azl4: build target and test image definitions#697
Draft
bfjelds wants to merge 2 commits into
Draft
Conversation
bfjelds
force-pushed
the
user/bfjelds/azl4-2-images
branch
from
084346c to
b76b575
Compare
Add the Makefile output targets and the azl4 grub test image definitions (base/update) plus the supporting first-boot scripts and units used to build Azure Linux 4 test images: initrd rebuild, SSH host-key move/regeneration, hostname shim, SELinux xattr stripping, and the testimages.py / builder plumbing to produce them. Stacked on the azl4 runtime PR. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
bfjelds
force-pushed
the
user/bfjelds/azl4-1-runtime
branch
from
fd80756 to
3ac0bb5
Compare
bfjelds
force-pushed
the
user/bfjelds/azl4-2-images
branch
from
b76b575 to
490d136
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Adds Azure Linux 4 (AZL4) VM GRUB test-image definitions and extends the test-image builder plumbing so images can expose multiple output targets (e.g., .cosi + .qcow2) and fetch AZL4 base images from blob storage when needed.
Changes:
- Add AZL4 GRUB base/update image YAML configs plus first-boot/post-customization scripts and a oneshot systemd unit for SSH host-key generation.
- Refactor the Python image builder to support per-image
output_and_configmappings, a--output-typeselector, and blob-sourced base images (BlobImageManifest+ downloader). - Simplify Makefile image build rules into a generalized output-suffix-driven pattern; update pipeline template to stage the SSH public key into the image tree.
Reviewed changes
Copilot reviewed 17 out of 17 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/images/trident-vm-testimage/base/updateimg-grub-azl4.yaml | New AZL4 update-image (COSI) definition for GRUB-based VM testing. |
| tests/images/trident-vm-testimage/base/baseimg-grub-azl4.yaml | New AZL4 bootable base qcow2 definition used by rollback tests. |
| tests/images/trident-vm-testimage/base/scripts/strip-selinux-xattrs.sh | New post-customization script to strip security.selinux xattrs during image build. |
| tests/images/trident-vm-testimage/base/scripts/ssh-move-host-keys-azl4.sh | New AZL4-specific sshd HostKey drop-in configuration script. |
| tests/images/trident-vm-testimage/base/scripts/rebuild-initrd-azl4.sh | New initramfs rebuild script to ensure non-hostonly storage drivers are included. |
| tests/images/trident-vm-testimage/base/scripts/enable-trident-service-azl4.sh | New defensive systemd enablement script for trident units on AZL4 builds. |
| tests/images/trident-vm-testimage/base/scripts/enable-regen-sshd-keys.sh | New script enabling the SSH host-key regeneration oneshot unit. |
| tests/images/trident-vm-testimage/base/files/regen-sshd-keys.service | New systemd oneshot unit to generate SSH host keys under /var/srv on first boot. |
| tests/images/trident-vm-testimage/base/files/hostname-shim.sh | New hostname shim for AZL4 images where the binary is not present. |
| tests/images/testimages.py | Update image definitions to use multi-output configs; add AZL4 VM test image and blob base-image manifest. |
| tests/images/builder/init.py | Introduce Distro, BlobImageManifest, multi-output config mapping, and runtime output selection. |
| tests/images/builder/run.py | Add output-type selection at build time; route blob manifests to blob downloader. |
| tests/images/builder/download.py | Add blob-based base-image downloader; extend MCR download URL selection by distro. |
| tests/images/builder/cli.py | Add --output-type and blob download CLI flags/env defaults. |
| tests/images/builder/builder.py | Update build calls to use the selected output format dynamically. |
| Makefile | Generalize artifacts build pattern to include .qcow2/.vhd and pass output type through to the builder. |
| .pipelines/templates/stages/trident_images/trident-testimg-template.yml | Stage SSH public key into the testimage tree before building. |
Comment on lines
38
to
+42
| UBUNTU_2204_AMD64 = BaseImageData( | ||
| "ubuntu_2204_amd64", Path("artifacts/ubuntu_2204_amd64.vhdx") | ||
| "ubuntu_2204_amd64", Path("artifacts/ubuntu_2204_amd64.vhdx"), Distro.OTHER | ||
| ) | ||
| UBUNTU_2204_ARM64 = BaseImageData( | ||
| "ubuntu_2204_arm64", Path("artifacts/ubuntu_2204_arm64.vhdx") | ||
| "ubuntu_2204_arm64", Path("artifacts/ubuntu_2204_arm64.vhdx"), Distro.OTHER |
Comment on lines
15
to
19
| def download_base_image(image: BaseImageManifest) -> None: | ||
| if image.distro not in (Distro.AZL3, Distro.AZL4): | ||
| raise ValueError(f"Unsupported distro {image.distro} for base image download") | ||
| """Download the base image from MCR.""" | ||
| with tempfile.TemporaryDirectory() as tempdir: |
| # kernel: the failure mode of that misstep is "boot hangs waiting for | ||
| # /dev/disk/by-uuid/<root>", which is the exact bug this script is | ||
| # meant to prevent. | ||
| KVERS=( /usr/lib/modules/* ) |
Comment on lines
+1
to
+7
| #!/bin/bash | ||
| # regen-sshd-keys is a one-shot service that generates SSH host keys in | ||
| # /var/srv on first boot. Enable it via wants symlink because the generic | ||
| # `services.enable` in MIC config is reserved for systemd unit names that | ||
| # come from packages, and our unit is delivered via additionalFiles. | ||
| ln -sf /etc/systemd/system/regen-sshd-keys.service \ | ||
| /etc/systemd/system/multi-user.target.wants/regen-sshd-keys.service |
…st images The netplan-main generate/configure split defers virtual-device creation to netplan-configure.service (Fedora ships it preset-disabled), and the grub-azl4 base image needs the socket-activated tridentd unit enabled. Enable both in the grub-azl4 base and update test images. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Part 2 of the stacked azl4 series. Builds on the runtime PR. Adds the Makefile output targets and azl4 grub test image definitions.
base/updateimg-grub-azl4 test image definitions and thetestimages.py/ builder plumbing to produce them.