diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 9fbcd0d..5b19906 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -40,8 +40,8 @@ jobs:
         ECR_REPOSITORY: hello-world
         IMAGE_TAG: ${{ github.sha }}
       run: |
-        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:latest .
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }} .
+        docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.sha }}
 
     - name: Deploy to EC2
       env:
@@ -50,15 +50,13 @@ jobs:
         IMAGE_TAG: ${{ github.sha }}
         SSH_KEY_PATH: C:/Users/Sylvain/.ssh/my-key-pair
       run: |
+        echo $ECR_REGISTRY $ECR_REPOSITORY $IMAGE_TAG
         INSTANCE_IDS=$(aws ec2 describe-instances --filters "Name=tag:Name,Values=backend-instance-*" --query "Reservations[*].Instances[*].InstanceId" --output text)
         for INSTANCE_ID in $INSTANCE_IDS; do
           PUBLIC_IP=$(aws ec2 describe-instances --instance-ids $INSTANCE_ID --query "Reservations[*].Instances[*].PublicIpAddress" --output text)
           echo "Connecting to $PUBLIC_IP"
-          ssh -o StrictHostKeyChecking=no -i "$SSH_KEY_PATH" ec2-user@$PUBLIC_IP << EOF
-          sudo docker login --username AWS --password-stdin $ECR_REGISTRY <<< $(aws ecr get-login-password --region us-east-1)
-          sudo docker pull $ECR_REGISTRY/$ECR_REPOSITORY:latest
-          sudo docker run -d -p 80:8080 $ECR_REGISTRY/$ECR_REPOSITORY:latest
-EOF
+          scp -o StrictHostKeyChecking=no -i "$SSH_KEY_PATH" deploy.sh ec2-user@$PUBLIC_IP:/home/ec2-user/deploy.sh
+          ssh -o StrictHostKeyChecking=no -i "$SSH_KEY_PATH" ec2-user@$PUBLIC_IP "bash /home/ec2-user/deploy.sh $ECR_REGISTRY $ECR_REPOSITORY $IMAGE_TAG"
         done
 
   test:
diff --git a/deploy.sh b/deploy.sh
new file mode 100644
index 0000000..07d982c
--- /dev/null
+++ b/deploy.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+# deploy.sh
+
+ECR_REGISTRY=$1
+ECR_REPOSITORY=$2
+IMAGE_TAG=$3
+
+# Connecter à ECR
+aws ecr get-login-password --region us-east-1 | sudo docker login --username AWS --password-stdin $ECR_REGISTRY
+
+# Tirer l'image Docker
+sudo docker pull $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+
+# Démarrer le conteneur
+sudo docker run -d -p 80:8080 $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
\ No newline at end of file