SSH

Execute commands on a remote host via SSH.

• host: Target machine hostname or IP address. Multiple target machines are supported and separated by commas.
• port: SSH port of the target host
• protocol: The IP protocol to use: can be tcp, tcp4, or tcp6
• username: Username for the target host
• password: Password for the target host
• key: Private key text
• key_path: Path to the private key
• passphrase: Passphrase for the private key
• script: Command(s) to execute on the remote server. Does not support array form.
• script_stop: Stop executing subsequent commands if a command fails
• timeout: Maximum time allowed to establish an SSH connection. Default is 30 seconds
• command_timeout: Maximum time allowed to execute a command. Default is 10 minutes
• proxy_host: Hostname or IP of the proxy
• proxy_port: SSH port of the proxy host
• proxy_protocol: The IP protocol to use for the proxy: can be tcp, tcp4, or tcp6
• proxy_username: Username for the proxy host
• proxy_password: Password for the proxy host
• proxy_key: Plain text of the proxy host's private key
• proxy_key_path: Path to the proxy host's private key
• proxy_passphrase: Passphrase for the proxy host's private key

Simple example:

main:
  push:
    - stages:
      - name: echo file
        image: cnbcool/ssh
        settings:
          host: xx.xx.xx.xxx
          port: 22
          username: root
          password: xxxx
          script: |
            echo 111
            echo test > ~/test.txt

Example with multiple target machines:

main:
  push:
    - stages:
      - name: echo file
        image: cnbcool/ssh
        settings:
          # Both of the following ways to pass host are acceptable
          host: 
            - xx.xx.xx.xxx
            - xx.xx.xx.xxx
          # host: xx.xx.xx.xxx,xx.xx.xx.xxx
          port: 22
          username: root
          password: xxxx
          script: |
            echo 111
            echo test > ~/test.txt

Example with host including port:

main:
  push:
    - stages:
      - name: echo file
        image: cnbcool/ssh
        settings:
          host: 
            - xx.xx.xx.xxx:22
            - xx.xx.xx.xxx:22
          username: root
          password: xxxx
          script: |
            echo 111
            echo test > ~/test.txt

Example with command timeout:

main:
  push:
    - stages:
      - name: echo file
        image: cnbcool/ssh
        settings:
          host: xx.xx.xx.xx:22
          username: root
          password: xxxx
          command_timeout: 10s
          script: sleep 15s

Example of referencing a secrets repository config file to get password:

# Secrets repository env.yml
PAASWORD: xxxx

# Declare that the plugin task for the specified image can reference this config file
allow_images:
  - cnbcool/ssh
# Declare that the pipeline for the specified repository can reference this config file
allow_slugs:
  - group/repo

main:
  push:
    - stages:
      - name: echo file
        # Reference the secrets repository config file
        imports: https://xxx/group/secret-repo/-/blob/main/env.yml
        image: cnbcool/ssh
        settings:
          host: xx.xx.xx.xxx:22
          username: root
          # Reference the variable from the secrets repository config file
          password: $PAASWORD
          script: echo 111

Example of referencing a secrets repository config file to get SSH key:

# Secrets repository env.yml
SSH_KEY: |
  -----BEGIN OPENSSH PRIVATE KEY-----
  xxx
  -----END OPENSSH PRIVATE KEY-----

# Declare that the plugin task for the specified image can reference this config file
allow_images:
  - cnbcool/ssh
# Declare that the pipeline for the specified repository can reference this config file
allow_slugs:
  - group/repo

main:
  push:
    - stages:
      - name: echo file
        # Reference the secrets repository config file
        imports: https://xxx/group/secret-repo/-/blob/main/env.yml
        image: cnbcool/ssh
        settings:
          host: xx.xx.xx.xxx:22
          username: root
          key: $SSH_KEY
          script: echo 111

Example of stopping script execution after a command failure:

main:
  push:
    - stages:
      - name: echo file
        image: cnbcool/ssh
        settings:
          host: 
            - xx.xx.xx.xxx:22
          username: root
          password: xxxx
          script_stop: true
          script: |
            echo test1 > ~/test.txt
            echo1 hellworld
            # This command will not execute because the previous one failed
            echo test2 > ~/test.txt

Example with SSH key that has a passphrase:

main:
  push:
    - stages:
      - name: echo file
        # Reference the secrets repository config file
        imports: http://xxx/-group/secret-repo/-/blob/main/env.yml
        image: cnbcool/ssh
        settings:
          host: xx.xx.xx.xxx:22
          username: root
          key: $SSH_KEY_PHRASE
          passphrase: xxx
          script: echo 111

Example of using a JumpServer to execute commands on an internal network machine:

main:
  push:
    - imports: https://cnb.cool/examples/secrets/-/blob/main/springboot-maven-docker-jumpserver-config.yml
      stages:
        - name: Execute startup command on the target machine via SSH plugin and jumpserver
          image: cnbcool/ssh
          settings:
            # Internal network machine IP
            host: ${REMOTE_HOST}
            username: ${REMOTE_USERNAME}
            key: ${REMOTE_KEY}
            port: ${REMOTE_PORT}
            command_timeout: 2m
            # Public network machine IP
            proxy_host: ${PROXY_HOST}
            proxy_port: ${PROXY_PORT}
            proxy_protocol: tcp
            proxy_username: ${PROXY_USERNAME}
            proxy_key: ${PROXY_KEY}
            script: echo 111