With the solution presented it is all automatic on git push; I don't have to run the script manually. So, I think perhaps you've misunderstood some of the post.
You suggest doing an automatic upload (which could only be done from specific machines) and I'm doing an automatic download (to the target server, so changes can be pushed from any machine!)
How is al of this easer than just having a script that uses ftp/sftp/rclone/rsync/webDav to upload ht images to the CDN?
You could make it part of your publishing step, so you would not have to run the script yourself every time.