diff --git a/.woodpecker.yml b/.woodpecker.yml
index 56c0b7e..4700353 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -1,8 +1,20 @@
 # =============================================================================
 # Single pipeline – all event types handled via step-level when conditions:
-#   pull_request  → syntax-check, validate, drift-check
+#
+#   pull_request  → syntax-check, validate
+#                   ONLY validates config correctness.
+#                   Does NOT compare to the live server – a PR branch is
+#                   expected to differ from the server (not yet deployed),
+#                   so a drift-check here would always be OUT_OF_SYNC by
+#                   design and is meaningless as a failure signal.
+#
 #   push (master) → syntax-check, validate, deploy, update-sync-metric
+#                   Deploys to the server, then verifies sync and pushes metric.
+#
 #   cron          → gitops_sync_check (read-only drift check, no deploy)
+#                   Continuously verifies that the live server still matches
+#                   Git even when no push has happened. Detects manual edits
+#                   made directly on the server.
 #
 # NOTE: Woodpecker does not support multiple YAML documents (---) in one file.
 #       All pipelines must live in a single document with step-level filtering.
@@ -48,24 +60,6 @@ steps:
       - event: push
         branch: master
 
-  # ---------------------------------------------------------------------------
-  # drift-check: Compare server config to Git – runs on pull_request only
-  # ---------------------------------------------------------------------------
-  drift-check:
-    image: alpine/ansible:latest
-    depends_on: [syntax-check]
-    environment:
-      ANSIBLE_CONFIG: ansible.cfg
-      SSH_PRIVATE_KEY:
-        from_secret: SSH_PRIVATE_KEY
-    commands:
-      - mkdir -p ~/.ssh
-      - printf '%s\n' "$${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa
-      - chmod 600 ~/.ssh/id_rsa
-      - ansible-playbook -i ansible/inventory/hosts.yml ansible/playbooks/drift-check.yml
-    when:
-      event: pull_request
-
   # ---------------------------------------------------------------------------
   # deploy: Apply Git configuration to server – runs on push to master only
   # ---------------------------------------------------------------------------