.github/workflows/demo.yml

@@ -0,0 +1,46 @@
+on: [ push, pull_request ]
+
+jobs:
+    deployment_keys_demo:
+        strategy:
+            fail-fast: false
+            matrix:
+                os: [ ubuntu-latest, macOS-latest, windows-latest ]
+        runs-on: ${{ matrix.os }}
+        steps:
+            -   uses: actions/checkout@v4
+            -   name: Setup key
+                uses: ./
+                with:
+                    ssh-private-key: |
+                        ${{ secrets.MPDUDE_TEST_1_DEPLOY_KEY }}
+                        ${{ secrets.MPDUDE_TEST_2_DEPLOY_KEY }}
+            -   run: |
+                    git clone https://github.com/mpdude/test-1.git test-1-http
+                    git clone git@github.com:mpdude/test-1.git test-1-git
+                    git clone ssh://git@github.com/mpdude/test-1.git test-1-git-ssh
+                    git clone https://github.com/mpdude/test-2.git test-2-http
+                    git clone git@github.com:mpdude/test-2.git test-2-git
+                    git clone ssh://git@github.com/mpdude/test-2.git test-2-git-ssh
+
+    docker_demo:
+        runs-on: ubuntu-latest
+        container:
+            image: ubuntu:latest
+        steps:
+            -   uses: actions/checkout@v4
+            -   run: apt update && apt install -y openssh-client git
+            -   name: Setup key
+                uses: ./
+                with:
+                    ssh-private-key: |
+                        ${{ secrets.MPDUDE_TEST_1_DEPLOY_KEY }}
+                        ${{ secrets.MPDUDE_TEST_2_DEPLOY_KEY }}
+            -   run: |
+                    git clone https://github.com/mpdude/test-1.git test-1-http
+                    git clone git@github.com:mpdude/test-1.git test-1-git
+                    git clone ssh://git@github.com/mpdude/test-1.git test-1-git-ssh
+                    git clone https://github.com/mpdude/test-2.git test-2-http
+                    git clone git@github.com:mpdude/test-2.git test-2-git
+                    git clone ssh://git@github.com/mpdude/test-2.git test-2-git-ssh
+

CHANGELOG.md

@@ -7,137 +7,133 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## v0.9.2 [2025-06-30] (khs.codes)
-
-- Support running under NixOS with dynamic user setting, or at least attempt to
-
 ## v0.9.1 [2024-03-17]
 
 ### Fixed
 
-- Fix path used to execute ssh-agent in cleanup.js to respect custom paths set by input (#235)
+* Fix path used to execute ssh-agent in cleanup.js to respect custom paths set by input (#235)
 
 ## v0.9.0 [2024-02-06]
 
 ### Changed
 
-- Update all versions of `actions/checkout` to v4 (#199)
+* Update all versions of `actions/checkout` to v4 (#199)
-- Update to Node 20 (#201)
+* Update to Node 20 (#201)
 
 ## v0.8.0 [2023-03-24]
 
 ### Changed
 
-- No longer writing GitHub's SSH host keys to `known_hosts` (#171)
+* No longer writing GitHub's SSH host keys to `known_hosts` (#171)
-- Update to actions/checkout@v3 (#143)
+* Update to actions/checkout@v3 (#143)
-- Allow the user to override the commands for git, ssh-agent, and ssh-add (#154)
+* Allow the user to override the commands for git, ssh-agent, and ssh-add (#154)
 
 ## v0.7.0 [2022-10-19]
 
 ### Added
 
-- Add the `log-public-key` input that can be used to turn off logging key identities (#122)
+ * Add the `log-public-key` input that can be used to turn off logging key identities (#122)
 
 ### Fixed
 
-- Fix path to `git` binary on Windows, assuming GitHub-hosted runners (#136, #137)
+ * Fix path to `git` binary on Windows, assuming GitHub-hosted runners (#136, #137)
-- Fix a nonsensical log message (#139)
+ * Fix a nonsensical log message (#139)
 
 ## v0.6.0 [2022-10-19]
 
 ### Changed
 
-- Update the version of Node used by the action from 12 to 16 (https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/).
+ * Update the version of Node used by the action from 12 to 16 (https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/).
 
 ## v0.5.4 [2021-11-21]
 
 ### Fixed
 
-- Update changed GitHub Host Keys (#102, #101)
+ * Update changed GitHub Host Keys (#102, #101)
 
 ### Changed
 
-- Various documentation (README) improvements and additions
+ * Various documentation (README) improvements and additions
-- Change logging to more precisely state that _public_ keys are being printed
+ * Change logging to more precisely state that _public_ keys are being printed
 
 ## v0.5.3 [2021-06-11]
 
 ### Fixed
 
-- Fixed cleanup phase to really terminate the ssh-agent (#80)
+ * Fixed cleanup phase to really terminate the ssh-agent (#80)
-- Fix termination of ssh-agent also on workflow failure (#79)
+ * Fix termination of ssh-agent also on workflow failure (#79)
 
 ### Changed
 
-- Various documentation (README) improvements and additions
+ * Various documentation (README) improvements and additions
 
 ## v0.5.2 [2021-04-07]
 
 ### Fixed
 
-- Use case-insensitive regex matching when scanning key comments (#68, #70, #71)
+ * Use case-insensitive regex matching when scanning key comments (#68, #70, #71)
 
 ### Changed
 
-- Log when a key is _not_ used as a deploy key (#69)
+ * Log when a key is _not_ used as a deploy key (#69)
 
 ## v0.5.1 [2021-03-10]
 
 ### Fixed
 
-- Fix deployment key mapping on Windows virtual environment by using SSH binaries from the Git
+ * Fix deployment key mapping on Windows virtual environment by using SSH binaries from the Git
-  suite, terminate ssh-agent upon actio termination on Windows as well (#63)
+   suite, terminate ssh-agent upon actio termination on Windows as well (#63)
-- Handle ENOENT exceptions with a graceful message
+ * Handle ENOENT exceptions with a graceful message
 
 ### Changed
 
-- Various documentation (README) improvements and additions
+ * Various documentation (README) improvements and additions
 
 ## v0.5.0 [2021-02-19]
 
 ### Added
 
-- Add support for GitHub Deployment Keys through key comments (#59). Fixes #30, closes #38.
+ * Add support for GitHub Deployment Keys through key comments (#59). Fixes #30, closes #38.
-- Support for container-based workflows and Windows (#17)
+ * Support for container-based workflows and Windows (#17)
 
 ### Fixed
 
-- Fix scripts/build.js to work on Windows (#38)
+ * Fix scripts/build.js to work on Windows (#38)
 
 ### Changed
 
-- Various documentation (README) improvements and additions
+ * Various documentation (README) improvements and additions
 
 ## v0.4.1 [2020-10-07]
 
 ### Fixed
 
-- This action no longer relies on `set-env`, which has been deprecated.
+* This action no longer relies on `set-env`, which has been deprecated.
 
 ## v0.4.0
 
 ### Changed
 
-- A failure to kill the agent in the post-action step will no longer fail the workflow run. That way, you can kill the agent yourself when necessary (#33).
+* A failure to kill the agent in the post-action step will no longer fail the workflow run. That way, you can kill the agent yourself when necessary (#33).
 
 ## v0.3.0 [2020-05-18]
 
-### Added
+### Added 
 
-- A new post-action step will automatically clean up the running agent at the end of a job. This helps with self-hosted runners, which are non-ephemeral. (@thommyhh, #27)
+* A new post-action step will automatically clean up the running agent at the end of a job. This helps with self-hosted runners, which are non-ephemeral. (@thommyhh, #27)
 
 ### Changed
 
-- Unless the SSH_AUTH_SOCK is configured explicitly, the SSH agent will now use a random file name for the socket. That way, multiple, concurrent SSH agents can be used on self-hosted runners. (@thommyhh, #27)
+* Unless the SSH_AUTH_SOCK is configured explicitly, the SSH agent will now use a random file name for the socket. That way, multiple, concurrent SSH agents can be used on self-hosted runners. (@thommyhh, #27)
 
 ## v0.2.0 [2020-01-14]
 
 ### Added
 
-- Multiple SSH keys can now be provided (#14, closes #7). Thanks to
+* Multiple SSH keys can now be provided (#14, closes #7). Thanks to
   @webknjaz and @bradmartin for support and tests.
 
-- Catch empty ssh-private-key input values and exit with a helpful
+* Catch empty ssh-private-key input values and exit with a helpful
   error message right away.
 
 ## v0.1.0 [2019-09-15]

dist/cleanup.js

@@ -2824,7 +2824,9 @@ const os = __webpack_require__(87);
 const core = __webpack_require__(470);
 
 const defaults = (process.env['OS'] != 'Windows_NT') ? {
-    homePath: os.homedir(),
+    // Use getent() system call, since this is what ssh does; makes a difference in Docker-based
+    // Action runs, where $HOME is different from the pwent
+    homePath: os.userInfo().homedir,
     sshAgentCmdDefault: 'ssh-agent',
     sshAddCmdDefault: 'ssh-add',
     gitCmdDefault: 'git'

dist/index.js

@@ -2898,7 +2898,9 @@ const os = __webpack_require__(87);
 const core = __webpack_require__(470);
 
 const defaults = (process.env['OS'] != 'Windows_NT') ? {
-    homePath: os.homedir(),
+    // Use getent() system call, since this is what ssh does; makes a difference in Docker-based
+    // Action runs, where $HOME is different from the pwent
+    homePath: os.userInfo().homedir,
     sshAgentCmdDefault: 'ssh-agent',
     sshAddCmdDefault: 'ssh-add',
     gitCmdDefault: 'git'

paths.js

@@ -1,30 +1,29 @@
-const os = require("os");
+const os = require('os');
-const core = require("@actions/core");
+const core = require('@actions/core');
 
-const defaults =
+const defaults = (process.env['OS'] != 'Windows_NT') ? {
-  process.env["OS"] != "Windows_NT"
+    // We use os.userInfo() rather than os.homedir(), since it uses the getpwuid() system call to get the user's home directory (see https://nodejs.org/api/os.html#osuserinfooptions).
-    ? {
+    // This mimics the way openssh derives the home directory for locating config files (see https://github.com/openssh/openssh-portable/blob/826483d51a9fee60703298bbf839d9ce37943474/ssh.c#L710);
-        homePath: os.homedir(),
+    // Makes a difference in Docker-based Action runs, when $HOME is different from what getpwuid() returns (which is based on the entry in /etc/passwd)
-        sshAgentCmdDefault: "ssh-agent",
+    homePath: os.userInfo().homedir,
-        sshAddCmdDefault: "ssh-add",
+    sshAgentCmdDefault: 'ssh-agent',
-        gitCmdDefault: "git",
+    sshAddCmdDefault: 'ssh-add',
-      }
+    gitCmdDefault: 'git'
-    : {
+} : {
-        // Assuming GitHub hosted `windows-*` runners for now
+    // Assuming GitHub hosted `windows-*` runners for now
-        homePath: os.homedir(),
+    homePath: os.homedir(),
-        sshAgentCmdDefault: "c://progra~1//git//usr//bin//ssh-agent.exe",
+    sshAgentCmdDefault: 'c://progra~1//git//usr//bin//ssh-agent.exe',
-        sshAddCmdDefault: "c://progra~1//git//usr//bin//ssh-add.exe",
+    sshAddCmdDefault: 'c://progra~1//git//usr//bin//ssh-add.exe',
-        gitCmdDefault: "c://progra~1//git//bin//git.exe",
+    gitCmdDefault: 'c://progra~1//git//bin//git.exe'
-      };
+};
 
-const sshAgentCmdInput = core.getInput("ssh-agent-cmd");
+const sshAgentCmdInput = core.getInput('ssh-agent-cmd');
-const sshAddCmdInput = core.getInput("ssh-add-cmd");
+const sshAddCmdInput = core.getInput('ssh-add-cmd');
-const gitCmdInput = core.getInput("git-cmd");
+const gitCmdInput = core.getInput('git-cmd');
 
 module.exports = {
-  homePath: defaults.homePath,
+    homePath: defaults.homePath,
-  sshAgentCmd:
+    sshAgentCmd: sshAgentCmdInput !== '' ? sshAgentCmdInput : defaults.sshAgentCmdDefault,
-    sshAgentCmdInput !== "" ? sshAgentCmdInput : defaults.sshAgentCmdDefault,
+    sshAddCmd: sshAddCmdInput !== '' ? sshAddCmdInput : defaults.sshAddCmdDefault,
-  sshAddCmd: sshAddCmdInput !== "" ? sshAddCmdInput : defaults.sshAddCmdDefault,
+    gitCmd: gitCmdInput !== '' ? gitCmdInput : defaults.gitCmdDefault,
-  gitCmd: gitCmdInput !== "" ? gitCmdInput : defaults.gitCmdDefault,
 };