diff --git a/.woodpecker/my-first-workflow.yaml b/.woodpecker/my-first-workflow.yaml
index 1036de5a..26b64a76 100644
--- a/.woodpecker/my-first-workflow.yaml
+++ b/.woodpecker/my-first-workflow.yaml
@@ -1,82 +1,122 @@
-# Woodpecker原生顶层字段1：触发条件
+# 触发条件：仅push、manual手动触发，分支限定main（修正格式错误）
 when:
-  event:
-    - push
-    - manual
-  branch: main
+  - event: push
+  - event: manual
+    branch: main
 
-# Woodpecker原生顶层字段2：代码克隆配置
-clone:
-  git:
-    image: woodpeckerci/plugin-git
-    settings:
-      depth: 50
-      lfs: false
-      use-ssh: true
+skip_clone: true
 
-# Woodpecker原生顶层字段3：核心流水线（唯一步骤容器）
-pipeline:
-  # 全局配置（仅在pipeline内，按需修改这4项即可）
-  SCREEN_NAME: logic_service
-  REMOTE_EXE_DIR: /opt/logic
+# 全局配置变量（替换占位符即可使用）
+variables:
+  SCREEN_NAME: "logic_service"
+  REMOTE_EXE_DIR: "/opt/logic"
   JSON_CONFIG_URL: "https://你的JSON配置地址.com/deploy.json"
   LOG_PATH: "$HOME/run.log"
 
-  # 1. 缓存Go依赖（加速构建）
-  cache-go-mod:
-    image: woodpeckerci/plugin-cache
-    settings:
-      mount:
-        - ~/go/pkg/mod
-        - ~/.cache/go-build
-      key: ${CI_OS}-go-${CI_COMMIT_SHA:0:8}
-      restore_keys:
-        - ${CI_OS}-go-
+# 流水线核心步骤：理顺依赖链，确保build依赖clone结果
+steps:
+  # ========== 1. 替代clone：拉取代码（核心依赖） ==========
+  prepare:
+    image: debian:bookworm
+    environment: 
+      from_secret:
+        WOODPECKER_SSH_KEY: WOODPECKER_SSH_KEY
+    commands:
+      - apt update
+      # 安装完整依赖（解决SSH/libcrypto问题）
+      - apt install -y ca-certificates curl git openssh-client openssl libssl-dev
+      # 清理旧SSH文件，严格配置权限
+      - rm -rf /root/.ssh/*
+      - mkdir -p /root/.ssh && chmod 700 /root/.ssh
+      # 写入并清理SSH密钥（兼容RSA/ED25519，保留原始换行）
+  # 替换原echo "$WOODPECKER_SSH_KEY"那行，其余ssh配置不变
+      - echo "$WOODPECKER_SSH_KEY" > /root/.ssh/id_ed25519 && chmod 600 /root/.ssh/id_ed25519
 
-  # 2. 初始化Go环境 & 预下载依赖
+      - chmod 600 /root/.ssh/id_ed25519
+      # 添加GitHub主机密钥（完整覆盖，避免重复）
+      - ssh-keyscan -H github.com > /root/.ssh/known_hosts
+      - chmod 600 /root/.ssh/known_hosts
+
+      - echo "🔍 尝试SSH连接GitHub（详细日志）..."
+      - ssh -vvv -i /root/.ssh/id_ed25519 -o StrictHostKeyChecking=accept-new git@github.com 2>&1
+      # 拉取代码（拆分命令，避免静默失败）
+      - git init
+      - git remote add origin $CI_REPO_CLONE_SSH_URL
+      - git config core.sshCommand 'ssh -i /root/.ssh/id_ed25519'
+      - git fetch origin $CI_REPO_DEFAULT_BRANCH
+      - git checkout $CI_REPO_DEFAULT_BRANCH
+      - echo "✅ 代码拉取完成"
+
+  # ========== 2. 初始化Go环境（依赖prepare：代码拉取完成） ==========
   prepare-go:
     image: golang:1.25
+    depends_on: [prepare]  # 明确依赖：先拉代码，再初始化Go
     commands:
       - go version
       - go mod download -x
+      - go mod verify
+      - echo "✅ Go环境初始化完成"
 
-  # 3. 生成构建版本号（8位短SHA）
+  # ========== 3. 生成版本号（依赖prepare-go：Go环境就绪） ==========
   set-version:
     image: golang:1.25
+    depends_on: [prepare-go]  # 明确依赖：Go环境就绪后生成版本号
     commands:
-      - VERSION="v$(git rev-parse --short=8 HEAD)"
-      - echo "BUILD_VERSION=${VERSION}" >> $CI_ENV_FILE
-      - echo "✅ 生成版本号：${VERSION}"
+      - |
+        if [ -n "${CI_COMMIT_TAG}" ]; then
+          VERSION="${CI_COMMIT_TAG}"
+        else
+          VERSION="v$(git rev-parse --short=8 HEAD)"  # 依赖prepare拉取的代码
+        fi
+        echo "BUILD_VERSION=${VERSION}" >> $CI_ENV_FILE
+        echo "✅ 生成版本号：${VERSION}"
 
-  # 4. 编译Go服务（静态编译，无系统依赖）
-  build-logic:
+  # ========== 4. 编译Go服务（核心依赖：prepare+prepare-go+set-version） ==========
+  build_logic:
     image: golang:1.25
+    depends_on: [set-version]  # 明确依赖：版本号生成后再编译
+    environment:
+      CGO_ENABLED: 0
+      GO111MODULE: on
+      GOSUMDB: off
     commands:
       - mkdir -p build
-      - BIN_NAME="logic_${BUILD_VERSION}"
+      - BIN_NAME="logic_${BUILD_VERSION}"  # 依赖set-version的BUILD_VERSION
       - echo "BIN_NAME=${BIN_NAME}" >> $CI_ENV_FILE
-      - >
-        CGO_ENABLED=0 GO111MODULE=on GOSUMDB=off go build -v
-        -p=4
-        -trimpath
-        -buildvcs=false
-        -ldflags "-s -w -buildid= -extldflags '-static'"
-        -o ./build/${BIN_NAME}
-        ./logic
-      - if [ ! -f ./build/${BIN_NAME} ]; then
+      - |
+        go build -v \
+          -p=4 \
+          -trimpath \
+          -buildvcs=false \
+          -ldflags "-s -w -buildid= -extldflags '-static' -X main.version=${BUILD_VERSION}" \
+          -o ./build/${BIN_NAME} \
+          ./logic  # 依赖prepare拉取的./logic代码目录
+      - |
+        if [ ! -f ./build/${BIN_NAME} ]; then
           echo "❌ 编译失败：产物${BIN_NAME}不存在"
           exit 1
         fi
       - ls -lh ./build/
+      - ./build/${BIN_NAME} -v || true
       - echo "✅ Go服务编译完成"
 
-  # 5. 拉取JSON & 解析服务器/账号/密码/online_id
+  # ========== 5. 拉取部署配置（可并行，依赖prepare确保代码拉取完成） ==========
   fetch-deploy-config:
     image: alpine:latest
+    depends_on: [prepare]  # 确保代码拉取完成后再拉配置
     commands:
       - apk add --no-cache curl jq
       - echo "🔧 拉取部署配置：${JSON_CONFIG_URL}"
-      - curl -sSL ${JSON_CONFIG_URL} -o /tmp/deploy-config.json || { echo "❌ 拉取JSON失败"; exit 1; }
+      - |
+        for i in 1 2 3; do
+          curl -sSL --connect-timeout 10 ${JSON_CONFIG_URL} -o /tmp/deploy-config.json && break
+          echo "⚠️ 第${i}次拉取失败，重试中..."
+          sleep 2
+        done
+        if [ ! -f /tmp/deploy-config.json ]; then
+          echo "❌ 拉取JSON失败"
+          exit 1
+        fi
       - |
         JSON_TYPE=$(jq -r 'type' /tmp/deploy-config.json)
         if [ "$JSON_TYPE" = "array" ]; then
@@ -90,15 +130,21 @@ pipeline:
             REMOTE_PASSWORDS=$(jq -r '.password' /tmp/deploy-config.json)
             REMOTE_ONLINE_IDS=$(jq -r '.online_id' /tmp/deploy-config.json)
         fi
+      - |
+        if [ -z "$REMOTE_HOSTS" ] || [ -z "$REMOTE_USERS" ]; then
+          echo "❌ 解析配置失败：服务器/用户名为空"
+          cat /tmp/deploy-config.json
+          exit 1
+        fi
       - echo "✅ 配置解析完成 | 服务器：${REMOTE_HOSTS} | OnlineID：${REMOTE_ONLINE_IDS}"
       - echo "REMOTE_HOSTS=${REMOTE_HOSTS}" >> $CI_ENV_FILE
       - echo "REMOTE_USERS=${REMOTE_USERS}" >> $CI_ENV_FILE
       - echo "REMOTE_PASSWORDS=${REMOTE_PASSWORDS}" >> $CI_ENV_FILE
       - echo "REMOTE_ONLINE_IDS=${REMOTE_ONLINE_IDS}" >> $CI_ENV_FILE
 
-  # 6. SCP推送产物到远程服务器（密码认证）
+  # ========== 6. SCP推送产物（依赖编译+配置解析） ==========
   scp-exe-to-servers:
-    image: appleboy/drone-scp
+    image: appleboy/drone-scp:1.6.2
     settings:
       host: ${REMOTE_HOSTS}
       username: ${REMOTE_USERS}
@@ -107,21 +153,22 @@ pipeline:
       target: ${REMOTE_EXE_DIR}/
       strip_components: 1
       skip_verify: true
+      timeout: 30s
     depends_on:
-      - build-logic
+      - build_logic
       - fetch-deploy-config
 
-  # 7. 远程部署：安装Screen + 优雅启动 + 状态验证
+  # ========== 7. 远程部署（依赖SCP推送） ==========
   deploy-to-servers:
-    image: appleboy/drone-ssh
+    image: appleboy/drone-ssh:1.7.0
     settings:
       host: ${REMOTE_HOSTS}
       username: ${REMOTE_USERS}
       password: ${REMOTE_PASSWORDS}
       skip_verify: true
+      timeout: 60s
       script:
         - |
-          # 检查/安装Screen（兼容apt/yum/dnf）
           if command -v screen &> /dev/null; then
               echo "✅ Screen已安装"
           else
@@ -152,12 +199,12 @@ pipeline:
               echo "❌ 启动失败，无${SCREEN_NAME}会话"
               screen -ls && exit 1
           fi
-    depends_on:
-      - scp-exe-to-servers
+    depends_on: [scp-exe-to-servers]
 
-  # 8. 打印部署完成汇总
+  # ========== 8. 打印部署汇总（依赖部署完成） ==========
   print-deploy-info:
     image: alpine:latest
+    depends_on: [deploy-to-servers]
     commands:
       - echo "======================================"
       - echo "🎉 全量部署完成！"
@@ -170,5 +217,3 @@ pipeline:
       - echo "📌 日志路径：${LOG_PATH}"
       - echo "📌 对应Commit：${CI_COMMIT_SHA}"
       - echo "======================================"
-    depends_on:
-      - deploy-to-servers