.Best way to implement continuous deployment with private flake

I want to auto-update a flake based project on a NixOS system when we push to our repository in github. .

The current system runs on NixOS with a module provided by the flake contained in the repository. Essentially I though I would just want a self-hosted github-runner on NixOS to run the following commands.

cd /etc/nixos
nix flake update
nixos-rebuild switch

I think that would work but my flake is in a private repository, I use it like so in my /etc/nixos/flake.nix :

{
  inputs = {
    myPrivateRepository.url = "git+ssh://git@github.com/nemears/privateRepository";
  };
  ...
}

So when the github-runner runs it fails because it cannot find ssh when running nix flake update:

error: cannot run ssh: No such file or directory
fatal: unable to fork

warning: could not read HEAD ref from repo at 'ssh://git@github.com/nemears/privateRepository', using 'master'

error: cannot run ssh: No such file or directory
fatal: unable to fork
...

I’m not sure if this is expected behavior, i have ssh enabled on my system and when i run nix flake update using sudo from a normal user it can update the flake just fine.

I guess what I’m wondering is, am I taking the right approach, is this just a bug with the github-runner service or would there be a better way to go about continuous deployment with a flake to some server / cloud. I might be close and just need to figure out how to get ssh working.