diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 72411cc..52e4552 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -49,13 +49,19 @@ jobs:
             --wait
       - name: Create Airflow git-sync SSH secret
         if: ${{ inputs.service == 'all' || inputs.service == 'airflow' }}
+        env:
+          SSH_KEY: ${{ secrets.AIRFLOW_GITSYNC_SSH_KEY }}
         run: |
           kubectl create namespace airflow --dry-run=client -o yaml | kubectl apply -f -
+          printf '%s' "$SSH_KEY" | base64 -d > /tmp/gitSshKey
+          chmod 600 /tmp/gitSshKey
+          ssh-keyscan github.com 2>/dev/null > /tmp/known_hosts
           kubectl create secret generic airflow-gitsync-ssh \
-            --from-literal=gitSshKey="$(echo ${{ secrets.AIRFLOW_GITSYNC_SSH_KEY }} | base64 -d)" \
-            --from-literal=known_hosts="$(echo ${{ secrets.AIRFLOW_GITSYNC_KNOWN_HOSTS }} | base64 -d)" \
+            --from-file=gitSshKey=/tmp/gitSshKey \
+            --from-file=known_hosts=/tmp/known_hosts \
             --namespace airflow \
             --dry-run=client -o yaml | kubectl apply -f -
+          rm -f /tmp/gitSshKey /tmp/known_hosts
       - name: Deploy Airflow
         if: ${{ inputs.service == 'all' || inputs.service == 'airflow' }}
         run: |