CI Failure: add production deploy workflow - Missing DEPLOY_PROD_HOST secret #1

New issue

Closed

opened 2026-03-25 15:01:53 -07:00 by ci · 0 comments

ci commented

2026-03-25 15:01:53 -07:00

CI Failure Analysis

Run URL: https://git.brads.house/dungeonchurch/rpg-cards/actions/runs/3
Commit: 70b4fc2a21
Workflow: Deploy to Production (.forgejo/workflows/deploy-prod.yml)
Trigger: Push to master
Attempts: 1/3 (2 remaining)

Error

2026-03-25T22:00:18.4653472Z usage: ssh-keyscan [-46cDHv] [-f file] [-p port] [-T timeout] [-t type]
		   [host | addrlist namelist]
2026-03-25T22:00:18.4654104Z 
2026-03-25T22:00:18.4748367Z ⚙️ [runner]: exitcode '1': failure

Root Cause

The workflow expects several deployment secrets that are not configured:

DEPLOY_PROD_HOST (hostname for deployment server)
DEPLOY_PROD_PORT (SSH port, defaults to 22)
DEPLOY_PROD_USER (SSH user)
DEPLOY_PROD_SSH_KEY (SSH private key)
DEPLOY_PROD_PATH (Path to docker-compose on server)
FORGEJO_TOKEN (Registry auth token)

Specifically, ssh-keyscan is being called with no host argument because ${{ secrets.DEPLOY_PROD_HOST }} evaluates to empty:

ssh-keyscan -p 22  >> ~/.ssh/known_hosts
# Missing host argument

Resolution

Requires human intervention: Add the following secrets to repository Settings > Secrets:

Secret	Description
`DEPLOY_PROD_HOST`	Production server hostname/IP
`DEPLOY_PROD_PORT`	SSH port (default: 22)
`DEPLOY_PROD_USER`	SSH username for deployment
`DEPLOY_PROD_SSH_KEY`	Private SSH key for deployment user
`DEPLOY_PROD_PATH`	Path to docker-compose.yml on server
`FORGEJO_TOKEN`	Registry token for docker login

The workflow logic itself is correct; it just needs the secrets configured.

Severity

HIGH - Infrastructure configuration required. Workflow cannot run without secrets.

cc @unknown @brad

## CI Failure Analysis **Run URL:** https://git.brads.house/dungeonchurch/rpg-cards/actions/runs/3 **Commit:** 70b4fc2a21d9b0f04de83290cc4a853f777c672f **Workflow:** Deploy to Production (.forgejo/workflows/deploy-prod.yml) **Trigger:** Push to master **Attempts:** 1/3 (2 remaining) ### Error ``` 2026-03-25T22:00:18.4653472Z usage: ssh-keyscan [-46cDHv] [-f file] [-p port] [-T timeout] [-t type] [host | addrlist namelist] 2026-03-25T22:00:18.4654104Z 2026-03-25T22:00:18.4748367Z ⚙️ [runner]: exitcode '1': failure ``` ### Root Cause The workflow expects several deployment secrets that are not configured: - `DEPLOY_PROD_HOST` (hostname for deployment server) - `DEPLOY_PROD_PORT` (SSH port, defaults to 22) - `DEPLOY_PROD_USER` (SSH user) - `DEPLOY_PROD_SSH_KEY` (SSH private key) - `DEPLOY_PROD_PATH` (Path to docker-compose on server) - `FORGEJO_TOKEN` (Registry auth token) Specifically, `ssh-keyscan` is being called with no host argument because `${{ secrets.DEPLOY_PROD_HOST }}` evaluates to empty: ```bash ssh-keyscan -p 22 >> ~/.ssh/known_hosts # Missing host argument ``` ### Resolution **Requires human intervention:** Add the following secrets to repository Settings > Secrets: | Secret | Description | |--------|-------------| | `DEPLOY_PROD_HOST` | Production server hostname/IP | | `DEPLOY_PROD_PORT` | SSH port (default: 22) | | `DEPLOY_PROD_USER` | SSH username for deployment | | `DEPLOY_PROD_SSH_KEY` | Private SSH key for deployment user | | `DEPLOY_PROD_PATH` | Path to docker-compose.yml on server | | `FORGEJO_TOKEN` | Registry token for docker login | The workflow logic itself is correct; it just needs the secrets configured. ### Severity **HIGH** - Infrastructure configuration required. Workflow cannot run without secrets. cc @unknown @brad

brad closed this issue

2026-03-25 15:53:57 -07:00

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

dungeonchurch/rpg-cards#1

No description provided.

Rows
Columns