Move encryption to ESCDA for FIPS compliance

Andrew Leaperrequested to merge
aleaper5000/fargate:change-ssh-encryption-fips into master
  • Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you can request access to GitLab Duo.

What does this MR do?

Changes the Executors SSH key generation for SSH from ed25519 to ecdsa, this will allow the plugin to support fip compliant environments.

Why was this MR needed?

This allows the plugin to not be restricted to non-fip compliant environment, ecdsa is supports in both fips and non-fips.

What's the best way to test this MR?

enable FIPS on the gitlab-runner OS and push a job in gitlab to trigger the fargate executor plugin.
In the docker-entryscript you can run a cat on the .ssh/authorized_keys file to see the key added is ecdsa and not ed25519

What are the relevant issue numbers?

close #85

Edited by Romuald Atchadé

Merge request reports