Dockerfile

@@ -5,7 +5,7 @@ RUN apk update && apk add --no-cache --upgrade rsync openssh openssl busybox
 RUN rm -rf /var/cache/apk/*
 
 COPY docker-rsync/* /bin/
-RUN chmod +x /bin/agent-* /bin/ssh-* /bin/hosts-*
+RUN chmod +x /bin/agent-*
 
 FROM base AS build
 

README.md

@@ -15,45 +15,8 @@ The base-image of this action is very small and based on **Alpine 3.23.0** (no c
 Alpine version: [3.23.0](https://www.alpinelinux.org/posts/Alpine-3.23.0-released.html)
 Rsync version: [3.4.1-r1](https://download.samba.org/pub/rsync/NEWS#3.4.1)
 
-## Current Version: v8 (8.0.2)
-
-### Release channels:
-
-| Version | Purpose          | Immutable  | 
-| ------- | ------------------ | ------------------ | 
-| ``v8`` (recommended)  |  latest MAJOR (pointer to 8.MINOR.PATCH) | no |
-| 8.0.2  | latest MINOR+PATCH | yes |
-| 7.1.0   | previous release ([deprecation notice](https://github.com/Burnett01/rsync-deployments/discussions/96)) | yes |
-
-Check [SECURITY.md](SECURITY.md) for support cycles.
-
 ---
 
-## How it works
-
-```yml
-name: DEPLOY
-on:
-  push:
-    branches:
-    - master
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v6
-    - name: rsync deployments
-      uses: burnett01/rsync-deployments@v8
-      with:
-        switches: -avzr --delete
-        path: src/
-        remote_path: ${{ secrets.REMOTE_PATH }} # ex: /var/www/html/
-        remote_host: ${{ secrets.REMOTE_HOST }} # ex: example.com
-        remote_port: ${{ secrets.REMOTE_PORT }} # ex: 22
-        remote_user: ${{ secrets.REMOTE_USER }} # ex: ubuntu
-        remote_key: ${{ secrets.REMOTE_PRIVATE_KEY }}
-```
-
 ## Inputs
 
 - `debug`* - Whether to enable debug output. ("true" / "false") - Default: "false"
@@ -90,9 +53,19 @@ This action needs secret variables for the ssh private key of your key pair. The
 
 For simplicity, we are using `REMOTE_*` as the secret variables throughout the examples.
 
-## Example usage
+## Current Version: v8 (8.0.0)
 
-For better **security** always use secrets for remote_host, remote_port, remote_user and remote_path inputs.
+### Release channels:
+
+| Version | Purpose          | Immutable  | 
+| ------- | ------------------ | ------------------ | 
+| ``v8``  |  latest release (pointer to 8.x.x) | no, points to latest MINOR,PATCH |
+| 8.0.0  | latest major release | yes |
+| 7.1.0   | previous release | yes |
+
+Check [SECURITY.md](SECURITY.md) for support cycles.
+
+## Example usage
 
 Simple:
 
@@ -113,14 +86,13 @@ jobs:
       with:
         switches: -avzr --delete
         path: src/
-        remote_path: ${{ secrets.REMOTE_PATH }} # ex: /var/www/html/
+        remote_path: /var/www/html/
-        remote_host: ${{ secrets.REMOTE_HOST }} # ex: example.com
+        remote_host: example.com
-        remote_port: ${{ secrets.REMOTE_PORT }} # ex: 22
+        remote_user: debian
-        remote_user: ${{ secrets.REMOTE_USER }} # ex: ubuntu
         remote_key: ${{ secrets.REMOTE_PRIVATE_KEY }}
 ```
 
-Advanced (with filters etc):
+Advanced:
 
 ```yml
 jobs:
@@ -133,10 +105,30 @@ jobs:
       with:
         switches: -avzr --delete --exclude="" --include="" --filter=""
         path: src/
-        remote_path: ${{ secrets.REMOTE_PATH }} # ex: /var/www/html/
+        remote_path: /var/www/html/
-        remote_host: ${{ secrets.REMOTE_HOST }} # ex: example.com
+        remote_host: example.com
-        remote_port: ${{ secrets.REMOTE_PORT }} # ex: 22
+        remote_port: 5555
-        remote_user: ${{ secrets.REMOTE_USER }} # ex: ubuntu
+        remote_user: debian
+        remote_key: ${{ secrets.REMOTE_PRIVATE_KEY }}
+```
+
+For better **security**, I suggest you create additional secrets for remote_host, remote_port, remote_user and remote_path inputs.
+
+```yml
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v6
+    - name: rsync deployments
+      uses: burnett01/rsync-deployments@v8
+      with:
+        switches: -avzr --delete
+        path: src/
+        remote_path: ${{ secrets.REMOTE_PATH }}
+        remote_host: ${{ secrets.REMOTE_HOST }}
+        remote_port: ${{ secrets.REMOTE_PORT }}
+        remote_user: ${{ secrets.REMOTE_USER }}
         remote_key: ${{ secrets.REMOTE_PRIVATE_KEY }}
 ```
 
@@ -153,10 +145,10 @@ jobs:
       with:
         switches: -avzr --delete
         path: src/
-        remote_path: ${{ secrets.REMOTE_PATH }} # ex: /var/www/html/
+        remote_path: ${{ secrets.REMOTE_PATH }}
-        remote_host: ${{ secrets.REMOTE_HOST }} # ex: example.com
+        remote_host: ${{ secrets.REMOTE_HOST }}
-        remote_port: ${{ secrets.REMOTE_PORT }} # ex: 22
+        remote_port: ${{ secrets.REMOTE_PORT }}
-        remote_user: ${{ secrets.REMOTE_USER }} # ex: ubuntu
+        remote_user: ${{ secrets.REMOTE_USER }}
         remote_key: ${{ secrets.REMOTE_PRIVATE_KEY }}
         remote_key_pass: ${{ secrets.REMOTE_PRIVATE_KEY_PASS }}
 ```
@@ -180,10 +172,10 @@ jobs:
         switches: -avzr --delete
         legacy_allow_rsa_hostkeys: "true"
         path: src/
-        remote_path: ${{ secrets.REMOTE_PATH }} # ex: /var/www/html/
+        remote_path: ${{ secrets.REMOTE_PATH }}
-        remote_host: ${{ secrets.REMOTE_HOST }} # ex: example.com
+        remote_host: ${{ secrets.REMOTE_HOST }}
-        remote_port: ${{ secrets.REMOTE_PORT }} # ex: 22
+        remote_port: ${{ secrets.REMOTE_PORT }}
-        remote_user: ${{ secrets.REMOTE_USER }} # ex: ubuntu
+        remote_user: ${{ secrets.REMOTE_USER }}
         remote_key: ${{ secrets.REMOTE_PRIVATE_KEY }}
 ```
 
@@ -285,12 +277,6 @@ sudo apk add rsync
 
 ## Versions
 
-## Version 8.0.0 (EOL due to regression -> fixed via 8.0.1 & 8.0.2)
-
-Check here: 
-
-- https://github.com/Burnett01/rsync-deployments/tree/8.0.0  (alpine 3.23.0)
-
 ## Version 7.1.0
 
 Check here: 
@@ -372,7 +358,7 @@ Please note that version 1.0 has reached end of life state.
 ## Acknowledgements
 
 + This project is a fork of [Contention/rsync-deployments](https://github.com/Contention/rsync-deployments)
-+ docker-rsync [JoshPiper/rsync-docker](https://github.com/JoshPiper/rsync-docker)
++ Base image [JoshPiper/rsync-docker](https://github.com/JoshPiper/rsync-docker)
 
 ---
 

SECURITY.md

@@ -6,21 +6,19 @@ The Docker image and code quality are regularly checked for vulnerabilities and
 
 The following versions are currently being supported with security updates:
 
-| Version | Supported          | Rsync version          | Alpine version          | Support Until  |
+| Version | Supported          | Rsync version          | Alpine version          |
-| ------- | ------------------ | ------------------ | ------------------ | ------------------ | 
+| ------- | ------------------ | ------------------ | ------------------ |
-| (``v8``) 8.0.2  | :white_check_mark: | >= 3.4.1-r1 | 3.23.0 | LTS (2026-*) |
+| 8.0.0  | :white_check_mark: | >= 3.4.1-r1 | 3.23.0 |
-| 8.0.1  | :white_check_mark: | >= 3.4.1-r1 | 3.23.0 | Apr, 1st 2026 |
+| 7.1.0  | :white_check_mark: | >= 3.4.1-r0 | 3.22.1 |
-| 8.0.0  | :x: EOL (due to regression #90) | >= 3.4.1-r1 | 3.23.0 | † Dec, 6th 2025 |
+| 7.0.2   | :warning: DEPRECATED | >= 3.4.0-r0 | 3.22.1 |
-| 7.1.0  | :warning: DEPRECATED | >= 3.4.1-r0 | 3.22.1 | June, 1st 2026 ([deprecation notice](https://github.com/Burnett01/rsync-deployments/discussions/96)) |
+| 7.0.1   | :x: EOL | < 3.4.0 | 3.22.1 |
-| 7.0.2   | :warning: DEPRECATED | >= 3.4.0-r0 | 3.22.1 | June, 1st 2026 ([deprecation notice](https://github.com/Burnett01/rsync-deployments/discussions/96)) |
+| 7.0.0   | :x: EOL | < 3.4.0| 3.19.1 |
-| 7.0.1   | :x: EOL | < 3.4.0 | 3.22.1 | † Dec, 6th 2025 |
+| 6.x   | :x: EOL |< 3.4.0| 3.17.2 |
-| 7.0.0   | :x: EOL | < 3.4.0| 3.19.1 | † Dec, 6th 2025 |
+| 5.x   | :x: EOL |< 3.4.0| 3.11 - 3.14.1 - 3.15 - 3.16 - 3.17.2 |
-| 6.x   | :x: EOL |< 3.4.0| 3.17.2 | † 2024 |
+| 4.x   | :x: EOL |< 3.4.0| 3.11 |
-| 5.x   | :x: EOL |< 3.4.0| 3.11 - 3.14.1 - 3.15 - 3.16 - 3.17.2 | † 2024 |
+| 3.0   | :x: EOL |< 3.4.0| N/A |
-| 4.x   | :x: EOL |< 3.4.0| 3.11 |  † |
+| 2.0   | :x: EOL               |< 3.4.0| Ubuntu |
-| 3.0   | :x: EOL |< 3.4.0| N/A | † |
+| 1.0   | :x: EOL               |< 3.4.0| Ubuntu |
-| 2.0   | :x: EOL               |< 3.4.0| Ubuntu | † |
-| 1.0   | :x: EOL               |< 3.4.0| Ubuntu | † |
 
 ### Terminology
 

docker-rsync/README.md

@@ -1,40 +0,0 @@
-# Scripts
-
-Shell-scripts to help with managing SSH agents and known hosts files.
-
-### SSH Management
-
-#### ssh-init
-This command create the ``$HOME/.ssh`` folder with default permissions ``700``.
-
-### SSH-Agent Management
-
-#### agent-start
-This command starts the SSH agent, if it isn't already started (SSH_AGENT_PID set or ssh agent ID file found).
-It takes one optional argument, for the name of the agent to be started. Defaults to "default".
-This program needs to be source'd to work correctly.
-`source agent-start "default"`
-
-#### agent-stop
-This command stops the SSH agent, if it is started (SSH_AGENT_PID set or ssh agent ID file found).
-It takes one optional argument, for the name of the agent to be stopped. Defaults to "default".
-`agent-stop "my-agent-name"`
-
-#### agent-add
-This command adds a key to the currently running SSH agent. The key is taken from stdin, and the agent used is that in SSH_AGENT_PID.
-
-#### agent-askpass
-This command is called by ssh-add when the [SSH_ASKPASS](https://man.openbsd.org/ssh-add.1#ENVIRONMENT) variable is set active. The command returns the SSH_PASS to [ssh-askpass(1)](https://man.openbsd.org/ssh-askpass.1).
-
-This command is ignored by ssh-add if the key does not require a passphrase.
-
-### known_hosts management
-
-#### hosts-init
-This command creates the known_hosts file (``$HOME/.ssh/known_hosts``) with default permission ``600``.
-
-#### hosts-add
-This command adds an entry to the known hosts file, and ensures its permissions are correct. It takes one argument, which is the new key to add.
-
-#### hosts-clear
-This command truncates the known_hosts file.

docker-rsync/hosts-add

@@ -2,4 +2,4 @@
 
 set -eu
 
-echo "$@" >> $HOME/.ssh/known_hosts
+printf '%s\n' "$@" >> $HOME/.ssh/known_hosts

docker-rsync/hosts-init

@@ -2,8 +2,5 @@
 
 set -eu
 
-if [ ! -f "$HOME/.ssh/known_hosts" ]; then
 touch $HOME/.ssh/known_hosts
-fi
-
 chmod 600 $HOME/.ssh/known_hosts

docker-rsync/ssh-init

@@ -2,6 +2,4 @@
 
 set -eu
 
-if [ ! -d "$HOME/.ssh" ]; then
 mkdir -m 700 $HOME/.ssh
-fi

entrypoint.sh

@@ -17,7 +17,7 @@ source hosts-init
 
 # Start the SSH agent and load key.
 source agent-start "$GITHUB_ACTION"
-echo "$INPUT_REMOTE_KEY" | SSH_PASS="$INPUT_REMOTE_KEY_PASS" agent-add
+printf '%s' "$INPUT_REMOTE_KEY" | SSH_PASS="${INPUT_REMOTE_KEY_PASS}" agent-add >/dev/null 2>&1
 
 # Variables.
 LEGACY_RSA_HOSTKEYS=""