Refresh team keys for each runner

2024-11-22 07:31:57 +00:00 · 2022-06-27 14:45:50 +02:00 · 2022-06-27 14:45:50 +02:00 · f2611c3707
commit f2611c3707
parent 9dffe573bb
2 changed files with 7 additions and 2 deletions
--- a/tests/ci/worker/init_runner.sh
+++ b/tests/ci/worker/init_runner.sh
@ -26,6 +26,11 @@ export LABELS
 aws ssm get-parameter --region us-east-1 --name AmazonCloudWatch-github-runners --query 'Parameter.Value' --output text > /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
 systemctl restart amazon-cloudwatch-agent.service
 # Refresh teams ssh keys
 TEAM_KEYS_URL=$(aws ssm get-parameter --region us-east-1 --name team-keys-url --query 'Parameter.Value' --output=text)
 curl "${TEAM_KEYS_URL}" > /home/ubuntu/.ssh/authorized_keys2
 chown ubuntu: /home/ubuntu/.ssh -R
 # Create a pre-run script that will restart docker daemon before the job started
 mkdir -p /tmp/actions-hooks
--- a/tests/ci/worker/ubuntu_ami_for_ci.sh
+++ b/tests/ci/worker/ubuntu_ami_for_ci.sh
@ -98,8 +98,8 @@ rm -rf /home/ubuntu/awscliv2.zip /home/ubuntu/aws
 mkdir -p /home/ubuntu/.ssh
 # ~/.ssh/authorized_keys is cleaned out, so we use deprecated but working  ~/.ssh/authorized_keys2
-aws lambda invoke --region us-east-1 --function-name team-keys-lambda /tmp/core.keys
+TEAM_KEYS_URL=$(aws ssm get-parameter --region us-east-1 --name team-keys-url --query 'Parameter.Value' --output=text)
-jq < /tmp/core.keys -r '.body' > /home/ubuntu/.ssh/authorized_keys2
+curl "${TEAM_KEYS_URL}" > /home/ubuntu/.ssh/authorized_keys2
 chown ubuntu: /home/ubuntu/.ssh -R
 chmod 0700 /home/ubuntu/.ssh