24 lines
822 B
YAML
24 lines
822 B
YAML
---
|
|
steps:
|
|
- name: deploy-staging
|
|
image: gcr.io/google.com/cloudsdktool/cloud-sdk:latest
|
|
commands:
|
|
- |
|
|
set -eu
|
|
mkdir -p ~/.ssh
|
|
|
|
# 🔐 Pull and decode known_hosts (raw in Secret Manager)
|
|
gcloud secrets versions access latest \
|
|
--secret="STAGING_KNOWN_HOSTS" \
|
|
--project="aptivaai-dev" | base64 -d > ~/.ssh/known_hosts
|
|
chmod 644 ~/.ssh/known_hosts
|
|
|
|
# 🔐 Pull and decode SSH key (also raw in Secret Manager)
|
|
gcloud secrets versions access latest \
|
|
--secret="STAGING_SSH_KEY" \
|
|
--project="aptivaai-dev" | base64 -d > ~/.ssh/id_ed25519
|
|
chmod 600 ~/.ssh/id_ed25519
|
|
|
|
# ✅ Sanity check: SSH handshake only
|
|
ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes jcoakley@10.128.0.12 hostname
|