.drone.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

kind: pipeline
name: ssh_and_execute

# Define a step to execute the SSH command on the server
steps:
  - name: ssh_execute
    image: alpine:latest  # Lightweight base image (adjust if needed)
    # Fetch the private key securely from Drone secrets
    script: |
      set -e  # Exit on failure

      # Replace 'SSH_KEY_SECRET' with the actual secret name in Drone
      KEY_DATA=$(drone secret get SSH_KEY_SECRET)
      # Ensure key data is not accidentally logged
      echo "$KEY_DATA" | tr -d '\r' > /tmp/drone_key  # Remove carriage returns (if any) and store in temp file

      chmod 600 /tmp/drone_key  # Set strict permissions
      eval "$(ssh-agent -s)"  # Start SSH agent

      # Add the private key to the agent securely
      ssh-add /tmp/drone_key

      # Replace with actual server details (host, username, command)
      ssh crystal@tilde.institute -i /tmp/drone_key "touch hello_im_emu"

      # Clean up after use
      rm -f /tmp/drone_key  # Remove temporary key file