refactor: refactor SSH authentication handling with switch statement

- Refactor if-else logic to a switch statement for handling SSH authentication methods

Signed-off-by: appleboy <appleboy.tw@gmail.com>

.dockerignore

@@ -0,0 +1,2 @@
+*
+!release/

.github/workflows/codeql.yml

@@ -13,12 +13,12 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [master]
   schedule:
-    - cron: '41 23 * * 6'
+    - cron: "41 23 * * 6"
 
 jobs:
   analyze:
@@ -32,17 +32,17 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go' ]
+        language: ["go"]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
     steps:
       - name: Checkout repository
-      uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -51,4 +51,4 @@ jobs:
           # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
       - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3

.github/workflows/docker.yml

@@ -5,56 +5,51 @@ on:
     branches:
       - master
     tags:
-      - 'v*'
+      - "v*"
   pull_request:
     branches:
-      - 'master'
+      - "master"
 
 jobs:
   build-docker:
     runs-on: ubuntu-latest
     steps:
-      - name: Setup go
-        uses: actions/setup-go@v4
-        with:
-          go-version: '^1'
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
+      - name: Setup go
+        uses: actions/setup-go@v5
         with:
-          fetch-depth: 0
+          go-version-file: go.mod
+          check-latest: true
 
       - name: Build binary
-        run : |
+        run: |
           make build_linux_amd64
-          make build_linux_arm
           make build_linux_arm64
-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
 
-      -
-        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
 
-      -
-        name: Login to Docker Hub
-        uses: docker/login-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      -
-        name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      -
-        name: Docker meta
+      - name: Docker meta
         id: docker-meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: |
             ${{ github.repository }}
@@ -65,13 +60,14 @@ jobs:
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
 
-      -
-        name: Build and push
-        uses: docker/build-push-action@v4
+      - name: Build and push
+        uses: docker/build-push-action@v6
         with:
           context: .
-          platforms: linux/amd64,linux/arm,linux/arm64
+          platforms: linux/amd64,linux/arm64
           file: docker/Dockerfile
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.docker-meta.outputs.tags }}
           labels: ${{ steps.docker-meta.outputs.labels }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository }}:buildcache
+          cache-to: type=registry,ref=ghcr.io/${{ github.repository }}:buildcache,mode=max

.github/workflows/goreleaser.yml

@@ -3,7 +3,7 @@ name: Goreleaser
 on:
   push:
     tags:
-      - '*'
+      - "*"
 
 permissions:
   contents: write
@@ -12,24 +12,23 @@ jobs:
   goreleaser:
     runs-on: ubuntu-latest
     steps:
-      -
-        name: Checkout
-        uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      -
-        name: Setup go
-        uses: actions/setup-go@v4
-        with:
-          go-version: '^1'
 
-      -
-        name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v4
+      - name: Setup go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+          check-latest: true
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v6
         with:
           # either 'goreleaser' (default) or 'goreleaser-pro'
           distribution: goreleaser
           version: latest
-          args: release --rm-dist
+          args: release --clean
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/testing.yml

@@ -8,14 +8,17 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - name: Setup go
-        uses: actions/setup-go@v4
-        with:
-          go-version: '^1'
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
+      - name: Setup go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+          check-latest: true
+
       - name: Setup golangci-lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v7
         with:
           version: latest
           args: --verbose
@@ -27,14 +30,16 @@ jobs:
 
   testing:
     runs-on: ubuntu-latest
-    container: golang:1.19-alpine
+    container:
+      image: golang:1.23-alpine
+      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: setup sshd server
         run: |
-          apk add git make curl perl bash build-base zlib-dev ucl-dev
+          apk add git make curl perl bash build-base zlib-dev ucl-dev sudo
           make ssh-server
 
       - name: testing
@@ -42,4 +47,4 @@ jobs:
           make test
 
       - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v5

.gitignore

@@ -29,3 +29,4 @@ release
 drone-ssh
 .cover
 dist
+bin

.golangci.yaml

@@ -0,0 +1,54 @@
+version: "2"
+linters:
+  enable:
+    - asciicheck
+    - durationcheck
+    - errorlint
+    - gosec
+    - misspell
+    - nakedret
+    - nilerr
+    - nolintlint
+    - perfsprint
+    - revive
+    - usestdlibvars
+    - wastedassign
+  settings:
+    gosec:
+      includes:
+        - G102
+        - G106
+        - G108
+        - G109
+        - G111
+        - G112
+        - G201
+        - G203
+    perfsprint:
+      int-conversion: true
+      err-error: true
+      errorf: true
+      sprintf1: true
+      strconcat: true
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  enable:
+    - gci
+    - gofmt
+    - goimports
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$

.goreleaser.yaml

@@ -3,7 +3,7 @@ before:
     - go mod tidy
 
 builds:
-- env:
+  - env:
       - CGO_ENABLED=0
     goos:
       - darwin
@@ -71,6 +71,10 @@ builds:
       {{- else }}{{ .Arch }}{{ end }}
       {{- if .Arm }}-{{ .Arm }}{{ end }}
     no_unique_dist_dir: true
+    hooks:
+      post:
+        - cmd: xz -k -9 {{ .Path }}
+          dir: ./dist/
 
 archives:
   - format: binary
@@ -78,7 +82,42 @@ archives:
     allow_different_binary_count: true
 
 checksum:
-  name_template: 'checksums.txt'
+  name_template: "checksums.txt"
+  extra_files:
+    - glob: ./**.xz
 
 snapshot:
   name_template: "{{ incpatch .Version }}"
+
+release:
+  # You can add extra pre-existing files to the release.
+  # The filename on the release will be the last part of the path (base).
+  # If another file with the same name exists, the last one found will be used.
+  #
+  # Templates: allowed
+  extra_files:
+    - glob: ./**.xz
+
+changelog:
+  use: github
+  groups:
+    - title: Features
+      regexp: "^.*feat[(\\w)]*:+.*$"
+      order: 0
+    - title: "Bug fixes"
+      regexp: "^.*fix[(\\w)]*:+.*$"
+      order: 1
+    - title: "Enhancements"
+      regexp: "^.*chore[(\\w)]*:+.*$"
+      order: 2
+    - title: "Refactor"
+      regexp: "^.*refactor[(\\w)]*:+.*$"
+      order: 3
+    - title: "Build process updates"
+      regexp: ^.*?(build|ci)(\(.+\))??!?:.+$
+      order: 4
+    - title: "Documentation updates"
+      regexp: ^.*?docs?(\(.+\))??!?:.+$
+      order: 4
+    - title: Others
+      order: 999

.hadolint.yaml

@@ -0,0 +1,3 @@
+ignored:
+  - DL3018
+  - DL3008

DOCS.md

@@ -130,18 +130,19 @@ Example configuration for exporting custom secrets:
   - name: ssh commands
     image: ghcr.io/appleboy/drone-ssh
     environment:
-      commit: ${DRONE_BUILD_NUMBER}
+      # MUST BE in UPPERCASE
+      COMMIT:
+        from_secret: commit
     settings:
       host: foo.com
       username: root
       password: 1234
       port: 22
 +     envs:
-        - aws_access_key_id
+        # can be in lowercase (uppercased in code)
         - commit
       script:
-        - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
-        - echo $commit
+        - echo $COMMIT
 ```
 
 Example configuration for stoping script after first failure:
@@ -177,6 +178,23 @@ Example configuration for passphrase which protecting a private key:
         - echo "you can't see the steps."
 ```
 
+Example configuration for forcing protocol to IPv4 only:
+
+```diff
+  - name: ssh commands
+    image: ghcr.io/appleboy/drone-ssh
+    settings:
+      host: foo.com
+      username: root
+      password: 1234
+      port: 22
++     protocol: tcp4
+      script:
+        - echo hello
+        - echo world
+```
+
+
 ## Secret Reference
 
 | Key | Description |
@@ -196,6 +214,7 @@ Example configuration for passphrase which protecting a private key:
 |-----|-------------|
 | `host` | target hostname or IP |
 | `port` | ssh port of target host |
+| `protocol` | IP protocol to use: either tcp, tcp4 or tcp6 |
 | `username` | account for target host user |
 | `password` | password for target host user |
 | `key` | plain text of user private key |
@@ -207,6 +226,7 @@ Example configuration for passphrase which protecting a private key:
 | `command_timeout` | Command timeout is the maximum amount of time for the execute commands, default is 10 minutes. |
 | `proxy_host` | proxy hostname or IP |
 | `proxy_port` | ssh port of proxy host |
+| `proxy_protocol` | IP protocol to use for the proxy: either tcp, tcp4 or tcp6 |
 | `proxy_username` | account for proxy host user |
 | `proxy_password` | password for proxy host user |
 | `proxy_key` | plain text of proxy private key |

Makefile

@@ -81,7 +81,7 @@ install: $(GOFILES)
 build: $(EXECUTABLE)
 
 $(EXECUTABLE): $(GOFILES)
-	$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
+	$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o bin/$@
 
 build_linux_amd64:
 	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GO) build -a -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o release/linux/amd64/$(DEPLOY_IMAGE)
@@ -104,10 +104,21 @@ ssh-server:
 	cat tests/.ssh/test.pub >> /home/drone-scp/.ssh/authorized_keys
 	chmod 600 /home/drone-scp/.ssh/authorized_keys
 	chown -R drone-scp /home/drone-scp/.ssh
+	# add public key to root user
+	mkdir -p /root/.ssh
+	chmod 700 /root/.ssh
+	cat tests/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
+	cat tests/.ssh/test.pub >> /root/.ssh/authorized_keys
+	chmod 600 /root/.ssh/authorized_keys
+	# Append the following entry to run ALL command without a password for a user named drone-scp:
+	cat tests/sudoers >> /etc/sudoers.d/sudoers
+	# install ssh and start server
 	apk add --update openssh openrc
 	rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
 	sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
 	sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
+	sed -i 's/^#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/g' /etc/ssh/sshd_config
+	sed -i 's/^#ListenAddress ::/ListenAddress ::/g' /etc/ssh/sshd_config
 	./tests/entrypoint.sh /usr/sbin/sshd -D &
 
 coverage:

README.md

@@ -1,24 +1,36 @@
 # drone-ssh
 
+> **English** | [繁體中文](./README.zh-tw.md) | [简体中文](./README.zh-cn.md)
+
 ![sshlog](images/ssh.png)
 
 [![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
 [![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
-[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/lint.yml/badge.svg)](https://github.com/appleboy/drone-ssh/actions/workflows/lint.yml)
+[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml)
 [![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
 [![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
 [![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
 
-Drone plugin to execute commands on a remote host through SSH. For the usage
-information and a listing of the available options please take a look at [the docs](http://plugins.drone.io/appleboy/drone-ssh/).
+A Drone plugin for executing commands on remote hosts via SSH. For usage instructions and a list of available options, please refer to [the documentation](http://plugins.drone.io/appleboy/drone-ssh/).
 
-**Note: Please update your image config path to `appleboy/drone-ssh` for drone. `plugins/ssh` is no longer maintained.**
+**Note: Please update your Drone image config path to `appleboy/drone-ssh`. The `plugins/ssh` image is no longer maintained.**
 
 ![demo](./images/demo2017.05.10.gif)
 
-## Breaking changes
+## Table of Contents
 
-`v1.5.0`: change command timeout flag to `Duration`. See the following setting:
+- [drone-ssh](#drone-ssh)
+  - [Table of Contents](#table-of-contents)
+  - [Breaking Changes](#breaking-changes)
+  - [Build or Download a Binary](#build-or-download-a-binary)
+  - [Docker](#docker)
+  - [Usage](#usage)
+  - [Mount Key from File Path](#mount-key-from-file-path)
+  - [Configuration](#configuration)
+
+## Breaking Changes
+
+As of `v1.5.0`, the command timeout flag has changed to use the `Duration` format. See the following example:
 
 ```diff
 pipeline:
@@ -38,21 +50,21 @@ pipeline:
         - echo "Hello World"
 ```
 
-## Build or Download a binary
+## Build or Download a Binary
 
-The pre-compiled binaries can be downloaded from [release page](https://github.com/appleboy/drone-ssh/releases). Support the following OS type.
+Pre-compiled binaries are available on the [releases page](https://github.com/appleboy/drone-ssh/releases), supporting the following operating systems:
 
-* Windows amd64/386
-* Linux arm/amd64/386
-* Darwin amd64/386
+- Windows amd64/386
+- Linux arm/amd64/386
+- macOS (Darwin) amd64/386
 
-With `Go` installed
+If you have `Go` installed:
 
 ```sh
 go install github.com/appleboy/drone-ssh@latest
 ```
 
-or build the binary with the following command:
+Or build the binary manually with the following commands:
 
 ```sh
 export GOOS=linux
@@ -67,7 +79,7 @@ go build -v -a -tags netgo -o release/linux/amd64/drone-ssh .
 
 ## Docker
 
-Build the docker image with the following commands:
+Build the Docker image with the following command:
 
 ```sh
 make docker
@@ -75,7 +87,7 @@ make docker
 
 ## Usage
 
-Execute from the working directory:
+Run from your working directory:
 
 ```sh
 docker run --rm \
@@ -88,13 +100,13 @@ docker run --rm \
   ghcr.io/appleboy/drone-ssh
 ```
 
-## Mount key from file path
+## Mount Key from File Path
 
-Please make sure that enable the `trusted` mode in project setting for [drone 0.8 version](https://0-8-0.docs.drone.io/).
+Make sure to enable `trusted` mode in your project settings (for [Drone 0.8 version](https://0-8-0.docs.drone.io/)).
 
 ![trusted mode](./images/trust.png)
 
-Mount private key in `volumes` setting of `.drone.yml` config
+Mount the private key in the `volumes` section of your `.drone.yml` config:
 
 ```diff
 pipeline:
@@ -109,11 +121,11 @@ pipeline:
       - echo "test ssh"
 ```
 
-See the detail of [issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928).
+See details in [this issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928).
 
 ## Configuration
 
-See [DOCS.md](./DOCS.md) for examples and full configuration options
+See [DOCS.md](./DOCS.md) for examples and full configuration options.
 
 Configuration options are loaded from multiple sources:
 
@@ -121,4 +133,4 @@ Configuration options are loaded from multiple sources:
 1. From a dotenv file at a path specified by the `PLUGIN_ENV_FILE` environment variable.
 2. From your `.drone.yml` Drone configuration.
 
-Later sources override previous sources, i.e. if `PORT` is set in an `.env` file committed in the repository or created by previous test steps, it will override the default set `main.go`.
+Later sources override earlier ones. For example, if `PORT` is set in an `.env` file committed in the repository or created by previous test steps, it will override the default set in `main.go`.

README.zh-cn.md

@@ -0,0 +1,140 @@
+# drone-ssh
+
+> [English](./README.md) | [繁體中文](./README.zh-tw.md) | **简体中文**
+
+![sshlog](images/ssh.png)
+
+<!-- 图片说明：SSH 日志画面，内容与原文一致 -->
+
+[![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
+[![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
+[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml)
+[![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
+[![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
+[![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
+
+Drone 插件，可通过 SSH 在远程主机执行命令。使用方法和可用选项请参考[官方文档](http://plugins.drone.io/appleboy/drone-ssh/)。
+
+**注意：请将 Drone 的 image config 路径更新为 `appleboy/drone-ssh`。`plugins/ssh` 已不再维护。**
+
+![demo](./images/demo2017.05.10.gif)
+
+<!-- 图片说明：SSH 命令执行演示动画，内容与原文一致 -->
+
+## 目录
+
+- [drone-ssh](#drone-ssh)
+  - [目录](#目录)
+  - [重大变更](#重大变更)
+  - [构建或下载二进制文件](#构建或下载二进制文件)
+  - [Docker](#docker)
+  - [使用方法](#使用方法)
+  - [通过文件路径挂载密钥](#通过文件路径挂载密钥)
+  - [配置说明](#配置说明)
+
+## 重大变更
+
+`v1.5.0`：将命令超时参数更改为 `Duration` 格式。设置示例如下：
+
+```diff
+pipeline:
+  scp:
+    image: ghcr.io/appleboy/drone-ssh
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      username: ubuntu
+      password:
+        from_secret: ssh_password
+      port: 22
+-     command_timeout: 120
++     command_timeout: 2m
+      script:
+        - echo "Hello World"
+```
+
+## 构建或下载二进制文件
+
+可在[发布页面](https://github.com/appleboy/drone-ssh/releases)下载预编译的二进制文件，支持以下操作系统：
+
+- Windows amd64/386
+- Linux arm/amd64/386
+- macOS (Darwin) amd64/386
+
+如已安装 `Go`，可执行：
+
+```sh
+go install github.com/appleboy/drone-ssh@latest
+```
+
+或使用以下命令手动构建二进制文件：
+
+```sh
+export GOOS=linux
+export GOARCH=amd64
+export CGO_ENABLED=0
+export GO111MODULE=on
+
+go test -cover ./...
+
+go build -v -a -tags netgo -o release/linux/amd64/drone-ssh .
+```
+
+## Docker
+
+可使用以下命令构建 Docker 镜像：
+
+```sh
+make docker
+```
+
+## 使用方法
+
+在工作目录下执行：
+
+```sh
+docker run --rm \
+  -e PLUGIN_HOST=foo.com \
+  -e PLUGIN_USERNAME=root \
+  -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
+  -e PLUGIN_SCRIPT=whoami \
+  -v $(pwd):$(pwd) \
+  -w $(pwd) \
+  ghcr.io/appleboy/drone-ssh
+```
+
+## 通过文件路径挂载密钥
+
+请确保已在项目设置中启用 `trusted` 模式（适用于 [Drone 0.8 版本](https://0-8-0.docs.drone.io/)）。
+
+![trusted mode](./images/trust.png)
+
+在 `.drone.yml` 配置文件的 `volumes` 部分挂载私钥：
+
+```diff
+pipeline:
+  ssh:
+    image: ghcr.io/appleboy/drone-ssh
+    host: xxxxx.com
+    username: deploy
++   volumes:
++     - /root/drone_rsa:/root/ssh/drone_rsa
+    key_path: /root/ssh/drone_rsa
+    script:
+      - echo "test ssh"
+```
+
+详情请参考 [此 issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928)。
+
+## 配置说明
+
+更多示例和完整配置选项请参考 [DOCS.md](./DOCS.md)。
+
+配置选项来源如下：
+
+0. 内置 drone-ssh 默认值。详见 [main.go CLI Flags](https://github.com/appleboy/drone-ssh/blob/6d9d6acc6aef1f9166118c6ba8bd214d3a582bdb/main.go#L39)。
+1. 由 `PLUGIN_ENV_FILE` 环境变量指定的 dotenv 文件。
+2. `.drone.yml` Drone 配置文件。
+
+后面的来源会覆盖前面的设置。例如，`.env` 文件中的 `PORT` 会覆盖 main.go 的默认值。

README.zh-tw.md

@@ -0,0 +1,140 @@
+# drone-ssh
+
+> [English](./README.md) | **繁體中文** | [简体中文](./README.zh-cn.md)
+
+![sshlog](images/ssh.png)
+
+<!-- 圖片說明：SSH 日誌畫面，圖片內容與原文相同 -->
+
+[![GitHub tag](https://img.shields.io/github/tag/appleboy/drone-ssh.svg)](https://github.com/appleboy/drone-ssh/releases)
+[![GoDoc](https://godoc.org/github.com/appleboy/drone-ssh?status.svg)](https://godoc.org/github.com/appleboy/drone-ssh)
+[![Lint and Testing](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml/badge.svg?branch=master)](https://github.com/appleboy/drone-ssh/actions/workflows/testing.yml)
+[![codecov](https://codecov.io/gh/appleboy/drone-ssh/branch/master/graph/badge.svg)](https://codecov.io/gh/appleboy/drone-ssh)
+[![Go Report Card](https://goreportcard.com/badge/github.com/appleboy/drone-ssh)](https://goreportcard.com/report/github.com/appleboy/drone-ssh)
+[![Docker Pulls](https://img.shields.io/docker/pulls/appleboy/drone-ssh.svg)](https://hub.docker.com/r/appleboy/drone-ssh/)
+
+Drone 外掛程式，可透過 SSH 在遠端主機執行指令。使用方式與可用選項請參考[官方文件](http://plugins.drone.io/appleboy/drone-ssh/)。
+
+**注意：請將 Drone 的 image config 路徑更新為 `appleboy/drone-ssh`。`plugins/ssh` 已不再維護。**
+
+![demo](./images/demo2017.05.10.gif)
+
+<!-- 圖片說明：SSH 指令執行示意動畫，內容與原文相同 -->
+
+## 目錄
+
+- [drone-ssh](#drone-ssh)
+  - [目錄](#目錄)
+  - [重大變更](#重大變更)
+  - [建置或下載執行檔](#建置或下載執行檔)
+  - [Docker](#docker)
+  - [使用方式](#使用方式)
+  - [以檔案路徑掛載金鑰](#以檔案路徑掛載金鑰)
+  - [設定說明](#設定說明)
+
+## 重大變更
+
+`v1.5.0`：將指令逾時參數改為 `Duration` 格式。設定範例如下：
+
+```diff
+pipeline:
+  scp:
+    image: ghcr.io/appleboy/drone-ssh
+    settings:
+      host:
+        - example1.com
+        - example2.com
+      username: ubuntu
+      password:
+        from_secret: ssh_password
+      port: 22
+-     command_timeout: 120
++     command_timeout: 2m
+      script:
+        - echo "Hello World"
+```
+
+## 建置或下載執行檔
+
+可於[發行頁面](https://github.com/appleboy/drone-ssh/releases)下載預先編譯的執行檔，支援以下作業系統：
+
+- Windows amd64/386
+- Linux arm/amd64/386
+- macOS (Darwin) amd64/386
+
+若已安裝 `Go`，可執行：
+
+```sh
+go install github.com/appleboy/drone-ssh@latest
+```
+
+或使用下列指令手動建置執行檔：
+
+```sh
+export GOOS=linux
+export GOARCH=amd64
+export CGO_ENABLED=0
+export GO111MODULE=on
+
+go test -cover ./...
+
+go build -v -a -tags netgo -o release/linux/amd64/drone-ssh .
+```
+
+## Docker
+
+可使用下列指令建置 Docker 映像檔：
+
+```sh
+make docker
+```
+
+## 使用方式
+
+於工作目錄下執行：
+
+```sh
+docker run --rm \
+  -e PLUGIN_HOST=foo.com \
+  -e PLUGIN_USERNAME=root \
+  -e PLUGIN_KEY="$(cat ${HOME}/.ssh/id_rsa)" \
+  -e PLUGIN_SCRIPT=whoami \
+  -v $(pwd):$(pwd) \
+  -w $(pwd) \
+  ghcr.io/appleboy/drone-ssh
+```
+
+## 以檔案路徑掛載金鑰
+
+請確認已於專案設定中啟用 `trusted` 模式（適用於 [Drone 0.8 版本](https://0-8-0.docs.drone.io/)）。
+
+![trusted mode](./images/trust.png)
+
+於 `.drone.yml` 設定檔的 `volumes` 區段掛載私鑰：
+
+```diff
+pipeline:
+  ssh:
+    image: ghcr.io/appleboy/drone-ssh
+    host: xxxxx.com
+    username: deploy
++   volumes:
++     - /root/drone_rsa:/root/ssh/drone_rsa
+    key_path: /root/ssh/drone_rsa
+    script:
+      - echo "test ssh"
+```
+
+詳情請參考 [此 issue comment](https://github.com/appleboy/drone-ssh/issues/51#issuecomment-336732928)。
+
+## 設定說明
+
+更多範例與完整設定選項請參考 [DOCS.md](./DOCS.md)。
+
+設定選項來源如下：
+
+0. 內建 drone-ssh 預設值。詳見 [main.go CLI Flags](https://github.com/appleboy/drone-ssh/blob/6d9d6acc6aef1f9166118c6ba8bd214d3a582bdb/main.go#L39)。
+1. 由 `PLUGIN_ENV_FILE` 環境變數指定的 dotenv 檔案。
+2. `.drone.yml` Drone 設定檔。
+
+後面的來源會覆蓋前面的設定。例如，`.env` 檔案中的 `PORT` 會覆蓋 main.go 的預設值。

docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.17
+FROM alpine:3.21
 
 ARG TARGETOS
 ARG TARGETARCH
@@ -12,9 +12,26 @@ LABEL org.opencontainers.image.source=https://github.com/appleboy/drone-ssh
 LABEL org.opencontainers.image.description="Execute commands on a remote host through SSH"
 LABEL org.opencontainers.image.licenses=MIT
 
-RUN apk add --no-cache ca-certificates=20220614-r4 && \
+RUN apk add --no-cache ca-certificates tzdata && \
   rm -rf /var/cache/apk/*
 
+RUN addgroup \
+  -S -g 1000 \
+  deploy && \
+  adduser \
+  -S -H -D \
+  -h /home/deploy \
+  -s /bin/sh \
+  -u 1000 \
+  -G deploy \
+  deploy
+
+RUN mkdir -p /home/deploy && \
+  chown deploy:deploy /home/deploy
+
+# deploy:deploy
+USER 1000:1000
+
 COPY release/${TARGETOS}/${TARGETARCH}/drone-ssh /bin/
 
 ENTRYPOINT ["/bin/drone-ssh"]

go.mod

@@ -1,23 +1,72 @@
 module github.com/appleboy/drone-ssh
 
-go 1.18
+go 1.23.0
 
 require (
-	github.com/appleboy/easyssh-proxy v1.3.9
+	github.com/appleboy/easyssh-proxy v1.5.0
 	github.com/joho/godotenv v1.5.1
-	github.com/stretchr/testify v1.8.1
-	github.com/urfave/cli/v2 v2.25.1
-	golang.org/x/crypto v0.7.0
+	github.com/stretchr/testify v1.10.0
+	github.com/testcontainers/testcontainers-go v0.36.0
+	github.com/urfave/cli/v2 v2.27.6
+	github.com/yassinebenaid/godump v0.11.1
+	golang.org/x/crypto v0.37.0
 )
 
 require (
-	github.com/ScaleFT/sshkeys v1.2.0 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
+	dario.cat/mergo v1.0.1 // indirect
+	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ScaleFT/sshkeys v1.4.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+	github.com/containerd/log v0.1.0 // indirect
+	github.com/containerd/platforms v0.2.1 // indirect
+	github.com/cpuguy83/dockercfg v0.3.2 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect
+	github.com/distribution/reference v0.6.0 // indirect
+	github.com/docker/docker v28.0.1+incompatible // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
+	github.com/ebitengine/purego v0.8.2 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/klauspost/compress v1.17.4 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/magiconair/properties v1.8.9 // indirect
+	github.com/moby/docker-image-spec v1.3.1 // indirect
+	github.com/moby/patternmatcher v0.6.0 // indirect
+	github.com/moby/sys/sequential v0.5.0 // indirect
+	github.com/moby/sys/user v0.1.0 // indirect
+	github.com/moby/sys/userns v0.1.0 // indirect
+	github.com/moby/term v0.5.0 // indirect
+	github.com/morikuni/aec v1.0.0 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/opencontainers/image-spec v1.1.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	golang.org/x/sys v0.6.0 // indirect
+	github.com/shirou/gopsutil/v4 v4.25.1 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
+	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
+	github.com/yusufpapurcu/wmi v1.2.4 // indirect
+	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
+	go.opentelemetry.io/otel v1.35.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 // indirect
+	go.opentelemetry.io/otel/metric v1.35.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.35.0 // indirect
+	go.opentelemetry.io/otel/trace v1.35.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.5.0 // indirect
+	golang.org/x/sys v0.32.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250409194420-de1ac958c67a // indirect
+	google.golang.org/protobuf v1.36.6 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,52 +1,202 @@
-github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o=
-github.com/ScaleFT/sshkeys v1.2.0 h1:5BRp6rTVIhJzXT3VcUQrKgXR8zWA3sOsNeuyW15WUA8=
-github.com/ScaleFT/sshkeys v1.2.0/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o=
-github.com/appleboy/easyssh-proxy v1.3.9 h1:b+sVSTz+cVFvfA23HQywMMpm0s5g3gH7jYdBcQqaCQI=
-github.com/appleboy/easyssh-proxy v1.3.9/go.mod h1:G1eQomBEME7NWKA3hE49s5HsT44S5fn0aBxX7k9Yjug=
-github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
-github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
+dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
+github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
+github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
+github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
+github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
+github.com/ScaleFT/sshkeys v1.4.0 h1:Yqd0cKA5PUvwV0dgRI67BDHGTsMHtGQBZbLXh1dthmE=
+github.com/ScaleFT/sshkeys v1.4.0/go.mod h1:GineMkS8SEiELq8q5DzA2Wnrw65SqdD9a+hm8JOU1I4=
+github.com/appleboy/easyssh-proxy v1.5.0 h1:OYdSPvYQN3mhnsMH5I2OF1TgwSEcSq33kvjQfTwvZww=
+github.com/appleboy/easyssh-proxy v1.5.0/go.mod h1:zcEMrStH91/tcUn3gUGP0KpQwUYLm8tX/Ook1AH98uc=
+github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
+github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
+github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
+github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
+github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A=
+github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw=
+github.com/cpuguy83/dockercfg v0.3.2 h1:DlJTyZGBDlXqUZ2Dk2Q3xHs/FtnooJJVaad2S9GKorA=
+github.com/cpuguy83/dockercfg v0.3.2/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc=
+github.com/cpuguy83/go-md2man/v2 v2.0.7 h1:zbFlGlXEAKlwXpmvle3d8Oe3YnkKIK4xSRTd3sHPnBo=
+github.com/cpuguy83/go-md2man/v2 v2.0.7/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
+github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
+github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
+github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
+github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
+github.com/docker/docker v28.0.1+incompatible h1:FCHjSRdXhNRFjlHMTv4jUNlIBbTeRjrWfeFuJp7jpo0=
+github.com/docker/docker v28.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
+github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
+github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
+github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/ebitengine/purego v0.8.2 h1:jPPGWs2sZ1UgOSgD2bClL0MJIqu58nOmIcBuXr62z1I=
+github.com/ebitengine/purego v0.8.2/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
+github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
+github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1 h1:VNqngBF40hVlDloBruUehVYC3ArSgIyScOAyMRqBxRg=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1/go.mod h1:RBRO7fro65R6tjKzYgLAFo0t1QEXY1Dp+i/bvpRiqiQ=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
+github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
+github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM=
+github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
+github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
+github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
+github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
+github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
+github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc=
+github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo=
+github.com/moby/sys/user v0.1.0 h1:WmZ93f5Ux6het5iituh9x2zAG7NFY9Aqi49jjE1PaQg=
+github.com/moby/sys/user v0.1.0/go.mod h1:fKJhFOnsCN6xZ5gSfbM6zaHGgDJMrqt9/reuj4T7MmU=
+github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g=
+github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28=
+github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
+github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
+github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
+github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
+github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
+github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
+github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/shirou/gopsutil/v4 v4.25.1 h1:QSWkTc+fu9LTAWfkZwZ6j8MSUk4A2LV7rbH0ZqmLjXs=
+github.com/shirou/gopsutil/v4 v4.25.1/go.mod h1:RoUCUpndaJFtT+2zsZzzmhvbfGoDCJ7nFXKJf8GqJbI=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
-github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/urfave/cli/v2 v2.25.1 h1:zw8dSP7ghX0Gmm8vugrs6q9Ku0wzweqPyshy+syu9Gw=
-github.com/urfave/cli/v2 v2.25.1/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
-github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
-github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/testcontainers/testcontainers-go v0.36.0 h1:YpffyLuHtdp5EUsI5mT4sRw8GZhO/5ozyDT1xWGXt00=
+github.com/testcontainers/testcontainers-go v0.36.0/go.mod h1:yk73GVJ0KUZIHUtFna6MO7QS144qYpoY8lEEtU9Hed0=
+github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
+github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
+github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
+github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
+github.com/urfave/cli/v2 v2.27.6 h1:VdRdS98FNhKZ8/Az8B7MTyGQmpIr36O1EHybx/LaZ4g=
+github.com/urfave/cli/v2 v2.27.6/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
+github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
+github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
+github.com/yassinebenaid/godump v0.11.1 h1:SPujx/XaYqGDfmNh7JI3dOyCUVrG0bG2duhO3Eh2EhI=
+github.com/yassinebenaid/godump v0.11.1/go.mod h1:dc/0w8wmg6kVIvNGAzbKH1Oa54dXQx8SNKh4dPRyW44=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
+github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
+go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
+go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
+go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
+go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 h1:1fTNlAIJZGWLP5FVu0fikVry1IsiUnXjf7QFvoNN3Xw=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0/go.mod h1:zjPK58DtkqQFn+YUMbx0M2XV3QgKU0gS9LeGohREyK4=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0 h1:IeMeyr1aBvBiPVYihXIaeIZba6b8E1bYp7lbdxK8CQg=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0/go.mod h1:oVdCUtjq9MK9BlS7TtucsQwUcXcymNiEDjgDD2jMtZU=
+go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
+go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
+go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
+go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
+go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
+go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
+go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
+go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
-golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
-golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
+golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
-golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
+golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
+golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o=
+golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
+golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
+golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44=
+golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/genproto/googleapis/api v0.0.0-20250102185135-69823020774d h1:H8tOf8XM88HvKqLTxe755haY6r1fqqzLbEnfrmLXlSA=
+google.golang.org/genproto/googleapis/api v0.0.0-20250102185135-69823020774d/go.mod h1:2v7Z7gP2ZUOGsaFyxATQSRoBnKygqVq2Cwnvom7QiqY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250409194420-de1ac958c67a h1:GIqLhp/cYUkuGuiT+vJk8vhOP86L4+SP5j8yXgeVpvI=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250409194420-de1ac958c67a/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
+google.golang.org/grpc v1.69.2 h1:U3S9QEtbXC0bYNvRtcoklF3xGtLViumSYxWykJS+7AU=
+google.golang.org/grpc v1.69.2/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4=
+google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
+google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
+gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=

main.go

@@ -3,11 +3,13 @@ package main
 import (
 	"log"
 	"os"
+	"strconv"
 	"time"
 
-	"github.com/appleboy/easyssh-proxy"
+	easyssh "github.com/appleboy/easyssh-proxy"
 	"github.com/joho/godotenv"
 	"github.com/urfave/cli/v2"
+	"github.com/yassinebenaid/godump"
 )
 
 // Version set at compile-time
@@ -26,7 +28,7 @@ func main() {
 	app := cli.NewApp()
 	app.Name = "Drone SSH"
 	app.Usage = "Executing remote ssh commands"
-	app.Copyright = "Copyright (c) 2019 Bo-Yi Wu"
+	app.Copyright = "Copyright (c) " + strconv.Itoa(time.Now().Year()) + " Bo-Yi Wu"
 	app.Authors = []*cli.Author{
 		{
 			Name:  "Bo-Yi Wu",
@@ -36,15 +38,55 @@ func main() {
 	app.Action = run
 	app.Version = Version
 	app.Flags = []cli.Flag{
+		&cli.StringSliceFlag{
+			Name:     "host",
+			Aliases:  []string{"H"},
+			Usage:    "connect to host",
+			EnvVars:  []string{"PLUGIN_HOST", "SSH_HOST", "INPUT_HOST"},
+			FilePath: ".host",
+		},
+		&cli.IntFlag{
+			Name:    "port",
+			Aliases: []string{"p"},
+			Usage:   "connect to port",
+			EnvVars: []string{"PLUGIN_PORT", "SSH_PORT", "INPUT_PORT"},
+			Value:   22,
+		},
+		&cli.StringFlag{
+			Name:    "protocol",
+			Usage:   "The IP protocol to use. Valid values are \"tcp\". \"tcp4\" or \"tcp6\". Default to tcp.",
+			EnvVars: []string{"PLUGIN_PROTOCOL", "SSH_PROTOCOL", "INPUT_PROTOCOL"},
+			Value:   "tcp",
+		},
+		&cli.StringFlag{
+			Name:    "username",
+			Aliases: []string{"user", "u"},
+			Usage:   "connect as user",
+			EnvVars: []string{"PLUGIN_USERNAME", "PLUGIN_USER", "SSH_USERNAME", "INPUT_USERNAME"},
+			Value:   "root",
+		},
+		&cli.StringFlag{
+			Name:    "password",
+			Aliases: []string{"P"},
+			Usage:   "user password",
+			EnvVars: []string{"PLUGIN_PASSWORD", "SSH_PASSWORD", "INPUT_PASSWORD"},
+		},
+		&cli.DurationFlag{
+			Name:    "timeout",
+			Aliases: []string{"t"},
+			Usage:   "connection timeout",
+			EnvVars: []string{"PLUGIN_TIMEOUT", "SSH_TIMEOUT", "INPUT_TIMEOUT"},
+			Value:   30 * time.Second,
+		},
 		&cli.StringFlag{
 			Name:    "ssh-key",
 			Usage:   "private ssh key",
-			EnvVars: []string{"PLUGIN_SSH_KEY", "PLUGIN_KEY", "SSH_KEY", "KEY", "INPUT_KEY"},
+			EnvVars: []string{"PLUGIN_SSH_KEY", "PLUGIN_KEY", "SSH_KEY", "INPUT_KEY"},
 		},
 		&cli.StringFlag{
 			Name:    "ssh-passphrase",
 			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
-			EnvVars: []string{"PLUGIN_SSH_PASSPHRASE", "PLUGIN_PASSPHRASE", "SSH_PASSPHRASE", "PASSPHRASE", "INPUT_PASSPHRASE"},
+			EnvVars: []string{"PLUGIN_SSH_PASSPHRASE", "PLUGIN_PASSPHRASE", "SSH_PASSPHRASE", "INPUT_PASSPHRASE"},
 		},
 		&cli.StringFlag{
 			Name:    "key-path",
@@ -52,97 +94,70 @@ func main() {
 			Usage:   "ssh private key path",
 			EnvVars: []string{"PLUGIN_KEY_PATH", "SSH_KEY_PATH", "INPUT_KEY_PATH"},
 		},
-		&cli.StringFlag{
-			Name:    "username",
-			Aliases: []string{"user", "u"},
-			Usage:   "connect as user",
-			EnvVars: []string{"PLUGIN_USERNAME", "PLUGIN_USER", "SSH_USERNAME", "USERNAME", "INPUT_USERNAME"},
-			Value:   "root",
-		},
-		&cli.StringFlag{
-			Name:    "password",
-			Aliases: []string{"P"},
-			Usage:   "user password",
-			EnvVars: []string{"PLUGIN_PASSWORD", "SSH_PASSWORD", "PASSWORD", "INPUT_PASSWORD"},
-		},
 		&cli.StringSliceFlag{
 			Name:    "ciphers",
 			Usage:   "The allowed cipher algorithms. If unspecified then a sensible",
-			EnvVars: []string{"PLUGIN_CIPHERS", "SSH_CIPHERS", "CIPHERS", "INPUT_CIPHERS"},
+			EnvVars: []string{"PLUGIN_CIPHERS", "SSH_CIPHERS", "INPUT_CIPHERS"},
 		},
 		&cli.BoolFlag{
 			Name:    "useInsecureCipher",
 			Usage:   "include more ciphers with use_insecure_cipher",
-			EnvVars: []string{"PLUGIN_USE_INSECURE_CIPHER", "SSH_USE_INSECURE_CIPHER", "USE_INSECURE_CIPHER", "INPUT_USE_INSECURE_CIPHER"},
+			EnvVars: []string{"PLUGIN_USE_INSECURE_CIPHER", "SSH_USE_INSECURE_CIPHER", "INPUT_USE_INSECURE_CIPHER"},
 		},
 		&cli.StringFlag{
 			Name:    "fingerprint",
 			Usage:   "fingerprint SHA256 of the host public key, default is to skip verification",
-			EnvVars: []string{"PLUGIN_FINGERPRINT", "SSH_FINGERPRINT", "FINGERPRINT", "INPUT_FINGERPRINT"},
-		},
-		&cli.StringSliceFlag{
-			Name:     "host",
-			Aliases:  []string{"H"},
-			Usage:    "connect to host",
-			EnvVars:  []string{"PLUGIN_HOST", "SSH_HOST", "HOST", "INPUT_HOST"},
-			FilePath: ".host",
-		},
-		&cli.IntFlag{
-			Name:    "port",
-			Aliases: []string{"p"},
-			Usage:   "connect to port",
-			EnvVars: []string{"PLUGIN_PORT", "SSH_PORT", "PORT", "INPUT_PORT"},
-			Value:   22,
+			EnvVars: []string{"PLUGIN_FINGERPRINT", "SSH_FINGERPRINT", "INPUT_FINGERPRINT"},
 		},
 		&cli.BoolFlag{
 			Name:    "sync",
 			Usage:   "sync mode",
-			EnvVars: []string{"PLUGIN_SYNC", "SYNC", "INPUT_SYNC"},
-		},
-		&cli.DurationFlag{
-			Name:    "timeout",
-			Aliases: []string{"t"},
-			Usage:   "connection timeout",
-			EnvVars: []string{"PLUGIN_TIMEOUT", "SSH_TIMEOUT", "TIMEOUT", "INPUT_TIMEOUT"},
-			Value:   30 * time.Second,
+			EnvVars: []string{"PLUGIN_SYNC", "INPUT_SYNC"},
 		},
 		&cli.DurationFlag{
 			Name:    "command.timeout",
 			Aliases: []string{"T"},
 			Usage:   "command timeout",
-			EnvVars: []string{"PLUGIN_COMMAND_TIMEOUT", "SSH_COMMAND_TIMEOUT", "COMMAND_TIMEOUT", "INPUT_COMMAND_TIMEOUT"},
+			EnvVars: []string{"PLUGIN_COMMAND_TIMEOUT", "SSH_COMMAND_TIMEOUT", "INPUT_COMMAND_TIMEOUT"},
 			Value:   10 * time.Minute,
 		},
 		&cli.StringSliceFlag{
 			Name:    "script",
 			Aliases: []string{"s"},
 			Usage:   "execute commands",
-			EnvVars: []string{"PLUGIN_SCRIPT", "SSH_SCRIPT", "SCRIPT"},
+			EnvVars: []string{"PLUGIN_SCRIPT", "SSH_SCRIPT"},
 		},
 		&cli.StringFlag{
 			Name:    "script.string",
 			Usage:   "execute single commands for github action",
 			EnvVars: []string{"INPUT_SCRIPT"},
 		},
+		&cli.StringFlag{
+			Name:    "script.file",
+			Usage:   "execute commands from a file for github action",
+			EnvVars: []string{"PLUGIN_SCRIPT_FILE", "INPUT_SCRIPT_FILE"},
+		},
 		&cli.BoolFlag{
 			Name:    "script.stop",
 			Usage:   "stop script after first failure",
-			EnvVars: []string{"PLUGIN_SCRIPT_STOP", "STOP", "INPUT_SCRIPT_STOP"},
+			EnvVars: []string{"PLUGIN_SCRIPT_STOP", "INPUT_SCRIPT_STOP"},
 		},
 		&cli.StringFlag{
-			Name:    "proxy.ssh-key",
-			Usage:   "private ssh key of proxy",
-			EnvVars: []string{"PLUGIN_PROXY_SSH_KEY", "PLUGIN_PROXY_KEY", "PROXY_SSH_KEY", "INPUT_PROXY_KEY"},
+			Name:    "proxy.host",
+			Usage:   "connect to host of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_HOST", "PROXY_SSH_HOST", "INPUT_PROXY_HOST"},
 		},
 		&cli.StringFlag{
-			Name:    "proxy.ssh-passphrase",
-			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
-			EnvVars: []string{"PLUGIN_PROXY_SSH_PASSPHRASE", "PLUGIN_PROXY_PASSPHRASE", "PROXY_SSH_PASSPHRASE", "PROXY_PASSPHRASE", "INPUT_PROXY_PASSPHRASE"},
+			Name:    "proxy.port",
+			Usage:   "connect to port of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_PORT", "PROXY_SSH_PORT", "INPUT_PROXY_PORT"},
+			Value:   "22",
 		},
 		&cli.StringFlag{
-			Name:    "proxy.key-path",
-			Usage:   "ssh private key path of proxy",
-			EnvVars: []string{"PLUGIN_PROXY_KEY_PATH", "PROXY_SSH_KEY_PATH", "INPUT_PROXY_KEY_PATH"},
+			Name:    "proxy.protocol",
+			Usage:   "The IP protocol to use for the proxy. Valid values are \"tcp\". \"tcp4\" or \"tcp6\". Default to tcp.",
+			EnvVars: []string{"PLUGIN_PROXY_PROTOCOL", "SSH_PROXY_PROTOCOL", "INPUT_PROXY_PROTOCOL"},
+			Value:   "tcp",
 		},
 		&cli.StringFlag{
 			Name:    "proxy.username",
@@ -156,15 +171,19 @@ func main() {
 			EnvVars: []string{"PLUGIN_PROXY_PASSWORD", "PROXY_SSH_PASSWORD", "INPUT_PROXY_PASSWORD"},
 		},
 		&cli.StringFlag{
-			Name:    "proxy.host",
-			Usage:   "connect to host of proxy",
-			EnvVars: []string{"PLUGIN_PROXY_HOST", "PROXY_SSH_HOST", "INPUT_PROXY_HOST"},
+			Name:    "proxy.ssh-key",
+			Usage:   "private ssh key of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_SSH_KEY", "PLUGIN_PROXY_KEY", "PROXY_SSH_KEY", "INPUT_PROXY_KEY"},
 		},
 		&cli.StringFlag{
-			Name:    "proxy.port",
-			Usage:   "connect to port of proxy",
-			EnvVars: []string{"PLUGIN_PROXY_PORT", "PROXY_SSH_PORT", "INPUT_PROXY_PORT"},
-			Value:   "22",
+			Name:    "proxy.ssh-passphrase",
+			Usage:   "The purpose of the passphrase is usually to encrypt the private key.",
+			EnvVars: []string{"PLUGIN_PROXY_SSH_PASSPHRASE", "PLUGIN_PROXY_PASSPHRASE", "PROXY_SSH_PASSPHRASE", "INPUT_PROXY_PASSPHRASE"},
+		},
+		&cli.StringFlag{
+			Name:    "proxy.key-path",
+			Usage:   "ssh private key path of proxy",
+			EnvVars: []string{"PLUGIN_PROXY_KEY_PATH", "PROXY_SSH_KEY_PATH", "INPUT_PROXY_KEY_PATH"},
 		},
 		&cli.DurationFlag{
 			Name:    "proxy.timeout",
@@ -174,17 +193,17 @@ func main() {
 		&cli.StringSliceFlag{
 			Name:    "proxy.ciphers",
 			Usage:   "The allowed cipher algorithms. If unspecified then a sensible",
-			EnvVars: []string{"PLUGIN_PROXY_CIPHERS", "SSH_PROXY_CIPHERS", "PROXY_CIPHERS", "INPUT_PROXY_CIPHERS"},
+			EnvVars: []string{"PLUGIN_PROXY_CIPHERS", "PROXY_SSH_CIPHERS", "INPUT_PROXY_CIPHERS"},
 		},
 		&cli.BoolFlag{
 			Name:    "proxy.useInsecureCipher",
 			Usage:   "include more ciphers with use_insecure_cipher",
-			EnvVars: []string{"PLUGIN_PROXY_USE_INSECURE_CIPHER", "SSH_PROXY_USE_INSECURE_CIPHER", "PROXY_USE_INSECURE_CIPHER", "INPUT_PROXY_USE_INSECURE_CIPHER"},
+			EnvVars: []string{"PLUGIN_PROXY_USE_INSECURE_CIPHER", "PROXY_SSH_USE_INSECURE_CIPHER", "INPUT_PROXY_USE_INSECURE_CIPHER"},
 		},
 		&cli.StringFlag{
 			Name:    "proxy.fingerprint",
 			Usage:   "fingerprint SHA256 of the host public key, default is to skip verification",
-			EnvVars: []string{"PLUGIN_PROXY_FINGERPRINT", "SSH_PROXY_FINGERPRINT", "PROXY_FINGERPRINT", "INPUT_PROXY_FINGERPRINT"},
+			EnvVars: []string{"PLUGIN_PROXY_FINGERPRINT", "PROXY_SSH_FINGERPRINT", "PROXY_FINGERPRINT", "INPUT_PROXY_FINGERPRINT"},
 		},
 		&cli.StringSliceFlag{
 			Name:    "envs",
@@ -194,7 +213,23 @@ func main() {
 		&cli.BoolFlag{
 			Name:    "debug",
 			Usage:   "debug mode",
-			EnvVars: []string{"PLUGIN_DEBUG", "DEBUG", "INPUT_DEBUG"},
+			EnvVars: []string{"PLUGIN_DEBUG", "INPUT_DEBUG", "DEBUG"},
+		},
+		&cli.StringFlag{
+			Name:    "envs.format",
+			Usage:   "flexible configuration of environment value transfer",
+			EnvVars: []string{"PLUGIN_ENVS_FORMAT", "INPUT_ENVS_FORMAT"},
+			Value:   envsFormat,
+		},
+		&cli.BoolFlag{
+			Name:    "allenvs",
+			Usage:   "pass all environment variable to shell script",
+			EnvVars: []string{"PLUGIN_ALLENVS", "INPUT_ALLENVS"},
+		},
+		&cli.BoolFlag{
+			Name:    "request-pty",
+			Usage:   "request a pseudo-terminal from the server",
+			EnvVars: []string{"PLUGIN_REQUEST_PTY", "INPUT_REQUEST_PTY"},
 		},
 	}
 
@@ -241,6 +276,19 @@ func run(c *cli.Context) error {
 	if s := c.String("script.string"); s != "" {
 		scripts = append(scripts, s)
 	}
+
+	if f := c.String("script.file"); f != "" {
+		// check file exists
+		if _, err := os.Stat(f); err != nil {
+			return err
+		}
+		s, err := os.ReadFile(f)
+		if err != nil {
+			return err
+		}
+		scripts = append(scripts, string(s))
+	}
+
 	plugin := Plugin{
 		Config: Config{
 			Key:               c.String("ssh-key"),
@@ -251,15 +299,19 @@ func run(c *cli.Context) error {
 			Fingerprint:       c.String("fingerprint"),
 			Host:              c.StringSlice("host"),
 			Port:              c.Int("port"),
+			Protocol:          easyssh.Protocol(c.String("protocol")),
 			Timeout:           c.Duration("timeout"),
 			CommandTimeout:    c.Duration("command.timeout"),
 			Script:            scripts,
 			ScriptStop:        c.Bool("script.stop"),
 			Envs:              c.StringSlice("envs"),
+			EnvsFormat:        c.String("envs.format"),
 			Debug:             c.Bool("debug"),
 			Sync:              c.Bool("sync"),
 			Ciphers:           c.StringSlice("ciphers"),
 			UseInsecureCipher: c.Bool("useInsecureCipher"),
+			AllEnvs:           c.Bool("allenvs"),
+			RequireTty:        c.Bool("request-pty"),
 			Proxy: easyssh.DefaultConfig{
 				Key:               c.String("proxy.ssh-key"),
 				KeyPath:           c.String("proxy.key-path"),
@@ -269,6 +321,7 @@ func run(c *cli.Context) error {
 				Fingerprint:       c.String("proxy.fingerprint"),
 				Server:            c.String("proxy.host"),
 				Port:              c.String("proxy.port"),
+				Protocol:          easyssh.Protocol(c.String("proxy.protocol")),
 				Timeout:           c.Duration("proxy.timeout"),
 				Ciphers:           c.StringSlice("proxy.ciphers"),
 				UseInsecureCipher: c.Bool("proxy.useInsecureCipher"),
@@ -277,5 +330,9 @@ func run(c *cli.Context) error {
 		Writer: os.Stdout,
 	}
 
+	if plugin.Config.Debug {
+		_ = godump.Dump(plugin)
+	}
+
 	return plugin.Exec()
 }

plugin.go

@@ -10,13 +10,14 @@ import (
 	"sync"
 	"time"
 
-	"github.com/appleboy/easyssh-proxy"
+	easyssh "github.com/appleboy/easyssh-proxy"
 )
 
 var (
-	errMissingHost          = errors.New("Error: missing server host")
-	errMissingPasswordOrKey = errors.New("Error: can't connect without a private SSH key or password")
-	errCommandTimeOut       = errors.New("Error: command timeout")
+	errMissingHost          = errors.New("error: missing server host")
+	errMissingPasswordOrKey = errors.New("error: can't connect without a private SSH key or password")
+	errCommandTimeOut       = errors.New("error: command timeout")
+	envsFormat              = "export {NAME}={VALUE}"
 )
 
 type (
@@ -29,6 +30,7 @@ type (
 		Password          string
 		Host              []string
 		Port              int
+		Protocol          easyssh.Protocol
 		Fingerprint       string
 		Timeout           time.Duration
 		CommandTimeout    time.Duration
@@ -40,6 +42,9 @@ type (
 		Sync              bool
 		Ciphers           []string
 		UseInsecureCipher bool
+		EnvsFormat        string
+		AllEnvs           bool
+		RequireTty        bool
 	}
 
 	// Plugin structure
@@ -50,13 +55,15 @@ type (
 )
 
 func escapeArg(arg string) string {
-	return "'" + strings.Replace(arg, "'", `'\''`, -1) + "'"
+	return "'" + strings.ReplaceAll(arg, "'", `'\''`) + "'"
 }
 
 func (p Plugin) hostPort(host string) (string, string) {
 	hosts := strings.Split(host, ":")
 	port := strconv.Itoa(p.Config.Port)
-	if len(hosts) > 1 {
+	if len(hosts) > 1 &&
+		(p.Config.Protocol == easyssh.PROTOCOL_TCP ||
+			p.Config.Protocol == easyssh.PROTOCOL_TCP4) {
 		host = hosts[0]
 		port = hosts[1]
 	}
@@ -73,6 +80,7 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 		User:              p.Config.Username,
 		Password:          p.Config.Password,
 		Port:              port,
+		Protocol:          p.Config.Protocol,
 		Key:               p.Config.Key,
 		KeyPath:           p.Config.KeyPath,
 		Passphrase:        p.Config.Passphrase,
@@ -80,11 +88,13 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 		Ciphers:           p.Config.Ciphers,
 		Fingerprint:       p.Config.Fingerprint,
 		UseInsecureCipher: p.Config.UseInsecureCipher,
+		RequestPty:        p.Config.RequireTty,
 		Proxy: easyssh.DefaultConfig{
 			Server:            p.Config.Proxy.Server,
 			User:              p.Config.Proxy.User,
 			Password:          p.Config.Proxy.Password,
 			Port:              p.Config.Proxy.Port,
+			Protocol:          p.Config.Proxy.Protocol,
 			Key:               p.Config.Proxy.Key,
 			KeyPath:           p.Config.Proxy.KeyPath,
 			Passphrase:        p.Config.Proxy.Passphrase,
@@ -95,21 +105,27 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 		},
 	}
 
+	if p.Config.Debug {
 		p.log(host, "======CMD======")
 		p.log(host, strings.Join(p.Config.Script, "\n"))
 		p.log(host, "======END======")
+	}
 
 	env := []string{}
+	if p.Config.AllEnvs {
+		allenvs := findEnvs("DRONE_", "PLUGIN_", "INPUT_", "GITHUB_")
+		p.Config.Envs = append(p.Config.Envs, allenvs...)
+	}
 	for _, key := range p.Config.Envs {
 		key = strings.ToUpper(key)
 		if val, found := os.LookupEnv(key); found {
-			env = append(env, "export "+key+"="+escapeArg(val))
+			env = append(env, p.format(p.Config.EnvsFormat, "{NAME}", key, "{VALUE}", escapeArg(val)))
 		}
 	}
 
 	p.Config.Script = append(env, p.scriptCommands()...)
 
-	if p.Config.Debug {
+	if p.Config.Debug && len(env) > 0 {
 		p.log(host, "======ENV======")
 		p.log(host, strings.Join(env, "\n"))
 		p.log(host, "======END======")
@@ -121,7 +137,7 @@ func (p Plugin) exec(host string, wg *sync.WaitGroup, errChannel chan error) {
 		return
 	}
 	// read from the output channel until the done signal is passed
-	isTimeout := true
+	var isTimeout bool
 loop:
 	for {
 		select {
@@ -129,11 +145,11 @@ loop:
 			break loop
 		case outline := <-stdoutChan:
 			if outline != "" {
-				p.log(host, "out:", outline)
+				p.log(host, outline)
 			}
 		case errline := <-stderrChan:
 			if errline != "" {
-				p.log(host, "err:", errline)
+				p.log(host, errline)
 			}
 		case err = <-errChan:
 		}
@@ -150,15 +166,23 @@ loop:
 	}
 }
 
+// format string
+func (p Plugin) format(format string, args ...string) string {
+	r := strings.NewReplacer(args...)
+	return r.Replace(format)
+}
+
+// log output to console
 func (p Plugin) log(host string, message ...interface{}) {
 	if p.Writer == nil {
 		p.Writer = os.Stdout
 	}
 	if count := len(p.Config.Host); count == 1 {
 		fmt.Fprintf(p.Writer, "%s", fmt.Sprintln(message...))
-	} else {
-		fmt.Fprintf(p.Writer, "%s: %s", host, fmt.Sprintln(message...))
+		return
 	}
+
+	fmt.Fprintf(p.Writer, "%s: %s", host, fmt.Sprintln(message...))
 }
 
 // Exec executes the plugin.
@@ -173,6 +197,10 @@ func (p Plugin) Exec() error {
 		return errMissingPasswordOrKey
 	}
 
+	if p.Config.EnvsFormat == "" {
+		p.Config.EnvsFormat = envsFormat
+	}
+
 	wg := sync.WaitGroup{}
 	wg.Add(len(p.Config.Host))
 	errChannel := make(chan error)
@@ -202,9 +230,9 @@ func (p Plugin) Exec() error {
 		}
 	}
 
-	fmt.Println("==============================================")
-	fmt.Println("✅ Successfully executed commands to all host.")
-	fmt.Println("==============================================")
+	fmt.Println("===============================================")
+	fmt.Println("✅ Successfully executed commands to all hosts.")
+	fmt.Println("===============================================")
 
 	return nil
 }
@@ -250,3 +278,18 @@ func trimValues(keys []string) []string {
 
 	return newKeys
 }
+
+// Find all envs from specified prefix
+func findEnvs(prefix ...string) []string {
+	envs := []string{}
+	for _, e := range os.Environ() {
+		for _, p := range prefix {
+			if strings.HasPrefix(e, p) {
+				e = strings.Split(e, "=")[0]
+				envs = append(envs, e)
+				break
+			}
+		}
+	}
+	return envs
+}

plugin_test.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"bytes"
+	"context"
 	"io"
 	"os"
 	"reflect"
@@ -11,6 +12,8 @@ import (
 
 	"github.com/appleboy/easyssh-proxy"
 	"github.com/stretchr/testify/assert"
+	"github.com/testcontainers/testcontainers-go"
+	"github.com/testcontainers/testcontainers-go/wait"
 	"golang.org/x/crypto/ssh"
 )
 
@@ -113,6 +116,40 @@ func TestSSHScriptFromKeyFile(t *testing.T) {
 	assert.Nil(t, err)
 }
 
+func TestSSHIPv4Only(t *testing.T) {
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"localhost", "127.0.0.1"},
+			Username:       "drone-scp",
+			Port:           22,
+			Protocol:       easyssh.PROTOCOL_TCP4,
+			KeyPath:        "./tests/.ssh/id_rsa",
+			Script:         []string{"whoami", "ls -al"},
+			CommandTimeout: 60 * time.Second,
+		},
+	}
+
+	err := plugin.Exec()
+	assert.Nil(t, err)
+}
+
+func TestSSHIPv6OnlyError(t *testing.T) {
+	plugin := Plugin{
+		Config: Config{
+			Host:           []string{"127.0.0.1"},
+			Username:       "drone-scp",
+			Port:           22,
+			Protocol:       easyssh.PROTOCOL_TCP6,
+			KeyPath:        "./tests/.ssh/id_rsa",
+			Script:         []string{"whoami", "ls -al"},
+			CommandTimeout: 60 * time.Second,
+		},
+	}
+
+	err := plugin.Exec()
+	assert.NotNil(t, err)
+}
+
 func TestStreamFromSSHCommand(t *testing.T) {
 	plugin := Plugin{
 		Config: Config{
@@ -331,17 +368,17 @@ func TestCommandOutput(t *testing.T) {
 			whoami
 			uname
 			localhost: ======END======
-			localhost: out: /home/drone-scp
-			localhost: out: drone-scp
-			localhost: out: Linux
+			localhost: /home/drone-scp
+			localhost: drone-scp
+			localhost: Linux
 			127.0.0.1: ======CMD======
 			127.0.0.1: pwd
 			whoami
 			uname
 			127.0.0.1: ======END======
-			127.0.0.1: out: /home/drone-scp
-			127.0.0.1: out: drone-scp
-			127.0.0.1: out: Linux
+			127.0.0.1: /home/drone-scp
+			127.0.0.1: drone-scp
+			127.0.0.1: Linux
 		`
 	)
 
@@ -358,6 +395,7 @@ func TestCommandOutput(t *testing.T) {
 			},
 			CommandTimeout: 60 * time.Second,
 			Sync:           true,
+			Debug:          true,
 		},
 		Writer: &buffer,
 	}
@@ -398,7 +436,6 @@ func getHostPublicKeyFile(keypath string) (ssh.PublicKey, error) {
 	}
 
 	pubkey, _, _, _, err = ssh.ParseAuthorizedKey(buf)
-
 	if err != nil {
 		return nil, err
 	}
@@ -410,10 +447,7 @@ func TestFingerprint(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
 		expected = `
-			======CMD======
-			whoami
-			======END======
-			out: drone-scp
+			drone-scp
 		`
 	)
 
@@ -444,11 +478,7 @@ func TestScriptStopWithMultipleHostAndSyncMode(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
 		expected = `
-			======CMD======
-			mkdir a/b/c
-			mkdir d/e/f
-			======END======
-			err: mkdir: can't create directory 'a/b/c': No such file or directory
+			mkdir: can't create directory 'a/b/c': No such file or directory
 		`
 	)
 
@@ -479,11 +509,7 @@ func TestScriptStop(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
 		expected = `
-			======CMD======
-			mkdir a/b/c
-			mkdir d/e/f
-			======END======
-			err: mkdir: can't create directory 'a/b/c': No such file or directory
+			mkdir: can't create directory 'a/b/c': No such file or directory
 		`
 	)
 
@@ -513,12 +539,8 @@ func TestNoneScriptStop(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
 		expected = `
-			======CMD======
-			mkdir a/b/c
-			mkdir d/e/f
-			======END======
-			err: mkdir: can't create directory 'a/b/c': No such file or directory
-			err: mkdir: can't create directory 'd/e/f': No such file or directory
+			mkdir: can't create directory 'a/b/c': No such file or directory
+			mkdir: can't create directory 'd/e/f': No such file or directory
 		`
 	)
 
@@ -565,13 +587,13 @@ func TestEnvOutput(t *testing.T) {
 			export ENV_6='test"'
 			export ENV_7='test,!#;?.@$~'\''"'
 			======END======
-			out: [test]
-			out: [test test]
-			out: [test ]
-			out: [  test  test  ]
-			out: [test']
-			out: [test"]
-			out: [test,!#;?.@$~'"]
+			[test]
+			[test test]
+			[test ]
+			[  test  test  ]
+			[test']
+			[test"]
+			[test,!#;?.@$~'"]
 		`
 	)
 
@@ -619,7 +641,7 @@ func TestEnvOutput(t *testing.T) {
 }
 
 func unindent(text string) string {
-	return strings.TrimSpace(strings.Replace(text, "\t", "", -1))
+	return strings.TrimSpace(strings.ReplaceAll(text, "\t", ""))
 }
 
 func TestPlugin_scriptCommands(t *testing.T) {
@@ -700,12 +722,8 @@ func TestUseInsecureCipher(t *testing.T) {
 	var (
 		buffer   bytes.Buffer
 		expected = `
-			======CMD======
-			mkdir a/b/c
-			mkdir d/e/f
-			======END======
-			err: mkdir: can't create directory 'a/b/c': No such file or directory
-			err: mkdir: can't create directory 'd/e/f': No such file or directory
+			mkdir: can't create directory 'a/b/c': No such file or directory
+			mkdir: can't create directory 'd/e/f': No such file or directory
 		`
 	)
 
@@ -764,6 +782,7 @@ func TestPlugin_hostPort(t *testing.T) {
 			fields: fields{
 				Config: Config{
 					Port:     22,
+					Protocol: easyssh.PROTOCOL_TCP4,
 				},
 			},
 			args: args{
@@ -772,6 +791,20 @@ func TestPlugin_hostPort(t *testing.T) {
 			wantHost: "localhost",
 			wantPort: "443",
 		},
+		{
+			name: "ipv6",
+			fields: fields{
+				Config: Config{
+					Port:     22,
+					Protocol: easyssh.PROTOCOL_TCP6,
+				},
+			},
+			args: args{
+				h: "::1",
+			},
+			wantHost: "::1",
+			wantPort: "22",
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -789,3 +822,236 @@ func TestPlugin_hostPort(t *testing.T) {
 		})
 	}
 }
+
+func TestFindEnvs(t *testing.T) {
+	testEnvs := []string{
+		"INPUT_FOO",
+		"INPUT_BAR",
+		"NO_PREFIX",
+		"INPUT_FOOBAR",
+	}
+
+	origEnviron := os.Environ()
+	os.Clearenv()
+	for _, env := range testEnvs {
+		os.Setenv(env, "dummyValue")
+	}
+
+	defer func() {
+		os.Clearenv()
+		for _, env := range origEnviron {
+			pair := strings.SplitN(env, "=", 2)
+			os.Setenv(pair[0], pair[1])
+		}
+	}()
+
+	t.Run("Find single prefix", func(t *testing.T) {
+		expected := []string{"INPUT_FOO", "INPUT_BAR", "INPUT_FOOBAR"}
+		result := findEnvs("INPUT_")
+		if !reflect.DeepEqual(result, expected) {
+			t.Errorf("Expected %v, but got %v", expected, result)
+		}
+	})
+
+	t.Run("Find multiple prefixes", func(t *testing.T) {
+		expected := []string{"INPUT_FOO", "INPUT_BAR", "NO_PREFIX", "INPUT_FOOBAR"}
+		result := findEnvs("INPUT_", "NO_PREFIX")
+		if !reflect.DeepEqual(result, expected) {
+			t.Errorf("Expected %v, but got %v", expected, result)
+		}
+	})
+
+	t.Run("Find non-existing prefix", func(t *testing.T) {
+		expected := []string{}
+		result := findEnvs("NON_EXISTING_")
+		if !reflect.DeepEqual(result, expected) {
+			t.Errorf("Expected %v, but got %v", expected, result)
+		}
+	})
+}
+
+func TestAllEnvs(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+[foobar]
+[foobar]
+[foobar]
+		`
+	)
+
+	os.Setenv("INPUT_1", `foobar`)
+	os.Setenv("GITHUB_2", `foobar`)
+	os.Setenv("PLUGIN_3", `foobar`)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:       []string{"localhost"},
+			Username:   "drone-scp",
+			Port:       22,
+			KeyPath:    "./tests/.ssh/test",
+			Passphrase: "1234",
+			AllEnvs:    true,
+			Script: []string{
+				`echo "[${INPUT_1}]"`,
+				`echo "[${GITHUB_2}]"`,
+				`echo "[${PLUGIN_3}]"`,
+			},
+			CommandTimeout: 10 * time.Second,
+			Proxy: easyssh.DefaultConfig{
+				Server:  "localhost",
+				User:    "drone-scp",
+				Port:    "22",
+				KeyPath: "./tests/.ssh/id_rsa",
+			},
+		},
+		Writer: &buffer,
+	}
+
+	err := plugin.Exec()
+	assert.Nil(t, err)
+
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}
+
+type SSHTestConfig struct {
+	Env            map[string]string
+	AuthMethod     string // "key" or "password"
+	KeyPath        string
+	Password       string
+	Script         []string
+	Expected       string
+	SudoAccess     bool
+	InsecureCipher bool
+	RequireTty     bool
+	CommandTimeout time.Duration
+}
+
+func runSSHContainerTest(t *testing.T, cfg SSHTestConfig) {
+	t.Helper()
+	ctx := context.Background()
+
+	req := testcontainers.ContainerRequest{
+		Image:        "linuxserver/openssh-server:latest",
+		ExposedPorts: []string{"2222/tcp"},
+		Env:          cfg.Env,
+		WaitingFor:   wait.ForListeningPort("2222/tcp").WithStartupTimeout(180 * time.Second),
+	}
+
+	sshContainer, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
+		ContainerRequest: req,
+		Started:          true,
+	})
+	if err != nil {
+		t.Skipf("Could not start container with image %s: %v. Check Docker environment and image availability. Skipping test.", req.Image, err)
+	}
+	defer func() {
+		if err := sshContainer.Terminate(ctx); err != nil {
+			t.Logf("Could not terminate container: %v", err)
+		}
+	}()
+
+	host, err := sshContainer.Host(ctx)
+	if err != nil {
+		t.Fatalf("Could not get container host: %v", err)
+	}
+	port, err := sshContainer.MappedPort(ctx, "2222/tcp")
+	if err != nil {
+		t.Fatalf("Could not get container mapped port 2222/tcp: %v", err)
+	}
+
+	var buffer bytes.Buffer
+
+	pluginCfg := Config{
+		Host:              []string{host},
+		Username:          "testuser",
+		Port:              port.Int(),
+		Script:            cfg.Script,
+		CommandTimeout:    cfg.CommandTimeout,
+		UseInsecureCipher: cfg.InsecureCipher,
+		RequireTty:        cfg.RequireTty,
+	}
+	if pluginCfg.CommandTimeout == 0 {
+		pluginCfg.CommandTimeout = 10 * time.Second
+	}
+	switch cfg.AuthMethod {
+	case "key":
+		pluginCfg.KeyPath = cfg.KeyPath
+	case "password":
+		pluginCfg.Password = cfg.Password
+	}
+
+	plugin := Plugin{
+		Config: pluginCfg,
+		Writer: &buffer,
+	}
+
+	assert.Nil(t, plugin.Exec())
+	assert.Equal(t, unindent(cfg.Expected), unindent(buffer.String()))
+}
+
+func TestSudoCommand(t *testing.T) {
+	pubKey, err := os.ReadFile("./tests/.ssh/id_rsa.pub")
+	if err != nil {
+		t.Fatalf("Could not read public key file: %v", err)
+	}
+	runSSHContainerTest(t, SSHTestConfig{
+		Env: map[string]string{
+			"USER_NAME":       "testuser",
+			"PASSWORD_ACCESS": "false",
+			"SUDO_ACCESS":     "true",
+			"PUBLIC_KEY":      string(pubKey),
+		},
+		AuthMethod:     "key",
+		KeyPath:        "./tests/.ssh/id_rsa",
+		Script:         []string{`sudo su - -c "whoami"`},
+		Expected:       "root",
+		SudoAccess:     true,
+		InsecureCipher: true,
+		RequireTty:     true,
+		CommandTimeout: 10 * time.Second,
+	})
+}
+
+func TestSSHWithTestcontainers(t *testing.T) {
+	runSSHContainerTest(t, SSHTestConfig{
+		Env: map[string]string{
+			"USER_NAME":       "testuser",
+			"USER_PASSWORD":   "testpass",
+			"PASSWORD_ACCESS": "true",
+			"SUDO_ACCESS":     "false",
+		},
+		AuthMethod:     "password",
+		Password:       "testpass",
+		Script:         []string{"whoami"},
+		Expected:       "testuser",
+		InsecureCipher: true,
+		CommandTimeout: 60 * time.Second,
+	})
+}
+
+func TestCommandWithIPv6(t *testing.T) {
+	var (
+		buffer   bytes.Buffer
+		expected = `
+			drone-scp
+		`
+	)
+
+	plugin := Plugin{
+		Config: Config{
+			Host:     []string{"::1"},
+			Username: "drone-scp",
+			Port:     22,
+			KeyPath:  "./tests/.ssh/id_rsa",
+			Script: []string{
+				"whoami",
+			},
+			Protocol:       easyssh.PROTOCOL_TCP6,
+			CommandTimeout: 10 * time.Second,
+		},
+		Writer: &buffer,
+	}
+	assert.Nil(t, plugin.Exec())
+	assert.Equal(t, unindent(expected), unindent(buffer.String()))
+}

tests/sudoers

@@ -0,0 +1,2 @@
+Defaults        requiretty
+drone-scp ALL=(ALL) NOPASSWD:ALL