Fix SSH authentication issues in GitHub Actions

- Add SSH key verification step with ssh-add -l - Properly configure known_hosts with ssh-keyscan - Add SSH connection test before rsync - Remove StrictHostKeyChecking=no from rsync and remote commands - Follow webfactory/ssh-agent best practices Resolves SSH key authentication failures during deployment 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-07 22:51:18 +09:00 · 2025-07-07 22:51:18 +09:00 · f553408cc4
commit f553408cc4
parent 7d4d77ce1b
1 changed files with 15 additions and 2 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@ -18,14 +18,27 @@ jobs:
        with:
          ssh-private-key: ${{ secrets.NAS_SSH_KEY_ADMIN }}

+      - name: Check SSH key loaded
+        run: ssh-add -l
+
+      - name: Add NAS host to known_hosts
+        run: |
+          mkdir -p ~/.ssh
+          ssh-keyscan -p ${{ secrets.NAS_PORT }} ${{ secrets.NAS_HOST }} >> ~/.ssh/known_hosts
+
+      - name: Test SSH connection
+        run: |
+          ssh -o StrictHostKeyChecking=no -p ${{ secrets.NAS_PORT }} \
+            ${{ secrets.NAS_USER }}@${{ secrets.NAS_HOST }} echo "SSH connection successful"
+
      - name: Rsync to NAS
        run: |
-          rsync -avz -e "ssh -o StrictHostKeyChecking=no -p ${{ secrets.NAS_PORT }}" ./ \
+          rsync -avz -e "ssh -p ${{ secrets.NAS_PORT }}" ./ \
            ${{ secrets.NAS_USER }}@${{ secrets.NAS_HOST }}:/volume1/homes/admin/nginx-infra/

      - name: Remote docker-compose up
        run: |
-          ssh -o StrictHostKeyChecking=no -p ${{ secrets.NAS_PORT }} ${{ secrets.NAS_USER }}@${{ secrets.NAS_HOST }} << 'EOF'
+          ssh -p ${{ secrets.NAS_PORT }} ${{ secrets.NAS_USER }}@${{ secrets.NAS_HOST }} << 'EOF'
            cd /volume1/homes/admin/nginx-infra
            docker-compose up -d --build
          EOF