rsync

Sync files to remote hosts via SSH rsync and execute arbitrary commands on remote hosts

Note: rsync must be installed on the remote host. No additional rsync daemon configuration is required, data is transferred directly through the SSH channel.

Use SSH key to log in to remote hosts and sync the local dist folder to the ~/target directory on remote machines:

# .cnb.yml
main:
  push:
    - stages:
      - name: rsync
        image: tencentcom/rsync
        # Reference secret repository configuration file
        imports: https://your-git.com/group/secret-repo/-/blob/main/env.yml
        settings:
          user: $LOGIN_USER
          key: $PRIVATE_KEY
          hosts:
            - ip1
            - ip2
          source: ./dist/
          target: ~/target/

          # Required parameters above, optional parameters below
          port: 22
          include:
            - "app.tar.gz"
            - "app.tar.gz.md5"
          exclude:
            - "*"
          prescript:
            - cd ~/packages
            - md5sum -c app.tar.gz.md5
            - tar -xf app.tar.gz -C ~/app 
          script:
            - cd ~/packages
            - md5sum -c app.tar.gz.md5
            - tar -xf app.tar.gz -C ~/app

Reference secret repository configuration file to get rsync key and rsync user:

# Secret repository env.yml
# SSH private key
PRIVATE_KEY: |
  -----BEGIN RSA PRIVATE KEY-----
  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  -----END RSA PRIVATE KEY-----
# SSH login user
LOGIN_USER: xxx
# Declare that plugin tasks of specified images can reference this configuration
allow_images:
  - tencentcom/rsync
# Declare that pipelines of specified repositories can reference this configuration
allow_slugs:
  - groupname/reponame

• user User for logging in to remote machine, defaults to root
• key SSH private key for accessing remote machine
• hosts Hostname or IP address of remote machine
• port Connection port of remote machine, defaults to 22
• source Source folder to sync, defaults to ./
• target Target folder on remote machine to sync to
• include rsync include filter
• exclude rsync exclude filter
• recursive Whether to sync recursively, defaults to false
• delete Whether to delete contents of target folder, defaults to false
• args Additional rsync command line arguments, e.g. "--blocking-io"
• ssh_args Additional ssh command line arguments, e.g. "-o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa"
• prescript List of commands to run on remote machine before rsync execution
• script List of commands to run on remote machine after rsync execution
• log_level SSH log level, defaults to quiet mode

Modified based on drone-rsync

1. Generate key pair

# Generate public key id_rsa.pub and private key id_rsa
ssh-keygen -t rsa

2. Add the content of public key id_rsa.pub to ~/.ssh/authorized_keys file on remote machine

You can directly copy and paste the content of id_rsa.pub to ~/.ssh/authorized_keys, or use the following command:

# This command is not supported on Windows, but works on Mac/Linux
ssh-copy-id -p 22 root@123.123.123.123

3. Add the content of private key id_rsa to secret repository, pass PRIVATE_KEY in pipeline, then the plugin can use key-based authentication. See example above.

When using the rsync plugin, you may encounter the following error:

Unable to negotiate with xxx.xxx.xxx.xxx port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss, this error indicates the server only provides ssh-rsa and ssh-dss key methods.

In this case, you can specify ssh_args: -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa parameter to solve this problem.