Update gitlab.com/gitlab-org/fleeting/fleeting version and other deps
What does this MR do?
This pulls in gitlab-org/fleeting/fleeting!49 (merged) and other Go libraries.
Why was this MR needed?
Some AMIs may only support diffie-hellman-group-exchange-sha256 as an SSH key exchange.
What's the best way to test this MR?
- See how to install the AWS fleeting plugin: https://docs.gitlab.com/runner/fleet_scaling/fleeting.html#install-a-fleeting-plugin, https://docs.gitlab.com/runner/executors/docker_autoscaler.html
- I used the config:
[[runners]
<snip>
executor = "docker-autoscaler"
[runners.autoscaler]
plugin = "aws"
capacity_per_instance = 1
max_use_count = 4
max_instances = 4
[runners.autoscaler.plugin_config] # plugin specific configuration (see plugin documentation)
name = "stanhu-autoscaling-group1" # AWS Autoscaling Group name
profile = "default" # optional, default is 'default'
[runners.autoscaler.connector_config]
username = "ubuntu"
use_external_addr = false
[[runners.autoscaler.policy]]
idle_count = 1
idle_time = "20m0s"- I set up an inline policy for my EC2 instance role with the permissions: https://gitlab.com/gitlab-org/fleeting/plugins/aws
- I created a launch template that used
ami-083892fc5e6c5c027(Ubuntu AMI with Docker) from https://gitlab.com/gitlab-org/ci-cd/runner-tools/grit/-/blob/main/modules/aws/ami_lookup/manifest.json?ref_type=heads. - In the launch template data section, I added:
#!/bin/bash
echo "KexAlgorithms diffie-hellman-group-exchange-sha256" >> /etc/ssh/sshd_config
systemctl restart sshd- I verified the instance didn't accept any other key exchanges:
ssh -o KexAlgorithms=ecdh-sha2-nistp256 -o IdentitiesOnly=true -i my-creds.pem ubuntu@18.x.x.x
Unable to negotiate with 18.x.x.x port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,kex-strict-s-v00@openssh.com- With GitLab Runner 17.6.0, I see:
- With this branch, it works:
What are the relevant issue numbers?
Edited by Stan Hu