docs: document the new curl_insecure configuration option

- Add `curl_insecure` option to README.md
- Add `curl_insecure` option to README.zh-cn.md
- Add `curl_insecure` option to README.zh-tw.md

Signed-off-by: appleboy <appleboy.tw@gmail.com>

README.md

@@ -49,6 +49,7 @@ Refer to [action.yml](./action.yml) for more detailed information.
 | debug                     | Enable debug mode                                                                        | false         |
 | allenvs                   | Pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false         |
 | request_pty               | Request a pseudo-terminal from the server                                                | false         |
+| curl_insecure             | Allow curl to connect to SSL sites without certificates                                  | false         |
 
 **Note:** Users can add `set -e` in their shell script to achieve similar functionality to the removed `script_stop` option.
 

README.zh-cn.md

@@ -49,6 +49,7 @@
 | debug                     | 启用调试模式                                          | false  |
 | allenvs                   | 将带有 `GITHUB_` 和 `INPUT_` 前缀的环境变量传递给脚本 | false  |
 | request_pty               | 请求伪终端                                            | false  |
+| curl_insecure             | 在 curl 中使用不安全的证书验证                        | false  |
 
 **注意：** 用户可以在他们的 shell 脚本中添加 `set -e` 以实现类似于已删除的 `script_stop` 选项的功能。
 

README.zh-tw.md

@@ -49,6 +49,7 @@
 | debug                     | 啟用調試模式                                          | false  |
 | allenvs                   | 將帶有 `GITHUB_` 和 `INPUT_` 前綴的環境變數傳遞給腳本 | false  |
 | request_pty               | 從伺服器請求偽終端                                    | false  |
+| curl_insecure             | 在 curl 命令中使用不安全的 SSL 證書驗證               | false  |
 
 **注意：** 用戶可以在他們的 shell 腳本中添加 `set -e` 以實現類似於已刪除的 `script_stop` 選項的功能。
 

action.yml

@@ -75,6 +75,9 @@ inputs:
     description: "When true, passes all GitHub Actions environment variables to the remote script."
   request_pty:
     description: "Request a pseudo-terminal from the server (required for interactive commands or sudo)."
+  curl_insecure:
+    description: "When true, uses the --insecure option with curl for insecure downloads."
+    default: "false"
   capture_stdout:
     description: "When true, captures and returns standard output from the commands as action output."
     default: "false"
@@ -131,6 +134,7 @@ runs:
         INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
         INPUT_SYNC: ${{ inputs.sync }}
         INPUT_CAPTURE_STDOUT: ${{ inputs.capture_stdout }}
+        INPUT_CURL_INSECURE: ${{ inputs.curl_insecure }}
 
 branding:
   icon: "terminal"

entrypoint.sh

@@ -36,7 +36,12 @@ DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
 CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
 TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
 echo "Downloading ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
-curl -fsSL --retry 5 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}"
+INSECURE_OPTION=""
+if [[ "${INPUT_CURL_INSECURE}" == 'true' ]]; then
+  INSECURE_OPTION="--insecure"
+fi
+
+curl -fsSL --retry 5 --keepalive-time 2 ${INSECURE_OPTION} "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}"
 chmod +x "${TARGET}"
 
 echo "======= CLI Version Information ======="