name: "SSH Remote Commands" description: "Executing remote ssh commands" author: "Bo-Yi Wu" inputs: host: description: "SSH host address or IP to connect to." port: description: "SSH port number for the connection." default: "22" passphrase: description: "Passphrase to decrypt the SSH private key if protected." username: description: "SSH username for authentication on the remote server." password: description: "SSH password for authentication (use secrets for sensitive data)." protocol: description: 'IP protocol version to use. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).' default: "tcp" sync: description: "When true, executes commands synchronously across multiple hosts (one after another)." use_insecure_cipher: description: "Enable additional legacy ciphers that might be less secure but more compatible with older systems." cipher: description: "Specify custom cipher algorithms for encryption. Leave empty to use secure defaults." timeout: description: "Maximum time to wait when establishing the SSH connection, e.g., '30s', '1m'." default: "30s" command_timeout: description: "Maximum execution time for the remote commands before terminating, e.g., '10m', '1h'." default: "10m" key: description: "Raw content of the SSH private key for authentication (use secrets for sensitive data)." key_path: description: "Path to the SSH private key file on the runner." fingerprint: description: "SHA256 fingerprint of the host public key for verification to prevent MITM attacks." proxy_host: description: "Proxy server hostname or IP if connecting through an SSH jump host." proxy_port: description: "SSH port number for the proxy connection." default: "22" proxy_username: description: "Username for authentication on the proxy server." proxy_password: description: "Password for authentication on the proxy server (use secrets for sensitive data)." proxy_protocol: description: 'IP protocol version for proxy. Options: "tcp" (default), "tcp4" (IPv4 only), or "tcp6" (IPv6 only).' default: "tcp" proxy_passphrase: description: "Passphrase to decrypt the proxy SSH private key if protected." proxy_timeout: description: "Maximum time to wait when establishing the proxy SSH connection, e.g., '30s', '1m'." default: "30s" proxy_key: description: "Raw content of the SSH proxy private key for authentication (use secrets for sensitive data)." proxy_key_path: description: "Path to the SSH proxy private key file on the runner." proxy_fingerprint: description: "SHA256 fingerprint of the proxy host public key for verification." proxy_cipher: description: "Specify custom cipher algorithms for proxy connection encryption." proxy_use_insecure_cipher: description: "Enable additional legacy ciphers for proxy connections (less secure but more compatible)." script: description: "Commands to execute on the remote server (inline script string)." script_path: description: "Path to a local file containing commands to execute on the remote server." envs: description: "Environment variables to expose to the remote script, format: key=value,key2=value2." envs_format: description: "Format specification for environment variable transfer (for advanced usage)." debug: description: "Set to true to enable verbose logging for troubleshooting connection issues." allenvs: description: "When true, passes all GitHub Actions environment variables to the remote script." request_pty: description: "Request a pseudo-terminal from the server (required for interactive commands or sudo)." capture_stdout: description: "When true, captures and returns standard output from the commands as action output." default: "false" outputs: stdout: description: "Standard output of the executed commands when capture_stdout is enabled." value: ${{ steps.entrypoint.outputs.stdout }} runs: using: "composite" steps: - name: Set GitHub Path run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH shell: bash env: GITHUB_ACTION_PATH: ${{ github.action_path }} - id: entrypoint name: Run entrypoint.sh run: entrypoint.sh shell: bash env: GITHUB_ACTION_PATH: ${{ github.action_path }} INPUT_HOST: ${{ inputs.host }} INPUT_PORT: ${{ inputs.port }} INPUT_PROTOCOL: ${{ inputs.protocol }} INPUT_USERNAME: ${{ inputs.username }} INPUT_PASSWORD: ${{ inputs.password }} INPUT_PASSPHRASE: ${{ inputs.passphrase }} INPUT_KEY: ${{ inputs.key }} INPUT_KEY_PATH: ${{ inputs.key_path }} INPUT_FINGERPRINT: ${{ inputs.fingerprint }} INPUT_PROXY_HOST: ${{ inputs.proxy_host }} INPUT_PROXY_PORT: ${{ inputs.proxy_port }} INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }} INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }} INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }} INPUT_PROXY_KEY: ${{ inputs.proxy_key }} INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }} INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }} INPUT_TIMEOUT: ${{ inputs.timeout }} INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }} INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }} INPUT_SCRIPT: ${{ inputs.script }} INPUT_SCRIPT_FILE: ${{ inputs.script_path }} INPUT_ENVS: ${{ inputs.envs }} INPUT_ENVS_FORMAT: ${{ inputs.envs_format }} INPUT_DEBUG: ${{ inputs.debug }} INPUT_ALL_ENVS: ${{ inputs.allenvs }} INPUT_REQUEST_PTY: ${{ inputs.request_pty }} INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }} INPUT_CIPHER: ${{ inputs.cipher }} INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }} INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }} INPUT_SYNC: ${{ inputs.sync }} INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }} branding: icon: "terminal" color: "gray-dark"