Rsync Deployments Versions Save

• Pin @JoshPiper drinternet/rsync image by SHA-256 hash rather than version. (Immutability) Added via #60

The docker image of this action is now pinned to the specific SHA-256 hash of the version rather than just the version. This means for the latest drinternet/rsync:v1.4.4 the corresponding hash is drinternet/rsync@sha256:15b2949838074bd93c49421c22380396a0cd53a322439e799ac87afcadcfe234

Check for validation: https://hub.docker.com/layers/drinternet/rsync/v1.4.4/images/sha256-15b2949838074bd93c49421c22380396a0cd53a322439e799ac87afcadcfe234

With that, usage of this action is even more secure due to a consistent dependency chain of trust, since changes accompanied by a docker image hash are immutable.

Thanks to @XComp

What's Changed

• feat: Update base image to latest 1.4.4 (alpine 3.19.1)

https://github.com/JoshPiper/rsync-docker/commit/ba20622d48f9c6c153bf520408c17aaec887e817 https://github.com/JoshPiper/rsync-docker/pull/25 @JoshPiper

• Merge pull request https://github.com/Burnett01/rsync-deployments/pull/24 from jasongill/patch-1

Re-allow RSA host keys with SSH

• feat: Make usage of legacy rsa hostkeys conditional

The usage of RSA host keys introduced with https://github.com/Burnett01/rsync-deployments/commit/c7baefdc23c4bb3b517a16ffa6ddda31763f0be8 was adjusted to make it conditional/configurable and to keep backward compatibility

Resolves #49

• feat: configuarable legacy RSA hostkeys support

Ability to configure legacy rsa hostkeys support for OpenSSH servers >= 8.8. Related to https://github.com/Burnett01/rsync-deployments/pull/24 and https://github.com/Burnett01/rsync-deployments/commit/9603fc818619574f10c02c47431eb0a7edafef9a

• chore!: Versions 4.x EOL, 5.x DEPRECATED, 6.x MAINTENANCE

All versions 4.x are now EOL and no longer maintained All versions 5.x are now DEPRECATED and will become EOL within Q2 2024 All versions 6.x are now MAINTENANCE and will become DEPRECATED within Q4 2024

New Contributors

• @jasongill made their first contribution in https://github.com/Burnett01/rsync-deployments/pull/24

Full Changelog: https://github.com/Burnett01/rsync-deployments/compare/6.0.0...7.0.0

• It is no longer possible to use an empty string as remote_path (Fixes #44) (Thanks to @maximilliangeorge)
• Updated checkout action in examples from v2 to v3
• Added disclaimer to media site-links
• Overall readme improvements

• Update base image (drinternet/rsync from v1.4.1 to v1.4.3) (Alpine 3.17.2)

• Update base image (drinternet/rsync from v1.4.0 to v1.4.1) (Alpine 3.16.1)
• Mention compatibility (https://github.com/Burnett01/rsync-deployments/pull/31)

What's Changed

• Bump drinternet/rsync from v1.3.0 to v1.4.0 by @dependabot & @JoshPiper in https://github.com/Burnett01/rsync-deployments/pull/22 (Ref: https://github.com/JoshPiper/rsync-docker/pull/7)
• Version 5.2 by @Burnett01 in https://github.com/Burnett01/rsync-deployments/pull/23
• Dropped security support for action version 3.0

New Contributors

• @dependabot made their first contribution in https://github.com/Burnett01/rsync-deployments/pull/22

Full Changelog: https://github.com/Burnett01/rsync-deployments/compare/5.1...5.2

• update base image drinternet/rsync:v1.3.0
• Base Image updates: alpine 3.14.1 latest

See #15

New feature(s):

• Support for passphrase protected private keys with remote_key_pass
• Update base image from JoshPiper/[email protected] to v2.1.0

Check the readme on how to use this new feature.

More technical information about how the passphrase feature works:

https://github.com/JoshPiper/rsync-docker/pull/3#issue-701661145

• Re-arranged code of the entrypoint

• New base-image drinternet/rsync:1.0.1 that is based alpine:latest and optimized for rsync.