From 3e292b852256b4f209bd194fbd461a3107e76555 Mon Sep 17 00:00:00 2001
From: Josh <jcoakley@aptivaai.com>
Date: Thu, 31 Jul 2025 17:13:13 +0000
Subject: [PATCH] pipeline build v44.  reverted and add single GCP secret

---
 .woodpecker.yml | 32 +++++++++++++++-----------------
 1 file changed, 15 insertions(+), 17 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 3bd7c4d..0a33f93 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -1,7 +1,7 @@
 ---
 kind: pipeline
 type: docker
-name: ssh-deploy-test
+name: ssh-test
 
 steps:
   - name: ssh-test
@@ -9,23 +9,23 @@ steps:
     entrypoint:
       - bash
       - -c
-      - |
-        set -euo pipefail
+      - >
+        set -euo pipefail;
 
-        mkdir -p ~/.ssh
+        mkdir -p ~/.ssh;
 
         # ── Inject known-hosts and SSH key ───────────────────────────────
         gcloud secrets versions access latest \
           --secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev \
-          | base64 -d > ~/.ssh/known_hosts
-        chmod 644 ~/.ssh/known_hosts
+          | base64 -d > ~/.ssh/known_hosts;
+        chmod 644 ~/.ssh/known_hosts;
 
         gcloud secrets versions access latest \
           --secret=STAGING_SSH_KEY --project=aptivaai-dev \
-          | base64 -d > ~/.ssh/id_ed25519
-        chmod 600 ~/.ssh/id_ed25519
+          | base64 -d > ~/.ssh/id_ed25519;
+        chmod 600 ~/.ssh/id_ed25519;
 
-        echo "🔑 SSH prerequisites installed"
+        echo "🔑 SSH prerequisites installed";
 
         # ── SSH into staging and deploy ──────────────────────────────────
         ssh -o StrictHostKeyChecking=yes \
@@ -34,22 +34,20 @@ steps:
             'set -euo pipefail; \
              IMG_TAG=$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev); \
              export IMG_TAG; \
-             STRIPE_SECRET_KEY=$(gcloud secrets versions access latest --secret=STRIPE_SECRET_KEY --project=aptivaai-dev); \
-             export STRIPE_SECRET_KEY; \
+             STRIPE_PUBLISHABLE_KEY=$(gcloud secrets versions access latest --secret=STRIPE_PUBLISHABLE_KEY --project=aptivaai-dev); \
+             export STRIPE_PUBLISHABLE_KEY; \
              echo "📦 IMG_TAG=$IMG_TAG"; \
-             echo "💳 STRIPE_SECRET_KEY length = $(echo -n "$STRIPE_SECRET_KEY" | wc -c)"; \
+             echo "💳 STRIPE_PUBLISHABLE_KEY length = $(echo -n \"$STRIPE_PUBLISHABLE_KEY\" | wc -c)"; \
              cd /home/jcoakley/aptiva-staging-app; \
-             echo "→ Pulling containers"; \
-             sudo --preserve-env=IMG_TAG,STRIPE_SECRET_KEY docker compose pull; \
-             echo "→ Recreating services"; \
-             sudo --preserve-env=IMG_TAG,STRIPE_SECRET_KEY docker compose up -d --force-recreate --remove-orphans; \
+             sudo --preserve-env=IMG_TAG,STRIPE_PUBLISHABLE_KEY docker compose pull; \
+             sudo --preserve-env=IMG_TAG,STRIPE_PUBLISHABLE_KEY docker compose up -d --force-recreate --remove-orphans; \
              echo "✅ Staging stack refreshed with tag $IMG_TAG"'
 
     secrets:
       - STAGING_SSH_KEY
       - STAGING_KNOWN_HOSTS
       - IMG_TAG
-      - STRIPE_SECRET_KEY
+      - STRIPE_PUBLISHABLE_KEY
 
 when:
   event: