improve ssh job

METS-Programme · Dec 9, 2024 · 3142705 · 3142705
1 parent deca72f
commit 3142705
Showing 1 changed file with 20 additions and 23 deletions.
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -22,6 +22,7 @@ jobs:
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Build and Push Docker Image
+        id: docker
         run: |
           IMAGE_NAME=${{ secrets.DOCKER_USERNAME }}/ugandaemr-distro
           IMAGE_TAG=$(git rev-parse --short HEAD)
@@ -36,31 +37,27 @@ jobs:
           docker push "$IMAGE_NAME:$IMAGE_TAG"
           docker push "$IMAGE_NAME:latest"
 
-      # Step 3: Sync docker-compose file to the server
-      - name: Sync docker-compose.yml to Server
-        run: |
-            # Start the SSH agent
-            eval "$(ssh-agent -s)"
+          # Output the tag for the next steps
+          echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
 
-            # Add the private key from GitHub Secrets
-            echo "${{ secrets.SSH_PRIVATE_KEY }}" | ssh-add -
+      # Step 3: Set up SSH key for secure communication
+      - name: Set up SSH Key
+        uses: shimataro/ssh-key-action@v2
+        with:
+          key: ${{ secrets.SSH_PRIVATE_KEY }}
+          known_hosts: |
+            ${{ secrets.SERVER_IP }}
 
-            # Use rsync with the SSH key to transfer the file
-            rsync -avz -e "ssh -o StrictHostKeyChecking=no" docker-compose.yml "${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }}:/home/ugandaemr"
+      # Step 4: Sync docker-compose.yml to the server
+      - name: Sync docker-compose.yml to Server
+        run: |
+          rsync -avz -e "ssh -o StrictHostKeyChecking=no" docker-compose.yml "${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }}:/home/ugandaemr"
 
-      # Step 4: SSH into server, pull the latest image, and restart services
+      # Step 5: SSH into the server, pull the latest image, and restart services
       - name: Update and Restart Services on Server
         run: |
-            # Start the SSH agent
-            eval "$(ssh-agent -s)"
-
-            # Add the private key from GitHub Secrets
-            echo "${{ secrets.SSH_PRIVATE_KEY }}" | ssh-add -
-
-            # Connect to the server and execute commands
-            ssh -o StrictHostKeyChecking=no "${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }}" << 'EOF'
-                cd /home/ugandaemr
-                docker-compose pull
-                docker-compose up -d
-            EOF
-
+          ssh -o StrictHostKeyChecking=no "${{ secrets.SSH_USER }}@${{ secrets.SERVER_IP }}" << 'EOF'
+            cd /home/ugandaemr
+            docker-compose pull
+            docker-compose up -d
+          EOF