Skip to content

Commit

Permalink
Support multiple GitHub SSH deploy keys (game-ci#568)
Browse files Browse the repository at this point in the history
* add sshPublicKeysDirectoryPath and GIT_CONFIG_EXTENSIONS parameters that adds git configs and mounts .ssh/config and public keys to the container, in order to allow multiple sh deploy key trick by webplatform@ssh-agent

* remove sshPublicKeysDirectoryPath and GIT_CONFIG_EXTENSIONS from windows runner for now
  • Loading branch information
eronnen authored Sep 6, 2023
1 parent a073719 commit 2190fd5
Show file tree
Hide file tree
Showing 8 changed files with 67 additions and 5 deletions.
4 changes: 4 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,10 @@ inputs:
required: false
default: ''
description: 'SSH Agent path to forward to the container'
sshPublicKeysDirectoryPath:
required: false
default: ''
description: 'Path to a directory containing SSH public keys to forward to the container.'
gitPrivateToken:
required: false
default: ''
Expand Down
12 changes: 10 additions & 2 deletions dist/index.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/index.js.map

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions dist/platforms/ubuntu/entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ mkdir -p "$ACTIVATE_LICENSE_PATH"
#
# Run steps
#
source /steps/set_extra_git_configs.sh
source /steps/set_gitcredential.sh
source /steps/activate.sh
source /steps/build.sh
Expand Down
29 changes: 29 additions & 0 deletions dist/platforms/ubuntu/steps/set_extra_git_configs.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#!/usr/bin/env bash

if [ -z "${GIT_CONFIG_EXTENSIONS}" ]
then
echo "GIT_CONFIG_EXTENSIONS unset skipping"
else
echo "GIT_CONFIG_EXTENSIONS is set configuring extra git configs"

IFS=$'\n'
for config in $(echo "${GIT_CONFIG_EXTENSIONS}" | sed 's/\(.*\)=\(.*\)/"\1" "\2"/g'); do
if [[ $config =~ \"([^\"]+)\"\ \"([^\"]+)\" ]]; then
key="${BASH_REMATCH[1]}"
value="${BASH_REMATCH[2]}"
else
echo "Error parsing config: $config"
exit 1
fi
echo "Adding extra git config: \"$key\" = \"$value\""
git config --global --add "$key" "$value"
done
unset IFS

fi

echo "---------- git config --list -------------"
git config --list

echo "---------- git config --list --show-origin -------------"
git config --list --show-origin
2 changes: 2 additions & 0 deletions src/model/build-parameters.ts
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ class BuildParameters {

public customParameters!: string;
public sshAgent!: string;
public sshPublicKeysDirectoryPath!: string;
public providerStrategy!: string;
public gitPrivateToken!: string;
public awsStackName!: string;
Expand Down Expand Up @@ -150,6 +151,7 @@ class BuildParameters {
androidSymbolType: androidSymbolExportType,
customParameters: Input.customParameters,
sshAgent: Input.sshAgent,
sshPublicKeysDirectoryPath: Input.sshPublicKeysDirectoryPath,
gitPrivateToken: Input.gitPrivateToken || (await GithubCliReader.GetGitHubAuthToken()),
chownFilesTo: Input.chownFilesTo,
providerStrategy: CloudRunnerOptions.providerStrategy,
Expand Down
18 changes: 16 additions & 2 deletions src/model/docker.ts
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,15 @@ class Docker {
additionalVariables: StringKeyValuePair[] = [],
entrypointBash: boolean = false,
): string {
const { workspace, actionFolder, runnerTempPath, sshAgent, gitPrivateToken, dockerWorkspacePath } = parameters;
const {
workspace,
actionFolder,
runnerTempPath,
sshAgent,
sshPublicKeysDirectoryPath,
gitPrivateToken,
dockerWorkspacePath,
} = parameters;

const githubHome = path.join(runnerTempPath, '_github_home');
if (!existsSync(githubHome)) mkdirSync(githubHome);
Expand All @@ -54,6 +62,7 @@ class Docker {
${ImageEnvironmentFactory.getEnvVarString(parameters, additionalVariables)} \
--env UNITY_SERIAL \
--env GITHUB_WORKSPACE=${dockerWorkspacePath} \
--env GIT_CONFIG_EXTENSIONS \
${gitPrivateToken ? `--env GIT_PRIVATE_TOKEN="${gitPrivateToken}"` : ''} \
${sshAgent ? '--env SSH_AUTH_SOCK=/ssh-agent' : ''} \
--volume "${githubHome}":"/root:z" \
Expand All @@ -64,7 +73,12 @@ class Docker {
--volume "${actionFolder}/platforms/ubuntu/entrypoint.sh:/entrypoint.sh:z" \
--volume "${actionFolder}/unity-config:/usr/share/unity3d/config/:z" \
${sshAgent ? `--volume ${sshAgent}:/ssh-agent` : ''} \
${sshAgent ? '--volume /home/runner/.ssh/known_hosts:/root/.ssh/known_hosts:ro' : ''} \
${
sshAgent && !sshPublicKeysDirectoryPath
? '--volume /home/runner/.ssh/known_hosts:/root/.ssh/known_hosts:ro'
: ''
} \
${sshPublicKeysDirectoryPath ? `--volume ${sshPublicKeysDirectoryPath}:/root/.ssh:ro` : ''} \
${entrypointBash ? `--entrypoint ${commandPrefix}` : ``} \
${image} \
${entrypointBash ? `-c` : `${commandPrefix} -c`} \
Expand Down
4 changes: 4 additions & 0 deletions src/model/input.ts
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,10 @@ class Input {
return Input.getInput('sshAgent') || '';
}

static get sshPublicKeysDirectoryPath(): string {
return Input.getInput('sshPublicKeysDirectoryPath') || '';
}

static get gitPrivateToken(): string | undefined {
return Input.getInput('gitPrivateToken');
}
Expand Down

0 comments on commit 2190fd5

Please sign in to comment.