[satlab] Add tool to remind user service account expiration date

BUG=b:209320828

Change-Id: Id7ac4d7d36d231484890688b0ae5c705c100d9ef
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/satlab/+/3368765
Reviewed-by: Prasad Vuppalapu <prasadv@chromium.org>
Commit-Queue: Anh Le <anhdle@chromium.org>
Tested-by: Anh Le <anhdle@chromium.org>
diff --git a/src/dockerfiles/satlab_remote_access/Dockerfile b/src/dockerfiles/satlab_remote_access/Dockerfile
index 7152c69..930dd5e 100644
--- a/src/dockerfiles/satlab_remote_access/Dockerfile
+++ b/src/dockerfiles/satlab_remote_access/Dockerfile
@@ -53,4 +53,13 @@
 WORKDIR /var/log
 
 # Enable TCP port forwarding required for SSH tunneling.
-RUN  sed -i s/AllowTcpForwarding\ no/AllowTcpForwarding\ yes/ /etc/ssh/sshd_config
\ No newline at end of file
+RUN  sed -i s/AllowTcpForwarding\ no/AllowTcpForwarding\ yes/ /etc/ssh/sshd_config
+
+# Change welcoming message.
+COPY dockerfiles/satlab_remote_access/motd /etc/
+
+# Add jq to get service account key id from json file.
+RUN apk add --no-cache --upgrade jq
+
+# Add routine to check service account key expiration
+COPY dockerfiles/satlab_remote_access/tools/service_account_key_check.sh /etc/profile.d/
\ No newline at end of file
diff --git a/src/dockerfiles/satlab_remote_access/motd b/src/dockerfiles/satlab_remote_access/motd
new file mode 100644
index 0000000..3c60ee4
--- /dev/null
+++ b/src/dockerfiles/satlab_remote_access/motd
@@ -0,0 +1,7 @@
+
+██╗    ██╗███████╗██╗      ██████╗ ██████╗ ███╗   ███╗███████╗    ████████╗ ██████╗     ███████╗ █████╗ ████████╗██╗      █████╗ ██████╗
+██║    ██║██╔════╝██║     ██╔════╝██╔═══██╗████╗ ████║██╔════╝    ╚══██╔══╝██╔═══██╗    ██╔════╝██╔══██╗╚══██╔══╝██║     ██╔══██╗██╔══██╗
+██║ █╗ ██║█████╗  ██║     ██║     ██║   ██║██╔████╔██║█████╗         ██║   ██║   ██║    ███████╗███████║   ██║   ██║     ███████║██████╔╝
+██║███╗██║██╔══╝  ██║     ██║     ██║   ██║██║╚██╔╝██║██╔══╝         ██║   ██║   ██║    ╚════██║██╔══██║   ██║   ██║     ██╔══██║██╔══██╗
+╚███╔███╔╝███████╗███████╗╚██████╗╚██████╔╝██║ ╚═╝ ██║███████╗       ██║   ╚██████╔╝    ███████║██║  ██║   ██║   ███████╗██║  ██║██████╔╝
+ ╚══╝╚══╝ ╚══════╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝     ╚═╝╚══════╝       ╚═╝    ╚═════╝     ╚══════╝╚═╝  ╚═╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═════╝
diff --git a/src/dockerfiles/satlab_remote_access/tools/satlab_setup b/src/dockerfiles/satlab_remote_access/tools/satlab_setup
index 179e95b..02e60fb 100755
--- a/src/dockerfiles/satlab_remote_access/tools/satlab_setup
+++ b/src/dockerfiles/satlab_remote_access/tools/satlab_setup
@@ -15,10 +15,8 @@
 
 1. Authenticate user using GCloud SDK(uses gcloud-sdk docker container),
    when prompted please use your google.com account
-2. Ask for service account, please follow (go/satlab-manual) to create
-   the service account if needed.
-3. Get required service account and keys from cloud application.
-4. Finally reboots the chromebox. (You must restart the chromebox inorder to
+2. Generate a service account key to pull Docker images.
+3. Finally reboots the chromebox. (You must restart the chromebox inorder to
    finish the satlab setup)
 ###############################################################################
 EOF
diff --git a/src/dockerfiles/satlab_remote_access/tools/service_account_key_check.sh b/src/dockerfiles/satlab_remote_access/tools/service_account_key_check.sh
new file mode 100644
index 0000000..8f387bb
--- /dev/null
+++ b/src/dockerfiles/satlab_remote_access/tools/service_account_key_check.sh
@@ -0,0 +1,12 @@
+cat << EOF
+###############################################################################
+Information about current service account key on this satlab.
+Please run satlab_setup to generate new key before expiration.
+###############################################################################
+EOF
+key_id=$(jq -r '."private_key_id"' /home/satlab/keys/satlab_service_account.json)
+KEYS_FOLDER=/home/satlab/keys
+GCLOUD="docker run --rm -ti -a stdout -v satlab_keys:${KEYS_FOLDER} -v gcloud:/root/.config/gcloud google/cloud-sdk:slim"
+SATLAB_SERIVCE_ACCOUNT=satlab-prototype@chromeos-service-accounts-dev.iam.gserviceaccount.com
+${GCLOUD} gcloud iam service-accounts keys list --iam-account="$SATLAB_SERIVCE_ACCOUNT" --filter "name=projects/chromeos-service-accounts-dev/serviceAccounts/$SATLAB_SERIVCE_ACCOUNT/keys/$key_id"
+echo "###############################################################################"
\ No newline at end of file