feat: use SSH host certificates (#3786)

.github/actions/e2e_emergency_ssh/action.yml

@@ -23,19 +23,21 @@ runs:
         lb="$(terraform output -raw loadbalancer_address)"
         popd
 
+        lb_ip="$(gethostip $lb | awk '{print $2}')"
+        echo "Resolved ip of load balancer: $lb_ip"
+
         # write ssh config
         cat > ssh_config <<EOF
-        Host $lb
+        Host $lb_ip
           ProxyJump none
 
         Host *
-          StrictHostKeyChecking no
-          UserKnownHostsFile=/dev/null
           IdentityFile ./access-key
           PreferredAuthentications publickey
           CertificateFile=constellation_cert.pub
+          UserKnownHostsFile=./known_hosts
           User root
-          ProxyJump $lb
+          ProxyJump $lb_ip
         EOF
 
         for i in {1..26}; do

.github/actions/e2e_test/action.yml

@@ -150,7 +150,9 @@ runs:
     - name: Setup bazel
       uses: ./.github/actions/setup_bazel_nix
       with:
-        nixTools: terraform
+        nixTools: |
+          terraform
+          syslinux
 
     - name: Log in to the Container registry
       uses: ./.github/actions/container_registry_login
@@ -452,7 +454,7 @@ runs:
         s3AccessKey: ${{ inputs.s3AccessKey }}
         s3SecretKey: ${{ inputs.s3SecretKey }}
         githubToken: ${{ inputs.githubToken }}
-    
+
     - name: Run emergency ssh test
       if: inputs.test == 'emergency ssh'
       uses: ./.github/actions/e2e_emergency_ssh