-
Notifications
You must be signed in to change notification settings - Fork 11
/
action.yaml
61 lines (51 loc) · 1.76 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
name: Setup SSH
description: >-
Sets up SSH access to the current runner machine over a Tailscale network.
Authentication uses the public SSH keys associated with GitHub users. By
default, the users who triggered the initial and current workflow runs are
allowed.
inputs:
tailscale-auth-key:
description: >-
Tailscale auth key (i.e. from the admin panel); highly recommended to be
ephemeral! Otherwise a runner will stick around and your Tailscale
machine limit will be quickly reached.
required: true
allowed-users:
description: >-
Comma-separated list of GitHub usernames who are allowed access via their
public SSH keys.
required: false
default: "${{ github.triggering_actor }},${{ github.actor }}"
wait-for-continue:
description: >-
Wait for a ~/continue file to appear before returning to the calling
workflow.
required: false
default: false
runs:
using: composite
steps:
- name: Setup SSH
shell: bash
working-directory: ${{ github.action_path }}
run: |
# Setup SSH
echo "::group::Debug info"
./debug-info
echo "::endgroup::"
echo "::group::Install Tailscale"
curl -fsSL --proto '=https' https://tailscale.com/install.sh | sudo bash
echo "::endgroup::"
echo "::group::Setup Tailscale"
./setup-tailscale "${{ inputs.tailscale-auth-key }}"
echo "::endgroup::"
echo "::group::Setup SSH keys"
./setup-keys "${{ inputs.allowed-users }}"
echo "::endgroup::"
./connection-info
- if: inputs.wait-for-continue
name: Waiting for ~/continue to appear…
shell: bash
working-directory: ${{ github.action_path }}
run: ./wait-for-continue