Add action to prepare for EKS metadata

.github/workflows/shared-run-e2e-tests.yaml

@@ -188,6 +188,15 @@ jobs:
           admin_root: ${{ inputs.admin_root }}
           aws_pcr0: ${{ inputs.aws_pcr0 }}
 
+      - name: Prepare EKS metadata
+        id: prepare_eks_metadata
+        if: ${{ inputs.operator_type == 'eks' }}
+        uses: IABTechLab/uid2-shared-actions/actions/prepare_eks_metadata@kcc-UID2-3783-e2e-test-for-eks
+        with:
+          operator_image_version: ${{ inputs.operator_image_version }}
+          admin_root: ${{ inputs.admin_root }}
+          aws_pcr0: 6a1e54ed1480467bf2d4e2570c69f690f1a61ec0ee7cba581b9bf7234028d3128bd625a230de99c70d22cdd758a5b2d3
+
       - name: Bring up Docker Compose
         id: docker-compose
         env:
@@ -255,7 +264,7 @@ jobs:
           identity_scope: ${{ inputs.uid2_e2e_identity_scope }}
           operator_image_version: ${{ inputs.operator_image_version }}
           operator_root: ${{ inputs.operator_root }}
-          admin_root: ${{ inputs.admin_root }}
+          operator_key: ${{ steps.prepare_eks_metadata.outputs.operator_key }}
 
       - name: Decide E2E test environment variables
         id: decide_env_var

actions/prepare_eks_metadata/action.yaml

@@ -0,0 +1,32 @@
+name: Prepare AWS Metadata
+description: Prepares the AWS Nitro enclave metadata
+
+inputs:
+  operator_image_version:
+    description: The uid2-operator image version
+    default: latest
+  admin_root:
+    description: The root path for uid2-admin folder
+    default: uid2-admin
+  aws_pcr0:
+    description: The AWS PCR0
+    required: true
+
+outputs:
+  operator_key:
+    description: The operator key
+    value: ${{ steps.enclave_metadata.outputs.OPERATOR_KEY }}
+
+runs:
+  using: "composite"
+
+  steps:
+    - name: Prepare EKS enclave metadata
+      id: enclave_metadata
+      shell: bash
+      env:
+        ADMIN_ROOT: ${{ inputs.admin_root }}
+        ENCLAVE_ID: ${{ inputs.aws_pcr0 }}
+        ENCLAVE_PROTOCOL: aws-nitro
+      run: |
+        bash uid2-shared-actions/scripts/save_enclave_id_to_admin.sh

actions/start_eks_operator/action.yaml

@@ -20,9 +20,9 @@ inputs:
   operator_root:
     description: The root path for uid2-operator folder
     default: uid2-operator
-  admin_root:
-    description: The root path for uid2-admin folder
-    default: uid2-admin
+  operator_key:
+    description: The operator key
+    required: true
 
 # outputs:
 #   aws_stack_name:
@@ -55,7 +55,7 @@ runs:
       id: create_secrets
       shell: bash
       env:
-        ADMIN_ROOT: ${{ inputs.admin_root }}
+        OPERATOR_KEY: ${{ inputs.operator_key }}
         BORE_URL_CORE: ${{ inputs.bore_url_core }}
         BORE_URL_OPTOUT: ${{ inputs.bore_url_optout }}
       run: |

scripts/eks/create_secret_in_k8.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 set -ex
 
-if [ -z "${ADMIN_ROOT}" ]; then
-  echo "ADMIN_ROOT can not be empty"
+if [ -z "${OPERATOR_KEY}" ]; then
+  echo "OPERATOR_KEY can not be empty"
   exit 1
 fi
 
@@ -18,12 +18,6 @@ fi
 
 source "uid2-shared-actions/scripts/jq_helper.sh"
 
-ENCLAVE_PROTOCOL="aws-nitro"
-METADATA_ROOT="${ADMIN_ROOT}/src/main/resources/localstack/s3/core"
-OPERATOR_FILE="${METADATA_ROOT}/operators/operators.json"
-# Fetch operator key
-OPERATOR_KEY=$(jq -r '.[] | select(.protocol=="'${ENCLAVE_PROTOCOL}'") | .key' ${OPERATOR_FILE})
-
 SECRET_JSON_FILE="uid2-shared-actions/scripts/eks/secret.json"
 
 jq_string_update ${SECRET_JSON_FILE} core_base_url "http://${BORE_URL_CORE}"

scripts/save_enclave_id_to_admin.sh

@@ -26,6 +26,7 @@ OPERATOR_KEY=$(jq -r '.[] | select(.protocol=="'${ENCLAVE_PROTOCOL}'") | .key' $
 
 # Update enclave ID
 cat <<< $(jq '(.[] | select((.protocol=="'${ENCLAVE_PROTOCOL}'") and (.name | test(".*Debug.*") | not)) | .identifier) |="'${ENCLAVE_ID}'"' ${ENCLAVE_FILE}) > ${ENCLAVE_FILE}
+cat ${ENCLAVE_FILE}
 
 # Export to GitHub output
 echo "OPERATOR_KEY=${OPERATOR_KEY}"