How does Drone autoscaler verify the host fingerprints of servers it connects to?

I’m looking into setting up Drone Autoscaler on Hetzner, but before I actually do, I was wondering how Drone Autoscaler verifies the host fingerprints for the servers it sets up.

I saw in the docs that the Autoscaler config allows me to specify an SSH key to pass into instances, which is what’s leading me to think it SSH’s into the server somehow to set it up, though I wasn’t able to verify if the Autoscaler did that securely or not after looking through the docs and through the source code of the Autoscaler (though Go isn’t my strong suit, so it wasn’t the best for me to really get anything out of anyway).

I’m also seeing that Hetzner supports init scripts when starting an instance which I’m thinking the autoscaler could use instead, though again, I couldn’t verify that.

Would there be anyone or anywhere I could find how the Autoscaler is doing this all?

Just found the stuff the Autoscaler uses here, looks like I’m good now.

Looks like you got it, the autoscaler communicates with the docker process using a certificate that it generates.

1 Like