From 2810be58afefcd8e257074a1311e24c10072507c Mon Sep 17 00:00:00 2001
From: Haitao Pan <manbuzhe2009@qq.com>
Date: Thu, 19 Mar 2026 08:37:42 +0800
Subject: [PATCH] fix(ci): read single-node ssh key from org secret

---
 .github/workflows/service_release_frontend-deploy.yml | 2 +-
 docs/plans/2026-03-18-frontend-single-node-deploy.md  | 2 +-
 docs/usage/deployment.md                              | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/service_release_frontend-deploy.yml b/.github/workflows/service_release_frontend-deploy.yml
index 14744ef..0920ae8 100644
--- a/.github/workflows/service_release_frontend-deploy.yml
+++ b/.github/workflows/service_release_frontend-deploy.yml
@@ -149,7 +149,7 @@ jobs:
           GHCR_REGISTRY: ${{ env.GHCR_REGISTRY }}
           GHCR_USERNAME: ${{ env.GHCR_USERNAME }}
           GHCR_PASSWORD: ${{ secrets.GHCR_TOKEN }}
-          SINGLE_NODE_VPS_SSH_PRIVATE_KEY: ${{ secrets.FRONTEND_DEPLOY_SSH_KEY }}
+          SINGLE_NODE_VPS_SSH_PRIVATE_KEY: ${{ secrets.SINGLE_NODE_VPS_SSH_PRIVATE_KEY || secrets.FRONTEND_DEPLOY_SSH_KEY }}
           FRONTEND_IMAGE: ${{ needs.stage-1-build-image.outputs.image_ref }}
           APP_BASE_URL: ${{ vars.APP_BASE_URL || format('https://{0}', env.PRIMARY_DOMAIN) }}
           NEXT_PUBLIC_APP_BASE_URL: ${{ vars.NEXT_PUBLIC_APP_BASE_URL || format('https://{0}', env.PRIMARY_DOMAIN) }}
diff --git a/docs/plans/2026-03-18-frontend-single-node-deploy.md b/docs/plans/2026-03-18-frontend-single-node-deploy.md
index 781973b..35b1e05 100644
--- a/docs/plans/2026-03-18-frontend-single-node-deploy.md
+++ b/docs/plans/2026-03-18-frontend-single-node-deploy.md
@@ -208,7 +208,7 @@ This avoids rebuilding and keeps rollback cheap on the weak-IO host.
 
 Secrets must not be committed to the repo. The workflow should consume:
 
-- `FRONTEND_DEPLOY_SSH_KEY`
+- `SINGLE_NODE_VPS_SSH_PRIVATE_KEY`
 - service tokens
 - vault tokens
 - internal service token
diff --git a/docs/usage/deployment.md b/docs/usage/deployment.md
index 0828528..5a9f65c 100644
--- a/docs/usage/deployment.md
+++ b/docs/usage/deployment.md
@@ -62,7 +62,7 @@ Workflow:
 
 Secrets required:
 
-- `FRONTEND_DEPLOY_SSH_KEY`
+- `SINGLE_NODE_VPS_SSH_PRIVATE_KEY`
 - `OPENCLAW_GATEWAY_TOKEN` if used
 - `VAULT_TOKEN` if used
 - `AI_GATEWAY_ACCESS_TOKEN` if used