jkf

Jenkinsfile

@@ -30,9 +30,6 @@ pipeline {
         REMOTE_DIR = '/var/www/html/polizia'
 
         ADMIN_EMAIL = 'f.fratini@webmagistri.it'
-
-        // Define the SSH password credential
-        SSH_PASS = credentials('fratini-ssh-password')
     }
 
     stages {
@@ -50,9 +47,6 @@ pipeline {
                 sh 'composer --version || echo "Composer not available locally"'
                 sh 'node --version || echo "Node not available locally"'
                 sh 'npm --version || echo "NPM not available locally"'
-
-                // Verify sshpass is installed
-                sh 'sshpass -V || echo "sshpass not installed"'
             }
         }
 
@@ -87,39 +81,36 @@ pipeline {
             steps {
                 echo "Starting deployment to ${REMOTE_HOST} as user ${REMOTE_USER}"
 
-                // Using environment file approach for password
+                // Using SSH key authentication - no password required
                 sh '''
-                    # Create a temporary password file with correct permissions
-                    echo "${SSH_PASS}" > /tmp/ssh_password
-                    chmod 600 /tmp/ssh_password
+                    # Make sure SSH directory exists with correct permissions
+                    mkdir -p ~/.ssh
+                    chmod 700 ~/.ssh
 
                     # Create remote directory
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "mkdir -p ${REMOTE_DIR}"
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "mkdir -p ${REMOTE_DIR}"
 
                     # Sync files excluding unnecessary ones
-                    sshpass -f /tmp/ssh_password rsync -avz -e "ssh -o StrictHostKeyChecking=no" --exclude '.git' --exclude 'node_modules' --exclude 'vendor' ./ ${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_DIR}/
+                    rsync -avz -e "ssh -o StrictHostKeyChecking=no" --exclude '.git' --exclude 'node_modules' --exclude 'vendor' ./ ${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_DIR}/
 
                     # Run composer install
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && composer install --no-interaction --no-dev --prefer-dist"
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && composer install --no-interaction --no-dev --prefer-dist"
 
                     # Run npm install and build
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && npm install && npm run build"
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && npm install && npm run build"
 
                     # Run Laravel artisan commands
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && php artisan migrate --force && php artisan config:cache && php artisan route:cache && php artisan view:cache && php artisan optimize && php artisan storage:link"
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && php artisan migrate --force && php artisan config:cache && php artisan route:cache && php artisan view:cache && php artisan optimize && php artisan storage:link"
 
                     # Set permissions
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && chmod -R 775 storage bootstrap/cache && sudo chown -R www-data:www-data ."
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && chmod -R 775 storage bootstrap/cache && sudo chown -R www-data:www-data ."
 
                     # Restart services
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "sudo systemctl restart php8.1-fpm || sudo systemctl restart php-fpm || echo 'PHP service restart failed, may need manual intervention'"
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "sudo systemctl restart nginx || echo 'Nginx restart failed, may need manual intervention'"
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "sudo systemctl restart php8.1-fpm || sudo systemctl restart php-fpm || echo 'PHP service restart failed, may need manual intervention'"
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "sudo systemctl restart nginx || echo 'Nginx restart failed, may need manual intervention'"
 
                     # Clear cache
-                    sshpass -f /tmp/ssh_password ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && php artisan cache:clear"
-
-                    # Clean up temporary password file
-                    rm -f /tmp/ssh_password
+                    ssh -o StrictHostKeyChecking=no ${REMOTE_USER}@${REMOTE_HOST} "cd ${REMOTE_DIR} && php artisan cache:clear"
                 '''
             }
         }