remote_path`|yes|| Remote path
-`sftp_only`| no| | If your port only accepts the sftp protocol, set this option to `true`. However, please note that when this option is set to `true`, the remote folder will not be created automatically.
-args `sftpArgs` | no| | other args yor want to use of sftp, E.g.`-o ConnectTimeout=5`
-`delete_remote_files` | no | false | Set to `true` will delete remote path folder and all files in it.
-`password`| no| | SSH passsword,If a password is set, `ssh_private_key` is ignored. `for @v1.2.4 and greater`
+---
-> **Warning**
+## 🚀 **1. Inputs**
-> Be careful when use `delete_remote_files`, This will delete remote path folder and all files in it
+| Name | Required | Default | Description |
+|------------------------|----------|---------|----------------------------------------------------------------------------------------------------------------------|
+| `username` | yes | | SSH username |
+| `server` | yes | | Remote host |
+| `port` | yes | 22 | Remote host port |
+| `ssh_private_key` | no | | You can copy the private key from your `ssh_private_key` file and save it to `repo/settings/secrets`
 |
+| `local_path` | yes | `./*` | Local path of your project.
- Single file: `./myfile`
- Directory: `./static/*`
Default: `./*` (will put all files in your repo). |
+| `remote_path` | yes | | The target folder on the remote server. |
+| `sftp_only` | no | | If your port only accepts the sftp protocol, set this option to `true`. However, when set to `true`, the remote folder won't be automatically created. |
+| `sftpArgs` | no | | Extra arguments you want to pass to `sftp`, for example: `-o ConnectTimeout=5` |
+| `delete_remote_files` | no | false | Set to `true` to delete the remote path folder and all files in it **before** uploading. |
+| `password` | no | | SSH password. If a password is set, `ssh_private_key` is ignored. *(for @v1.2.4 and greater)* |
+| `rsyncArgs` | no | | Additional arguments for the `rsync` command. You can customize file synchronization behavior, such as excluding files or directories. Example: `--exclude=node_modules --exclude=.git --exclude=*.log`. *(for @v1.2.5 and greater)* |
------
+> ⚠️ **Warning:**
+> Be careful when using `delete_remote_files`. This will **permanently delete** the remote path folder and all files in it **before** uploading.
-## 2.Action Examples
+---
+
+## 📦 **2. Action Examples**
+
+### **🔹 Basic Example**
```yaml
on: [push]
jobs:
- deploy_job:
+ deploy_job:
runs-on: ubuntu-latest
- name: deploy
+ name: Deploy Files
steps:
- - name: Checkout
+ - name: Checkout
uses: actions/checkout@v2
- - name: deploy file
- uses: wlixcc/SFTP-Deploy-Action@v1.2.4
+
+ - name: Deploy to Server
+ uses: wlixcc/SFTP-Deploy-Action@v1.2.5
with:
- username: 'root'
- server: 'your server ip'
- ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
- local_path: './static/*'
- remote_path: '/var/www/app'
- sftpArgs: '-o ConnectTimeout=5'
+ username: 'root'
+ server: 'your server ip'
+ ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
+ local_path: './static/*'
+ remote_path: '/var/www/app'
+ sftpArgs: '-o ConnectTimeout=5'
```
+---
+
+### **🔹 Example with rsyncArgs**
+
```yaml
on: [push]
jobs:
- deploy_job:
+ deploy_job:
runs-on: ubuntu-latest
- name: deploy
+ name: Deploy with rsync exclude
steps:
- - name: Checkout
+ - name: Checkout
uses: actions/checkout@v2
- - name: Deploy file
- uses: wlixcc/SFTP-Deploy-Action@v1.2.4
+
+ - name: Deploy with Exclude Patterns
+ uses: wlixcc/SFTP-Deploy-Action@v1.2.5
with:
- username: ${{ secrets.FTP_USERNAME }}
- server: ${{ secrets.FTP_SERVER }}
- port: ${{ secrets.FTP_PORT }}
- local_path: './static/*'
- remote_path: '/var/www/app'
- sftp_only: true
- password: ${{ secrets.FTP_PASSWORD }}
+ username: 'root'
+ server: 'your server ip'
+ ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
+ local_path: './'
+ remote_path: '/var/www/app'
+ rsyncArgs: '--exclude=node_modules --exclude=.git --exclude=*.log'
+ sftpArgs: '-o ConnectTimeout=5'
```
-## 3. [Deploy React App Example](https://github.com/wlixcc/React-Deploy)
+---
+### **🔹 Example with Password Authentication**
```yaml
on: [push]
jobs:
- deploy_job:
+ deploy_job:
runs-on: ubuntu-latest
- name: build&deploy
+ name: Deploy with Password
steps:
- # To use this repository's private action, you must check out the repository
- - name: Checkout
+ - name: Checkout
uses: actions/checkout@v2
- - name: Install Dependencies
+ - name: Deploy with Password
+ uses: wlixcc/SFTP-Deploy-Action@v1.2.5
+ with:
+ username: ${{ secrets.FTP_USERNAME }}
+ server: ${{ secrets.FTP_SERVER }}
+ port: ${{ secrets.FTP_PORT }}
+ local_path: './static/*'
+ remote_path: '/var/www/app'
+ sftp_only: true
+ password: ${{ secrets.FTP_PASSWORD }}
+```
+
+---
+
+## 🌐 **3. [Deploy React App Example](https://github.com/wlixcc/React-Deploy)**
+
+```yaml
+on: [push]
+
+jobs:
+ deploy_job:
+ runs-on: ubuntu-latest
+ name: Build & Deploy React App
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v2
+
+ - name: Install Dependencies
run: yarn
- - name: Build
+
+ - name: Build
run: yarn build
- - name: deploy file to server
- uses: wlixcc/SFTP-Deploy-Action@v1.2.4
+ - name: Deploy Build Folder
+ uses: wlixcc/SFTP-Deploy-Action@v1.2.5
with:
- username: 'root'
- server: '${{ secrets.SERVER_IP }}'
- ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
- local_path: './build/*'
- remote_path: '/var/www/react-app'
- sftpArgs: '-o ConnectTimeout=5'
+ username: 'root'
+ server: '${{ secrets.SERVER_IP }}'
+ ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
+ local_path: './build/*'
+ remote_path: '/var/www/react-app'
+ rsyncArgs: '--exclude=*.map'
+ sftpArgs: '-o ConnectTimeout=5'
```
- 
-
- --------
+
+
+---
+
+## 🛡️ **4. Invalid format? You need to keep the format**
+
+If you use the **Ed25519** algorithm to generate an SSH key pair:
+
+```sh
+ssh-keygen -t ed25519 -C "your_email@example.com"
+```
+
+⚠️ **Important:**
+The last line of the private key **must remain a blank line** when adding it to **Repository Secrets**.
+If you remove it, you might encounter an `invalid format` error.
+
+
-## 4.Invalid format? You need keep format
+---
-If you use the Ed25519 algorithm to generate an SSH key pair `ssh-keygen -t ed25519 -C "your_email@example.com"`,
-you need to note that the last line of the private key is a blank line. You need to keep this line when adding Repository secrets, otherwise it may lead to an `invalid format` error.
- 
-
\ No newline at end of file
diff --git a/action.yml b/action.yml
index 7de4635..7991210 100644
--- a/action.yml
+++ b/action.yml
@@ -36,6 +36,13 @@ inputs:
password:
description: "SSH passsword,If a password is set, the secret key pair is ignored"
required: false
+ rsyncArgs:
+ description: "Additional arguments for the rsync command.
+ You can use this parameter to customize the rsync behavior, such as excluding files or directories.
+ Example: '--exclude=node_modules --exclude=.git --exclude=*.log'.
+ If set, these arguments will be passed directly to the rsync command."
+ required: false
+ default: ""
runs:
@@ -52,6 +59,8 @@ runs:
- ${{ inputs.sftpArgs }}
- ${{ inputs.delete_remote_files }}
- ${{ inputs.password }}
+ - ${{ inputs.rsyncArgs }}
+
branding:
icon: 'upload-cloud'
diff --git a/entrypoint.sh b/entrypoint.sh
index 8ada514..ab1189b 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -6,6 +6,33 @@ set -eu
TEMP_SSH_PRIVATE_KEY_FILE='../private_key.pem'
TEMP_SFTP_FILE='../sftp'
+# 定义一个本地临时目录,用于 rsync 过滤后存放文件
+RSYNC_LOCAL_DEST="../filtered_upload"
+
+RSYNC_ARGS="${11}"
+
+# 如果用户“未”设置 exclude(EXCLUDE_PATTERNS 为空),则直接进入原逻辑
+if [ -z "$RSYNC_ARGS" ]; then
+ echo "===> No rsync args provided, skip rsync filtering..."
+else
+ echo "===> rsync args detected, start rsync filtering..."
+
+ # 先清理并创建该临时目录
+ rm -rf "$RSYNC_LOCAL_DEST"
+ mkdir -p "$RSYNC_LOCAL_DEST"
+
+ # 6) 打印完整的 rsync 命令,方便调试
+ echo "===> rsync command: rsync -av $RSYNC_ARGS $5 $RSYNC_LOCAL_DEST/"
+
+ # 执行 rsync 命令
+ rsync -av $RSYNC_ARGS $5 $RSYNC_LOCAL_DEST/
+
+ # 将 $5 替换为过滤后的目录下的所有文件,这样后面原脚本里 put -r $5 $6 就无需改动其他地方
+ set -- "$1" "$2" "$3" "$4" "$RSYNC_LOCAL_DEST/*" "$6" "$7" "$8" "$9" "${10}"
+
+ echo "===> Done rsync filtering. Continue original script..."
+fi
+
# make sure remote path is not empty
if [ -z "$6" ]; then
echo 'remote_path is empty'
@@ -13,9 +40,8 @@ if [ -z "$6" ]; then
fi
# use password
-if [ -z != ${10} ]; then
+if [ -n "${10}" ]; then
echo 'use sshpass'
- apk add sshpass
if test $9 == "true";then
echo 'Start delete remote files'