From 20d5c5bbc91841863c09aaa3a6797061bbf148a4 Mon Sep 17 00:00:00 2001 From: appleboy Date: Sat, 29 Mar 2025 12:43:09 +0800 Subject: [PATCH] feat: add configurable curl insecure flag to GitHub action - Add input parameter `curl_insecure` to `action.yml` with a default value of false - Pass `curl_insecure` input to the action's environment in `action.yml` - Modify `entrypoint.sh` to conditionally add the `--insecure` option to curl if `INPUT_CURL_INSECURE` is true Signed-off-by: appleboy --- action.yml | 4 ++++ entrypoint.sh | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index c3af2a4..e9ab5f9 100644 --- a/action.yml +++ b/action.yml @@ -75,6 +75,9 @@ inputs: description: "When true, passes all GitHub Actions environment variables to the remote script." request_pty: description: "Request a pseudo-terminal from the server (required for interactive commands or sudo)." + curl_insecure: + description: "When true, uses the --insecure option with curl for insecure downloads." + default: "false" capture_stdout: description: "When true, captures and returns standard output from the commands as action output." default: "false" @@ -131,6 +134,7 @@ runs: INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }} INPUT_SYNC: ${{ inputs.sync }} INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }} + INPUT_CURL_INSECURE: ${{ inputs.curl_insecure }} branding: icon: "terminal" diff --git a/entrypoint.sh b/entrypoint.sh index 7a2cd52..495bf5b 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -36,7 +36,12 @@ DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}" CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}" TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}" echo "Downloading ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}" -curl -fsSL --retry 5 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}" +INSECURE_OPTION="" +if [[ "${INPUT_CURL_INSECURE}" == 'true' ]]; then + INSECURE_OPTION="--insecure" +fi + +curl -fsSL --retry 5 --keepalive-time 2 ${INSECURE_OPTION} "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}" chmod +x "${TARGET}" echo "======= CLI Version Information ======="