From 1d59aec5a93b304456cb862621e0c116cf613242 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Zieli=C5=84ski?= Date: Thu, 18 Sep 2025 12:46:55 +0200 Subject: [PATCH] Maybe now.. --- .gitea/workflows/morskaRelease.yml | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/morskaRelease.yml b/.gitea/workflows/morskaRelease.yml index e011ad4..9d0a692 100644 --- a/.gitea/workflows/morskaRelease.yml +++ b/.gitea/workflows/morskaRelease.yml @@ -78,6 +78,7 @@ jobs: (cd artifacts/frontend && zip -rq ../../build/DiunaBI-Morska-Frontend.zip .) (cd artifacts/webapi && zip -rq ../../build/DiunaBI-Morska-WebApi.zip .) ls -la build + - name: Upload artifacts to remote server env: SSH_PRIVATE_KEY: ${{ secrets.GITEARUNNER_SSH_KEY }} @@ -104,10 +105,18 @@ jobs: - name: Run release script on remote server env: SSH_PRIVATE_KEY: ${{ secrets.PROD_SRV_PRIVATE_KEY }} + SSH_USER: mz + SSH_HOST: bim-it.pl run: | - echo "${SSH_PRIVATE_KEY}" > private_key + set -euo pipefail + + umask 077 + echo "$SSH_PRIVATE_KEY" > private_key chmod 600 private_key - ssh -i private_key -o StrictHostKeyChecking=no mz@bim-it.pl << 'EOF' - ./deployment/DiunaBI-Morska.Release.sh - EOF - rm private_key \ No newline at end of file + + mkdir -p ~/.ssh + ssh-keyscan -H "$SSH_HOST" >> ~/.ssh/known_hosts + + ssh -i private_key "$SSH_USER@$SSH_HOST" "./deployment/DiunaBI-Morska.Release.sh" + + shred -u private_key \ No newline at end of file