chore: upgrade drone-scp to v1.6.7 version. (#101)

- Add a new job `changes` to the `ci.yml` file
- Copy changed files to a server in the `changes` job
- Add a YAML code block to the `README.md` file

fix https://github.com/appleboy/scp-action/issues/73

.github/FUNDING.yml

@@ -0,0 +1,13 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
+custom: ['https://www.paypal.me/appleboy46']

.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+  - package-ecosystem: gomod
+    directory: /
+    schedule:
+      interval: weekly

.github/workflows/ci.yml

@@ -2,12 +2,12 @@ name: scp files
 on: [push]
 jobs:
 
-  build:
-    name: Build
+  testing:
+    name: test scp action
     runs-on: ubuntu-latest
     steps:
     - name: checkout
-      uses: actions/checkout@v1
+      uses: actions/checkout@v3
 
     - name: copy file via ssh password
       uses: ./
@@ -62,3 +62,78 @@ jobs:
         source: "tests/a.txt,tests/b.txt"
         target: "test"
         use_insecure_cipher: true
+
+    - name: correct key but wrong password
+      uses: appleboy/scp-action@7af00892de6f8397c5c3393cfb3b32ae7f91b94b
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: ${{ secrets.KEY }}
+        password: abcdefg
+        port: ${{ secrets.PORT }}
+        source: "tests/a.txt,tests/b.txt"
+        target: "test"
+
+    - name: correct password but wrong key
+      uses: appleboy/scp-action@7af00892de6f8397c5c3393cfb3b32ae7f91b94b
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: abcdefg
+        password: ${{ secrets.PASSWORD }}
+        port: ${{ secrets.PORT }}
+        source: "tests/a.txt,tests/b.txt"
+        target: "test"
+
+  deploy:
+    name: deploy artifact
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout
+      uses: actions/checkout@v3
+
+    - run: echo hello > world.txt
+
+    - uses: actions/upload-artifact@v3
+      with:
+        name: my-artifact
+        path: world.txt
+
+    - uses: actions/download-artifact@v2
+      with:
+        name: my-artifact
+        path: distfiles
+
+    - name: copy file to server
+      uses: ./
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: ${{ secrets.KEY }}
+        port: ${{ secrets.PORT }}
+        source: distfiles/*
+        target: test
+
+  changes:
+    name: test changed-files
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout
+      uses: actions/checkout@v3
+
+    - name: Get changed files
+      id: changed-files
+      uses: tj-actions/changed-files@v35
+      with:
+        since_last_remote_commit: true
+        separator: ","
+
+    - name: copy file to server
+      uses: ./
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: ${{ secrets.KEY }}
+        port: ${{ secrets.PORT }}
+        source: ${{ steps.changed-files.outputs.all_changed_files }}
+        target: test

Dockerfile

@@ -1,4 +1,4 @@
-FROM appleboy/drone-scp:1.6.3-linux-amd64
+FROM ghcr.io/appleboy/drone-scp:1.6.7
 
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh

README.md

@@ -2,8 +2,6 @@
 
 [GitHub Action](https://github.com/features/actions) for copying files and artifacts via SSH.
 
-![ssh key](./images/copy-multiple-file.png)
-
 [![Actions Status](https://github.com/appleboy/scp-action/workflows/scp%20files/badge.svg)](https://github.com/appleboy/scp-action/actions)
 
 **Important**: Only support **Linux** [docker](https://www.docker.com/) container.
@@ -47,12 +45,14 @@ See the [action.yml](./action.yml) file for more detail information.
 * command_timeout - timeout for scp command, default is `10m`
 * key - content of ssh private key. ex raw content of ~/.ssh/id_rsa
 * key_path - path of ssh private key
-* target - target path on the server
-* source - scp file list
+* target - target path on the server, must be a directory (**required**)
+* source - scp file list (**required**)
 * rm - remove target folder before upload data, default is `false`
 * strip_components - remove the specified number of leading path elements.
-* overwrite - use `--overwrite` flag with tar
+* overwrite - use `--overwrite` flag with tar, overwrite existing files when extracting
 * tar_tmp_path - temporary path for tar file on the dest host
+* tar_exec - path to tar executable on the dest host. default is `tar`
+* tar_dereference - use `--dereference` flag with tar, follow symlinks; archive and dump the files they point to
 * use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#15](https://github.com/appleboy/scp-action/issues/15))
 
 SSH Proxy Setting:
@@ -68,7 +68,70 @@ SSH Proxy Setting:
 * proxy_fingerprint - fingerprint SHA256 of the host public key, default is to skip verification
 * proxy_use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#15](https://github.com/appleboy/scp-action/issues/15))
 
-### Example
+## Setting up a SSH Key
+
+Make sure to follow the below steps while creating SSH Keys and using them.
+The best practice is create the SSH Keys on local machine not remote machine.
+Login with username specified in Github Secrets. Generate a RSA Key-Pair:
+
+```bash
+# rsa
+ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
+
+# ed25519
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
+Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
+
+```bash
+# rsa
+cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+
+# d25519
+cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+Copy Private Key content and paste in Github Secrets.
+
+```bash
+# rsa
+clip < ~/.ssh/id_rsa
+
+# ed25519
+clip < ~/.ssh/id_ed25519
+```
+
+See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
+
+**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
+
+* Put the public key in `.ssh/authorized_keys2`
+* Change the permissions of `.ssh` to 700
+* Change the permissions of `.ssh/authorized_keys2` to 640
+
+### If you are using OpenSSH
+
+If you are currently using OpenSSH and are getting the following error:
+
+```bash
+ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
+```
+
+Make sure that your key algorithm of choice is supported.
+On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under `/etc/ssh/sshd_config.d/`):
+
+```bash
+CASignatureAlgorithms +ssh-rsa
+```
+
+Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
+## Example
 
 Copy file via a SSH password:
 
@@ -126,6 +189,53 @@ Example configuration for multiple servers:
     target: "test"
 ```
 
+Example configuration for exclude custom files:
+
+```yaml
+  uses: appleboy/scp-action@master
+  with:
+    host: "example.com"
+    username: foo
+    password: bar
+    port: 22
+-   source: "tests/*.txt"
++   source: "tests/*.txt,!tests/a.txt,!tests/b.txt"
+    target: "test"
+```
+
+Upload artifact files to remote server:
+
+```yaml
+  deploy:
+    name: deploy artifact
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout
+      uses: actions/checkout@v3
+
+    - run: echo hello > world.txt
+
+    - uses: actions/upload-artifact@v3
+      with:
+        name: my-artifact
+        path: world.txt
+
+    - uses: actions/download-artifact@v2
+      with:
+        name: my-artifact
+        path: distfiles
+
+    - name: copy file to server
+      uses: appleboy/scp-action@master
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: ${{ secrets.KEY }}
+        port: ${{ secrets.PORT }}
+        source: distfiles/*
+        target: test
+```
+
 Remove the specified number of leading path elements:
 
 ```yaml
@@ -141,6 +251,34 @@ Remove the specified number of leading path elements:
     strip_components: 1
 ```
 
+Only copy files that are newer than the corresponding destination files:
+
+```yaml
+  changes:
+    name: test changed-files
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout
+      uses: actions/checkout@v3
+
+    - name: Get changed files
+      id: changed-files
+      uses: tj-actions/changed-files@v35
+      with:
+        since_last_remote_commit: true
+        separator: ","
+
+    - name: copy file to server
+      uses: appleboy/scp-action@master
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: ${{ secrets.KEY }}
+        port: ${{ secrets.PORT }}
+        source: ${{ steps.changed-files.outputs.all_changed_files }}
+        target: test
+```
+
 Old target structure:
 
 ```sh

action.yml

@@ -29,7 +29,7 @@ inputs:
     description: 'include more ciphers with use_insecure_cipher'
     default: false
   target:
-    description: 'target path on the server'
+    description: 'target path on the server, must be a directory path.'
   source:
     description: 'scp file list'
   rm:
@@ -42,10 +42,16 @@ inputs:
     description: 'remove the specified number of leading path elements'
     default: 0
   overwrite:
-    description: 'use `--overwrite` flag with tar'
+    description: 'use --overwrite flag with tar'
+    default: false
+  tar_dereference:
+    description: 'use --dereference flag with tar'
     default: false
   tar_tmp_path:
     description: 'temporary path for tar file on the dest host'
+  tar_exec:
+    description: 'temporary path for tar file on the dest host'
+    default: 'tar'
   proxy_host:
     description: 'ssh proxy remote host'
   proxy_port:

tests/a.txt

@@ -1 +1,2 @@
 foo
+foobar

tests/b.txt

@@ -1 +1,2 @@
 bar
+foobar

tests/c.txt

@@ -1 +1,3 @@
 c
+foobar
+test1234

tests/d.txt

@@ -1 +1,3 @@
 d
+foobar
+foobar