refactor: switch ssh remote variable passing to positional arguments for deploy-qa pipeline

.gitea/workflows/deploy-qa.yml

@@ -55,40 +55,48 @@ jobs:
     needs: build-and-push
     steps:
       - name: Deploy via SSH
-        env:
-          DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
-          DEPLOY_PASSPHRASE: ${{ secrets.DEPLOY_PASSPHRASE }}
         run: |
           set -euo pipefail
           IMAGE_TAG="${{ needs.build-and-push.outputs.image_tag }}"
 
-          printf '%s\n' "$DEPLOY_SSH_KEY" > /tmp/deploy_key
-          chmod 600 /tmp/deploy_key
-          printf '%s\n' "$DEPLOY_PASSPHRASE" > /tmp/passphrase
-
-          sudo apt-get update -qq && sudo apt-get install -y -qq sshpass
+          eval $(ssh-agent -s)
+          echo "${{ secrets.DEPLOY_SSH_KEY }}" | ssh-add -
 
+          mkdir -p ~/.ssh
           ssh-keyscan -H ${{ secrets.DEPLOY_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
 
-          sshpass -f /tmp/passphrase ssh -i /tmp/deploy_key \
-            -o StrictHostKeyChecking=no \
-            ${{ secrets.DEPLOY_USERNAME }}@${{ secrets.DEPLOY_HOST }} bash -s \
-            -e REGISTRY_URL=${{ env.REGISTRY_URL }} \
-            -e IMAGE_NAME=${{ env.IMAGE_NAME }} \
-            -e IMAGE_TAG=${IMAGE_TAG} \
-            -e GIT_SHA=${{ gitea.sha }} \
-            -e GIT_BRANCH=dev \
-            -e GITEA_ACTOR=${{ gitea.actor }} \
-            -e BUILD_NUMBER=${{ gitea.run_id }} \
-            -e TOKEN=${{ secrets.TOKEN }} << 'EOF'
+          # 1. Pasamos las variables como argumentos en el mismo orden
+          ssh ${{ secrets.DEPLOY_USERNAME }}@${{ secrets.DEPLOY_HOST }} bash -s \
+            "${{ env.REGISTRY_URL }}" \
+            "${{ env.IMAGE_NAME }}" \
+            "${IMAGE_TAG}" \
+            "${{ gitea.sha }}" \
+            "${{ gitea.actor }}" \
+            "${{ gitea.run_id }}" \
+            "${{ secrets.TOKEN }}" << 'EOF'
             set -euo pipefail
+            
+            # 2. Las recibimos dentro de la sesión remota
+            REGISTRY_URL=$1
+            IMAGE_NAME=$2
+            IMAGE_TAG=$3
+            GIT_SHA=$4
+            GITEA_ACTOR=$5
+            BUILD_NUMBER=$6
+            TOKEN=$7
+            
+            # Variables locales del script
+            GIT_BRANCH="dev"
             BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+            
             echo "Pulling image..."
             echo "$TOKEN" | docker login $REGISTRY_URL -u $GITEA_ACTOR --password-stdin
             docker pull $REGISTRY_URL/$IMAGE_NAME:$IMAGE_TAG
+            
             echo "Stopping existing container..."
             docker stop cicd-qa 2>/dev/null || true
             docker rm cicd-qa 2>/dev/null || true
+            
             echo "Starting new container..."
             docker run -d --name cicd-qa --restart unless-stopped -p 8081:80 \
               -e APP_ENV=qa \
@@ -99,6 +107,7 @@ jobs:
               -e DEPLOY_TIME=${BUILD_DATE} \
               -e BUILD_NUMBER=${BUILD_NUMBER} \
               $REGISTRY_URL/$IMAGE_NAME:$IMAGE_TAG
+              
             echo "Waiting for health check..."
             for i in $(seq 1 12); do
               if curl -sf http://localhost:8081/health > /dev/null 2>&1; then
@@ -110,5 +119,3 @@ jobs:
             echo "::error::QA health check failed"
             exit 1
           EOF
-
-