From 0637fefc79f8857162dad0c9f0f35df23b25ae13 Mon Sep 17 00:00:00 2001
From: Josh <jcoakley@aptivaai.com>
Date: Thu, 31 Jul 2025 11:24:43 +0000
Subject: [PATCH] Woodpecker.yml rewrite v7

---
 .woodpecker.yml | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 701418d..0d2e0f9 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -10,12 +10,12 @@ clone:
   depth: 50
 
 steps:
-# ── Build & push images ──────────────────────────────
+# ── 1. Build & push images ──────────────────────────────
 - name: build-and-push
-  image: docker:24.0-cli           # use host Docker
+  image: docker:24.0-cli
   privileged: true
   volumes:
-  - name: docker-sock              # mount declared below
+  - name: docker-sock
     path: /var/run/docker.sock
   commands:
   - |
@@ -31,7 +31,7 @@ steps:
     event: [push, manual]
     branch: [master]
 
-# ── Deploy to staging ───────────────────────────────
+# ── 2. Deploy to staging ────────────────────────────────
 - name: deploy-staging
   image: appleboy/drone-ssh
   settings:
@@ -39,15 +39,16 @@ steps:
     port: 22
     username: jcoakley
     key:
-      from_secret: STAGING_SSH_KEY
+      from_secret: STAGING_SSH_KEY          # ← the only secrets we need
     known_hosts:
       from_secret: STAGING_KNOWN_HOSTS
     script:
-    - cd /opt/aptiva-staging-app
-    - ./refresh_secrets.sh
-    - TAG=$(echo "$CI_COMMIT_SHA" | head -c 8)
-    - IMG_TAG=$TAG docker compose pull
-    - IMG_TAG=$TAG docker compose up -d --remove-orphans
+    - |
+      set -eu
+      TAG=$(echo "$CI_COMMIT_SHA" | head -c 8)
+      cd /opt/aptiva-staging-app
+      IMG_TAG=$TAG docker compose pull
+      IMG_TAG=$TAG docker compose up -d --force-recreate --remove-orphans
   when:
     event: [push, manual]
     branch: [master]