pipeline build v9 - key diagnostics in commands

2025-07-31 14:15:33 +00:00 · 2025-07-31 14:15:33 +00:00 · d86929db01
commit d86929db01
parent 5e957096b8
1 changed files with 16 additions and 22 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -2,29 +2,23 @@ steps:
  ssh-test:
    image: google/cloud-sdk:latest
    commands:
-      - 'set -eu'
-      - 'mkdir -p ~/.ssh'
-      - 'gcloud secrets versions access latest --secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts'
-      - 'chmod 644 ~/.ssh/known_hosts'
-      - 'gcloud secrets versions access latest --secret=STAGING_SSH_KEY --project=aptivaai-dev > ~/.ssh/id_ed25519'
-      - 'chmod 600 ~/.ssh/id_ed25519'
-      - 'echo Key size: $(wc -c < ~/.ssh/id_ed25519) bytes'
-      - 'file ~/.ssh/id_ed25519 || echo file not found'
-      - 'head -n 5 ~/.ssh/id_ed25519'
-      - 'ssh -vvv -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes jcoakley@10.128.0.12 hostname'
+      - |
+        #!/bin/bash
+        set -eu
+        mkdir -p ~/.ssh

        # Decode known hosts
-      - gcloud secrets versions access latest --secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts
-      - chmod 644 ~/.ssh/known_hosts
+        gcloud secrets versions access latest --secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts
+        chmod 644 ~/.ssh/known_hosts

        # Inject SSH key
-      - gcloud secrets versions access latest --secret=STAGING_SSH_KEY --project=aptivaai-dev > ~/.ssh/id_ed25519
-      - chmod 600 ~/.ssh/id_ed25519
+        gcloud secrets versions access latest --secret=STAGING_SSH_KEY --project=aptivaai-dev > ~/.ssh/id_ed25519
+        chmod 600 ~/.ssh/id_ed25519

-      # Verify key integrity before SSH
-      - echo Key size: $(wc -c < ~/.ssh/id_ed25519) bytes
-      - file ~/.ssh/id_ed25519 || echo file not found
-      - head -n 5 ~/.ssh/id_ed25519
+        # Verify key integrity
+        echo "Key size: $(wc -c < ~/.ssh/id_ed25519) bytes"
+        file ~/.ssh/id_ed25519 || echo "file not found"
+        head -n 5 ~/.ssh/id_ed25519

        # Attempt SSH
-      - ssh -vvv -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes jcoakley@10.128.0.12 hostname
+        ssh -vvv -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes jcoakley@10.128.0.12 hostname