From 7ef52bcd1bdaa73cd708d5520086ceef595d570a Mon Sep 17 00:00:00 2001
From: Brandon Stoll <bstoll@users.noreply.github.com>
Date: Fri, 1 Mar 2024 11:59:04 -0800
Subject: [PATCH] Add SSH key caching from secret manager (#2748)

---
 cloudbuild/virtual.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/cloudbuild/virtual.yaml b/cloudbuild/virtual.yaml
index 0d541ff574a..217fb51cabb 100644
--- a/cloudbuild/virtual.yaml
+++ b/cloudbuild/virtual.yaml
@@ -1,10 +1,15 @@
 steps:
+  - id: fetch-secrets
+    name: gcr.io/cloud-builders/gcloud
+    script: |
+      gcloud secrets versions access latest --secret=featureprofiles-ci-ssh > builder-key
+      gcloud secrets versions access latest --secret=featureprofiles-ci-ssh-pub > builder-key.pub
   - id: fp-presubmit
     name: gcr.io/${PROJECT_ID}/remote-builder
     waitFor: ["-"]
     env:
       - USERNAME=user
-      - SSH_ARGS=--internal-ip --ssh-key-expire-after=1d
+      - SSH_ARGS=--internal-ip
       - INSTANCE_NAME=fp-presubmit-${BUILD_ID}
       - INSTANCE_ARGS=--network cloudbuild-workers --image-project gep-kne --image-family kne --machine-type ${_MACHINE_TYPE} ${_MACHINE_ARGS} --boot-disk-size 200GB --service-account=fp-kne@disco-idea-817.iam.gserviceaccount.com --scopes=default,compute-rw
       - ZONE=us-west1-a