kind: pipeline name: ssh_and_execute # Define a step to execute the SSH command on the server steps: - name: ssh_execute image: alpine:latest # Lightweight base image (adjust if needed) # Fetch the private key securely from Drone secrets environment: KEY_DATA: from_secret: SSH_KEY_SECRET KNOWN_HOSTS: from_secret: KNOWN_HOSTS commands: # Ensure key data is not accidentally logged - apk update - apk add openssh - mkdir ~/.ssh/ - echo "$KNOWN_HOSTS" > ~/.ssh/known_hosts - echo "$KEY_DATA" | tr -d '\r' > /tmp/drone_key # Remove carriage returns (if any) and store in temp file - chmod 600 /tmp/drone_key # Set strict permissions - eval "$(ssh-agent -s)" # Start SSH agent # Add the private key to the agent securely - ssh-add /tmp/drone_key # Replace with actual server details (host, username, command) - ssh crystal@tilde.institute -i /tmp/drone_key "cd public_html && git pull && cd .. && touch success"