Skip to content

Commit 751d26d

Browse files
committed
build: switch to plain sftp without sshpass
The password aproach was used because the previous used action was only able to deal with passwords. Use ssh keys directly and avoid all complexity with sshpass. Signed-off-by: Daniel Wagner <[email protected]>
1 parent 4a4331a commit 751d26d

1 file changed

Lines changed: 12 additions & 12 deletions

File tree

.github/workflows/upload.yml

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -68,24 +68,24 @@ jobs:
6868

6969
- name: upload to SFTP server
7070
env:
71-
SSHPASS: ${{ secrets.SFTP_PASSWORD }}
7271
SFTP_USERNAME: ${{ secrets.SFTP_USERNAME }}
7372
SFTP_SERVER: ${{ secrets.SFTP_SERVER }}
7473
SFTP_HOST_KEY: ${{ secrets.SFTP_HOST_KEY }}
74+
SFTP_PRIVATE_KEY: ${{ secrets.SFTP_PRIVATE_KEY }}
7575
run: |
76-
sudo apt-get install -y sshpass
7776
mkdir -p ~/.ssh
77+
chmod 700 ~/.ssh
7878
echo "${SFTP_HOST_KEY}" > ~/.ssh/known_hosts
79-
(
80-
echo "cd /upload"
81-
for f in upload/nvme-cli-*; do
82-
[ -f "$f" ] || continue
83-
echo "put $f $(basename "$f")"
84-
done
85-
) | sshpass -e sftp -b - \
86-
-o PubkeyAuthentication=no \
87-
-o PreferredAuthentications=password \
88-
"${SFTP_USERNAME}@${SFTP_SERVER}"
79+
echo "${SFTP_PRIVATE_KEY}" > ~/.ssh/id_ed25519
80+
chmod 600 ~/.ssh/id_ed25519
81+
SFTP_BATCH=$(mktemp)
82+
trap 'rm -f "$SFTP_BATCH"' EXIT
83+
echo "cd /upload" > "$SFTP_BATCH"
84+
for f in upload/nvme-cli-*; do
85+
[ -f "$f" ] || continue
86+
echo "put $f $(basename "$f")" >> "$SFTP_BATCH"
87+
done
88+
sftp -b "$SFTP_BATCH" "${SFTP_USERNAME}@${SFTP_SERVER}"
8989
9090
upload-release-assets:
9191
name: upload GitHub release assets

0 commit comments

Comments
 (0)