-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathaction.yml
109 lines (90 loc) · 3.3 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
name: 'SSH Server'
description: 'Expose an SSH server via ngrok that you can use to connect to your github runner'
author: 'Mark DeLillo'
inputs:
ngrok-authtoken:
description: 'ngrok authtoken'
required: true
ssh-public-key:
description: 'SSH public key to be allowed'
required: true
runs:
using: 'composite'
steps:
- name: Install dependencies
shell: bash
run: |
if [[ "${RUNNER_OS}" != 'Linux' ]] && [[ "${RUNNER_OS}" != 'macOS' ]]; then
echo "${RUNNER_OS} is not supported"
exit 1
fi
if [[ "${RUNNER_OS}" == 'Linux' ]]; then
ngrokurl="https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip"
installcmd="sudo apt-get -qy"
else
ngrokurl="https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-darwin-amd64.zip"
installcmd="brew"
fi
if ! [[ -f /usr/sbin/sshd ]]; then
$installcmd install openssh-server jq
fi
if ! command -v ngrok > /dev/null; then
$installcmd install curl unzip
curl -o /tmp/ngrok.zip -sL $ngrokurl
sudo unzip /tmp/ngrok.zip -d /usr/local/bin
rm /tmp/ngrok.zip
fi
- name: Get free port
id: get-free-port
shell: bash
run: |
port=10000
while [[ ${port} -le 65535 ]]; do
if ! sudo netstat -taln | grep -q $port; then
break
fi
port=$((port + 1))
done
if [[ ${port} -gt 65535 ]]; then
echo "Could not find free port"
exit 1
fi
echo "::set-output name=port::${port}"
- name: Start sshd
shell: bash
run: |
sudo mkdir -p /var/log/sshd
if [[ "${RUNNER_OS}" == 'Linux' ]]; then
chmod 0770 "${HOME}"
else
chmod g-w "${HOME}"
fi
mkdir -p "${HOME}/.ssh"
chmod 0700 "${HOME}/.ssh"
echo "${{ inputs.ssh-public-key }}" > "${HOME}/.ssh/authorized_keys"
chmod 0600 "${HOME}/.ssh/authorized_keys"
ssh-keygen -A
sudo sed -i.bak 's/^#PasswordAuthentication .*/PasswordAuthentication no/' /etc/ssh/sshd_config
sudo sed -i.bak 's/^PasswordAuthentication .*/PasswordAuthentication no/' /etc/ssh/sshd_config
sudo sed -i.bak 's/^#PubkeyAuthentication .*/PubkeyAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i.bak 's/^PubkeyAuthentication .*/PubkeyAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i.bak 's/^#Port .*/Port ${{ steps.get-free-port.outputs.port }}/' /etc/ssh/sshd_config
sudo sed -i.bak 's/^Port .*/Port ${{ steps.get-free-port.outputs.port }}/' /etc/ssh/sshd_config
sudo /usr/sbin/sshd -D -E /var/log/sshd/sshd.log &
- name: Start ngrok
shell: bash
run: |
ngrok authtoken "${{ inputs.ngrok-authtoken }}"
{
while true; do
if curl -sf 'http://localhost:4040/api/tunnels' >/dev/null; then
ngrok_url="$(curl -s 'http://localhost:4040/api/tunnels' | jq -r '.tunnels[0].public_url' | sed 's|tcp://||')"
host="$(echo "${ngrok_url}" | cut -d':' -f1)"
port="$(echo "${ngrok_url}" | cut -d':' -f2)"
echo -e "\nTo SSH to this runner: \`ssh -i /path/to/private/key -p ${port} runner@${host}\`\n"
break
fi
sleep 1
done
} &
ngrok tcp --log stdout --log-format term ${{ steps.get-free-port.outputs.port }}