Use test nitro-cli in pod

thomasm-ttd · thomasm-ttd · commit 397f69f9f270 · 2024-11-19T14:03:40.000+11:00
diff --git a/.github/actions/build_eks_docker_image/action.yaml b/.github/actions/build_eks_docker_image/action.yaml
@@ -104,6 +104,7 @@ runs:
         cp -r ./scripts/aws/eks-pod/* ${{ inputs.artifacts_output_dir }}
         cp -r ./scripts/aws/syslog-ng/server_al_2023/* ${{ inputs.artifacts_output_dir }}/server_al_2023
         cp ./scripts/aws/eks-pod/server_al_2023/syslog-ng-server.conf ${{ inputs.artifacts_output_dir }}/syslog-ng-server.conf
+        cp ./scripts/aws/pipeline/enclave-cli-1.5.3rc.zip ${{ inputs.artifacts_output_dir }}/enclave-cli-1.5.3rc.zip
         ls -l ${{ inputs.artifacts_output_dir }}
 
     - name: Check disk usage
diff --git a/.github/workflows/publish-aws-eks-nitro-enclave-docker.yaml b/.github/workflows/publish-aws-eks-nitro-enclave-docker.yaml
@@ -38,7 +38,7 @@ jobs:
     steps:
       - name: Build Docker Image for EKS Pod
         id: build_docker_image_uid
-        uses: IABTechLab/uid2-operator/.github/actions/build_eks_docker_image@main
+        uses: IABTechLab/uid2-operator/.github/actions/build_eks_docker_image@tjm-test-aws-custom-eif
         with:
           identity_scope: uid2
           artifacts_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2
@@ -63,7 +63,7 @@ jobs:
     steps:
       - name: Build Docker Image for EKS Pod
         id: build_docker_image_euid
-        uses: IABTechLab/uid2-operator/.github/actions/build_eks_docker_image@main
+        uses: IABTechLab/uid2-operator/.github/actions/build_eks_docker_image@tjm-test-aws-custom-eif
         with:
           identity_scope: euid
           artifacts_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid
diff --git a/scripts/aws/eks-pod/Dockerfile b/scripts/aws/eks-pod/Dockerfile
@@ -1,12 +1,13 @@
 FROM amazonlinux:2023
-RUN dnf check-update && dnf update && dnf install nmap-ncat libxcrypt-compat python3 aws-nitro-enclaves-cli logrotate iproute net-tools python3.11 python3.11-pip shadow-utils -y
+RUN dnf check-update && dnf update && dnf install nmap-ncat libxcrypt-compat python3 logrotate iproute net-tools python3.11 python3.11-pip shadow-utils -y
 
 ARG IVYKIS_RPM="ivykis-0.43-1.amzn2023.x86_64.rpm"
 ARG LIBNET_RPM="libnet-1.2-2.amzn2023.0.2.x86_64.rpm"
 ARG PUBKEY="pubkey.gpg"
 ARG SYSLOG_NG_RPM="syslog-ng-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm"
 ARG SYSLOG_NG_LOGROTATE_RPM="syslog-ng-logrotate-4.7.1.104.gcc5a7d9-1.amzn2023.x86_64.rpm"
 
+COPY ./enclave-cli-1.5.3rc.zip /home/enclave-cli-1.5.3rc.zip
 COPY ./sockd /home/
 COPY ./sockd_eks.conf /etc/sockd.conf
 COPY ./vsockpx /home
@@ -31,7 +32,12 @@ COPY ./entrypoint.sh /home/
 COPY ./uid2operator.eif /home/
 COPY ./proxies.host.yaml /home/proxies.host.yaml
 
-RUN chmod +x /home/vsockpx && chmod +x /home/entrypoint.sh && chmod +x /home/sockd
+RUN chmod +x /home/vsockpx && chmod +x /home/entrypoint.sh && chmod +x /home/sockd && chmod +rwx /home/enclave-cli-1.5.3rc.zip
+
+RUN unzip /enclave-cli-1.5.3rc.zip -d /home/tmp/
+RUN chmod a+rwx /home/tmp/enclave-cli-1.5.3rc/* 
+RUN dnf install -y /home/tmp/enclave-cli-1.5.3rc/aws-nitro-enclaves-cli-1.3.5-0.amzn2023.x86_64.rpm 
+RUN dnf install -y /home/tmp/enclave-cli-1.5.3rc/aws-nitro-enclaves-cli-devel-1.3.5-0.amzn2023.x86_64.rpm 
 
 COPY ./app.py /home/config-server/
 COPY ./requirements.txt /home/config-server/
