I’m wondering if people have a good strategy around this topic.
Background:
I finally got the deploy job in my pipeline solid. BUT I feel like I cheated and I feel dirty. I make my remote server so I could log in directly as root! 
I’m sure the security guys at work would start beating me…luckily this is just my personal project.
Question:
Are there any correct strategies to have a runner deploy to a remote server a Docker image and start it without logging into that server directly as root? I guess I could add yet another CI Variable (Hidden) and pass that via sudo but that just feels like I’m pushing the problem around.
Am I doing this right using root? Or is there a better solution?
BTW…I am at least using PermitRootLogin without-password.