ssh-agent/scripts/build.js
Thorben Nissen 4fcb25e7ef
Randomize SSH auth socket, kill agent to support non-ephemeral, self hosted runners (@thommyhh, #27)
Thanks to @thommyhh for this contribution!

Unless the `SSH_AUTH_SOCK` is configured explicitly, this change will make the SSH agent use a random file name for the socket. That way, multiple, concurrent SSH agents can be used on non-ephemeral, self-hosted runners.

A new post-action step will automatically clean up the running agent at the end of a job.

Be aware of the possible security implications: Two jobs running on the same runner might be able to access each other's socket and thus access repositories and/or hosts.
2020-05-18 09:08:29 +02:00

35 lines
997 B
JavaScript

const { execSync } = require('child_process')
const path = require('path')
const fs = require('fs')
const buildDir = path.join(process.cwd(), 'build')
const distDir = path.join(process.cwd(), 'dist')
const buildIndexJs = path.join(buildDir, 'index.js')
const distIndexJs = path.join(distDir, 'index.js')
const distCleanupJs = path.join(distDir, 'cleanup.js')
if (!fs.existsSync(buildDir)) {
fs.mkdirSync(buildDir)
}
// Build the main index.js file
console.log('Building index.js...')
execSync(`./node_modules/.bin/ncc build index.js -q -o ${buildDir}`)
if (fs.existsSync(distIndexJs)) {
fs.unlinkSync(distIndexJs)
}
fs.renameSync(buildIndexJs, distIndexJs)
// Build the cleanup.js file
console.log('Building cleanup.js...')
execSync(`./node_modules/.bin/ncc build cleanup.js -q -o ${buildDir}`)
if (fs.existsSync(distCleanupJs)) {
fs.unlinkSync(distCleanupJs)
}
fs.renameSync(buildIndexJs, distCleanupJs)
console.log('Cleaning up...')
fs.rmdirSync(buildDir)
console.log('Done')