diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 410fac8..101ac98 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -67,23 +67,33 @@ jobs: runs-on: ubuntu-latest steps: - - name: Deploy via systemd trigger - run: | - SERVICE="${{ needs.build-and-push.outputs.repo_slug }}" - ENV="${{ needs.build-and-push.outputs.deploy_env }}" - IMAGE="${{ needs.build-and-push.outputs.image }}" - - REMOTE_ROOT="${{ secrets.WINSOMNIA_INFRA_ROOT }}" - REMOTE_PATH="$REMOTE_ROOT/$SERVICE/$ENV" - - ssh ${{ secrets.WINSOMNIA_DEPLOY_USER }}@${{ secrets.WINSOMNIA_DEPLOY_HOST }} < "$REMOTE_PATH/data/.deploy_req" < ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + - name: Add host key + run: | + ssh-keyscan -H ${{ secrets.WINSOMNIA_DEPLOY_HOST }} >> ~/.ssh/known_hosts + + - name: Deploy via systemd trigger + run: | + SERVICE="${{ needs.build-and-push.outputs.repo_slug }}" + ENV="${{ needs.build-and-push.outputs.deploy_env }}" + IMAGE="${{ needs.build-and-push.outputs.image }}" + + REMOTE_ROOT="${{ secrets.WINSOMNIA_INFRA_ROOT }}" + REMOTE_PATH="$REMOTE_ROOT/$SERVICE/$ENV" + + ssh ${{ secrets.WINSOMNIA_DEPLOY_USER }}@${{ secrets.WINSOMNIA_DEPLOY_HOST }} <<'EOF' + set -e + + echo "[CI] Writing deploy request..." + cat > "$REMOTE_PATH/data/.deploy_req" <