diff --git a/.github/actions/setup-linux/action.yml b/.github/actions/setup-linux/action.yml index 0ef1ea3c22..046284ab09 100644 --- a/.github/actions/setup-linux/action.yml +++ b/.github/actions/setup-linux/action.yml @@ -13,7 +13,7 @@ runs: # Pulled from instance metadata endpoint for EC2 # see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html category=$1 - curl -fsSL "http://169.254.169.254/latest/meta-data/${category}" + curl -H "X-aws-ec2-metadata-token: $(curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")" -fsSL "http://169.254.169.254/latest/meta-data/${category}" } echo "ami-id: $(get_ec2_metadata ami-id)" echo "instance-id: $(get_ec2_metadata instance-id)" diff --git a/.github/actions/setup-windows/action.yml b/.github/actions/setup-windows/action.yml index a4cbd60457..74cbcb486c 100644 --- a/.github/actions/setup-windows/action.yml +++ b/.github/actions/setup-windows/action.yml @@ -18,7 +18,7 @@ runs: # Pulled from instance metadata endpoint for EC2 # see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html category=$1 - curl -fsSL "http://169.254.169.254/latest/meta-data/${category}" + curl -H "X-aws-ec2-metadata-token: $(curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")" -fsSL "http://169.254.169.254/latest/meta-data/${category}" } echo "ami-id: $(get_ec2_metadata ami-id)" echo "instance-id: $(get_ec2_metadata instance-id)" diff --git a/setup-ssh/src/ec2-utils.ts b/setup-ssh/src/ec2-utils.ts index 7c53b7b73e..c858197428 100644 --- a/setup-ssh/src/ec2-utils.ts +++ b/setup-ssh/src/ec2-utils.ts @@ -6,9 +6,28 @@ export async function getEC2Metadata(category: string): Promise { allowRetries: true, maxRetries }) + // convert these two curls: + // curl -H "X-aws-ec2-metadata-token: $(curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")" -fsSL "http://169.254.169.254/latest/meta-data/${category}" + const tokenResponse = await http.put( + `http://169.254.169.254/latest/api/token`, undefined, { + headers: { + 'X-aws-ec2-metadata-token-ttl-seconds': '30' + } + } + ) + + if (tokenResponse.message.statusCode !== 200) { + return '' + } + const resp = await http.get( - `http://169.254.169.254/latest/meta-data/${category}` + `http://169.254.169.254/latest/meta-data/${category}`, { + headers: { + 'X-aws-ec2-metadata-token': tokenResponse.result + } + } ) + if (resp.message.statusCode !== 200) { return '' }