spt/build
spt/build
0
0
Fork 0
mirror of https://github.com/sp-tarkov/build.git synced 2025-02-12 16:50:45 -05:00
Code

Removes the known hosts check

Browse Source 
We're doing write operations, so if someone wants to MITM attack this to get written to... go ahead, I guess?

I'll come back to this. Pinky swear.
This commit is contained in:
Refringe 2024-03-26 16:23:23 -04:00
parent f0317a24ca
commit d8e7b91a00
Signed by: Refringe
GPG Key ID: 7715B85B4A6306ED
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.gitea/workflows/build.yaml
View File

@ -482,8 +482,7 @@ jobs:
id: upload-https-7z
run: |
cd /workspace/SPT-AKI/Build/
echo "${{ secrets.SFTP_HOST_KEY }}" > /etc/ssh/ssh_known_hosts
sshpass -p "${{ secrets.SFTP_PASSWORD }}" scp -vvv -o "Port=${{ secrets.SFTP_PORT }}" -o "ConnectTimeout=20" -o "UserKnownHostsFile=/etc/ssh/ssh_known_hosts" -o "StrictHostKeyChecking=yes" "/workspace/SPT-AKI/Build/${{ needs.assemble-release.outputs.build_name }}" ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }}:/public/builds
sshpass -p "${{ secrets.SFTP_PASSWORD }}" scp -vvv -o "Port=${{ secrets.SFTP_PORT }}" -o "ConnectTimeout=20" -o "StrictHostKeyChecking=no" "/workspace/SPT-AKI/Build/${{ needs.assemble-release.outputs.build_name }}" ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }}:/public/builds
echo "::set-output name=link_https::${{ secrets.SFTP_MIRROR_LINK }}/builds/${{ needs.assemble-release.outputs.build_name }}"
shell: bash
@ -511,22 +510,20 @@ jobs:
id: upload-https-torrent
run: |
cd /workspace/SPT-AKI/Build/
echo "${{ secrets.SFTP_HOST_KEY }}" > /etc/ssh/ssh_known_hosts
sshpass -p "${{ secrets.SFTP_PASSWORD }}" scp -v -o "Port=${{ secrets.SFTP_PORT }}" -o "ConnectTimeout=20" -o "UserKnownHostsFile=/etc/ssh/ssh_known_hosts" -o "StrictHostKeyChecking=yes" "/workspace/SPT-AKI/Build/${{ steps.torrent_create.outputs.torrent_name }}" ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }}:/public/builds
sshpass -p "${{ secrets.SFTP_PASSWORD }}" scp -v -o "Port=${{ secrets.SFTP_PORT }}" -o "ConnectTimeout=20" -o "StrictHostKeyChecking=no" "/workspace/SPT-AKI/Build/${{ steps.torrent_create.outputs.torrent_name }}" ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }}:/public/builds
echo "::set-output name=link_torrent::${{ secrets.SFTP_MIRROR_LINK }}/builds/${{ steps.torrent_create.outputs.torrent_name }}"
shell: bash
- name: Clean Old HTTPS Source Releases
run: |
cd /workspace/SPT-AKI/Build/
echo "${{ secrets.SFTP_HOST_KEY }}" > /etc/ssh/ssh_known_hosts
# Creating a script for sftp to execute
echo "cd /public/builds" > sftp_commands.txt
echo "ls" >> sftp_commands.txt
# Fetch a remote list of files
FILE_LIST=$(sshpass -p "${{ secrets.SFTP_PASSWORD }}" sftp -oBatchMode=no -oPort=${{ secrets.SFTP_PORT }} -oUserKnownHostsFile=/etc/ssh/ssh_known_hosts -oStrictHostKeyChecking=yes -b sftp_commands.txt ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }})
FILE_LIST=$(sshpass -p "${{ secrets.SFTP_PASSWORD }}" sftp -o "BatchMode=no" -o "Port=${{ secrets.SFTP_PORT }}"" -o "StrictHostKeyChecking=no" -b "sftp_commands.txt" ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }})
echo "Files listed:"
echo "$FILE_LIST"
@ -552,7 +549,7 @@ jobs:
# Check if there are files to delete and execute
if [ -s delete_commands.txt ]; then
echo "Running deletion task..."
sshpass -p "${{ secrets.SFTP_PASSWORD }}" sftp -oBatchMode=no -oPort=${{ secrets.SFTP_PORT }} -oUserKnownHostsFile=/etc/ssh/ssh_known_hosts -oStrictHostKeyChecking=yes -b delete_commands.txt ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }}
sshpass -p "${{ secrets.SFTP_PASSWORD }}" sftp -o "BatchMode=no" -o "Port=${{ secrets.SFTP_PORT }}" -o "StrictHostKeyChecking=no" -b delete_commands.txt ${{ secrets.SFTP_USERNAME }}@${{ secrets.SFTP_HOST }}
else
echo "No old files to delete."
fi