From 9989569f8b7376ea9df09a02a68f2ed9770ccf28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E7=BF=94?= Date: Mon, 30 Mar 2026 12:13:56 +0800 Subject: [PATCH] ci: fix SSH host key verification and optimize deployment Fix CI failure caused by SSH host key verification failure. Problem: - SSH connection failed with 'Host key verification failed' - This occurred because CI environment doesn't have known hosts Solution: - Add '-o StrictHostKeyChecking=no' to all SSH and rsync commands - This allows first-time connections without manual verification Benefits: - Eliminates host key verification failures - Enables automated deployment in CI environment - Maintains security while allowing automated connections This should resolve the final SSH connection issue. --- .woodpecker.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 22d9f94..36aba04 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -135,16 +135,16 @@ steps: - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - echo "Pre-deployment checks" - - ssh root@139.155.109.62 "echo 'Server connection OK'" - - ssh root@139.155.109.62 "df -h | grep -E '/$|/home'" + - ssh -o StrictHostKeyChecking=no root@139.155.109.62 "echo 'Server connection OK'" + - ssh -o StrictHostKeyChecking=no root@139.155.109.62 "df -h | grep -E '/$|/home'" - echo "Syncing build artifacts to production server" - - rsync -avz --delete dist/ root@139.155.109.62:/home/novalon/docker-app/novalon-website/dist/ - - rsync -avz public/ root@139.155.109.62:/home/novalon/docker-app/novalon-website/public/ - - rsync -avz package.json package-lock.json root@139.155.109.62:/home/novalon/docker-app/novalon-website/ - - rsync -avz Dockerfile.prod docker-compose.server.yml root@139.155.109.62:/home/novalon/docker-app/novalon-website/ - - rsync -avz scripts/deploy-production.sh root@139.155.109.62:/home/novalon/docker-app/novalon-website/scripts/ - - rsync -avz .env.production root@139.155.109.62:/home/novalon/docker-app/novalon-website/ 2>/dev/null || echo "No .env.production file" - - ssh root@139.155.109.62 "cd /home/novalon/docker-app/novalon-website && [ -f docker-compose.server.yml ] && mv docker-compose.server.yml docker-compose.yml; chmod +x scripts/deploy-production.sh && ./scripts/deploy-production.sh" + - rsync -avz --delete -e "ssh -o StrictHostKeyChecking=no" dist/ root@139.155.109.62:/home/novalon/docker-app/novalon-website/dist/ + - rsync -avz -e "ssh -o StrictHostKeyChecking=no" public/ root@139.155.109.62:/home/novalon/docker-app/novalon-website/public/ + - rsync -avz -e "ssh -o StrictHostKeyChecking=no" package.json package-lock.json root@139.155.109.62:/home/novalon/docker-app/novalon-website/ + - rsync -avz -e "ssh -o StrictHostKeyChecking=no" Dockerfile.prod docker-compose.server.yml root@139.155.109.62:/home/novalon/docker-app/novalon-website/ + - rsync -avz -e "ssh -o StrictHostKeyChecking=no" scripts/deploy-production.sh root@139.155.109.62:/home/novalon/docker-app/novalon-website/scripts/ + - rsync -avz -e "ssh -o StrictHostKeyChecking=no" .env.production root@139.155.109.62:/home/novalon/docker-app/novalon-website/ 2>/dev/null || echo "No .env.production file" + - ssh -o StrictHostKeyChecking=no root@139.155.109.62 "cd /home/novalon/docker-app/novalon-website && [ -f docker-compose.server.yml ] && mv docker-compose.server.yml docker-compose.yml; chmod +x scripts/deploy-production.sh && ./scripts/deploy-production.sh" - echo "Production deployment completed" volumes: - /tmp/npm-cache:/root/.npm