From dca1d5d96c82e01b69fe77225a7559b4684828d8 Mon Sep 17 00:00:00 2001
From: Sn0wCrack <442287+Sn0wCrack@users.noreply.github.com>
Date: Thu, 19 Sep 2024 13:18:38 +1000
Subject: [PATCH] feat: start working on better self hosted runner support

essentially attempt to spawn ssh agent independently and kill it when the action is over
---
 action.yaml |  6 ++++++
 cleanup.js  | 20 ++++++++++++++++++++
 index.js    | 23 +++++++++++++++++------
 3 files changed, 43 insertions(+), 6 deletions(-)
 create mode 100644 cleanup.js

diff --git a/action.yaml b/action.yaml
index f69e11f..05d9a1f 100644
--- a/action.yaml
+++ b/action.yaml
@@ -33,6 +33,11 @@ inputs:
     default: ''
     description: Content of `~/.ssh/known_hosts` file.
 
+  disable-strict-host-checking:
+    required: false
+    default: 'true'
+    description: Disable Strict Host Checking if no known_hosts are provided
+
   ssh-config:
     required: false
     default: ''
@@ -71,6 +76,7 @@ inputs:
 runs:
   using: 'node20'
   main: 'index.js'
+  post: 'cleanup.js'
 
 branding:
   color: blue
diff --git a/cleanup.js b/cleanup.js
new file mode 100644
index 0000000..ef86c34
--- /dev/null
+++ b/cleanup.js
@@ -0,0 +1,20 @@
+import core from '@actions/core'
+import { $ } from 'zx'
+
+void (async function main() {
+  try {
+    await cleanup()
+  } catch (err) {
+    core.setFailed(err.message)
+  }
+})()
+
+async function cleanup() {
+  if (core.getBooleanInput('skip-ssh-setup')) {
+    return
+  }
+
+  // Remove all keys from ssh-agent and kill process
+  await $`ssh-add -D`
+  await $`kill \$SSH_AGENT_PID`
+}
diff --git a/index.js b/index.js
index b50cc0b..33a261e 100644
--- a/index.js
+++ b/index.js
@@ -15,15 +15,24 @@ async function ssh() {
     return
   }
 
-  let sshHomeDir = `${process.env['HOME']}/.ssh`
+  const sshHomeDir = `${process.env['HOME']}/.ssh`
 
   if (!fs.existsSync(sshHomeDir)) {
     fs.mkdirSync(sshHomeDir)
   }
 
-  let authSock = '/tmp/ssh-auth.sock'
-  await $`ssh-agent -a ${authSock}`
-  core.exportVariable('SSH_AUTH_SOCK', authSock)
+  await $`eval \`ssh-agent\``
+
+  const sshAgentSocket = await $`echo \$SSH_AUTH_SOCKET`
+
+  const sshAgentProcessId = await $`echo \$SSH_AGENT_PID`
+
+  if (!sshAgentSocket || !sshAgentProcessId) {
+    throw new Error('Failed to start ssh-agent')
+  }
+
+  core.exportVariable('SSH_AUTH_SOCK', sshAgentSocket.trim())
+  core.exportVariable('SSH_AGENT_PID', sshAgentProcessId.trim())
 
   let privateKey = core.getInput('private-key')
   if (privateKey !== '') {
@@ -39,8 +48,10 @@ async function ssh() {
     fs.appendFileSync(`${sshHomeDir}/known_hosts`, knownHosts)
     fs.chmodSync(`${sshHomeDir}/known_hosts`, '600')
   } else {
-    fs.appendFileSync(`${sshHomeDir}/config`, `StrictHostKeyChecking no`)
-    fs.chmodSync(`${sshHomeDir}/config`, '600')
+    if (core.getBooleanInput('disable-strict-host-checking')) {
+      fs.appendFileSync(`${sshHomeDir}/config`, `StrictHostKeyChecking no`)
+      fs.chmodSync(`${sshHomeDir}/config`, '600')
+    }
   }
 
   let sshConfig = core.getInput('ssh-config')