ops/ssh-agent
1
0
Fork 0
mirror of https://github.com/webfactory/ssh-agent.git synced 2026-03-29 06:19:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Randomize SSH auth socket, kill agent to support non-ephemeral, self hosted runners (@thommyhh, #27)

Browse Source 
Thanks to @thommyhh for this contribution!

Unless the `SSH_AUTH_SOCK` is configured explicitly, this change will make the SSH agent use a random file name for the socket. That way, multiple, concurrent SSH agents can be used on non-ephemeral, self-hosted runners.

A new post-action step will automatically clean up the running agent at the end of a job.

Be aware of the possible security implications: Two jobs running on the same runner might be able to access each other's socket and thus access repositories and/or hosts.
This commit is contained in:
Thorben Nissen
2020-05-18 09:08:29 +02:00
committed by GitHub
parent a82ae3cd1a
commit 4fcb25e7ef
9 changed files with 424 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cleanup.js Normal file
View File

@@ -0,0 +1,10 @@
const core = require('@actions/core')
const { execSync } = require('child_process')
try {
// Kill the started SSH agent
console.log('Stopping SSH agent')
execSync('kill ${SSH_AGENT_PID}', { stdio: 'inherit' })
} catch (error) {
core.setFailed(error.message)
}