Hostux/github.com_burnett01_rsync-deployments
1
0
Fork 1
mirror of https://github.com/Burnett01/rsync-deployments.git synced 2025-12-19 11:12:18 +01:00
Code Issues Projects Releases Packages Wiki Activity
168 commits 12 branches 19 tags 464 KiB
Commit graph

168 commits

This branch
This branch
All branches
Author SHA1 Message Date
Burnett01
35c5778c2d refactor: bats tests to cover STRICT_HOSTKEYS_CHECKING + assert whole rsync command 2025-12-02 17:08:29 +00:00
Burnett01
09f62ba15b chore: force-upgrade alpine busybox to tackle CVE-2024-58251 
See: https://github.com/Burnett01/rsync-deployments/security/code-scanning/15
 2025-12-02 15:17:42 +00:00
Burnett01
6cb3f8196c refactor: SC3040 (warning): In POSIX sh, set option pipefail is undefined. 2025-12-02 15:15:01 +00:00
Burnett01
d4d84ba02c chore: upgrade alpine 3.22.2 2025-12-02 15:09:19 +00:00
Burnett01
bf2d964f6f fix: remove debug output of known_hosts file in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
e0b7fb752e fix: replace tilde with $HOME for consistent path usage in scripts 2025-12-02 14:52:50 +00:00
Burnett01
61419b36d6 fix: remove debug output and known_hosts file display in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
a1f741433d fix: remove debug output of known_hosts file in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
bf4dca9d8e fix: replace echo with printf for consistent output formatting in hosts-add script 2025-12-02 14:52:50 +00:00
Burnett01
4369819153 debug 2025-12-02 14:52:50 +00:00
Burnett01
d4a9011612 fix: correct command substitution syntax for ssh-keyscan output processing 2025-12-02 14:52:50 +00:00
Burnett01
4b49843a52 fix: update strict host key checking to include known hosts file 2025-12-02 14:52:50 +00:00
Burnett01
1b2e963616 fix: filter out comments from ssh-keyscan output for strict host key checking 2025-12-02 14:52:50 +00:00
Burnett01
f85e1bae12 feat: add hosts-add script to manage SSH known hosts 2025-12-02 14:52:50 +00:00
Burnett01
8e8f89cdc5 feat: add host key verification and handling for strict host key checking 2025-12-02 14:52:50 +00:00
Burnett01
e9f72e6ef0 fix: use GITHUB_ACTION variable for SSH agent start in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
055751bf9e fix: correct debug mode setting in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
8bb0d8b3ce fix: correct debug mode setting in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
7293bea8ec feat: add debug input to action and enable debug mode in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
93eda1c97c fix: ensure proper initialization and cleanup of known hosts in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
7b075b3367 feat: add hosts-clear and hosts-init scripts for managing known_hosts 2025-12-02 14:52:50 +00:00
Burnett01
c0170dd157 fix: correct variable name for INPUT_SWITCHES in rsync command execution 2025-12-02 14:52:50 +00:00
Burnett01
82725684f9 fix: replace exec with sh -c for rsync command execution in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
7bf29be338 fix: remove unnecessary quotes around INPUT_SWITCHES in rsync command 2025-12-02 14:52:50 +00:00
Burnett01
069d4f1b5c fix: handle unset SSH_AGENT_PID variable in agent-start script 2025-12-02 14:52:50 +00:00
Burnett01
0fb32f477b fix: change SSH agent start argument to default in entrypoint script 2025-12-02 14:52:50 +00:00
Burnett01
844957283c fix: update Dockerfile to correct chmod command for agent scripts 2025-12-02 14:52:50 +00:00
Burnett01
9b1bf7278e feat: rsync-docker as first-party code, configureable strict host keys checking 2025-12-02 14:52:50 +00:00
Steven
92961b5880
feat: always force-upgrade alpine openssl 
Force upgrade the alpines openssl to  3.5.4-r0 in order to tackle CVE-2025-9230 (low)
CVE-2025-9231 (low)
CVE-2025-9232 (low)

See: 
https://github.com/Burnett01/rsync-deployments/security/code-scanning/7

https://github.com/Burnett01/rsync-deployments/security/code-scanning/8

https://github.com/Burnett01/rsync-deployments/security/code-scanning/9
 2025-10-07 19:04:58 +02:00
Steven
96abc27e05
fix: snyk-docker-vulnerability-scan sarif 
See https://github.com/github/codeql-action/issues/2187#issuecomment-2043220400
 2025-10-07 18:55:29 +02:00
Steven
7e729bf4dd
fix: snyk-docker-vulnerability-scan sarif 
See https://github.com/github/codeql-action/issues/2187#issuecomment-2043220400
 2025-10-07 18:53:39 +02:00
Steven
c23b68a9ef
chore: snyk output sarif file content 2025-10-07 18:45:23 +02:00
Steven
3e83373c59
fix: snyk-docker-vulnerability-scan sarif 
caused by github/codeql-action#3156
 2025-10-07 18:33:54 +02:00
Steven
da6a0e1f57
fix: snyk-docker-vulnerability-scan sarif 
caused by github/codeql-action#3156
 2025-10-07 18:30:41 +02:00
Steven
0b92d76269
fix: snyk-docker-vulnerability-scan sarif 
caused by https://github.com/github/codeql-action/issues/3156
 2025-10-07 18:10:15 +02:00
Copilot
78cbabbd5c
chore: adjust troubleshooting section for missing rsync on remote host (#86) 
* Adjust troubleshooting section for missing rsync on remote host

Co-authored-by: Burnett01 <1208707+Burnett01@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Burnett01 <1208707+Burnett01@users.noreply.github.com>
 2025-09-23 21:08:48 +02:00
Copilot
f1607ccbba
Add comprehensive SSH troubleshooting section with documentation links and improved secret naming to README (#83) 
* chore: Add comprehensive SSH troubleshooting section to README

* chore: Enhance README with rsync documentation link, SSH key guide

* chore: further enrich readme with more troubleshooting + change secrets name from DEPLOY_* to REMOTE_*

* chore: Added a new section for versions and updated heading formatting.

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Burnett01 <1208707+Burnett01@users.noreply.github.com>
Co-authored-by: sovetski
 2025-09-19 15:40:13 +02:00
Steven
3de7ffff44
Revise Media section and add new pingback links 
Updated section title and added media links.
 2025-09-01 12:52:06 +02:00
Steven
9ffbf95175
chore: Add CI badges to README 2025-09-01 12:37:49 +02:00
Steven
02794c2f5a
Rename CI workflow file to ci-validating-linting-testing.yml 2025-09-01 12:34:44 +02:00
Steven
7cbc96a81e
Rename snyk-container.yml to snyk-docker-vulnerability-scan.yml 2025-09-01 12:34:18 +02:00
Steven
1eeed00fb4
chore: Update CI workflow name for clarity 2025-09-01 12:32:53 +02:00
Steven
581feb8967
Rename workflow to 'Snyk Docker Vulnerability Scan' 2025-09-01 12:31:06 +02:00
Steven
fbd408424a
feat: Snyk container workflow configuration (#79) 
* Update Snyk container workflow configuration

* Update Docker image name in Snyk workflow

* Update Snyk action to use latest master version
 2025-09-01 12:25:11 +02:00
Steven
51bdd07760
chore: issue templates 2025-09-01 11:41:30 +02:00
Steven
eb1d171493
feat: restrict workflow permissions to PoLP (principle of least privilege) 
Discovered by Code scanning alert no. 6: Workflow does not contain permissions (#78)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2025-09-01 11:37:07 +02:00
Steven
53581dff6d
Add bats tests (#76) 
* Add Bats tests and workflow for entrypoint.sh

* Add Bats tests and workflow

* Add comprehensive GitHub Actions CI workflow (#77)

* Initial plan

* Add comprehensive GitHub Actions CI workflow

Co-authored-by: Burnett01 <1208707+Burnett01@users.noreply.github.com>

* Enhance CI workflow with job dependencies and documentation

Co-authored-by: Burnett01 <1208707+Burnett01@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Burnett01 <1208707+Burnett01@users.noreply.github.com>

* Update CI workflow to only include master branch

---------

Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
 2025-08-29 22:50:40 +02:00
Steven
33214bd98b
Release/7.1.0 (#72) 
* upgrade to alpine from 3.19 to 3.22.1

Use drinternet/rsync 1.5.1 with alpine 3.22.1

https://hub.docker.com/layers/drinternet/rsync/v1.5.1/images/sha256-e61f4047577b566872764fa39299092adeab691efb3884248dbd6495dc926527

* upgrade to alpine from 3.19 to 3.22.1

Use drinternet/rsync 1.5.1 with alpine 3.22.1

https://hub.docker.com/layers/drinternet/rsync/v1.5.1/images/sha256-e61f4047577b566872764fa39299092adeab691efb3884248dbd6495dc926527

* Alpine 3.22.1

* Update SECURITY.md

* Alpine 3.22.1

* Update LICENSE
 2025-08-29 20:57:37 +02:00
Steven Agyekum
22a7777152
Merge pull request #69 from Burnett01/release/7.0.2 
Release/7.0.2
 2025-01-19 15:36:00 +01:00
Steven Agyekum
3cccb68511
Update SECURITY.md 2025-01-19 15:32:42 +01:00