cschlosser / drone-ftps Goto Github PK

I know this might be a long shot. But I want to have the ability to only FTPS files that have changed or are new. I think there are flags that you can specify in lftp such as -Rne.

Even if you want to point me in the right direction, happy to contribute.

@christophschlosser: I create a new issue, becuause the previous topic was bad

I found a solution to use SSL with broken configs, if e.g. CN of the cereficats not matchs to hostname.
the error like Certificate verification: subjectAltName does not match ‘domian.tld’ may be supressed.

its occure often, if the provider use a widcard sertficate, and/or if isn't possible the FTP server to configure. a self signed cert has the same behavior.

its possible with the splitting of the SSL params to secure and verify. look at:
servusoft@1e86957

more sense makes a import of certs or a fingerprint of certs, but its a little complicated.

with a additional parameter --verbose its get feedback about transfered files.

I can make a PR, if its Ok.

When Drone executes my deploy step, I get the following error:
mirror: Login failed: 500 OOPS: cannot change directory:/home/******

This is my .drone.yml step (___ is censored):

  - name: deploy
    image: cschlosser/drone-ftps
    environment:
      FTP_USERNAME:
        from_secret: FTP_USERNAME
      FTP_PASSWORD:
        from_secret: FTP_PASSWORD
      PLUGIN_HOSTNAME: ___
      PLUGIN_DEST_DIR: /opt/wwwhome/___/static_site
      PLUGIN_SECURE: false
      PLUGIN_INCLUDE: index.html|style.css

From what I understand, this means that the DEST_DIR is not resolved from the server root, but from the /home directory? If yes, how to set it up right?

Currently, I get the error "Fatal error: max-retries exceeded" if I try to upload files to the server. And that on two different projects. I can't explain it to myself. On server side, there is a 200-message, so normally the file was successfully transferred. Do you have any idea?

There is an error message after transferred files if ftp user don't have such permissions.

chmod: Access failed: 550 Could not change perms on f03d9f5a912b76ec4a42d1b69a44aa8e.png

I think it comes from mirror, which don't have -p in this line.

I added a parameter for specifying whether -p is needed

Hi,

sorry for opening an issue but I am trying to get drone to upload pushed commit to FTP with no luck.

My .drone.yml looks like this:

kind: pipeline
name: default

steps:
- name: master_build
  image: cschlosser/drone-ftps
  environment:
    FTP_USERNAME:
      from_secret: username
    FTP_PASSWORD:
      from_secret: password
    PLUGIN_HOSTNAME: mytestftp.com:21
    PLUGIN_SECURE: false
    PLUGIN_VERIFY: false
    PLUGIN_EXCLUDE: ^\.git/$

..so it's 1:1 to the example here, secrets are set under username and password in drone repository secrets. I've also tried config I found on drone plugins site, with no luck too. If I add when clause, it won't trigger at all

In log I'm stuck on this message:

latest: Pulling from cschlosser/drone-ftps
Digest: sha256:7442ec050d7b05c3ff4f14e92e9bb0def4028ba555844591815434de8a5fe8ee
Status: Image is up to date for cschlosser/drone-ftps:latest

Any idea what I'm doing wrong?
Thanks!

Hello there,
Is there a way to transfer only specific files, which names are know? If not, how can I add multiple regex at the PLUGIN_EXCLUDE and PLUGIN_INCLUDE?

Hi,

I've come across this plugin on drone.io.

I've set up a pipeline and I wanted to transfer the output to my website through FTP(S).
However, for some reason this plugin keeps throwing me the error "Need to set username".

Attempts:

Using the secrets as posted as an example on GitHub, for both username and password.

deploy_develop:
    image: cschlosser/drone-ftps
    hostname: ftp.example.com:21
    secrets: [ [email protected], mypassword123 ]
    secure: true
    ssl_allow: true
    #secrets: [ftp_username,ftp_password]
    dest_dir: /public_html/beta/hello_hapi/
    src_dir: /build/
    when:
      branch: develop

And also tried with a seperate username, as I saw that happen in the few results I could find on google.

deploy_develop:
    image: cschlosser/drone-ftps
    username: [email protected]
    hostname: ftp.example.com:21
    secrets: [ mypassword123 ]
    secure: true
    ssl_allow: true
    #secrets: [ftp_username,ftp_password]
    dest_dir: /public_html/beta/hello_hapi/
    src_dir: /build/
    when:
      branch: develop

Any idea what I'm doing wrong? I have no clue how to fix this, and I'm getting no results from Google.

I am aware I should probably look into secret management as you don't want the secrets to be versioned.. but I'd rather have it working first.

Kind Regards,
Lars

Hi, I have similar issue as #23
The pipeline get stuck and only prints out:

latest: Pulling from cschlosser/drone-ftps
Digest: sha256:a8415e543c6cc125fa0a8d90576c74c45290f1606b8d665c60f7c9327afd42e7
Status: Image is up to date for cschlosser/drone-ftps:latest

But when i exec in to the container I can connect to the SFTP server

sftp -P22 username@my_sftp_server_ip
The authenticity of host '1my_sftp_server_ip (my_sftp_server_ip)' can't be established.
ED25519 key fingerprint is SHA256:XXXXXX.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'my_sftp_server_ip' to the list of known hosts.
username@my_sftp_server_ip's password: 
Connected to my_sftp_server_ip.

And I can see in the logs of my SFTP server when I do the manual login that it tries to connect.
But when I just let the container run, I don't see anything in either the drone-ftps or in the SFTP server.

This is my drone config

- name: send-pdf
  image: cschlosser/drone-ftps # https://github.com/cschlosser/drone-ftps
  environment:
    PLUGIN_HOSTNAME: my_sftp_server_ip:22
    FTP_USERNAME:
      from_secret: ftp_user
    FTP_PASSWORD:
      from_secret: ftp_pass
    PLUGIN_DEST_DIR: /mdToPdf
    PLUGIN_SRC_DIR: /files
    PLUGIN_INCLUDE: ^\*.pdf/$

Hope someone can help me

I have a issue to connent to FTP host without SSL.

it needed to be set a addition parameter:
set ftp:ssl-allow $PLUGIN_SSL_ALLOW;

francoishill and harriswan9a have a sotution:
https://github.com/francoishill/drone-ftps/blob/master/upload.sh#L41
https://github.com/harriswan9a/drone-ftps/blob/master/upload.sh#L41

would your extend the plugin like this?

Adding an option to delete files on the ftp destination that are not present in the source dir would be very helpful for my deployment process. That way files whose file names are unique on each build get deleted on the ftp destination and don't fill up the space over time.

Looking at the man page it seems like adding the "-e" respectively "--delete" option to the "mirror" command would allow this.

I wasted a lot of time as the variables used in docs here don't work: https://hub.docker.com/r/cschlosser/drone-ftps/

The syntax has also changed,

The docs on github seem right with everything being set from environment variables.

I try to mirror a folder to an SFTP on a Synology NAS but th eonly thing I see in the Drone output log is

latest: Pulling from cschlosser/drone-ftps
Digest: sha256:7442ec050d7b05c3ff4f14e92e9bb0def4028ba555844591815434de8a5fe8ee
Status: Image is up to date for cschlosser/drone-ftps:latest

And there it hangs forever ...

Here's my .drone.yml

kind: pipeline
name: default

steps:
  - name: build PDFs
    image: python
    commands:
      - pip install poetry
      - poetry install
      - poetry run python build_documents.py
      
  - name: copy PDFs to SFTP
     image: cschlosser/drone-ftps
     environment:
       FTP_USERNAME:
         from_secret: SFTP_USER
       FTP_PASSWORD:
         from_secret: SFTP_PASSWORD
       PLUGIN_HOSTNAME: sftp.server.com:50022
       PLUGIN_DEST_DIR: /home/PDFs
       PLUGIN_SECURE: true
       PLUGIN_VERIFY: false
       PLUGIN_EXCLUDE: ^\.git/$
       PLUGIN_SRC_DIR: /output
       PLUGIN_CLEAN_DIR: true

If I get a shell within the running drone comtaine docker exec -it drone-Vf20L9DukrGr6ias1eun bash and do a ps I see the command is running:

bash-5.1# echo "$(ps)"
PID   USER     TIME  COMMAND
    1 root      0:00 {upload.sh} /bin/bash /bin/upload.sh
    9 root      0:00 lftp -e set xfer:log 1;   set ftp:ssl-allow true;   set ftp:ssl-force true;   set ftp:ssl-protect-data true;   set ssl:verify-certificate false;   set ssl:check-hostname false;   set net:max-retries 3;   rm -r /home/PDFs;   mirror --verbose  -R    -x '^\.git/$' /drone/src/output /home/PDFs -u <redacted>,<redacted> sftp.server.com:50022
   20 root      0:00 bash
   29 root      0:00 ps

Any idea why this isn't working?

Hey @christophschlosser - thanks for this plugin!

Just getting up and running with Drone :)

The issue I'm experiencing is quite similar to this
lavv17/lftp#420

My jobs are timing out after an hour.

As soon as I add something to the offending file the job can be completed.

Target ftp server is Pure-FTPD configured via CentMin Mod
https://centminmod.com/ftp.html

Here's my .drone.yml

  deploy:
    image: cschlosser/drone-ftps
    hostname: snip
    secrets: [ ftp_username, ftp_password ]
    dest_dir: /foo/
    secure: true
    verify: false
    exclude:
    - ^\.git/$
    - ^\.gitignore$
    - ^\.drone.yml$```

Not sure if this is something that should be handled at the server end? 
Is there some way of ensuring the job completes or has a lower timeout value for failure?

This config File works for me with the drone/drone:1.0.0-rc.3 image.

kind: pipeline
name: default

steps:
- name: master_build
  image: cschlosser/drone-ftps
  environment:
    FTP_USERNAME:
      from_secret: username
    FTP_PASSWORD:
      from_secret: password
    PLUGIN_HOSTNAME: myhost.ch:21

    PLUGIN_SECURE: false
    PLUGIN_VERIFY: false
    PLUGIN_EXCLUDE: ^\.git/$
  when:
    branch:
    - master
    event:
    - push

- name: develop_build
  image: cschlosser/drone-ftps
  environment:
    FTP_USERNAME:
      from_secret: username
    FTP_PASSWORD:
      from_secret: password
    PLUGIN_HOSTNAME: myhost.ch:21
    PLUGIN_DEST_DIR: /develop
    PLUGIN_SECURE: false
    PLUGIN_VERIFY: false
    PLUGIN_EXCLUDE: ^\.git/$
  when:
    branch:
    - develop
    event:
    - push

Regards,
Alain

Hey,
when i use your tool to deploy to SFTP servers, sometimes they dont allow username/password authentication and they demand the use of public/private keys.

What are your thoughts on that? Whould you be open to supporting that as well?
Thanks so much and greetings
Leo