Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mountainash/openssh-client
openssh-client + entrypoint to set up ssh-agent, ssh-add & known_hosts for easy CI/CD pipeline use.
https://github.com/mountainash/openssh-client
cdci deployment devops docker docker-image github gitlab hacktoberfest pipeline ssh
Last synced: about 1 month ago
JSON representation
openssh-client + entrypoint to set up ssh-agent, ssh-add & known_hosts for easy CI/CD pipeline use.
- Host: GitHub
- URL: https://github.com/mountainash/openssh-client
- Owner: mountainash
- Created: 2021-10-23T17:22:18.000Z (about 3 years ago)
- Default Branch: master
- Last Pushed: 2024-05-28T10:40:31.000Z (7 months ago)
- Last Synced: 2024-05-29T04:23:35.224Z (7 months ago)
- Topics: cdci, deployment, devops, docker, docker-image, github, gitlab, hacktoberfest, pipeline, ssh
- Language: Shell
- Homepage: https://hub.docker.com/r/mountainash/openssh-client
- Size: 40 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
Awesome Lists containing this project
README
# OpenSSH Client
[![Docker Hub pulls](https://badgen.net/docker/pulls/mountainash/openssh-client)](https://hub.docker.com/r/mountainash/openssh-client) [![GitLab Releases](https://badgen.net/gitlab/release/containeryard/openssh)](https://gitlab.com/containeryard/openssh/-/releases)
> A handy Docker Image for connecting through SSH to remote hosts with _optional_ support for SSH host keys.
![Pufferfish](https://gitlab.com/containeryard/openssh/-/raw/14afda69422ca6c4dc91e49cf79de24f0a65b226/avatar.png)
Can be used in a deployment pipeline to connect to a remote host, and run a git, a Docker `pull` or any CLI command.
## Setup
### Environment VariablesThese variables are set in GitLab CI/CD settings (but could be any CI/CD pipeline service eg. GitHub Actions, CircleCI, Jenkins, etc.):
- `SSH_HOST` (remote's hostname)
- `SSH_KNOWN_HOSTS` (host's key signature eg. `[172.31.98.99]:22222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE...n9K9hnplyRGA3MJfe/wBoCVIaX`, can be set to `NoStrictHostKeyChecking` to not check)
- `SSH_USER_NAME` (ssh username for access to the host)
- `SSH_PRIVATE_KEY` (ssh private key for SSH_USER_NAME)### Generating SSH_PRIVATE_KEY
Need some new keys? You can use this image to generate them (no polluting up your local machine with keys - and adding to your "vector").
```sh
docker run --rm mountainash/openssh-client:latest ./keygen.sh
```Four different types (dsa, ecdsa, ed25519, or rsa) public and private authentication keys will be printed to stdout. Pick your perferred key type and copy & paste into your CD/CI settings and remote server.
### Getting SSH_KNOWN_HOSTS
SSH to the server and run `ssh-keyscan` on the full domain name of the `SSH_HOST`:
```sh
ssh-keyscan hostname.com
```You can also do it locally, but doing it on the server it's self prevents any man-in-the-middle shenanigans.
### GitLab CI/CD Example
Create a `.gitlab-ci.yml` file in the root of your project to trigger SSH commands on a remote server on commit to the `master` branch.
```yml
deploy:
## Replace latest with a SHA for better security
image: mountainash/openssh-client:latest
only:
- master
environment:
name: production
url: https://domainname.com/
variables:
GIT_STRATEGY: none
GIT_SUBMODULE_STRATEGY: none
script:
- ssh $SSH_USER_NAME@$SSH_HOST "cd /www && git pull $CI_REPOSITORY_URL && exit"
allow_failure: false
````image` can also be pulled from `registry.gitlab.com/containeryard/openssh`
### GitHub Actions Workflow Example
In `./github/workflows/ssh-deploy.yml` (or similar).
```yml
name: Deploy to Remote Serveron:
push:
branches:
- mainjobs:
deploy:
name: Deploy to Remote Server
runs-on: ubuntu-latest
container:
image: registry.gitlab.com/containeryard/openssh
env:
SSH_HOST: ${{ vars.SSH_HOST }}
SSH_KNOWN_HOSTS: ${{ vars.SSH_KNOWN_HOSTS }}
SSH_USER_NAME: ${{ vars.SSH_USER_NAME }}
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
volumes:
- ./:/app/
steps:
- name: Copy HTML to Remote Server
run: scp /app/sample.html $SSH_USER_NAME@$SSH_HOST:/home/mountainash/www/sitename/index.html
````image` can also be pulled from `mountainash/openssh-client:latest` (Docker Hub).
## Contribute
- GitLab:
- GitHub (mirror):## Credits
- Based on / but added host keys support
- Pufferfish by [Catalina Montes from the Noun Project](https://thenounproject.com/term/pufferfish/181192/)