From 46bd6e104a36073e5770b7e97820c22b39ac6ec3 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Mon, 20 Oct 2025 23:32:45 +0000 Subject: [PATCH 01/65] start --- crates/trident/src/engine/mod.rs | 20 ++++++++ crates/trident/src/engine/update.rs | 5 +- .../trident/src/subsystems/extensions/mod.rs | 47 ++++++++++++++++++- 3 files changed, 70 insertions(+), 2 deletions(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index fa04989e7..bff5dbd2b 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -1,4 +1,5 @@ use std::{ + any::Any, fs, path::{Path, PathBuf}, sync::Mutex, @@ -22,6 +23,7 @@ use crate::{ engine::boot::BootSubsystem, subsystems::{ esp::EspSubsystem, + extensions::ExtensionsSubsystem, hooks::HooksSubsystem, initrd::InitrdSubsystem, management::ManagementSubsystem, @@ -59,6 +61,13 @@ pub(crate) use update::{finalize_update, update}; pub(crate) trait Subsystem: Send { fn name(&self) -> &'static str; + fn as_any(&self) -> &dyn Any + where + Self: Sized + 'static, + { + self + } + fn writable_etc_overlay(&self) -> bool { true } @@ -115,6 +124,7 @@ lazy_static::lazy_static! { Box::::default(), Box::::default(), Box::::default(), + Box::::default(), ]); } @@ -319,6 +329,16 @@ fn configure( Ok(()) } +pub fn get_extensions_subsystem(subsystems: &mut [Box]) -> &ExtensionsSubsystem { + let subsystem = subsystems + .iter() + .find(|s| s.name() == "extensions") + .expect("ExtensionsSubsystem not found in subsystems list"); + + // SAFETY: We know this is ExtensionsSubsystem because its name is "extensions" + unsafe { &*(subsystem.as_ref() as *const dyn Subsystem as *const ExtensionsSubsystem) } +} + pub fn reboot() -> Result<(), TridentError> { // Sync all writes to the filesystem. info!("Syncing filesystem"); diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index 9ce729fff..71074266d 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -27,7 +27,7 @@ use crate::{ }, monitor_metrics, osimage::OsImage, - subsystems::hooks::HooksSubsystem, + subsystems::{extensions::ExtensionsSubsystem, hooks::HooksSubsystem}, ExitKind, }; #[cfg(feature = "grpc-dangerous")] @@ -253,6 +253,9 @@ fn stage_update( engine::configure(subsystems, &ctx)?; }; + // Update Host Configuration with the paths of extension images. + subsystems.get(0); + // At this point, deployment has been staged, so update servicing state debug!( "Updating host's servicing state to '{:?}'", diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index 19ccd9960..d4f1d8d3f 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -10,7 +10,7 @@ use tempfile::NamedTempFile; use osutils::{dependencies::Dependency, path}; use trident_api::{ - config::Extension, + config::{Extension, HostConfiguration}, constants::internal_params::HTTP_CONNECTION_TIMEOUT_SECONDS, error::{InternalError, ReportError, TridentError}, primitives::hash::Sha384Hash, @@ -253,6 +253,51 @@ impl ExtensionsSubsystem { Ok(()) } + + pub(crate) fn update_host_configuration( + &mut self, + ctx: &EngineContext, + ) -> Result { + let mut updated_hc = ctx.spec.clone(); + + // Update paths of sysexts in the Host Configuration. + for sysext in self + .extensions + .iter() + .filter(|ext| ext.ext_type == ExtensionType::Sysext) + { + // Find corresponding sysext in Host Configuration. + let hc_ext = updated_hc + .os + .sysexts + .iter_mut() + .find(|ext| ext.sha384 == sysext.sha384) + .structured(InternalError::Internal( + "Failed to find previously processed sysext in Host Configuration", + ))?; + hc_ext.path = Some(sysext.path.clone()); + } + + // Update paths of confexts in the Host Configuration. + for confext in self + .extensions + .iter() + .filter(|ext| ext.ext_type == ExtensionType::Confext) + { + // Find corresponding confext in Host Configuration. + let hc_ext = updated_hc + .os + .confexts + .iter_mut() + .find(|ext| ext.sha384 == confext.sha384) + .structured(InternalError::Internal( + "Failed to find previously processed confext in Host Configuration", + ))?; + hc_ext.path = Some(confext.path.clone()); + } + + Ok(updated_hc) + } } /// Helper function to identify if the extension exists in the old Host From 13c37b38b1914bb220c71cad45bf58a3b12be1c0 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 02:26:51 +0000 Subject: [PATCH 02/65] temp --- crates/trident/src/engine/mod.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index bff5dbd2b..9b7a4cec5 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -333,6 +333,9 @@ pub fn get_extensions_subsystem(subsystems: &mut [Box]) -> &Exten let subsystem = subsystems .iter() .find(|s| s.name() == "extensions") + .unwrap() + .as_any() + .downcast_ref::() .expect("ExtensionsSubsystem not found in subsystems list"); // SAFETY: We know this is ExtensionsSubsystem because its name is "extensions" From 711c1b365b7ca29f46102319ff5382752f490a12 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 02:55:59 +0000 Subject: [PATCH 03/65] draft --- crates/trident/src/engine/boot/mod.rs | 4 ++++ crates/trident/src/engine/clean_install.rs | 3 +++ crates/trident/src/engine/mod.rs | 24 +++++++++---------- crates/trident/src/engine/update.rs | 4 ++-- crates/trident/src/subsystems/esp.rs | 4 ++++ .../trident/src/subsystems/extensions/mod.rs | 6 ++++- crates/trident/src/subsystems/hooks.rs | 4 ++++ crates/trident/src/subsystems/initrd.rs | 4 ++++ crates/trident/src/subsystems/management.rs | 4 ++++ crates/trident/src/subsystems/network.rs | 4 ++++ crates/trident/src/subsystems/osconfig/mod.rs | 8 +++++++ crates/trident/src/subsystems/selinux.rs | 4 ++++ crates/trident/src/subsystems/storage/mod.rs | 4 ++++ 13 files changed, 61 insertions(+), 16 deletions(-) diff --git a/crates/trident/src/engine/boot/mod.rs b/crates/trident/src/engine/boot/mod.rs index d114ad9b2..868a98fbd 100644 --- a/crates/trident/src/engine/boot/mod.rs +++ b/crates/trident/src/engine/boot/mod.rs @@ -25,6 +25,10 @@ impl Subsystem for BootSubsystem { "boot" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + #[tracing::instrument(name = "boot_configuration", skip_all)] fn configure(&mut self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.is_uki()? { diff --git a/crates/trident/src/engine/clean_install.rs b/crates/trident/src/engine/clean_install.rs index fce898199..6f8a27375 100644 --- a/crates/trident/src/engine/clean_install.rs +++ b/crates/trident/src/engine/clean_install.rs @@ -257,6 +257,9 @@ fn stage_clean_install( return Err(original_error).message("Failed to execute in chroot"); } + // Update Host Configuration with the paths of extension images. + engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; + // At this point, clean install has been staged, so update Host Status debug!( "Updating host's servicing state to '{:?}'", diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index 9b7a4cec5..a929b5aab 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -61,12 +61,7 @@ pub(crate) use update::{finalize_update, update}; pub(crate) trait Subsystem: Send { fn name(&self) -> &'static str; - fn as_any(&self) -> &dyn Any - where - Self: Sized + 'static, - { - self - } + fn as_any(&self) -> &dyn Any; fn writable_etc_overlay(&self) -> bool { true @@ -329,17 +324,20 @@ fn configure( Ok(()) } -pub fn get_extensions_subsystem(subsystems: &mut [Box]) -> &ExtensionsSubsystem { - let subsystem = subsystems +pub fn get_extensions_subsystem( + subsystems: &mut [Box], +) -> Result<&ExtensionsSubsystem, TridentError> { + subsystems .iter() .find(|s| s.name() == "extensions") - .unwrap() + .structured(InternalError::Internal( + "Failed to find Extensions subsystem", + ))? .as_any() .downcast_ref::() - .expect("ExtensionsSubsystem not found in subsystems list"); - - // SAFETY: We know this is ExtensionsSubsystem because its name is "extensions" - unsafe { &*(subsystem.as_ref() as *const dyn Subsystem as *const ExtensionsSubsystem) } + .structured(InternalError::Internal( + "Failed to downcast to ExtensionsSubsystem", + )) } pub fn reboot() -> Result<(), TridentError> { diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index 71074266d..4e42c5f1b 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -27,7 +27,7 @@ use crate::{ }, monitor_metrics, osimage::OsImage, - subsystems::{extensions::ExtensionsSubsystem, hooks::HooksSubsystem}, + subsystems::hooks::HooksSubsystem, ExitKind, }; #[cfg(feature = "grpc-dangerous")] @@ -254,7 +254,7 @@ fn stage_update( }; // Update Host Configuration with the paths of extension images. - subsystems.get(0); + engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; // At this point, deployment has been staged, so update servicing state debug!( diff --git a/crates/trident/src/subsystems/esp.rs b/crates/trident/src/subsystems/esp.rs index 8e75ffc68..f7302d6af 100644 --- a/crates/trident/src/subsystems/esp.rs +++ b/crates/trident/src/subsystems/esp.rs @@ -42,6 +42,10 @@ impl Subsystem for EspSubsystem { "esp" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + #[tracing::instrument(name = "esp_provision", skip_all)] fn provision(&mut self, ctx: &EngineContext, mount_path: &Path) -> Result<(), TridentError> { // Perform file-based deployment of ESP images, if needed, after filesystems have been diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index d4f1d8d3f..da40a1ce1 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -90,6 +90,10 @@ impl Subsystem for ExtensionsSubsystem { "extensions" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn provision(&mut self, ctx: &EngineContext, mount_path: &Path) -> Result<(), TridentError> { // Define staging directory, in which extension images will be downloaded. let staging_dir = path::join_relative(mount_path, EXTENSION_IMAGE_STAGING_DIRECTORY); @@ -255,7 +259,7 @@ impl ExtensionsSubsystem { } pub(crate) fn update_host_configuration( - &mut self, + &self, ctx: &EngineContext, ) -> Result { let mut updated_hc = ctx.spec.clone(); diff --git a/crates/trident/src/subsystems/hooks.rs b/crates/trident/src/subsystems/hooks.rs index 43b2d217e..4b9ac0f69 100644 --- a/crates/trident/src/subsystems/hooks.rs +++ b/crates/trident/src/subsystems/hooks.rs @@ -40,6 +40,10 @@ impl Subsystem for HooksSubsystem { "hooks" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn writable_etc_overlay(&self) -> bool { self.writable_etc_overlay } diff --git a/crates/trident/src/subsystems/initrd.rs b/crates/trident/src/subsystems/initrd.rs index 16d03935c..ddf020f39 100644 --- a/crates/trident/src/subsystems/initrd.rs +++ b/crates/trident/src/subsystems/initrd.rs @@ -12,6 +12,10 @@ impl Subsystem for InitrdSubsystem { "initrd" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn writable_etc_overlay(&self) -> bool { false } diff --git a/crates/trident/src/subsystems/management.rs b/crates/trident/src/subsystems/management.rs index 45231f08e..1b41d1b85 100644 --- a/crates/trident/src/subsystems/management.rs +++ b/crates/trident/src/subsystems/management.rs @@ -29,6 +29,10 @@ impl Subsystem for ManagementSubsystem { "management" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.spec.trident.disable { return Ok(()); diff --git a/crates/trident/src/subsystems/network.rs b/crates/trident/src/subsystems/network.rs index c9135333d..2b1752e60 100644 --- a/crates/trident/src/subsystems/network.rs +++ b/crates/trident/src/subsystems/network.rs @@ -19,6 +19,10 @@ impl Subsystem for NetworkSubsystem { "network" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + #[tracing::instrument(name = "network_configuration", skip_all)] fn configure(&mut self, ctx: &EngineContext) -> Result<(), TridentError> { match ctx.spec.os.netplan.as_ref() { diff --git a/crates/trident/src/subsystems/osconfig/mod.rs b/crates/trident/src/subsystems/osconfig/mod.rs index d7ce6fee6..55f0ec227 100644 --- a/crates/trident/src/subsystems/osconfig/mod.rs +++ b/crates/trident/src/subsystems/osconfig/mod.rs @@ -61,6 +61,10 @@ impl Subsystem for OsConfigSubsystem { "os-config" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { // If the os-modifier binary is required but not present, return an error. if os_config_requires_os_modifier(ctx) && !Path::new(OS_MODIFIER_BINARY_PATH).exists() { @@ -192,6 +196,10 @@ impl Subsystem for MosConfigSubsystem { "mos-config" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.servicing_type != ServicingType::CleanInstall { debug!( diff --git a/crates/trident/src/subsystems/selinux.rs b/crates/trident/src/subsystems/selinux.rs index c7a0f1a86..2cc0b7111 100644 --- a/crates/trident/src/subsystems/selinux.rs +++ b/crates/trident/src/subsystems/selinux.rs @@ -77,6 +77,10 @@ impl Subsystem for SelinuxSubsystem { "selinux" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + #[tracing::instrument(name = "selinux_configuration", skip_all)] fn configure(&mut self, ctx: &EngineContext) -> Result<(), TridentError> { // Only continue if the servicing type is a clean install or AB update. diff --git a/crates/trident/src/subsystems/storage/mod.rs b/crates/trident/src/subsystems/storage/mod.rs index fd122c40e..b6bb24041 100644 --- a/crates/trident/src/subsystems/storage/mod.rs +++ b/crates/trident/src/subsystems/storage/mod.rs @@ -36,6 +36,10 @@ impl Subsystem for StorageSubsystem { "storage" } + fn as_any(&self) -> &dyn std::any::Any { + self + } + fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.servicing_type != ServicingType::CleanInstall { // Ensure that relevant portions of the Host Configuration have not changed. From 56130379f8c124188a70363f5278bb8f3c68f959 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 03:25:29 +0000 Subject: [PATCH 04/65] update hc in status --- crates/trident/src/engine/clean_install.rs | 5 +++-- crates/trident/src/engine/update.rs | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/crates/trident/src/engine/clean_install.rs b/crates/trident/src/engine/clean_install.rs index 6f8a27375..2f4378335 100644 --- a/crates/trident/src/engine/clean_install.rs +++ b/crates/trident/src/engine/clean_install.rs @@ -258,7 +258,8 @@ fn stage_clean_install( } // Update Host Configuration with the paths of extension images. - engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; + let updated_hc = + engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; // At this point, clean install has been staged, so update Host Status debug!( @@ -268,7 +269,7 @@ fn stage_clean_install( state.with_host_status(|hs| { *hs = HostStatus { servicing_state: ServicingState::CleanInstallStaged, - spec: host_config.clone(), + spec: updated_hc, spec_old: Default::default(), ab_active_volume: None, partition_paths: ctx.partition_paths, diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index 4e42c5f1b..b00c5ce4c 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -254,7 +254,8 @@ fn stage_update( }; // Update Host Configuration with the paths of extension images. - engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; + let updated_hc = + engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; // At this point, deployment has been staged, so update servicing state debug!( @@ -263,7 +264,7 @@ fn stage_update( ); state.with_host_status(|hs| { *hs = HostStatus { - spec: ctx.spec, + spec: updated_hc, spec_old: ctx.spec_old, servicing_state: ServicingState::AbUpdateStaged, ab_active_volume: ctx.ab_active_volume, From 412f93b631ddcc688fcdca58b933242dd2f7f096 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 16:19:00 +0000 Subject: [PATCH 05/65] fix signature --- crates/trident/src/engine/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index a929b5aab..d90796ca7 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -325,7 +325,7 @@ fn configure( } pub fn get_extensions_subsystem( - subsystems: &mut [Box], + subsystems: &[Box], ) -> Result<&ExtensionsSubsystem, TridentError> { subsystems .iter() From 1f10dfbd1415f28eaf03bc8aeaed31af4733331a Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 16:23:23 +0000 Subject: [PATCH 06/65] add test --- .../trident/src/subsystems/extensions/mod.rs | 103 ++++++++++++++++++ 1 file changed, 103 insertions(+) diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index da40a1ce1..1a886fc52 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -371,6 +371,7 @@ mod tests { use super::*; use tempfile::env::temp_dir; + use url::Url; #[test] fn test_populate_extensions_empty() { @@ -388,6 +389,108 @@ mod tests { "ExtensionsSubsystem extensions_old should be empty when there are no extensions in the old Host Configuration" ); } + + #[test] + fn test_update_host_configuration_sysexts() { + let mut ctx = EngineContext::default(); + ctx.spec.os.sysexts = vec![ + Extension { + url: Url::parse("https://example.com/sysext1.raw").unwrap(), + sha384: Sha384Hash::from("a".repeat(96)), + path: None, + }, + Extension { + url: Url::parse("https://example.com/sysext2.raw").unwrap(), + sha384: Sha384Hash::from("b".repeat(96)), + path: Some(PathBuf::from("/etc/extensions/sysext2.raw")), + }, + ]; + + let subsystem = ExtensionsSubsystem { + extensions: vec![ + ExtensionData { + id: "sysext1".to_string(), + name: "sysext1".to_string(), + sha384: Sha384Hash::from("a".repeat(96)), + path: PathBuf::from("/var/lib/extensions/sysext1.raw"), + temp_path: Some( + PathBuf::from(EXTENSION_IMAGE_STAGING_DIRECTORY).join("sysext1.raw"), + ), + ext_type: ExtensionType::Sysext, + }, + ExtensionData { + id: "sysext2".to_string(), + name: "sysext2".to_string(), + sha384: Sha384Hash::from("b".repeat(96)), + path: PathBuf::from("/etc/extensions/sysext2.raw"), + temp_path: Some( + PathBuf::from(EXTENSION_IMAGE_STAGING_DIRECTORY).join("sysext2.raw"), + ), + ext_type: ExtensionType::Sysext, + }, + ], + extensions_old: vec![], + }; + let updated_hc = subsystem.update_host_configuration(&ctx).unwrap(); + + for i in 0..subsystem.extensions.len() { + assert_eq!( + updated_hc.os.sysexts[i].path, + Some(subsystem.extensions[i].path.clone()) + ) + } + } + + #[test] + fn test_update_host_configuration_confexts() { + let mut ctx = EngineContext::default(); + ctx.spec.os.confexts = vec![ + Extension { + url: Url::parse("https://example.com/confext1.raw").unwrap(), + sha384: Sha384Hash::from("a".repeat(96)), + path: None, + }, + Extension { + url: Url::parse("https://example.com/confext2.raw").unwrap(), + sha384: Sha384Hash::from("b".repeat(96)), + path: Some(PathBuf::from("/usr/lib/confexts/confext2.raw")), + }, + ]; + + let subsystem = ExtensionsSubsystem { + extensions: vec![ + ExtensionData { + id: "confext1".to_string(), + name: "confext1".to_string(), + sha384: Sha384Hash::from("a".repeat(96)), + path: PathBuf::from("/var/lib/confexts/confext1.raw"), + temp_path: Some( + PathBuf::from(EXTENSION_IMAGE_STAGING_DIRECTORY).join("confext1.raw"), + ), + ext_type: ExtensionType::Confext, + }, + ExtensionData { + id: "confext2".to_string(), + name: "confext2".to_string(), + sha384: Sha384Hash::from("b".repeat(96)), + path: PathBuf::from("/usr/lib/confexts/confext2.raw"), + temp_path: Some( + PathBuf::from(EXTENSION_IMAGE_STAGING_DIRECTORY).join("confext2.raw"), + ), + ext_type: ExtensionType::Confext, + }, + ], + extensions_old: vec![], + }; + let updated_hc = subsystem.update_host_configuration(&ctx).unwrap(); + + for i in 0..subsystem.extensions.len() { + assert_eq!( + updated_hc.os.confexts[i].path, + Some(subsystem.extensions[i].path.clone()) + ) + } + } } #[cfg(feature = "functional-test")] From cd912ff4846e2a9fa84e2eb7c6e955546af818a8 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 16:26:18 +0000 Subject: [PATCH 07/65] don't use constant --- crates/trident/src/engine/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index d90796ca7..a415fa56e 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -329,7 +329,7 @@ pub fn get_extensions_subsystem( ) -> Result<&ExtensionsSubsystem, TridentError> { subsystems .iter() - .find(|s| s.name() == "extensions") + .find(|s| s.name() == ExtensionsSubsystem::default().name()) .structured(InternalError::Internal( "Failed to find Extensions subsystem", ))? From f351e60bfb4744448624034b6af59054b707a19e Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Tue, 21 Oct 2025 16:45:19 +0000 Subject: [PATCH 08/65] import std any --- crates/trident/src/engine/boot/mod.rs | 4 ++-- crates/trident/src/subsystems/esp.rs | 3 ++- crates/trident/src/subsystems/extensions/mod.rs | 3 ++- crates/trident/src/subsystems/hooks.rs | 3 ++- crates/trident/src/subsystems/initrd.rs | 4 +++- crates/trident/src/subsystems/management.rs | 3 ++- crates/trident/src/subsystems/network.rs | 4 ++-- crates/trident/src/subsystems/osconfig/mod.rs | 6 +++--- crates/trident/src/subsystems/selinux.rs | 3 ++- crates/trident/src/subsystems/storage/mod.rs | 3 ++- 10 files changed, 22 insertions(+), 14 deletions(-) diff --git a/crates/trident/src/engine/boot/mod.rs b/crates/trident/src/engine/boot/mod.rs index 868a98fbd..e38ea0bea 100644 --- a/crates/trident/src/engine/boot/mod.rs +++ b/crates/trident/src/engine/boot/mod.rs @@ -1,4 +1,4 @@ -use std::path::Path; +use std::{any::Any, path::Path}; use log::debug; use strum::IntoEnumIterator; @@ -25,7 +25,7 @@ impl Subsystem for BootSubsystem { "boot" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/esp.rs b/crates/trident/src/subsystems/esp.rs index f7302d6af..4713f4d1e 100644 --- a/crates/trident/src/subsystems/esp.rs +++ b/crates/trident/src/subsystems/esp.rs @@ -1,4 +1,5 @@ use std::{ + any::Any, fs, io::Read, path::{Path, PathBuf}, @@ -42,7 +43,7 @@ impl Subsystem for EspSubsystem { "esp" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index 1a886fc52..f3c9d184c 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -1,4 +1,5 @@ use std::{ + any::Any, fmt::Display, fs, path::{Path, PathBuf}, @@ -90,7 +91,7 @@ impl Subsystem for ExtensionsSubsystem { "extensions" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/hooks.rs b/crates/trident/src/subsystems/hooks.rs index 4b9ac0f69..9af57b585 100644 --- a/crates/trident/src/subsystems/hooks.rs +++ b/crates/trident/src/subsystems/hooks.rs @@ -1,4 +1,5 @@ use std::{ + any::Any, collections::HashMap, ffi::OsStr, os::unix::fs::PermissionsExt, @@ -40,7 +41,7 @@ impl Subsystem for HooksSubsystem { "hooks" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/initrd.rs b/crates/trident/src/subsystems/initrd.rs index ddf020f39..ac097d332 100644 --- a/crates/trident/src/subsystems/initrd.rs +++ b/crates/trident/src/subsystems/initrd.rs @@ -1,3 +1,5 @@ +use std::any::Any; + use log::{debug, info}; use osutils::mkinitrd; @@ -12,7 +14,7 @@ impl Subsystem for InitrdSubsystem { "initrd" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/management.rs b/crates/trident/src/subsystems/management.rs index 1b41d1b85..d80c8330a 100644 --- a/crates/trident/src/subsystems/management.rs +++ b/crates/trident/src/subsystems/management.rs @@ -1,6 +1,7 @@ //! Subsystem in charge of configuring the Trident agent on the target OS. use std::{ + any::Any, fs::{self}, path::Path, }; @@ -29,7 +30,7 @@ impl Subsystem for ManagementSubsystem { "management" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/network.rs b/crates/trident/src/subsystems/network.rs index 2b1752e60..7af4e8d18 100644 --- a/crates/trident/src/subsystems/network.rs +++ b/crates/trident/src/subsystems/network.rs @@ -1,4 +1,4 @@ -use std::{fs, path::Path}; +use std::{any::Any, fs, path::Path}; use anyhow::Context; use log::debug; @@ -19,7 +19,7 @@ impl Subsystem for NetworkSubsystem { "network" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/osconfig/mod.rs b/crates/trident/src/subsystems/osconfig/mod.rs index 55f0ec227..699d82a9e 100644 --- a/crates/trident/src/subsystems/osconfig/mod.rs +++ b/crates/trident/src/subsystems/osconfig/mod.rs @@ -1,4 +1,4 @@ -use std::{fs, path::Path}; +use std::{any::Any, fs, path::Path}; use anyhow::Context; use log::{debug, error, info, warn}; @@ -61,7 +61,7 @@ impl Subsystem for OsConfigSubsystem { "os-config" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } @@ -196,7 +196,7 @@ impl Subsystem for MosConfigSubsystem { "mos-config" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/selinux.rs b/crates/trident/src/subsystems/selinux.rs index 2cc0b7111..7ff6c5897 100644 --- a/crates/trident/src/subsystems/selinux.rs +++ b/crates/trident/src/subsystems/selinux.rs @@ -1,4 +1,5 @@ use std::{ + any::Any, fs::File, io::{BufRead, BufReader}, path::{Path, PathBuf}, @@ -77,7 +78,7 @@ impl Subsystem for SelinuxSubsystem { "selinux" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } diff --git a/crates/trident/src/subsystems/storage/mod.rs b/crates/trident/src/subsystems/storage/mod.rs index b6bb24041..300f36ee6 100644 --- a/crates/trident/src/subsystems/storage/mod.rs +++ b/crates/trident/src/subsystems/storage/mod.rs @@ -1,4 +1,5 @@ use std::{ + any::Any, collections::HashMap, path::{Path, PathBuf}, }; @@ -36,7 +37,7 @@ impl Subsystem for StorageSubsystem { "storage" } - fn as_any(&self) -> &dyn std::any::Any { + fn as_any(&self) -> &dyn Any { self } From 83a3d0976d5a910e3fbfaf480f89f0f3c270a737 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 22 Oct 2025 19:48:49 +0000 Subject: [PATCH 09/65] fix ut : --- .../trident/src/subsystems/extensions/mod.rs | 36 ------------------- 1 file changed, 36 deletions(-) diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index 12bc64818..5a43029dc 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -699,46 +699,10 @@ mod tests { id: "confext2".to_string(), name: "confext2".to_string(), sha384: Sha384Hash::from("b".repeat(96)), - path: PathBuf::from("/var/lib/extensions/sysext2.raw"), - temp_path: PathBuf::from("/var/lib/extensions/.staging/sysext2.raw"), - ext_type: ExtensionType::Sysext, - }, - // Sysext in /.extra/sysext - ExtensionData { - id: "sysext3".to_string(), - name: "sysext3".to_string(), - sha384: Sha384Hash::from("c".repeat(96)), - path: PathBuf::from("/.extra/sysext/sysext3.raw"), - temp_path: PathBuf::from("/var/lib/extensions/.staging/sysext3.raw"), - ext_type: ExtensionType::Sysext, - }, - // Confext in /var/lib/confexts (default) - ExtensionData { - id: "confext1".to_string(), - name: "confext1".to_string(), - sha384: Sha384Hash::from("d".repeat(96)), - path: PathBuf::from("/var/lib/confexts/confext1.raw"), - temp_path: PathBuf::from("/var/lib/extensions/.staging/confext1.raw"), - ext_type: ExtensionType::Confext, - }, - // Confext in /usr/lib/confexts - ExtensionData { - id: "confext2".to_string(), - name: "confext2".to_string(), - sha384: Sha384Hash::from("e".repeat(96)), path: PathBuf::from("/usr/lib/confexts/confext2.raw"), temp_path: PathBuf::from("/var/lib/extensions/.staging/confext2.raw"), ext_type: ExtensionType::Confext, }, - // Confext in /usr/local/lib/confexts - ExtensionData { - id: "confext3".to_string(), - name: "confext3".to_string(), - sha384: Sha384Hash::from("f".repeat(96)), - path: PathBuf::from("/usr/local/lib/confexts/confext3.raw"), - temp_path: PathBuf::from("/var/lib/extensions/.staging/confext3.raw"), - ext_type: ExtensionType::Confext, - }, ], extensions_old: vec![], }; From 0e542778b2368c289764f9c1f797240918ac8d96 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 22 Oct 2025 20:12:39 +0000 Subject: [PATCH 10/65] use a const --- crates/trident/src/engine/mod.rs | 4 ++-- crates/trident/src/subsystems/extensions/mod.rs | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index a415fa56e..7def61951 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -23,7 +23,7 @@ use crate::{ engine::boot::BootSubsystem, subsystems::{ esp::EspSubsystem, - extensions::ExtensionsSubsystem, + extensions::{ExtensionsSubsystem, EXTENSIONS_SUBSYSTEM_NAME}, hooks::HooksSubsystem, initrd::InitrdSubsystem, management::ManagementSubsystem, @@ -329,7 +329,7 @@ pub fn get_extensions_subsystem( ) -> Result<&ExtensionsSubsystem, TridentError> { subsystems .iter() - .find(|s| s.name() == ExtensionsSubsystem::default().name()) + .find(|s| s.name() == EXTENSIONS_SUBSYSTEM_NAME) .structured(InternalError::Internal( "Failed to find Extensions subsystem", ))? diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index 5a43029dc..9273d6954 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -29,6 +29,9 @@ use crate::{ mod release; +/// Extensions subsystem name +pub const EXTENSIONS_SUBSYSTEM_NAME: &str = "extensions"; + /// Extension-release const EXTENSION_RELEASE: &str = "extension-release"; @@ -91,7 +94,7 @@ pub struct ExtensionsSubsystem { } impl Subsystem for ExtensionsSubsystem { fn name(&self) -> &'static str { - "extensions" + EXTENSIONS_SUBSYSTEM_NAME } fn as_any(&self) -> &dyn Any { From c41f1ea261a9109dbd865ee4b5cf13b2cc06277c Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 22 Oct 2025 21:48:54 +0000 Subject: [PATCH 11/65] add selinux policies --- packaging/selinux-policy-trident/trident.te | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/packaging/selinux-policy-trident/trident.te b/packaging/selinux-policy-trident/trident.te index 2d981258a..f5d6d7a4e 100644 --- a/packaging/selinux-policy-trident/trident.te +++ b/packaging/selinux-policy-trident/trident.te @@ -275,8 +275,8 @@ files_var_lib_filetrans(trident_t, trident_var_lib_t, { dir file lnk_file }) # Allow trident_t domain to interact with files and directories labeled as trident_var_lib_t # Necessary so Trident can interact with the datastore at /var/lib/trident -allow trident_t trident_var_lib_t:dir { getattr search read write add_name create remove_name open mounton relabelto }; -allow trident_t trident_var_lib_t:file { getattr setattr create open read write unlink lock relabelto }; +allow trident_t trident_var_lib_t:dir { getattr search read write add_name create remove_name open mounton relabelto rmdir }; +allow trident_t trident_var_lib_t:file { getattr setattr create open read write unlink lock relabelto rename }; # Allow Trident to relabel its executable allow trident_t trident_exec_t:file relabelto; @@ -857,6 +857,9 @@ allow fsadm_t trident_t:process { siginh rlimitinh noatsecure transition sigchld allow fsadm_t fixed_disk_device_t:blk_file { open read write getattr ioctl }; allow fsadm_t unlabeled_t:file map; +# Allow fsadm_t to use losetup utility on Trident-created files in /var/lib/. Necessary to attach device to extension image. +allow fsadm_t trident_var_lib_t:file { getattr open read write }; + # Create, read, write, and delete files on a efivarfs filesystem fs_manage_efivarfs_files(fsadm_t) fs_manage_tmpfs_dirs(fsadm_t) @@ -925,6 +928,9 @@ allow udev_t cloud_init_t:fifo_file { append write getattr }; allow udev_t lvm_t:process { noatsecure rlimitinh siginh }; allow udev_t unlabeled_t:file getattr; +# Allow losetup to attach an extension image file as a loopback device. +allow udev_t trident_var_lib_t:file getattr; + files_read_generic_tmp_files(udev_t) #============= udevadm_t ============== From 6e4aefa1aaf8242cd129b5c22b5757bb9e2de57f Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 22 Oct 2025 21:53:10 +0000 Subject: [PATCH 12/65] add condition to skip : --- crates/trident/src/subsystems/extensions/mod.rs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index 9273d6954..2fc5985d3 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -102,6 +102,13 @@ impl Subsystem for ExtensionsSubsystem { } fn provision(&mut self, ctx: &EngineContext, mount_path: &Path) -> Result<(), TridentError> { + // Skip step if there are no changes to sysexts and confexts. + if ctx.spec.os.sysexts == ctx.spec_old.os.sysexts + && ctx.spec.os.confexts == ctx.spec_old.os.confexts + { + return Ok(()); + } + // Define staging directory, in which extension images will be downloaded. let staging_dir = path::join_relative(mount_path, EXTENSION_IMAGE_STAGING_DIRECTORY); From 647b4d02474896c4594d927d31b407d8a6f84df1 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 20:16:50 +0000 Subject: [PATCH 13/65] create new method --- crates/trident/src/engine/boot/mod.rs | 6 +- crates/trident/src/engine/clean_install.rs | 5 +- crates/trident/src/engine/mod.rs | 41 ++++--- crates/trident/src/engine/update.rs | 25 ++--- crates/trident/src/subsystems/esp.rs | 5 - .../trident/src/subsystems/extensions/mod.rs | 106 ++++++++---------- crates/trident/src/subsystems/hooks.rs | 5 - crates/trident/src/subsystems/initrd.rs | 6 - crates/trident/src/subsystems/management.rs | 5 - crates/trident/src/subsystems/network.rs | 6 +- crates/trident/src/subsystems/osconfig/mod.rs | 10 +- crates/trident/src/subsystems/selinux.rs | 5 - crates/trident/src/subsystems/storage/mod.rs | 5 - 13 files changed, 87 insertions(+), 143 deletions(-) diff --git a/crates/trident/src/engine/boot/mod.rs b/crates/trident/src/engine/boot/mod.rs index e38ea0bea..d114ad9b2 100644 --- a/crates/trident/src/engine/boot/mod.rs +++ b/crates/trident/src/engine/boot/mod.rs @@ -1,4 +1,4 @@ -use std::{any::Any, path::Path}; +use std::path::Path; use log::debug; use strum::IntoEnumIterator; @@ -25,10 +25,6 @@ impl Subsystem for BootSubsystem { "boot" } - fn as_any(&self) -> &dyn Any { - self - } - #[tracing::instrument(name = "boot_configuration", skip_all)] fn configure(&mut self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.is_uki()? { diff --git a/crates/trident/src/engine/clean_install.rs b/crates/trident/src/engine/clean_install.rs index 2f4378335..5d70a969a 100644 --- a/crates/trident/src/engine/clean_install.rs +++ b/crates/trident/src/engine/clean_install.rs @@ -258,8 +258,7 @@ fn stage_clean_install( } // Update Host Configuration with the paths of extension images. - let updated_hc = - engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; + engine::update_host_configuration(subsystems, &mut ctx)?; // At this point, clean install has been staged, so update Host Status debug!( @@ -269,7 +268,7 @@ fn stage_clean_install( state.with_host_status(|hs| { *hs = HostStatus { servicing_state: ServicingState::CleanInstallStaged, - spec: updated_hc, + spec: ctx.spec, spec_old: Default::default(), ab_active_volume: None, partition_paths: ctx.partition_paths, diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index 7def61951..abef2a2ed 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -1,5 +1,4 @@ use std::{ - any::Any, fs, path::{Path, PathBuf}, sync::Mutex, @@ -23,7 +22,7 @@ use crate::{ engine::boot::BootSubsystem, subsystems::{ esp::EspSubsystem, - extensions::{ExtensionsSubsystem, EXTENSIONS_SUBSYSTEM_NAME}, + extensions::ExtensionsSubsystem, hooks::HooksSubsystem, initrd::InitrdSubsystem, management::ManagementSubsystem, @@ -61,8 +60,6 @@ pub(crate) use update::{finalize_update, update}; pub(crate) trait Subsystem: Send { fn name(&self) -> &'static str; - fn as_any(&self) -> &dyn Any; - fn writable_etc_overlay(&self) -> bool { true } @@ -105,6 +102,11 @@ pub(crate) trait Subsystem: Send { fn configure(&mut self, _ctx: &EngineContext) -> Result<(), TridentError> { Ok(()) } + + /// Update the Host Configuration with information in the subsystem. + fn update_host_configuration(&self, _ctx: &mut EngineContext) -> Result<(), TridentError> { + Ok(()) + } } lazy_static::lazy_static! { @@ -324,20 +326,23 @@ fn configure( Ok(()) } -pub fn get_extensions_subsystem( - subsystems: &[Box], -) -> Result<&ExtensionsSubsystem, TridentError> { - subsystems - .iter() - .find(|s| s.name() == EXTENSIONS_SUBSYSTEM_NAME) - .structured(InternalError::Internal( - "Failed to find Extensions subsystem", - ))? - .as_any() - .downcast_ref::() - .structured(InternalError::Internal( - "Failed to downcast to ExtensionsSubsystem", - )) +fn update_host_configuration( + subsystems: &mut [Box], + ctx: &mut EngineContext, +) -> Result<(), TridentError> { + info!("Starting step 'Update Host Configuration'"); + for subsystem in subsystems { + debug!( + "Starting step 'Update Host Configuration' for subsystem '{}'", + subsystem.name() + ); + subsystem.update_host_configuration(ctx).message(format!( + "Step 'Update Host Configuration' failed for subsystem '{}'", + subsystem.name() + ))?; + } + debug!("Finished step 'Update Host Configuration'"); + Ok(()) } pub fn reboot() -> Result<(), TridentError> { diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index b00c5ce4c..537cb51a9 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -118,7 +118,7 @@ pub(crate) fn update( // Stage update stage_update( &mut subsystems, - ctx, + &mut ctx, state, #[cfg(feature = "grpc-dangerous")] sender, @@ -183,7 +183,7 @@ pub(crate) fn update( #[tracing::instrument(skip_all, fields(servicing_type = format!("{:?}", ctx.servicing_type)))] fn stage_update( subsystems: &mut [Box], - ctx: EngineContext, + ctx: &mut EngineContext, state: &mut DataStore, #[cfg(feature = "grpc-dangerous")] sender: &mut Option< mpsc::UnboundedSender>, @@ -215,7 +215,7 @@ fn stage_update( } }; - engine::prepare(subsystems, &ctx)?; + engine::prepare(subsystems, ctx)?; if let ServicingType::AbUpdate = ctx.servicing_type { debug!("Preparing storage to mount new root"); @@ -224,7 +224,7 @@ fn stage_update( verity::stop_trident_servicing_devices(&ctx.spec) .structured(ServicingError::CleanupVerity)?; - storage::initialize_block_devices(&ctx)?; + storage::initialize_block_devices(ctx)?; let newroot_mount = NewrootMount::create_and_mount( &ctx.spec, &ctx.partition_paths, @@ -234,12 +234,12 @@ fn stage_update( ))?, )?; - engine::provision(subsystems, &ctx, newroot_mount.path())?; + engine::provision(subsystems, ctx, newroot_mount.path())?; debug!("Entering '{}' chroot", newroot_mount.path().display()); let result = chroot::enter_update_chroot(newroot_mount.path()) .message("Failed to enter chroot")? - .execute_and_exit(|| engine::configure(subsystems, &ctx)); + .execute_and_exit(|| engine::configure(subsystems, ctx)); if let Err(original_error) = result { if let Err(e) = newroot_mount.unmount_all() { @@ -250,12 +250,11 @@ fn stage_update( newroot_mount.unmount_all()?; } else { - engine::configure(subsystems, &ctx)?; + engine::configure(subsystems, ctx)?; }; // Update Host Configuration with the paths of extension images. - let updated_hc = - engine::get_extensions_subsystem(subsystems)?.update_host_configuration(&ctx)?; + engine::update_host_configuration(subsystems, ctx)?; // At this point, deployment has been staged, so update servicing state debug!( @@ -264,12 +263,12 @@ fn stage_update( ); state.with_host_status(|hs| { *hs = HostStatus { - spec: updated_hc, - spec_old: ctx.spec_old, + spec: ctx.spec.clone(), + spec_old: ctx.spec_old.clone(), servicing_state: ServicingState::AbUpdateStaged, ab_active_volume: ctx.ab_active_volume, - partition_paths: ctx.partition_paths, - disk_uuids: ctx.disk_uuids, + partition_paths: ctx.partition_paths.clone(), + disk_uuids: ctx.disk_uuids.clone(), install_index: ctx.install_index, last_error: None, is_management_os: false, diff --git a/crates/trident/src/subsystems/esp.rs b/crates/trident/src/subsystems/esp.rs index 4713f4d1e..8e75ffc68 100644 --- a/crates/trident/src/subsystems/esp.rs +++ b/crates/trident/src/subsystems/esp.rs @@ -1,5 +1,4 @@ use std::{ - any::Any, fs, io::Read, path::{Path, PathBuf}, @@ -43,10 +42,6 @@ impl Subsystem for EspSubsystem { "esp" } - fn as_any(&self) -> &dyn Any { - self - } - #[tracing::instrument(name = "esp_provision", skip_all)] fn provision(&mut self, ctx: &EngineContext, mount_path: &Path) -> Result<(), TridentError> { // Perform file-based deployment of ESP images, if needed, after filesystems have been diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index 2fc5985d3..cb6a4a58e 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -1,5 +1,4 @@ use std::{ - any::Any, collections::{HashMap, HashSet}, fmt::Display, fs, @@ -13,7 +12,7 @@ use tempfile::NamedTempFile; use osutils::{dependencies::Dependency, path}; use trident_api::{ - config::{Extension, HostConfiguration}, + config::Extension, constants::internal_params::HTTP_CONNECTION_TIMEOUT_SECONDS, error::{InternalError, ReportError, ServicingError, TridentError}, primitives::hash::Sha384Hash, @@ -29,9 +28,6 @@ use crate::{ mod release; -/// Extensions subsystem name -pub const EXTENSIONS_SUBSYSTEM_NAME: &str = "extensions"; - /// Extension-release const EXTENSION_RELEASE: &str = "extension-release"; @@ -94,11 +90,7 @@ pub struct ExtensionsSubsystem { } impl Subsystem for ExtensionsSubsystem { fn name(&self) -> &'static str { - EXTENSIONS_SUBSYSTEM_NAME - } - - fn as_any(&self) -> &dyn Any { - self + "extensions" } fn provision(&mut self, ctx: &EngineContext, mount_path: &Path) -> Result<(), TridentError> { @@ -133,6 +125,47 @@ impl Subsystem for ExtensionsSubsystem { Ok(()) } + + fn update_host_configuration(&self, ctx: &mut EngineContext) -> Result<(), TridentError> { + // Update paths of sysexts in the Host Configuration. + for sysext in self + .extensions + .iter() + .filter(|ext| ext.ext_type == ExtensionType::Sysext) + { + // Find corresponding sysext in Host Configuration. + let hc_ext = ctx + .spec + .os + .sysexts + .iter_mut() + .find(|ext| ext.sha384 == sysext.sha384) + .structured(InternalError::Internal( + "Failed to find previously processed sysext in Host Configuration", + ))?; + hc_ext.path = Some(sysext.path.clone()); + } + + // Update paths of confexts in the Host Configuration. + for confext in self + .extensions + .iter() + .filter(|ext| ext.ext_type == ExtensionType::Confext) + { + // Find corresponding confext in Host Configuration. + let hc_ext = ctx + .spec + .os + .confexts + .iter_mut() + .find(|ext| ext.sha384 == confext.sha384) + .structured(InternalError::Internal( + "Failed to find previously processed confext in Host Configuration", + ))?; + hc_ext.path = Some(confext.path.clone()); + } + Ok(()) + } } impl ExtensionsSubsystem { @@ -281,51 +314,6 @@ impl ExtensionsSubsystem { Ok(()) } - pub(crate) fn update_host_configuration( - &self, - ctx: &EngineContext, - ) -> Result { - let mut updated_hc = ctx.spec.clone(); - - // Update paths of sysexts in the Host Configuration. - for sysext in self - .extensions - .iter() - .filter(|ext| ext.ext_type == ExtensionType::Sysext) - { - // Find corresponding sysext in Host Configuration. - let hc_ext = updated_hc - .os - .sysexts - .iter_mut() - .find(|ext| ext.sha384 == sysext.sha384) - .structured(InternalError::Internal( - "Failed to find previously processed sysext in Host Configuration", - ))?; - hc_ext.path = Some(sysext.path.clone()); - } - - // Update paths of confexts in the Host Configuration. - for confext in self - .extensions - .iter() - .filter(|ext| ext.ext_type == ExtensionType::Confext) - { - // Find corresponding confext in Host Configuration. - let hc_ext = updated_hc - .os - .confexts - .iter_mut() - .find(|ext| ext.sha384 == confext.sha384) - .structured(InternalError::Internal( - "Failed to find previously processed confext in Host Configuration", - ))?; - hc_ext.path = Some(confext.path.clone()); - } - - Ok(updated_hc) - } - /// Ensures that all target directories for extension images exist on the /// target OS. fn create_directories(&self, mount_path: &Path) -> Result<(), Error> { @@ -668,11 +656,11 @@ mod tests { ], extensions_old: vec![], }; - let updated_hc = subsystem.update_host_configuration(&ctx).unwrap(); + subsystem.update_host_configuration(&mut ctx).unwrap(); for i in 0..subsystem.extensions.len() { assert_eq!( - updated_hc.os.sysexts[i].path, + ctx.spec.os.sysexts[i].path, Some(subsystem.extensions[i].path.clone()) ) } @@ -716,11 +704,11 @@ mod tests { ], extensions_old: vec![], }; - let updated_hc = subsystem.update_host_configuration(&ctx).unwrap(); + subsystem.update_host_configuration(&mut ctx).unwrap(); for i in 0..subsystem.extensions.len() { assert_eq!( - updated_hc.os.confexts[i].path, + ctx.spec.os.confexts[i].path, Some(subsystem.extensions[i].path.clone()) ) } diff --git a/crates/trident/src/subsystems/hooks.rs b/crates/trident/src/subsystems/hooks.rs index 9af57b585..43b2d217e 100644 --- a/crates/trident/src/subsystems/hooks.rs +++ b/crates/trident/src/subsystems/hooks.rs @@ -1,5 +1,4 @@ use std::{ - any::Any, collections::HashMap, ffi::OsStr, os::unix::fs::PermissionsExt, @@ -41,10 +40,6 @@ impl Subsystem for HooksSubsystem { "hooks" } - fn as_any(&self) -> &dyn Any { - self - } - fn writable_etc_overlay(&self) -> bool { self.writable_etc_overlay } diff --git a/crates/trident/src/subsystems/initrd.rs b/crates/trident/src/subsystems/initrd.rs index baa7c6897..1d4bbf2db 100644 --- a/crates/trident/src/subsystems/initrd.rs +++ b/crates/trident/src/subsystems/initrd.rs @@ -1,5 +1,3 @@ -use std::any::Any; - use log::{debug, info}; use osutils::mkinitrd; @@ -14,10 +12,6 @@ impl Subsystem for InitrdSubsystem { "initrd" } - fn as_any(&self) -> &dyn Any { - self - } - fn writable_etc_overlay(&self) -> bool { false } diff --git a/crates/trident/src/subsystems/management.rs b/crates/trident/src/subsystems/management.rs index d80c8330a..45231f08e 100644 --- a/crates/trident/src/subsystems/management.rs +++ b/crates/trident/src/subsystems/management.rs @@ -1,7 +1,6 @@ //! Subsystem in charge of configuring the Trident agent on the target OS. use std::{ - any::Any, fs::{self}, path::Path, }; @@ -30,10 +29,6 @@ impl Subsystem for ManagementSubsystem { "management" } - fn as_any(&self) -> &dyn Any { - self - } - fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.spec.trident.disable { return Ok(()); diff --git a/crates/trident/src/subsystems/network.rs b/crates/trident/src/subsystems/network.rs index 7af4e8d18..c9135333d 100644 --- a/crates/trident/src/subsystems/network.rs +++ b/crates/trident/src/subsystems/network.rs @@ -1,4 +1,4 @@ -use std::{any::Any, fs, path::Path}; +use std::{fs, path::Path}; use anyhow::Context; use log::debug; @@ -19,10 +19,6 @@ impl Subsystem for NetworkSubsystem { "network" } - fn as_any(&self) -> &dyn Any { - self - } - #[tracing::instrument(name = "network_configuration", skip_all)] fn configure(&mut self, ctx: &EngineContext) -> Result<(), TridentError> { match ctx.spec.os.netplan.as_ref() { diff --git a/crates/trident/src/subsystems/osconfig/mod.rs b/crates/trident/src/subsystems/osconfig/mod.rs index c756e9f8c..6e080a03d 100644 --- a/crates/trident/src/subsystems/osconfig/mod.rs +++ b/crates/trident/src/subsystems/osconfig/mod.rs @@ -1,4 +1,4 @@ -use std::{any::Any, fs, path::Path}; +use std::{fs, path::Path}; use anyhow::Context; use log::{debug, error, info, warn}; @@ -67,10 +67,6 @@ impl Subsystem for OsConfigSubsystem { "os-config" } - fn as_any(&self) -> &dyn Any { - self - } - fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { // If the os-modifier binary is required but not present, return an error. if os_config_requires_os_modifier(ctx) && !Path::new(OS_MODIFIER_BINARY_PATH).exists() { @@ -218,10 +214,6 @@ impl Subsystem for MosConfigSubsystem { "mos-config" } - fn as_any(&self) -> &dyn Any { - self - } - fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.servicing_type != ServicingType::CleanInstall { debug!( diff --git a/crates/trident/src/subsystems/selinux.rs b/crates/trident/src/subsystems/selinux.rs index 35d40197f..c42ab9f3c 100644 --- a/crates/trident/src/subsystems/selinux.rs +++ b/crates/trident/src/subsystems/selinux.rs @@ -1,5 +1,4 @@ use std::{ - any::Any, fs::File, io::{BufRead, BufReader}, path::{Path, PathBuf}, @@ -78,10 +77,6 @@ impl Subsystem for SelinuxSubsystem { "selinux" } - fn as_any(&self) -> &dyn Any { - self - } - #[tracing::instrument(name = "selinux_configuration", skip_all)] fn configure(&mut self, ctx: &EngineContext) -> Result<(), TridentError> { // Only continue if the servicing type is a clean install or AB update. diff --git a/crates/trident/src/subsystems/storage/mod.rs b/crates/trident/src/subsystems/storage/mod.rs index 300f36ee6..fd122c40e 100644 --- a/crates/trident/src/subsystems/storage/mod.rs +++ b/crates/trident/src/subsystems/storage/mod.rs @@ -1,5 +1,4 @@ use std::{ - any::Any, collections::HashMap, path::{Path, PathBuf}, }; @@ -37,10 +36,6 @@ impl Subsystem for StorageSubsystem { "storage" } - fn as_any(&self) -> &dyn Any { - self - } - fn validate_host_config(&self, ctx: &EngineContext) -> Result<(), TridentError> { if ctx.servicing_type != ServicingType::CleanInstall { // Ensure that relevant portions of the Host Configuration have not changed. From f3ef4f57f608937d74f49824e0ce4b554e145a0f Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 20:22:47 +0000 Subject: [PATCH 14/65] remove comments --- crates/trident/src/engine/clean_install.rs | 1 - crates/trident/src/engine/update.rs | 1 - crates/trident/src/subsystems/extensions/mod.rs | 7 ------- 3 files changed, 9 deletions(-) diff --git a/crates/trident/src/engine/clean_install.rs b/crates/trident/src/engine/clean_install.rs index 5d70a969a..bb7d79f58 100644 --- a/crates/trident/src/engine/clean_install.rs +++ b/crates/trident/src/engine/clean_install.rs @@ -257,7 +257,6 @@ fn stage_clean_install( return Err(original_error).message("Failed to execute in chroot"); } - // Update Host Configuration with the paths of extension images. engine::update_host_configuration(subsystems, &mut ctx)?; // At this point, clean install has been staged, so update Host Status diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index 537cb51a9..36b948695 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -253,7 +253,6 @@ fn stage_update( engine::configure(subsystems, ctx)?; }; - // Update Host Configuration with the paths of extension images. engine::update_host_configuration(subsystems, ctx)?; // At this point, deployment has been staged, so update servicing state diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index cb6a4a58e..b99061598 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -94,13 +94,6 @@ impl Subsystem for ExtensionsSubsystem { } fn provision(&mut self, ctx: &EngineContext, mount_path: &Path) -> Result<(), TridentError> { - // Skip step if there are no changes to sysexts and confexts. - if ctx.spec.os.sysexts == ctx.spec_old.os.sysexts - && ctx.spec.os.confexts == ctx.spec_old.os.confexts - { - return Ok(()); - } - // Define staging directory, in which extension images will be downloaded. let staging_dir = path::join_relative(mount_path, EXTENSION_IMAGE_STAGING_DIRECTORY); From 1beec725a238293baf8dbd6c589c84c228e6fddb Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 20:24:11 +0000 Subject: [PATCH 15/65] change doc comment --- crates/trident/src/engine/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index abef2a2ed..1f4a06607 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -103,7 +103,7 @@ pub(crate) trait Subsystem: Send { Ok(()) } - /// Update the Host Configuration with information in the subsystem. + /// Update the Host Configuration with information from the subsystem. fn update_host_configuration(&self, _ctx: &mut EngineContext) -> Result<(), TridentError> { Ok(()) } From 1e5a9ab3fb67d133d4b466d58d3187226c055229 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 20:32:02 +0000 Subject: [PATCH 16/65] make ctx clone --- crates/trident/src/engine/update.rs | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index 36b948695..2fc139263 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -118,7 +118,7 @@ pub(crate) fn update( // Stage update stage_update( &mut subsystems, - &mut ctx, + ctx, state, #[cfg(feature = "grpc-dangerous")] sender, @@ -183,12 +183,15 @@ pub(crate) fn update( #[tracing::instrument(skip_all, fields(servicing_type = format!("{:?}", ctx.servicing_type)))] fn stage_update( subsystems: &mut [Box], - ctx: &mut EngineContext, + ctx: EngineContext, state: &mut DataStore, #[cfg(feature = "grpc-dangerous")] sender: &mut Option< mpsc::UnboundedSender>, >, ) -> Result<(), TridentError> { + // Make mutable clone of the EngineContext. + let mut ctx = ctx.clone(); + match ctx.servicing_type { ServicingType::CleanInstall => { return Err(TridentError::new( @@ -215,7 +218,7 @@ fn stage_update( } }; - engine::prepare(subsystems, ctx)?; + engine::prepare(subsystems, &ctx)?; if let ServicingType::AbUpdate = ctx.servicing_type { debug!("Preparing storage to mount new root"); @@ -224,7 +227,7 @@ fn stage_update( verity::stop_trident_servicing_devices(&ctx.spec) .structured(ServicingError::CleanupVerity)?; - storage::initialize_block_devices(ctx)?; + storage::initialize_block_devices(&ctx)?; let newroot_mount = NewrootMount::create_and_mount( &ctx.spec, &ctx.partition_paths, @@ -234,12 +237,12 @@ fn stage_update( ))?, )?; - engine::provision(subsystems, ctx, newroot_mount.path())?; + engine::provision(subsystems, &ctx, newroot_mount.path())?; debug!("Entering '{}' chroot", newroot_mount.path().display()); let result = chroot::enter_update_chroot(newroot_mount.path()) .message("Failed to enter chroot")? - .execute_and_exit(|| engine::configure(subsystems, ctx)); + .execute_and_exit(|| engine::configure(subsystems, &ctx)); if let Err(original_error) = result { if let Err(e) = newroot_mount.unmount_all() { @@ -250,10 +253,10 @@ fn stage_update( newroot_mount.unmount_all()?; } else { - engine::configure(subsystems, ctx)?; + engine::configure(subsystems, &ctx)?; }; - engine::update_host_configuration(subsystems, ctx)?; + engine::update_host_configuration(subsystems, &mut ctx)?; // At this point, deployment has been staged, so update servicing state debug!( @@ -262,12 +265,12 @@ fn stage_update( ); state.with_host_status(|hs| { *hs = HostStatus { - spec: ctx.spec.clone(), - spec_old: ctx.spec_old.clone(), + spec: ctx.spec, + spec_old: ctx.spec_old, servicing_state: ServicingState::AbUpdateStaged, ab_active_volume: ctx.ab_active_volume, - partition_paths: ctx.partition_paths.clone(), - disk_uuids: ctx.disk_uuids.clone(), + partition_paths: ctx.partition_paths, + disk_uuids: ctx.disk_uuids, install_index: ctx.install_index, last_error: None, is_management_os: false, From 6574217c1d9be779298013ffe2fee7d3f5f6a843 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 20:46:17 +0000 Subject: [PATCH 17/65] don't clone --- crates/trident/src/engine/update.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index 2fc139263..fdec618d1 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -189,8 +189,8 @@ fn stage_update( mpsc::UnboundedSender>, >, ) -> Result<(), TridentError> { - // Make mutable clone of the EngineContext. - let mut ctx = ctx.clone(); + // Make mutable instance of EngineContext. + let mut ctx = ctx; match ctx.servicing_type { ServicingType::CleanInstall => { From 3143e1c46be44738ab59bf81ce6cc61cc013837e Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 20:51:36 +0000 Subject: [PATCH 18/65] don't pass mutable subsystems --- crates/trident/src/engine/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index 1f4a06607..183e45e17 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -327,7 +327,7 @@ fn configure( } fn update_host_configuration( - subsystems: &mut [Box], + subsystems: &[Box], ctx: &mut EngineContext, ) -> Result<(), TridentError> { info!("Starting step 'Update Host Configuration'"); From 4b5279cb9a21f095874c7de77a0dc153c0c4bba9 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 24 Oct 2025 21:15:04 +0000 Subject: [PATCH 19/65] use try for each --- .../trident/src/subsystems/extensions/mod.rs | 59 +++++++++---------- 1 file changed, 29 insertions(+), 30 deletions(-) diff --git a/crates/trident/src/subsystems/extensions/mod.rs b/crates/trident/src/subsystems/extensions/mod.rs index b99061598..842293e04 100644 --- a/crates/trident/src/subsystems/extensions/mod.rs +++ b/crates/trident/src/subsystems/extensions/mod.rs @@ -121,42 +121,41 @@ impl Subsystem for ExtensionsSubsystem { fn update_host_configuration(&self, ctx: &mut EngineContext) -> Result<(), TridentError> { // Update paths of sysexts in the Host Configuration. - for sysext in self - .extensions + self.extensions .iter() .filter(|ext| ext.ext_type == ExtensionType::Sysext) - { - // Find corresponding sysext in Host Configuration. - let hc_ext = ctx - .spec - .os - .sysexts - .iter_mut() - .find(|ext| ext.sha384 == sysext.sha384) - .structured(InternalError::Internal( - "Failed to find previously processed sysext in Host Configuration", - ))?; - hc_ext.path = Some(sysext.path.clone()); - } + .try_for_each(|sysext| { + // Find corresponding sysext in Host Configuration. + ctx.spec + .os + .sysexts + .iter_mut() + .find(|ext| ext.sha384 == sysext.sha384) + .structured(InternalError::Internal( + "Failed to find previously processed sysext in Host Configuration", + ))? + .path = Some(sysext.path.clone()); + Ok::<(), TridentError>(()) + })?; // Update paths of confexts in the Host Configuration. - for confext in self - .extensions + self.extensions .iter() .filter(|ext| ext.ext_type == ExtensionType::Confext) - { - // Find corresponding confext in Host Configuration. - let hc_ext = ctx - .spec - .os - .confexts - .iter_mut() - .find(|ext| ext.sha384 == confext.sha384) - .structured(InternalError::Internal( - "Failed to find previously processed confext in Host Configuration", - ))?; - hc_ext.path = Some(confext.path.clone()); - } + .try_for_each(|confext| { + // Find corresponding confext in Host Configuration. + ctx.spec + .os + .confexts + .iter_mut() + .find(|ext| ext.sha384 == confext.sha384) + .structured(InternalError::Internal( + "Failed to find previously processed confext in Host Configuration", + ))? + .path = Some(confext.path.clone()); + Ok::<(), TridentError>(()) + })?; + Ok(()) } } From ff0b194c3ab93c9b0b30c0584a647fa016363044 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Mon, 27 Oct 2025 20:15:50 +0000 Subject: [PATCH 20/65] nits --- crates/trident/src/engine/clean_install.rs | 3 +++ crates/trident/src/engine/update.rs | 10 ++++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/crates/trident/src/engine/clean_install.rs b/crates/trident/src/engine/clean_install.rs index bb7d79f58..e016e65da 100644 --- a/crates/trident/src/engine/clean_install.rs +++ b/crates/trident/src/engine/clean_install.rs @@ -257,6 +257,9 @@ fn stage_clean_install( return Err(original_error).message("Failed to execute in chroot"); } + // Update the Host Configuration with information produced and stored in the + // subsystems. Currently, this step is used only to update the final paths + // of sysexts and confexts configured in the extensions subsystem. engine::update_host_configuration(subsystems, &mut ctx)?; // At this point, clean install has been staged, so update Host Status diff --git a/crates/trident/src/engine/update.rs b/crates/trident/src/engine/update.rs index fdec618d1..bc9ca2ec3 100644 --- a/crates/trident/src/engine/update.rs +++ b/crates/trident/src/engine/update.rs @@ -183,15 +183,12 @@ pub(crate) fn update( #[tracing::instrument(skip_all, fields(servicing_type = format!("{:?}", ctx.servicing_type)))] fn stage_update( subsystems: &mut [Box], - ctx: EngineContext, + mut ctx: EngineContext, state: &mut DataStore, #[cfg(feature = "grpc-dangerous")] sender: &mut Option< mpsc::UnboundedSender>, >, ) -> Result<(), TridentError> { - // Make mutable instance of EngineContext. - let mut ctx = ctx; - match ctx.servicing_type { ServicingType::CleanInstall => { return Err(TridentError::new( @@ -256,7 +253,12 @@ fn stage_update( engine::configure(subsystems, &ctx)?; }; + // Update the Host Configuration with information produced and stored in the + // subsystems. Currently, this step is used only to update the final paths + // of sysexts and confexts configured in the extensions subsystem. engine::update_host_configuration(subsystems, &mut ctx)?; + // Turn ctx into an immutable variable. + let ctx = ctx; // At this point, deployment has been staged, so update servicing state debug!( From bf4edc53b6240d2e4fc59a83b8e23ed541bc6449 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Mon, 27 Oct 2025 20:38:34 +0000 Subject: [PATCH 21/65] move extensions subsystem between management and hooks --- crates/trident/src/engine/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/trident/src/engine/mod.rs b/crates/trident/src/engine/mod.rs index 183e45e17..41e6e21d1 100644 --- a/crates/trident/src/engine/mod.rs +++ b/crates/trident/src/engine/mod.rs @@ -118,10 +118,10 @@ lazy_static::lazy_static! { Box::::default(), Box::::default(), Box::::default(), + Box::::default(), Box::::default(), Box::::default(), Box::::default(), - Box::::default(), ]); } From 204636b121c86014395e460e9be8ee17f4b48e84 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 05:22:11 +0000 Subject: [PATCH 22/65] try override --- .../extensions/trident-config.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/e2e_tests/trident_configurations/extensions/trident-config.yaml b/tests/e2e_tests/trident_configurations/extensions/trident-config.yaml index 6a7bdf84f..f6017e948 100644 --- a/tests/e2e_tests/trident_configurations/extensions/trident-config.yaml +++ b/tests/e2e_tests/trident_configurations/extensions/trident-config.yaml @@ -45,6 +45,16 @@ scripts: - clean-install - ab-update content: echo "testing-user ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/testing-user + - name: create-override + runOn: + - clean-install + content: | + mkdir -p /etc/systemd/system/systemd-confext.service.d + cat << EOF > /etc/systemd/system/systemd-confext.service.d/override.conf + [Service] + ExecStart= + ExecStart=systemd-confext refresh --noexec=false + EOF os: selinux: mode: permissive From d3487ff217ac59d4f6ab2984860f47607b24bdcb Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 05:49:48 +0000 Subject: [PATCH 23/65] run extensions host --- tests/e2e_tests/target-configurations.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/e2e_tests/target-configurations.yaml b/tests/e2e_tests/target-configurations.yaml index b46e24585..88509889c 100644 --- a/tests/e2e_tests/target-configurations.yaml +++ b/tests/e2e_tests/target-configurations.yaml @@ -124,6 +124,7 @@ virtualMachine: pullrequest: - base - combined + - extensions - misc - raid-mirrored - raid-resync-small From ef4929eccb02d3826057bf1c4a7eac632bba6566 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 17:48:30 +0000 Subject: [PATCH 24/65] try helper --- .../stages/common_tasks/extension-images.yml | 92 ++++++----- tools/storm/helpers/init.go | 1 + tools/storm/helpers/push_to_acr.go | 153 ++++++++++++++++++ 3 files changed, 208 insertions(+), 38 deletions(-) create mode 100644 tools/storm/helpers/push_to_acr.go diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index fcc497ddb..d28fec6ca 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -37,43 +37,59 @@ steps: exit 0 fi - # Login to ACR - az acr login -n $(ACR_NAME) - - sysext_repository_name="sysext" - confext_repository_name="confext" - build_id="$(Build.BuildId)" - - cd $(Build.SourcesDirectory) - - tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" - for version in 1 2; do - sysext_filename="test-sysext-${version}.raw" - confext_filename="test-confext-${version}.raw" - - tag="$tag_base.${version}" - - if [[ -f "$sysext_filename" ]]; then - echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" - oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" - sleep 3 - echo "Verifying $sysext_filename was pushed successfully..." - az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} - else - echo "File $sysext_filename not found" - fi - if [[ -f "$confext_filename" ]]; then - echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" - oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" - sleep 3 - echo "Verifying $confext_filename was pushed successfully..." - az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} - else - echo "File $confext_filename not found" - fi - done - - # Set variable for sysext and confext repositories - echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name sysext \ + --build-id $(Build.BuildId) \ + --file-paths test-sysext-1.raw,test-sysext-2.raw + + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name confext \ + --build-id $(Build.BuildId) \ + --file-paths test-confext-1.raw,test-confext-2.raw + + # # Login to ACR + # az acr login -n $(ACR_NAME) + + # sysext_repository_name="sysext" + # confext_repository_name="confext" + # build_id="$(Build.BuildId)" + + # cd $(Build.SourcesDirectory) + + # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" + # for version in 1 2; do + # sysext_filename="test-sysext-${version}.raw" + # confext_filename="test-confext-${version}.raw" + + # tag="$tag_base.${version}" + + # if [[ -f "$sysext_filename" ]]; then + # echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" + # oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" + # sleep 3 + # echo "Verifying $sysext_filename was pushed successfully..." + # az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} + # else + # echo "File $sysext_filename not found" + # fi + # if [[ -f "$confext_filename" ]]; then + # echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" + # oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" + # sleep 3 + # echo "Verifying $confext_filename was pushed successfully..." + # az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} + # else + # echo "File $confext_filename not found" + # fi + # done + + # # Set variable for sysext and confext repositories + # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push extension images to ACR" retryCountOnTaskFailure: 3 diff --git a/tools/storm/helpers/init.go b/tools/storm/helpers/init.go index 3b5dab4a2..fd18a8c44 100644 --- a/tools/storm/helpers/init.go +++ b/tools/storm/helpers/init.go @@ -9,4 +9,5 @@ var TRIDENT_HELPERS = []storm.Helper{ &BootMetricsHelper{}, &CheckSelinuxHelper{}, &BuildExtensionImagesHelper{}, + &PushToACRHelper{}, } diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go new file mode 100644 index 000000000..1b790e5a2 --- /dev/null +++ b/tools/storm/helpers/push_to_acr.go @@ -0,0 +1,153 @@ +package helpers + +import ( + "fmt" + "os" + "os/exec" + "time" + + "github.com/microsoft/storm" +) + +type PushToACRHelper struct { + args struct { + Config string `required:"" help:"Trident configuration (e.g., 'extensions')" type:"string"` + DeploymentEnvironment string `required:"" help:"Deployment environment (virtualMachine or bareMetal)" type:"string"` + AcrName string `required:"" help:"Azure Container Registry name" type:"string"` + RepoName string `required:"" help:"Repository name in ACR" type:"string"` + BuildId string `required:"" help:"Build ID" type:"string"` + FilePaths []string `required:"" help:"Array of file paths to push to ACR"` + } +} + +func (h PushToACRHelper) Name() string { + return "push-to-acr" +} + +func (h *PushToACRHelper) Args() any { + return &h.args +} + +func (h *PushToACRHelper) RegisterTestCases(r storm.TestRegistrar) error { + r.RegisterTestCase("push-to-acr", h.pushToACR) + return nil +} + +func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { + // Login to ACR + err := h.loginToACR() + if err != nil { + return fmt.Errorf("failed to login to ACR: %w", err) + } + + tagBase := fmt.Sprintf("v%s.%s.%s", h.args.BuildId, h.args.Config, h.args.DeploymentEnvironment) + + // Push all specified files + err = h.pushFiles(tagBase) + if err != nil { + return fmt.Errorf("failed to push files: %w", err) + } + + // Set output variable (equivalent to ##vso[task.setvariable variable=TAG_BASE]) + fmt.Printf("##vso[task.setvariable variable=TAG_BASE]%s\n", tagBase) + fmt.Printf("TAG_BASE set to: %s\n", tagBase) + + return nil +} + +func (h *PushToACRHelper) loginToACR() error { + fmt.Printf("Logging in to ACR: %s\n", h.args.AcrName) + + cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + return cmd.Run() +} + +func (h *PushToACRHelper) pushFiles(tagBase string) error { + for i, filePath := range h.args.FilePaths { + // Check if file exists + if _, err := os.Stat(filePath); os.IsNotExist(err) { + fmt.Printf("File %s not found, skipping\n", filePath) + continue + } + + // Create tag with index + tag := fmt.Sprintf("%s.%d", tagBase, i+1) + + // Push the file + err := h.pushImage(filePath, tag) + if err != nil { + return fmt.Errorf("failed to push file %s: %w", filePath, err) + } + + // Verify the push + err = h.verifyImage(h.args.RepoName, tag) + if err != nil { + return fmt.Errorf("failed to verify %s:%s: %w", h.args.RepoName, tag, err) + } + } + + return nil +} + +func (h *PushToACRHelper) pushImage(filePath, tag string) error { + registryURL := fmt.Sprintf("%s.azurecr.io", h.args.AcrName) + fullImageName := fmt.Sprintf("%s/%s:%s", registryURL, h.args.RepoName, tag) + + fmt.Printf("Pushing %s with tag %s to %s\n", filePath, tag, registryURL) + + // Use ORAS to push the image + cmd := exec.Command("oras", "push", fullImageName, filePath) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + err := cmd.Run() + if err != nil { + return fmt.Errorf("oras push failed for %s: %w", filePath, err) + } + + // Sleep to allow registry to process + time.Sleep(3 * time.Second) + + return nil +} + +func (h *PushToACRHelper) verifyImage(repository, tag string) error { + fmt.Printf("Verifying %s:%s was pushed successfully...\n", repository, tag) + + cmd := exec.Command("az", "acr", "repository", "show", + "--name", h.args.AcrName, + "--image", fmt.Sprintf("%s:%s", repository, tag)) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + return cmd.Run() +} + +// // Alternative implementation using Azure SDK instead of CLI commands +// func (h *PushToACRHelper) verifyImageWithSDK(repository, tag string) error { +// // Create Azure credential +// cred, err := azidentity.NewDefaultAzureCredential(nil) +// if err != nil { +// return fmt.Errorf("failed to create Azure credential: %w", err) +// } + +// // Create ACR client +// registryURL := fmt.Sprintf("https://%s.azurecr.io", h.args.AcrName) +// client, err := azcontainerregistry.NewClient(registryURL, cred, nil) +// if err != nil { +// return fmt.Errorf("failed to create ACR client: %w", err) +// } + +// // Get repository properties to verify it exists +// ctx := context.Background() +// _, err = client.GetRepositoryProperties(ctx, repository, nil) +// if err != nil { +// return fmt.Errorf("failed to verify repository %s: %w", repository, err) +// } + +// fmt.Printf("Successfully verified %s:%s\n", repository, tag) +// return nil +// } From f27914e5e1f3deba22d423159df5e685ece8074a Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 18:34:53 +0000 Subject: [PATCH 25/65] use logrus --- tools/storm/helpers/push_to_acr.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 1b790e5a2..79426ff5b 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -7,6 +7,7 @@ import ( "time" "github.com/microsoft/storm" + "github.com/sirupsen/logrus" ) type PushToACRHelper struct { @@ -56,7 +57,7 @@ func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { } func (h *PushToACRHelper) loginToACR() error { - fmt.Printf("Logging in to ACR: %s\n", h.args.AcrName) + logrus.Infof("Logging in to ACR: %s\n", h.args.AcrName) cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) cmd.Stdout = os.Stdout @@ -69,7 +70,7 @@ func (h *PushToACRHelper) pushFiles(tagBase string) error { for i, filePath := range h.args.FilePaths { // Check if file exists if _, err := os.Stat(filePath); os.IsNotExist(err) { - fmt.Printf("File %s not found, skipping\n", filePath) + logrus.Infof("File %s not found, skipping\n", filePath) continue } @@ -96,7 +97,7 @@ func (h *PushToACRHelper) pushImage(filePath, tag string) error { registryURL := fmt.Sprintf("%s.azurecr.io", h.args.AcrName) fullImageName := fmt.Sprintf("%s/%s:%s", registryURL, h.args.RepoName, tag) - fmt.Printf("Pushing %s with tag %s to %s\n", filePath, tag, registryURL) + logrus.Infof("Pushing %s with tag %s to %s\n", filePath, tag, registryURL) // Use ORAS to push the image cmd := exec.Command("oras", "push", fullImageName, filePath) @@ -115,7 +116,7 @@ func (h *PushToACRHelper) pushImage(filePath, tag string) error { } func (h *PushToACRHelper) verifyImage(repository, tag string) error { - fmt.Printf("Verifying %s:%s was pushed successfully...\n", repository, tag) + logrus.Infof("Verifying %s:%s was pushed successfully...\n", repository, tag) cmd := exec.Command("az", "acr", "repository", "show", "--name", h.args.AcrName, From 5bfa1ef8a7f87682e425ae8cb026809fb47374e1 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 18:45:42 +0000 Subject: [PATCH 26/65] try confexts in root-verity --- .../stages/testing_common/trident-prep.yml | 12 +++++-- tests/e2e_tests/helpers/edit_host_config.py | 35 +++++++++++++------ 2 files changed, 34 insertions(+), 13 deletions(-) diff --git a/.pipelines/templates/stages/testing_common/trident-prep.yml b/.pipelines/templates/stages/testing_common/trident-prep.yml index 8b3065376..575af20fe 100644 --- a/.pipelines/templates/stages/testing_common/trident-prep.yml +++ b/.pipelines/templates/stages/testing_common/trident-prep.yml @@ -50,14 +50,20 @@ steps: if [ "${{ parameters.config }}" == "extensions" ]; then tag="$(TAG_BASE).1" oci_sysext_url="oci://$(ACR_NAME).azurecr.io/sysext:${tag}" - oci_confext_url="oci://$(ACR_NAME).azurecr.io/confext:${tag}" cmd+=(--ociSysextUrl "$oci_sysext_url") - cmd+=(--ociConfextUrl "$oci_confext_url") # Calculate SHA384 hashes of extension images. sysext_sha384=$(sha384sum test-sysext-1.raw | awk '{print $1}') - confext_sha384=$(sha384sum test-confext-1.raw | awk '{print $1}') cmd+=(--sysextHash "$sysext_sha384") + fi + + if [ "${{ parameters.config }}" == "root-verity" ]; then + tag="$(TAG_BASE).1" + oci_confext_url="oci://$(ACR_NAME).azurecr.io/confext:${tag}" + cmd+=(--ociConfextUrl "$oci_confext_url") + + # Calculate SHA384 hashes of extension images. + confext_sha384=$(sha384sum test-confext-1.raw | awk '{print $1}') cmd+=(--confextHash "$confext_sha384") fi diff --git a/tests/e2e_tests/helpers/edit_host_config.py b/tests/e2e_tests/helpers/edit_host_config.py index 7f23b11d5..197fac1d8 100644 --- a/tests/e2e_tests/helpers/edit_host_config.py +++ b/tests/e2e_tests/helpers/edit_host_config.py @@ -71,8 +71,10 @@ def rename_oci_url(host_config_path, oci_cosi_url): # Sysext and confext images are stored in ACR and tagged based on pipeline build # ID, so the HC must be updated for every build. -def add_extension_images( - host_config_path, oci_sysext_url, oci_confext_url, sysext_hash, confext_hash +def add_sysexts( + host_config_path, + oci_sysext_url, + sysext_hash, ): with open(host_config_path, "r") as f: host_config = yaml.safe_load(f) @@ -82,6 +84,19 @@ def add_extension_images( if "sysexts" not in host_config["os"]: host_config["os"]["sysexts"] = [] host_config["os"]["sysexts"].append({"url": oci_sysext_url, "sha384": sysext_hash}) + + with open(host_config_path, "w") as f: + yaml.safe_dump(host_config, f) + + +# Sysext and confext images are stored in ACR and tagged based on pipeline build +# ID, so the HC must be updated for every build. +def add_confexts(host_config_path, oci_confext_url, confext_hash): + with open(host_config_path, "r") as f: + host_config = yaml.safe_load(f) + + if "os" not in host_config: + host_config["os"] = {} if "confexts" not in host_config["os"]: host_config["os"]["confexts"] = [] host_config["os"]["confexts"].append( @@ -155,17 +170,17 @@ def main(): if args.ociCosiUrl: rename_oci_url(args.hostconfig, args.ociCosiUrl) - if ( - args.ociSysextUrl - and args.sysextHash - and args.ociConfextUrl - and args.confextHash - ): - add_extension_images( + if args.ociSysextUrl and args.sysextHash: + add_sysexts( args.hostconfig, args.ociSysextUrl, - args.ociConfextUrl, args.sysextHash, + ) + + if args.ociConfextUrl and args.confextHash: + add_confexts( + args.hostconfig, + args.ociConfextUrl, args.confextHash, ) From 1677d767f15da3b0bf6da2388dd3b0a3a9912699 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 19:19:42 +0000 Subject: [PATCH 27/65] try logging in with umi --- .../stages/common_tasks/extension-images.yml | 161 ++++++++++-------- tools/go.mod | 20 ++- tools/go.sum | 32 ++++ tools/storm/helpers/push_to_acr.go | 28 ++- 4 files changed, 163 insertions(+), 78 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index d28fec6ca..2d1d2bbd1 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -24,72 +24,99 @@ steps: workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 - - task: AzureCLI@2 - inputs: - azureSubscription: trident-dev-acr-write-umi-ECF - scriptType: bash - scriptLocation: inlineScript - inlineScript: | - set -eux - - if [ ${{ parameters.config }} != 'extensions' ]; then - echo "Skipping step. Configuration is '${{ parameters.config }}'." - exit 0 - fi - - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name sysext \ - --build-id $(Build.BuildId) \ - --file-paths test-sysext-1.raw,test-sysext-2.raw - - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name confext \ - --build-id $(Build.BuildId) \ - --file-paths test-confext-1.raw,test-confext-2.raw - - # # Login to ACR - # az acr login -n $(ACR_NAME) - - # sysext_repository_name="sysext" - # confext_repository_name="confext" - # build_id="$(Build.BuildId)" - - # cd $(Build.SourcesDirectory) - - # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" - # for version in 1 2; do - # sysext_filename="test-sysext-${version}.raw" - # confext_filename="test-confext-${version}.raw" - - # tag="$tag_base.${version}" - - # if [[ -f "$sysext_filename" ]]; then - # echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" - # oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" - # sleep 3 - # echo "Verifying $sysext_filename was pushed successfully..." - # az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} - # else - # echo "File $sysext_filename not found" - # fi - # if [[ -f "$confext_filename" ]]; then - # echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" - # oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" - # sleep 3 - # echo "Verifying $confext_filename was pushed successfully..." - # az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} - # else - # echo "File $confext_filename not found" - # fi - # done - - # # Set variable for sysext and confext repositories - # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" + - base: | + set -eux + + if [ ${{ parameters.config }} != 'extensions' ]; then + echo "Skipping step. Configuration is '${{ parameters.config }}'." + exit 0 + fi + + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name sysext \ + --build-id $(Build.BuildId) \ + --file-paths test-sysext-1.raw,test-sysext-2.raw + + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name confext \ + --build-id $(Build.BuildId) \ + --file-paths test-confext-1.raw,test-confext-2.raw displayName: "Push extension images to ACR" + workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 + + # - task: AzureCLI@2 + # inputs: + # azureSubscription: trident-dev-acr-write-umi-ECF + # scriptType: bash + # scriptLocation: inlineScript + # inlineScript: | + # set -eux + + # if [ ${{ parameters.config }} != 'extensions' ]; then + # echo "Skipping step. Configuration is '${{ parameters.config }}'." + # exit 0 + # fi + + # ./bin/storm-trident helper push-to-acr \ + # --config ${{ parameters.config }} \ + # --deployment-environment ${{ parameters.deploymentEnvironment }} \ + # --acr-name $(ACR_NAME) \ + # --repo-name sysext \ + # --build-id $(Build.BuildId) \ + # --file-paths test-sysext-1.raw,test-sysext-2.raw + + # ./bin/storm-trident helper push-to-acr \ + # --config ${{ parameters.config }} \ + # --deployment-environment ${{ parameters.deploymentEnvironment }} \ + # --acr-name $(ACR_NAME) \ + # --repo-name confext \ + # --build-id $(Build.BuildId) \ + # --file-paths test-confext-1.raw,test-confext-2.raw + + # # # Login to ACR + # # az acr login -n $(ACR_NAME) + + # # sysext_repository_name="sysext" + # # confext_repository_name="confext" + # # build_id="$(Build.BuildId)" + + # # cd $(Build.SourcesDirectory) + + # # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" + # # for version in 1 2; do + # # sysext_filename="test-sysext-${version}.raw" + # # confext_filename="test-confext-${version}.raw" + + # # tag="$tag_base.${version}" + + # # if [[ -f "$sysext_filename" ]]; then + # # echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" + # # oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" + # # sleep 3 + # # echo "Verifying $sysext_filename was pushed successfully..." + # # az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} + # # else + # # echo "File $sysext_filename not found" + # # fi + # # if [[ -f "$confext_filename" ]]; then + # # echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" + # # oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" + # # sleep 3 + # # echo "Verifying $confext_filename was pushed successfully..." + # # az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} + # # else + # # echo "File $confext_filename not found" + # # fi + # # done + + # # # Set variable for sysext and confext repositories + # # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" + # displayName: "Push extension images to ACR" + # retryCountOnTaskFailure: 3 diff --git a/tools/go.mod b/tools/go.mod index 6a6ff51ae..2bc7c0d65 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -25,13 +25,21 @@ require ( ) require ( + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0 // indirect + github.com/golang-jwt/jwt/v5 v5.3.0 // indirect + github.com/kylelemons/godebug v1.1.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.1 // indirect - golang.org/x/sync v0.14.0 // indirect + github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect + golang.org/x/sync v0.16.0 // indirect oras.land/oras-go/v2 v2.6.0 // indirect ) require ( + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.0 + github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry v0.2.3 github.com/VictorLowther/simplexml v0.0.0-20180716164440-0bff93621230 // indirect github.com/VictorLowther/soap v0.0.0-20150314151524-8e36fca84b22 // indirect github.com/alecthomas/kong v1.8.1 @@ -65,12 +73,12 @@ require ( github.com/vishvananda/netlink v1.3.0 github.com/vishvananda/netns v0.0.4 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/crypto v0.38.0 + golang.org/x/crypto v0.41.0 golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 - golang.org/x/net v0.39.0 // indirect - golang.org/x/sys v0.33.0 // indirect - golang.org/x/term v0.32.0 // indirect - golang.org/x/text v0.25.0 // indirect + golang.org/x/net v0.43.0 // indirect + golang.org/x/sys v0.35.0 // indirect + golang.org/x/term v0.34.0 // indirect + golang.org/x/text v0.28.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v3 v3.0.1 ) diff --git a/tools/go.sum b/tools/go.sum index 2ca8dc8f9..f8fea3f1e 100644 --- a/tools/go.sum +++ b/tools/go.sum @@ -1,3 +1,17 @@ +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1 h1:5YTBM8QDVIBN3sxBil89WfdAAqDZbyJTgh688DSxX5w= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1/go.mod h1:YD5h/ldMsG0XiIw7PdyNhLxaM317eFh5yNLccNfGdyw= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.0 h1:KpMC6LFL7mqpExyMC9jVOYRiVhLmamjeZfRsUpB7l4s= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.0/go.mod h1:J7MUC/wtRpfGVbQ5sIItY5/FuVWmvzlY21WAOfQnq/I= +github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry v0.2.3 h1:ldKsKtEIblsgsr6mPwrd9yRntoX6uLz/K89wsldwx/k= +github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry v0.2.3/go.mod h1:MAm7bk0oDLmD8yIkvfbxPW04fxzphPyL+7GzwHxOp6Y= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 h1:9iefClla7iYpfYWdzPCRDozdmndjTm8DXdpCzPajMgA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2/go.mod h1:XtLgD3ZD34DAaVIIAyG3objl5DynM3CQ/vMcbBNJZGI= +github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0 h1:XkkQbfMyuH2jTSjQjSoihryI8GINRcs4xp8lNawg0FI= +github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0/go.mod h1:HKpQxkWaGLJ+D/5H8QRpyQXA1eKjxkFlOMwck5+33Jk= github.com/VictorLowther/simplexml v0.0.0-20180716164440-0bff93621230 h1:t95Grn2mOPfb3+kPDWsNnj4dlNcxnvuR72IjY8eYjfQ= github.com/VictorLowther/simplexml v0.0.0-20180716164440-0bff93621230/go.mod h1:t2EzW1qybnPDQ3LR/GgeF0GOzHUXT5IVMLP2gkW1cmc= github.com/VictorLowther/soap v0.0.0-20150314151524-8e36fca84b22 h1:a0MBqYm44o0NcthLKCljZHe1mxlN6oahCQHHThnSwB4= @@ -31,6 +45,8 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= +github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -58,6 +74,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -75,6 +93,8 @@ github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJw github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M= github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= +github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.13.9 h1:4NGkvGudBL7GteO3m6qnaQ4pC0Kvf0onSVc9gR3EWBw= @@ -118,6 +138,7 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/vishvananda/netlink v1.3.0 h1:X7l42GfcV4S6E4vHTsw48qbrV+9PVojNfIhZcwQdrZk= @@ -134,6 +155,8 @@ golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ss golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc= golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= +golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= +golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 h1:kx6Ds3MlpiUHKj7syVnbp57++8WpuKPcR5yjLBjvLEA= golang.org/x/exp v0.0.0-20240823005443-9b4947da3948/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -151,11 +174,14 @@ golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ= golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= +golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw= +golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -166,18 +192,24 @@ golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= +golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw= golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= +golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= +golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4= golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA= +golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= +golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 79426ff5b..f2cd4cb14 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -6,6 +6,8 @@ import ( "os/exec" "time" + "github.com/Azure/azure-sdk-for-go/sdk/azidentity" + "github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry" "github.com/microsoft/storm" "github.com/sirupsen/logrus" ) @@ -35,7 +37,7 @@ func (h *PushToACRHelper) RegisterTestCases(r storm.TestRegistrar) error { } func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { - // Login to ACR + // Login to Azure and ACR err := h.loginToACR() if err != nil { return fmt.Errorf("failed to login to ACR: %w", err) @@ -57,13 +59,29 @@ func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { } func (h *PushToACRHelper) loginToACR() error { + // Login to Azure + clientId := azidentity.ClientID("1db04fd3-7844-4243-8d19-c70d8505411b") + cred, err := azidentity.NewManagedIdentityCredential(&azidentity.ManagedIdentityCredentialOptions{ + ID: clientId, + }) + if err != nil { + return fmt.Errorf("failed to created managed identity credential: %w", err) + } + logrus.Infof("Logging in to ACR: %s\n", h.args.AcrName) + registryUrl := fmt.Sprintf("https://%s.azurecr.io", h.args.AcrName) + _, err = azcontainerregistry.NewClient(registryUrl, cred, nil) + if err != nil { + return fmt.Errorf("failed to create ACR client: %w", err) + } - cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr + logrus.Infof("Successfully authenticated to ACR using managed identity") + return nil - return cmd.Run() + // cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) + // cmd.Stdout = os.Stdout + // cmd.Stderr = os.Stderr + // return cmd.Run() } func (h *PushToACRHelper) pushFiles(tagBase string) error { From 863ccb5765f38d83958a1513d8d6be7e8c03884d Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Wed, 29 Oct 2025 19:23:12 +0000 Subject: [PATCH 28/65] fix typo --- .pipelines/templates/stages/common_tasks/extension-images.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index 2d1d2bbd1..44e8e83d3 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -24,7 +24,7 @@ steps: workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 - - base: | + - bash: | set -eux if [ ${{ parameters.config }} != 'extensions' ]; then From 5dd66f83de5a6676dbebd2259f13032fceb83c7b Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 02:32:03 +0000 Subject: [PATCH 29/65] try az acr --- tools/storm/helpers/push_to_acr.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index f2cd4cb14..176fbb9ec 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -75,13 +75,13 @@ func (h *PushToACRHelper) loginToACR() error { return fmt.Errorf("failed to create ACR client: %w", err) } - logrus.Infof("Successfully authenticated to ACR using managed identity") - return nil + // logrus.Infof("Successfully authenticated to ACR using managed identity") + // return nil - // cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) - // cmd.Stdout = os.Stdout - // cmd.Stderr = os.Stderr - // return cmd.Run() + cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() } func (h *PushToACRHelper) pushFiles(tagBase string) error { From 16be3c0942d5b78eb3a12142a8bb63ae1ceccfd3 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 03:00:53 +0000 Subject: [PATCH 30/65] use helper everywhere --- .../stages/common_tasks/extension-images.yml | 161 ++++++++---------- .../stages/common_tasks/push-to-acr.yml | 72 ++++---- tools/storm/helpers/push_to_acr.go | 22 +-- 3 files changed, 108 insertions(+), 147 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index 44e8e83d3..d28fec6ca 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -24,99 +24,72 @@ steps: workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 - - bash: | - set -eux - - if [ ${{ parameters.config }} != 'extensions' ]; then - echo "Skipping step. Configuration is '${{ parameters.config }}'." - exit 0 - fi - - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name sysext \ - --build-id $(Build.BuildId) \ - --file-paths test-sysext-1.raw,test-sysext-2.raw - - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name confext \ - --build-id $(Build.BuildId) \ - --file-paths test-confext-1.raw,test-confext-2.raw + - task: AzureCLI@2 + inputs: + azureSubscription: trident-dev-acr-write-umi-ECF + scriptType: bash + scriptLocation: inlineScript + inlineScript: | + set -eux + + if [ ${{ parameters.config }} != 'extensions' ]; then + echo "Skipping step. Configuration is '${{ parameters.config }}'." + exit 0 + fi + + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name sysext \ + --build-id $(Build.BuildId) \ + --file-paths test-sysext-1.raw,test-sysext-2.raw + + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name confext \ + --build-id $(Build.BuildId) \ + --file-paths test-confext-1.raw,test-confext-2.raw + + # # Login to ACR + # az acr login -n $(ACR_NAME) + + # sysext_repository_name="sysext" + # confext_repository_name="confext" + # build_id="$(Build.BuildId)" + + # cd $(Build.SourcesDirectory) + + # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" + # for version in 1 2; do + # sysext_filename="test-sysext-${version}.raw" + # confext_filename="test-confext-${version}.raw" + + # tag="$tag_base.${version}" + + # if [[ -f "$sysext_filename" ]]; then + # echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" + # oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" + # sleep 3 + # echo "Verifying $sysext_filename was pushed successfully..." + # az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} + # else + # echo "File $sysext_filename not found" + # fi + # if [[ -f "$confext_filename" ]]; then + # echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" + # oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" + # sleep 3 + # echo "Verifying $confext_filename was pushed successfully..." + # az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} + # else + # echo "File $confext_filename not found" + # fi + # done + + # # Set variable for sysext and confext repositories + # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push extension images to ACR" - workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 - - # - task: AzureCLI@2 - # inputs: - # azureSubscription: trident-dev-acr-write-umi-ECF - # scriptType: bash - # scriptLocation: inlineScript - # inlineScript: | - # set -eux - - # if [ ${{ parameters.config }} != 'extensions' ]; then - # echo "Skipping step. Configuration is '${{ parameters.config }}'." - # exit 0 - # fi - - # ./bin/storm-trident helper push-to-acr \ - # --config ${{ parameters.config }} \ - # --deployment-environment ${{ parameters.deploymentEnvironment }} \ - # --acr-name $(ACR_NAME) \ - # --repo-name sysext \ - # --build-id $(Build.BuildId) \ - # --file-paths test-sysext-1.raw,test-sysext-2.raw - - # ./bin/storm-trident helper push-to-acr \ - # --config ${{ parameters.config }} \ - # --deployment-environment ${{ parameters.deploymentEnvironment }} \ - # --acr-name $(ACR_NAME) \ - # --repo-name confext \ - # --build-id $(Build.BuildId) \ - # --file-paths test-confext-1.raw,test-confext-2.raw - - # # # Login to ACR - # # az acr login -n $(ACR_NAME) - - # # sysext_repository_name="sysext" - # # confext_repository_name="confext" - # # build_id="$(Build.BuildId)" - - # # cd $(Build.SourcesDirectory) - - # # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" - # # for version in 1 2; do - # # sysext_filename="test-sysext-${version}.raw" - # # confext_filename="test-confext-${version}.raw" - - # # tag="$tag_base.${version}" - - # # if [[ -f "$sysext_filename" ]]; then - # # echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" - # # oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" - # # sleep 3 - # # echo "Verifying $sysext_filename was pushed successfully..." - # # az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} - # # else - # # echo "File $sysext_filename not found" - # # fi - # # if [[ -f "$confext_filename" ]]; then - # # echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" - # # oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" - # # sleep 3 - # # echo "Verifying $confext_filename was pushed successfully..." - # # az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} - # # else - # # echo "File $confext_filename not found" - # # fi - # # done - - # # # Set variable for sysext and confext repositories - # # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" - # displayName: "Push extension images to ACR" - # retryCountOnTaskFailure: 3 diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 6226eb244..39bcca9c4 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -47,37 +47,45 @@ steps: exit 0 fi - # Login to ACR - az acr login -n $(ACR_NAME) - - repository_name=${{ parameters.imageName }} - build_id="$(Build.BuildId)" - - - cd $(Build.SourcesDirectory)/artifacts/test-image - - tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" - for version in {1..4}; do - if [[ $version == 1 ]]; then - filename="regular.cosi" - else - filename="regular_v${version}.cosi" - fi - - tag="$tag_base.${version}" - - if [[ -f "$filename" ]]; then - echo "Pushing $filename with tag $tag to $(ACR_NAME).azurecr.io" - oras push $(ACR_NAME).azurecr.io/$repository_name:$tag "$filename" - sleep 3 - echo "Verifying $filename was pushed successfully..." - az acr repository show --name $(ACR_NAME) --image ${repository_name}:${tag} - else - echo "File $filename not found" - fi - done - - # Set variable for tag base of pushed images - echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name ${{ parameters.imageName }} \ + --build-id $(Build.BuildId) \ + --file-paths regular.cosi,regular_v2.cosi,regular_v3.cosi,regular_v4.cosi + + # # Login to ACR + # az acr login -n $(ACR_NAME) + + # repository_name=${{ parameters.imageName }} + # build_id="$(Build.BuildId)" + + + # cd $(Build.SourcesDirectory)/artifacts/test-image + + # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" + # for version in {1..4}; do + # if [[ $version == 1 ]]; then + # filename="regular.cosi" + # else + # filename="regular_v${version}.cosi" + # fi + + # tag="$tag_base.${version}" + + # if [[ -f "$filename" ]]; then + # echo "Pushing $filename with tag $tag to $(ACR_NAME).azurecr.io" + # oras push $(ACR_NAME).azurecr.io/$repository_name:$tag "$filename" + # sleep 3 + # echo "Verifying $filename was pushed successfully..." + # az acr repository show --name $(ACR_NAME) --image ${repository_name}:${tag} + # else + # echo "File $filename not found" + # fi + # done + + # # Set variable for tag base of pushed images + # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push to ACR" retryCountOnTaskFailure: 3 diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 176fbb9ec..68e973f44 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -6,8 +6,6 @@ import ( "os/exec" "time" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry" "github.com/microsoft/storm" "github.com/sirupsen/logrus" ) @@ -37,7 +35,7 @@ func (h *PushToACRHelper) RegisterTestCases(r storm.TestRegistrar) error { } func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { - // Login to Azure and ACR + // Login to ACR err := h.loginToACR() if err != nil { return fmt.Errorf("failed to login to ACR: %w", err) @@ -59,25 +57,7 @@ func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { } func (h *PushToACRHelper) loginToACR() error { - // Login to Azure - clientId := azidentity.ClientID("1db04fd3-7844-4243-8d19-c70d8505411b") - cred, err := azidentity.NewManagedIdentityCredential(&azidentity.ManagedIdentityCredentialOptions{ - ID: clientId, - }) - if err != nil { - return fmt.Errorf("failed to created managed identity credential: %w", err) - } - logrus.Infof("Logging in to ACR: %s\n", h.args.AcrName) - registryUrl := fmt.Sprintf("https://%s.azurecr.io", h.args.AcrName) - _, err = azcontainerregistry.NewClient(registryUrl, cred, nil) - if err != nil { - return fmt.Errorf("failed to create ACR client: %w", err) - } - - // logrus.Infof("Successfully authenticated to ACR using managed identity") - // return nil - cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr From 2b47be10c031239c0fa4a9b1f722bb1ea6986a10 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 03:26:14 +0000 Subject: [PATCH 31/65] fail if file not found --- .pipelines/templates/stages/common_tasks/push-to-acr.yml | 6 +++++- tools/storm/helpers/push_to_acr.go | 3 +-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 39bcca9c4..bc3609187 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -53,7 +53,11 @@ steps: --acr-name $(ACR_NAME) \ --repo-name ${{ parameters.imageName }} \ --build-id $(Build.BuildId) \ - --file-paths regular.cosi,regular_v2.cosi,regular_v3.cosi,regular_v4.cosi + --file-paths \ + $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi,\ + $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi,\ + $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi,\ + $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi # # Login to ACR # az acr login -n $(ACR_NAME) diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 68e973f44..305e05292 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -68,8 +68,7 @@ func (h *PushToACRHelper) pushFiles(tagBase string) error { for i, filePath := range h.args.FilePaths { // Check if file exists if _, err := os.Stat(filePath); os.IsNotExist(err) { - logrus.Infof("File %s not found, skipping\n", filePath) - continue + return fmt.Errorf("file %s does not exist: %w", filePath, err) } // Create tag with index From d8d2c23e954a06dd57bf16813f299747fd117674 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 03:56:27 +0000 Subject: [PATCH 32/65] fix --- .pipelines/templates/stages/common_tasks/push-to-acr.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index bc3609187..1d06b0dca 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -53,11 +53,10 @@ steps: --acr-name $(ACR_NAME) \ --repo-name ${{ parameters.imageName }} \ --build-id $(Build.BuildId) \ - --file-paths \ - $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi,\ - $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi,\ - $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi,\ - $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi # # Login to ACR # az acr login -n $(ACR_NAME) From ec4d91aac61ea2df7bddaa5c6c77ad637c0d519f Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 04:17:04 +0000 Subject: [PATCH 33/65] add working dir --- .pipelines/templates/stages/common_tasks/push-to-acr.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 1d06b0dca..0db272174 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -53,10 +53,10 @@ steps: --acr-name $(ACR_NAME) \ --repo-name ${{ parameters.imageName }} \ --build-id $(Build.BuildId) \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi + --file-paths artifacts/test-image/regular.cosi \ + --file-paths artifacts/test-image/regular_v2.cosi \ + --file-paths artifacts/test-image/regular_v3.cosi \ + --file-paths artifacts/test-image/regular_v4.cosi # # Login to ACR # az acr login -n $(ACR_NAME) @@ -91,4 +91,5 @@ steps: # # Set variable for tag base of pushed images # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push to ACR" + workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 From 8684089ab5eadff8f4eb019e4a3e0fa9394509e0 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 04:21:11 +0000 Subject: [PATCH 34/65] disable path valid --- .../templates/stages/common_tasks/extension-images.yml | 4 ++-- .pipelines/templates/stages/common_tasks/push-to-acr.yml | 9 ++++----- tools/storm/helpers/push_to_acr.go | 2 +- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index d28fec6ca..9fd4fff1d 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -43,7 +43,7 @@ steps: --acr-name $(ACR_NAME) \ --repo-name sysext \ --build-id $(Build.BuildId) \ - --file-paths test-sysext-1.raw,test-sysext-2.raw + --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw,$(Build.SourcesDirectory)/test-sysext-2.raw ./bin/storm-trident helper push-to-acr \ --config ${{ parameters.config }} \ @@ -51,7 +51,7 @@ steps: --acr-name $(ACR_NAME) \ --repo-name confext \ --build-id $(Build.BuildId) \ - --file-paths test-confext-1.raw,test-confext-2.raw + --file-paths $(Build.SourcesDirectory)/test-confext-1.raw,$(Build.SourcesDirectory)/test-confext-2.raw # # Login to ACR # az acr login -n $(ACR_NAME) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 0db272174..1d06b0dca 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -53,10 +53,10 @@ steps: --acr-name $(ACR_NAME) \ --repo-name ${{ parameters.imageName }} \ --build-id $(Build.BuildId) \ - --file-paths artifacts/test-image/regular.cosi \ - --file-paths artifacts/test-image/regular_v2.cosi \ - --file-paths artifacts/test-image/regular_v3.cosi \ - --file-paths artifacts/test-image/regular_v4.cosi + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi # # Login to ACR # az acr login -n $(ACR_NAME) @@ -91,5 +91,4 @@ steps: # # Set variable for tag base of pushed images # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push to ACR" - workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 305e05292..e7efadeba 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -97,7 +97,7 @@ func (h *PushToACRHelper) pushImage(filePath, tag string) error { logrus.Infof("Pushing %s with tag %s to %s\n", filePath, tag, registryURL) // Use ORAS to push the image - cmd := exec.Command("oras", "push", fullImageName, filePath) + cmd := exec.Command("oras", "push", "--disable-path-validation", fullImageName, filePath) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr From ab748ffd3453d886911c6a36989aae6e90450b8c Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 04:53:48 +0000 Subject: [PATCH 35/65] use path valid --- tools/storm/helpers/push_to_acr.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index e7efadeba..3559b9f3a 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -4,6 +4,7 @@ import ( "fmt" "os" "os/exec" + "path/filepath" "time" "github.com/microsoft/storm" @@ -96,8 +97,13 @@ func (h *PushToACRHelper) pushImage(filePath, tag string) error { logrus.Infof("Pushing %s with tag %s to %s\n", filePath, tag, registryURL) + // Get the directory and filename from the full path + dir := filepath.Dir(filePath) + fileName := filepath.Base(filePath) + // Use ORAS to push the image - cmd := exec.Command("oras", "push", "--disable-path-validation", fullImageName, filePath) + cmd := exec.Command("oras", "push", fullImageName, fileName) + cmd.Dir = dir cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr From 4c025dd25cb5014bbed8480e2e1342c1bdaf0796 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 05:20:07 +0000 Subject: [PATCH 36/65] skip oras and delete bash scripts --- .../stages/common_tasks/extension-images.yml | 39 --------------- .../stages/common_tasks/push-to-acr.yml | 50 ------------------- 2 files changed, 89 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index 9fd4fff1d..4a69d0a7f 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -52,44 +52,5 @@ steps: --repo-name confext \ --build-id $(Build.BuildId) \ --file-paths $(Build.SourcesDirectory)/test-confext-1.raw,$(Build.SourcesDirectory)/test-confext-2.raw - - # # Login to ACR - # az acr login -n $(ACR_NAME) - - # sysext_repository_name="sysext" - # confext_repository_name="confext" - # build_id="$(Build.BuildId)" - - # cd $(Build.SourcesDirectory) - - # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" - # for version in 1 2; do - # sysext_filename="test-sysext-${version}.raw" - # confext_filename="test-confext-${version}.raw" - - # tag="$tag_base.${version}" - - # if [[ -f "$sysext_filename" ]]; then - # echo "Pushing $sysext_filename with tag $tag to $(ACR_NAME).azurecr.io" - # oras push $(ACR_NAME).azurecr.io/$sysext_repository_name:$tag "$sysext_filename" - # sleep 3 - # echo "Verifying $sysext_filename was pushed successfully..." - # az acr repository show --name $(ACR_NAME) --image ${sysext_repository_name}:${tag} - # else - # echo "File $sysext_filename not found" - # fi - # if [[ -f "$confext_filename" ]]; then - # echo "Pushing $confext_filename with tag $tag to $(ACR_NAME).azurecr.io" - # oras push $(ACR_NAME).azurecr.io/$confext_repository_name:$tag "$confext_filename" - # sleep 3 - # echo "Verifying $confext_filename was pushed successfully..." - # az acr repository show --name $(ACR_NAME) --image ${confext_repository_name}:${tag} - # else - # echo "File $confext_filename not found" - # fi - # done - - # # Set variable for sysext and confext repositories - # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push extension images to ACR" retryCountOnTaskFailure: 3 diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 1d06b0dca..a6fa2fee3 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -17,23 +17,6 @@ parameters: - bareMetal steps: - - bash: | - set -eux - - if [ ${{ parameters.config }} != 'misc' ]; then - echo "Skipping step. Configuration is '${{ parameters.config }}'." - exit 0 - fi - - VERSION="1.2.2" - curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz" - mkdir -p oras-install/ - tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/ - sudo mv oras-install/oras /usr/local/bin/ - rm -rf oras_${VERSION}_*.tar.gz oras-install/ - displayName: "Install ORAS" - retryCountOnTaskFailure: 3 - - task: AzureCLI@2 inputs: azureSubscription: trident-dev-acr-write-umi-ECF @@ -57,38 +40,5 @@ steps: --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi - - # # Login to ACR - # az acr login -n $(ACR_NAME) - - # repository_name=${{ parameters.imageName }} - # build_id="$(Build.BuildId)" - - - # cd $(Build.SourcesDirectory)/artifacts/test-image - - # tag_base="v${build_id}.${{ parameters.config }}.${{ parameters.deploymentEnvironment }}" - # for version in {1..4}; do - # if [[ $version == 1 ]]; then - # filename="regular.cosi" - # else - # filename="regular_v${version}.cosi" - # fi - - # tag="$tag_base.${version}" - - # if [[ -f "$filename" ]]; then - # echo "Pushing $filename with tag $tag to $(ACR_NAME).azurecr.io" - # oras push $(ACR_NAME).azurecr.io/$repository_name:$tag "$filename" - # sleep 3 - # echo "Verifying $filename was pushed successfully..." - # az acr repository show --name $(ACR_NAME) --image ${repository_name}:${tag} - # else - # echo "File $filename not found" - # fi - # done - - # # Set variable for tag base of pushed images - # echo "##vso[task.setvariable variable=TAG_BASE]$tag_base" displayName: "Push to ACR" retryCountOnTaskFailure: 3 From 40edbe123d6cc590b2b1987aa9cd66b0f3d61a37 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 05:29:05 +0000 Subject: [PATCH 37/65] edit build script --- .../stages/common_tasks/extension-images.yml | 2 +- .../stages/common_tasks/push-to-acr.yml | 2 +- tools/storm/helpers/build_extension_images.go | 26 ++++++++++++------- 3 files changed, 18 insertions(+), 12 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml index 4a69d0a7f..ab883255b 100644 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ b/.pipelines/templates/stages/common_tasks/extension-images.yml @@ -18,7 +18,7 @@ steps: exit 0 fi - ./bin/storm-trident helper build-extension-images --num-clones 2 + ./bin/storm-trident helper build-extension-images --build-sysexts --build-confexts --num-clones 2 displayName: "Build test sysext and confext images" workingDirectory: $(Build.SourcesDirectory) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index a6fa2fee3..aa4cd5f05 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -40,5 +40,5 @@ steps: --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi - displayName: "Push to ACR" + displayName: "Push COSI to ACR" retryCountOnTaskFailure: 3 diff --git a/tools/storm/helpers/build_extension_images.go b/tools/storm/helpers/build_extension_images.go index a7ea347c1..eade937bf 100644 --- a/tools/storm/helpers/build_extension_images.go +++ b/tools/storm/helpers/build_extension_images.go @@ -7,11 +7,14 @@ import ( "path/filepath" "github.com/microsoft/storm" + "github.com/sirupsen/logrus" ) type BuildExtensionImagesHelper struct { args struct { - NumClones int `required:"" help:"Number of sysexts and confexts to build." type:"int"` + NumClones int `required:"" help:"Number of sysexts and confexts to build." type:"int"` + BuildSysexts bool `help:"Indicates that test sysext images should be built." type:"bool"` + BuildConfexts bool `help:"Indicates that test confext images should be built." type:"bool"` } } @@ -29,14 +32,17 @@ func (h *BuildExtensionImagesHelper) RegisterTestCases(r storm.TestRegistrar) er } func (h *BuildExtensionImagesHelper) buildExtensionImages(tc storm.TestCase) error { - // Create two sysexts and confexts each - err := buildImage("sysext", h.args.NumClones) - if err != nil { - return fmt.Errorf("failed to build sysext images: %w", err) + if h.args.BuildSysexts { + err := buildImage("sysext", h.args.NumClones) + if err != nil { + return fmt.Errorf("failed to build sysext images: %w", err) + } } - err = buildImage("confext", h.args.NumClones) - if err != nil { - return fmt.Errorf("failed to build confext images: %w", err) + if h.args.BuildConfexts { + err := buildImage("confext", h.args.NumClones) + if err != nil { + return fmt.Errorf("failed to build confext images: %w", err) + } } // Verify the images were created @@ -50,10 +56,10 @@ func (h *BuildExtensionImagesHelper) buildExtensionImages(tc storm.TestCase) err if err != nil { return fmt.Errorf("failed to stat file %s: %w", file, err) } - fmt.Printf("%s %d %s\n", info.Mode(), info.Size(), file) + logrus.Infof("Built image: %s %d %s", info.Mode(), info.Size(), file) } - fmt.Println("Extension images created successfully!") + logrus.Infof("Extension images created successfully!") return nil } From 356625ba02e8fbea903f1a48e690c4b04c3ef8a0 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 05:35:53 +0000 Subject: [PATCH 38/65] a bunch of restructuring --- .../stages/common_tasks/push-to-acr.yml | 48 ++++++++++++++++--- .../testing_baremetal/baremetal-testing.yml | 10 ++-- .../stages/testing_vm/netlaunch-testing.yml | 10 ++-- 3 files changed, 51 insertions(+), 17 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index aa4cd5f05..36d8ff611 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -17,6 +17,20 @@ parameters: - bareMetal steps: + - bash: | + set -eux + + if [ ${{ parameters.config }} != 'extensions' ]; then + echo "Skipping step. Configuration is '${{ parameters.config }}'." + exit 0 + fi + + ./bin/storm-trident helper build-extension-images --build-sysexts --build-confexts --num-clones 2 + + displayName: "Build test sysext and confext images" + workingDirectory: $(Build.SourcesDirectory) + retryCountOnTaskFailure: 3 + - task: AzureCLI@2 inputs: azureSubscription: trident-dev-acr-write-umi-ECF @@ -25,12 +39,8 @@ steps: inlineScript: | set -eux - if [ ${{ parameters.config }} != 'misc' ]; then - echo "Skipping step. Configuration is '${{ parameters.config }}'." - exit 0 - fi - - ./bin/storm-trident helper push-to-acr \ + if [ ${{ parameters.config }} == 'misc' ]; then + ./bin/storm-trident helper push-to-acr \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -40,5 +50,29 @@ steps: --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi - displayName: "Push COSI to ACR" + + elif [ ${{ parameters.config }} == 'extensions' ]; then + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name sysext \ + --build-id $(Build.BuildId) \ + --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw + --file-paths $(Build.SourcesDirectory)/test-sysext-2.raw + ./bin/storm-trident helper push-to-acr \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name confext \ + --build-id $(Build.BuildId) \ + --file-paths $(Build.SourcesDirectory)/test-confext-1.raw + --file-paths $(Build.SourcesDirectory)/test-confext-2.raw + + else + echo "Skipping step. Configuration is '${{ parameters.config }}'." + exit 0 + fi + + displayName: "Push to ACR" retryCountOnTaskFailure: 3 diff --git a/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml b/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml index ad163b954..eaa2dc942 100644 --- a/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml +++ b/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml @@ -174,11 +174,11 @@ stages: config: $(TRIDENT_CONFIGURATION_NAME) deploymentEnvironment: "bareMetal" - # Produce test sysext and confext images and push to ACR - - template: ../common_tasks/extension-images.yml - parameters: - config: ${{ variables.tridentConfigurationName }} - deploymentEnvironment: "bareMetal" + # # Produce test sysext and confext images and push to ACR + # - template: ../common_tasks/extension-images.yml + # parameters: + # config: ${{ variables.tridentConfigurationName }} + # deploymentEnvironment: "bareMetal" # Run trident prep - template: ../testing_common/trident-prep.yml diff --git a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml index 0a98dbb27..0b581ee8b 100644 --- a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml +++ b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml @@ -134,11 +134,11 @@ stages: config: ${{ variables.tridentConfigurationName }} deploymentEnvironment: "virtualMachine" - # Produce test sysext and confext images and push to ACR - - template: ../common_tasks/extension-images.yml - parameters: - config: ${{ variables.tridentConfigurationName }} - deploymentEnvironment: "virtualMachine" + # # Produce test sysext and confext images and push to ACR + # - template: ../common_tasks/extension-images.yml + # parameters: + # config: ${{ variables.tridentConfigurationName }} + # deploymentEnvironment: "virtualMachine" - template: netlaunch-prep.yml From db48c7ac07e10eada9ed6e2df4f35e39875ec4c8 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 05:57:28 +0000 Subject: [PATCH 39/65] typo --- .pipelines/templates/stages/common_tasks/push-to-acr.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 36d8ff611..470f7349d 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -58,7 +58,7 @@ steps: --acr-name $(ACR_NAME) \ --repo-name sysext \ --build-id $(Build.BuildId) \ - --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw + --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw \ --file-paths $(Build.SourcesDirectory)/test-sysext-2.raw ./bin/storm-trident helper push-to-acr \ --config ${{ parameters.config }} \ @@ -66,9 +66,9 @@ steps: --acr-name $(ACR_NAME) \ --repo-name confext \ --build-id $(Build.BuildId) \ - --file-paths $(Build.SourcesDirectory)/test-confext-1.raw + --file-paths $(Build.SourcesDirectory)/test-confext-1.raw \ --file-paths $(Build.SourcesDirectory)/test-confext-2.raw - + else echo "Skipping step. Configuration is '${{ parameters.config }}'." exit 0 From b74a126c9667fd26fcb213a6b699c24374526a75 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 06:32:52 +0000 Subject: [PATCH 40/65] remove unnecessary template --- .../stages/common_tasks/extension-images.yml | 56 ------------------- .../testing_baremetal/baremetal-testing.yml | 12 +--- .../stages/testing_vm/netlaunch-testing.yml | 9 +-- 3 files changed, 5 insertions(+), 72 deletions(-) delete mode 100644 .pipelines/templates/stages/common_tasks/extension-images.yml diff --git a/.pipelines/templates/stages/common_tasks/extension-images.yml b/.pipelines/templates/stages/common_tasks/extension-images.yml deleted file mode 100644 index ab883255b..000000000 --- a/.pipelines/templates/stages/common_tasks/extension-images.yml +++ /dev/null @@ -1,56 +0,0 @@ -parameters: - - name: "config" - displayName: "Trident configuration" - type: string - - - name: "deploymentEnvironment" - type: string - values: - - virtualMachine - - bareMetal - -steps: - - bash: | - set -eux - - if [ ${{ parameters.config }} != 'extensions' ]; then - echo "Skipping step. Configuration is '${{ parameters.config }}'." - exit 0 - fi - - ./bin/storm-trident helper build-extension-images --build-sysexts --build-confexts --num-clones 2 - - displayName: "Build test sysext and confext images" - workingDirectory: $(Build.SourcesDirectory) - retryCountOnTaskFailure: 3 - - - task: AzureCLI@2 - inputs: - azureSubscription: trident-dev-acr-write-umi-ECF - scriptType: bash - scriptLocation: inlineScript - inlineScript: | - set -eux - - if [ ${{ parameters.config }} != 'extensions' ]; then - echo "Skipping step. Configuration is '${{ parameters.config }}'." - exit 0 - fi - - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name sysext \ - --build-id $(Build.BuildId) \ - --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw,$(Build.SourcesDirectory)/test-sysext-2.raw - - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name confext \ - --build-id $(Build.BuildId) \ - --file-paths $(Build.SourcesDirectory)/test-confext-1.raw,$(Build.SourcesDirectory)/test-confext-2.raw - displayName: "Push extension images to ACR" - retryCountOnTaskFailure: 3 diff --git a/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml b/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml index eaa2dc942..d84b61d97 100644 --- a/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml +++ b/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml @@ -165,21 +165,15 @@ stages: ${{ if eq(parameters.runtimeEnv, 'container') }}: downloadTridentContainer: true - # Push (regular or container) testimage to ACR. - # This step must occur before trident prep, since the ACR image tag - # variable is set in this template. + # Push (regular or container) testimage, sysexts, and/or confexts to + # ACR. This step must occur before trident prep, since the ACR image + # tag variable is set in this template. - template: ../common_tasks/push-to-acr.yml parameters: imageName: ${{ variables.IMAGE_NAME }} config: $(TRIDENT_CONFIGURATION_NAME) deploymentEnvironment: "bareMetal" - # # Produce test sysext and confext images and push to ACR - # - template: ../common_tasks/extension-images.yml - # parameters: - # config: ${{ variables.tridentConfigurationName }} - # deploymentEnvironment: "bareMetal" - # Run trident prep - template: ../testing_common/trident-prep.yml parameters: diff --git a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml index 0b581ee8b..855277c39 100644 --- a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml +++ b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml @@ -127,19 +127,14 @@ stages: downloadTridentContainer: ${{ variables.downloadTridentContainer }} tridentTestImageUsrVerity: ${{ variables.usrVerityTestImageName }} - # Push (regular or container) testimage to ACR + # Push (regular or container) testimages, confexts, and/or sysexts to + # ACR - template: ../common_tasks/push-to-acr.yml parameters: imageName: ${{ variables.testImageName }} config: ${{ variables.tridentConfigurationName }} deploymentEnvironment: "virtualMachine" - # # Produce test sysext and confext images and push to ACR - # - template: ../common_tasks/extension-images.yml - # parameters: - # config: ${{ variables.tridentConfigurationName }} - # deploymentEnvironment: "virtualMachine" - - template: netlaunch-prep.yml - template: ../testing_common/trident-prep.yml From adc8a1549ef15ef2344cf3ae68406200cfd80d74 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 06:42:30 +0000 Subject: [PATCH 41/65] add back install oras and clean up --- .../stages/common_tasks/push-to-acr.yml | 16 +++++++++ tools/storm/helpers/push_to_acr.go | 33 ++----------------- 2 files changed, 19 insertions(+), 30 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 470f7349d..95488691c 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -31,6 +31,22 @@ steps: workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 + - bash: | + set -eux + if [ ${{ parameters.config }} != 'misc' ] && [ ${{ parameters.config }} != 'extensions' ]; then + echo "Skipping step. Configuration is '${{ parameters.config }}'." + exit 0 + fi + + VERSION="1.2.2" + curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz" + mkdir -p oras-install/ + tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/ + sudo mv oras-install/oras /usr/local/bin/ + rm -rf oras_${VERSION}_*.tar.gz oras-install/ + displayName: "Install ORAS" + retryCountOnTaskFailure: 3 + - task: AzureCLI@2 inputs: azureSubscription: trident-dev-acr-write-umi-ECF diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 3559b9f3a..4de097140 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -42,17 +42,16 @@ func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { return fmt.Errorf("failed to login to ACR: %w", err) } - tagBase := fmt.Sprintf("v%s.%s.%s", h.args.BuildId, h.args.Config, h.args.DeploymentEnvironment) - // Push all specified files + tagBase := fmt.Sprintf("v%s.%s.%s", h.args.BuildId, h.args.Config, h.args.DeploymentEnvironment) err = h.pushFiles(tagBase) if err != nil { return fmt.Errorf("failed to push files: %w", err) } - // Set output variable (equivalent to ##vso[task.setvariable variable=TAG_BASE]) + // Set output variable by writing to stdout fmt.Printf("##vso[task.setvariable variable=TAG_BASE]%s\n", tagBase) - fmt.Printf("TAG_BASE set to: %s\n", tagBase) + logrus.Infof("TAG_BASE set to: %s\n", tagBase) return nil } @@ -129,29 +128,3 @@ func (h *PushToACRHelper) verifyImage(repository, tag string) error { return cmd.Run() } - -// // Alternative implementation using Azure SDK instead of CLI commands -// func (h *PushToACRHelper) verifyImageWithSDK(repository, tag string) error { -// // Create Azure credential -// cred, err := azidentity.NewDefaultAzureCredential(nil) -// if err != nil { -// return fmt.Errorf("failed to create Azure credential: %w", err) -// } - -// // Create ACR client -// registryURL := fmt.Sprintf("https://%s.azurecr.io", h.args.AcrName) -// client, err := azcontainerregistry.NewClient(registryURL, cred, nil) -// if err != nil { -// return fmt.Errorf("failed to create ACR client: %w", err) -// } - -// // Get repository properties to verify it exists -// ctx := context.Background() -// _, err = client.GetRepositoryProperties(ctx, repository, nil) -// if err != nil { -// return fmt.Errorf("failed to verify repository %s: %w", repository, err) -// } - -// fmt.Printf("Successfully verified %s:%s\n", repository, tag) -// return nil -// } From f1512abdaf80d02f116058ea95290b278e76b1e9 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 06:45:19 +0000 Subject: [PATCH 42/65] clean up --- tools/storm/helpers/push_to_acr.go | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/push_to_acr.go index 4de097140..817411cfe 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/push_to_acr.go @@ -105,7 +105,6 @@ func (h *PushToACRHelper) pushImage(filePath, tag string) error { cmd.Dir = dir cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr - err := cmd.Run() if err != nil { return fmt.Errorf("oras push failed for %s: %w", filePath, err) From 812686078a3237217d455e6e3339dd9874fb634a Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 06:53:21 +0000 Subject: [PATCH 43/65] pull in changes from other branch --- .../templates/stages/common_tasks/push-to-acr.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 95488691c..feffbb3dd 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -20,13 +20,15 @@ steps: - bash: | set -eux - if [ ${{ parameters.config }} != 'extensions' ]; then + if [ ${{ parameters.config }} == 'extensions' ]; then + ./bin/storm-trident helper build-extension-images --build-sysexts --num-clones 2 + elif [ ${{ parameters.config }} == 'root-verity' ]; then + ./bin/storm-trident helper build-extension-images --build-confexts --num-clones 2 + else echo "Skipping step. Configuration is '${{ parameters.config }}'." exit 0 fi - ./bin/storm-trident helper build-extension-images --build-sysexts --build-confexts --num-clones 2 - displayName: "Build test sysext and confext images" workingDirectory: $(Build.SourcesDirectory) retryCountOnTaskFailure: 3 @@ -76,6 +78,8 @@ steps: --build-id $(Build.BuildId) \ --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw \ --file-paths $(Build.SourcesDirectory)/test-sysext-2.raw + + elif [ ${{ parameters.config }} == 'root-verity' ]; then ./bin/storm-trident helper push-to-acr \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ From 724d26819a544ab638eee3ab8c9730e4a711378b Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 16:41:03 +0000 Subject: [PATCH 44/65] debug output --- .pipelines/templates/stages/common_tasks/push-to-acr.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index feffbb3dd..b0adbeba6 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -22,6 +22,9 @@ steps: if [ ${{ parameters.config }} == 'extensions' ]; then ./bin/storm-trident helper build-extension-images --build-sysexts --num-clones 2 + ls + sha384sum test-sysext-1.raw + sha384sum test-sysext-2.raw elif [ ${{ parameters.config }} == 'root-verity' ]; then ./bin/storm-trident helper build-extension-images --build-confexts --num-clones 2 else From ca3c6bbb1b84403fb15908450a448dbc32c7fba7 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 18:19:33 +0000 Subject: [PATCH 45/65] use storm for remove --- .../stages/common_tasks/push-to-acr.yml | 27 +++--- .../stages/common_tasks/remove-from-acr.yml | 91 ++++++++++++------ .../testing_baremetal/baremetal-testing.yml | 1 + .../stages/testing_vm/netlaunch-testing.yml | 1 + .../storm/helpers/{push_to_acr.go => acr.go} | 94 ++++++++++++++++--- tools/storm/helpers/init.go | 2 +- 6 files changed, 163 insertions(+), 53 deletions(-) rename tools/storm/helpers/{push_to_acr.go => acr.go} (51%) diff --git a/.pipelines/templates/stages/common_tasks/push-to-acr.yml b/.pipelines/templates/stages/common_tasks/push-to-acr.yml index 95488691c..ca83aa4b1 100644 --- a/.pipelines/templates/stages/common_tasks/push-to-acr.yml +++ b/.pipelines/templates/stages/common_tasks/push-to-acr.yml @@ -56,19 +56,21 @@ steps: set -eux if [ ${{ parameters.config }} == 'misc' ]; then - ./bin/storm-trident helper push-to-acr \ - --config ${{ parameters.config }} \ - --deployment-environment ${{ parameters.deploymentEnvironment }} \ - --acr-name $(ACR_NAME) \ - --repo-name ${{ parameters.imageName }} \ - --build-id $(Build.BuildId) \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ - --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi + ./bin/storm-trident helper acr \ + --push \ + --config ${{ parameters.config }} \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ + --acr-name $(ACR_NAME) \ + --repo-name ${{ parameters.imageName }} \ + --build-id $(Build.BuildId) \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v2.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v3.cosi \ + --file-paths $(Build.SourcesDirectory)/artifacts/test-image/regular_v4.cosi elif [ ${{ parameters.config }} == 'extensions' ]; then - ./bin/storm-trident helper push-to-acr \ + ./bin/storm-trident helper acr \ + --push \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -76,7 +78,8 @@ steps: --build-id $(Build.BuildId) \ --file-paths $(Build.SourcesDirectory)/test-sysext-1.raw \ --file-paths $(Build.SourcesDirectory)/test-sysext-2.raw - ./bin/storm-trident helper push-to-acr \ + ./bin/storm-trident helper acr \ + --push \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 808c6f571..c92ea901b 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -10,6 +10,12 @@ parameters: displayName: "Trident configuration" type: string + - name: "deploymentEnvironment" + type: string + values: + - virtualMachine + - bareMetal + steps: - task: AzureCLI@2 inputs: @@ -19,38 +25,67 @@ steps: inlineScript: | set -eux - if [ ${{ parameters.config }} != 'misc' ] && [ "${{ parameters.config }}" != 'extensions' ]; then + if [ ${{ parameters.config }} == 'misc' ]; then + # Remove COSI images + ./bin/storm-trident helper acr \ + --push=false \ + --config ${{ parameters.config }} \ + --deployment-environment \ + --acr-name $(ACR_NAME) \ + --repo-name ${{ parameters.repository }} \ + --build-id $(Build.BuildId) \ + --num-clones 4 + + elif [ "${{ parameters.config }}" == 'extensions' ]; then + ./bin/storm-trident helper acr \ + --push=false \ + --config ${{ parameters.config }} \ + --deployment-environment \ + --acr-name $(ACR_NAME) \ + --repo-name sysext \ + --build-id $(Build.BuildId) \ + --num-clones 4 + ./bin/storm-trident helper acr \ + --push=false \ + --config ${{ parameters.config }} \ + --deployment-environment \ + --acr-name $(ACR_NAME) \ + --repo-name confext \ + --build-id $(Build.BuildId) \ + --num-clones 4 + + else echo "Skipping step. Configuration is '${{ parameters.config }}'." exit 0 fi - # Login to ACR - az acr login -n $(ACR_NAME) - sleep 5 - - cosi_repository_name="${{ parameters.repository }}" - build_id="$(Build.BuildId)" - az acr repository show-tags -n $(ACR_NAME) --repository $cosi_repository_name - - # Delete repository with COSI images - for i in {1..4}; do - tag="$(TAG_BASE).${i}" - if az acr repository show --name $(ACR_NAME) --image ${cosi_repository_name}:${tag} &> /dev/null; then - az acr repository delete --name $(ACR_NAME) --image ${cosi_repository_name}:${tag} --yes - fi - done - - for i in 1 2; do - tag="$(TAG_BASE).${i}" - # Delete repository with sysext images - if az acr repository show --name $(ACR_NAME) --image sysext:${tag} &> /dev/null; then - az acr repository delete --name $(ACR_NAME) --image sysext:${tag} --yes - fi - # Delete repository with confext images - if az acr repository show --name $(ACR_NAME) --image confext:${tag} &> /dev/null; then - az acr repository delete --name $(ACR_NAME) --image confext:${tag} --yes - fi - done + # # Login to ACR + # az acr login -n $(ACR_NAME) + # sleep 5 + + # cosi_repository_name="${{ parameters.repository }}" + # build_id="$(Build.BuildId)" + # az acr repository show-tags -n $(ACR_NAME) --repository $cosi_repository_name + + # # Delete repository with COSI images + # for i in {1..4}; do + # tag="$(TAG_BASE).${i}" + # if az acr repository show --name $(ACR_NAME) --image ${cosi_repository_name}:${tag} &> /dev/null; then + # az acr repository delete --name $(ACR_NAME) --image ${cosi_repository_name}:${tag} --yes + # fi + # done + + # for i in 1 2; do + # tag="$(TAG_BASE).${i}" + # # Delete repository with sysext images + # if az acr repository show --name $(ACR_NAME) --image sysext:${tag} &> /dev/null; then + # az acr repository delete --name $(ACR_NAME) --image sysext:${tag} --yes + # fi + # # Delete repository with confext images + # if az acr repository show --name $(ACR_NAME) --image confext:${tag} &> /dev/null; then + # az acr repository delete --name $(ACR_NAME) --image confext:${tag} --yes + # fi + # done displayName: "Log into ACR and delete images by tag" retryCountOnTaskFailure: 3 diff --git a/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml b/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml index d84b61d97..f977e7a76 100644 --- a/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml +++ b/.pipelines/templates/stages/testing_baremetal/baremetal-testing.yml @@ -381,3 +381,4 @@ stages: parameters: repository: ${{ variables.IMAGE_NAME }} config: $(TRIDENT_CONFIGURATION_NAME) + deploymentEnvironment: "bareMetal" diff --git a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml index 855277c39..01fb1fe3e 100644 --- a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml +++ b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml @@ -327,6 +327,7 @@ stages: parameters: repository: ${{ variables.testImageName }} config: ${{ variables.tridentConfigurationName }} + deploymentEnvironment: "virtualMachine" - bash: | set -eux diff --git a/tools/storm/helpers/push_to_acr.go b/tools/storm/helpers/acr.go similarity index 51% rename from tools/storm/helpers/push_to_acr.go rename to tools/storm/helpers/acr.go index 817411cfe..270d86e1d 100644 --- a/tools/storm/helpers/push_to_acr.go +++ b/tools/storm/helpers/acr.go @@ -11,31 +11,38 @@ import ( "github.com/sirupsen/logrus" ) -type PushToACRHelper struct { +type AcrHelper struct { args struct { + Push bool `required:"" help:"'true' if AcrHelper should push images to the ACR; 'false' if AcrHelper should remove images from ACR" type:"bool"` Config string `required:"" help:"Trident configuration (e.g., 'extensions')" type:"string"` DeploymentEnvironment string `required:"" help:"Deployment environment (virtualMachine or bareMetal)" type:"string"` AcrName string `required:"" help:"Azure Container Registry name" type:"string"` RepoName string `required:"" help:"Repository name in ACR" type:"string"` BuildId string `required:"" help:"Build ID" type:"string"` - FilePaths []string `required:"" help:"Array of file paths to push to ACR"` + FilePaths []string `help:"Array of file paths to push to ACR"` + NumClones int `help:"Number of copies of file to remove from ACR repository" type:"int"` } } -func (h PushToACRHelper) Name() string { - return "push-to-acr" +func (h AcrHelper) Name() string { + return "acr" } -func (h *PushToACRHelper) Args() any { +func (h *AcrHelper) Args() any { return &h.args } -func (h *PushToACRHelper) RegisterTestCases(r storm.TestRegistrar) error { +func (h *AcrHelper) RegisterTestCases(r storm.TestRegistrar) error { r.RegisterTestCase("push-to-acr", h.pushToACR) + r.RegisterTestCase("remove-from-acr", h.removeFromAcr) return nil } -func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { +func (h *AcrHelper) pushToACR(tc storm.TestCase) error { + if !h.args.Push { + tc.Skip("Push to ACR not requested.") + } + // Login to ACR err := h.loginToACR() if err != nil { @@ -43,7 +50,7 @@ func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { } // Push all specified files - tagBase := fmt.Sprintf("v%s.%s.%s", h.args.BuildId, h.args.Config, h.args.DeploymentEnvironment) + tagBase := h.generateTagBase() err = h.pushFiles(tagBase) if err != nil { return fmt.Errorf("failed to push files: %w", err) @@ -56,7 +63,30 @@ func (h *PushToACRHelper) pushToACR(tc storm.TestCase) error { return nil } -func (h *PushToACRHelper) loginToACR() error { +func (h *AcrHelper) removeFromAcr(tc storm.TestCase) error { + if h.args.Push { + tc.Skip("Remove from ACR not requested.") + } + + // Login to ACR + err := h.loginToACR() + if err != nil { + return fmt.Errorf("failed to login to ACR: %w", err) + } + + tagBase := h.generateTagBase() + // Delete COSI images (for misc config) + h.deleteImagesWithTagBase(tagBase) + + logrus.Infof("Successfully completed ACR cleanup") + return nil +} + +func (h *AcrHelper) generateTagBase() string { + return fmt.Sprintf("v%s.%s.%s", h.args.BuildId, h.args.Config, h.args.DeploymentEnvironment) +} + +func (h *AcrHelper) loginToACR() error { logrus.Infof("Logging in to ACR: %s\n", h.args.AcrName) cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) cmd.Stdout = os.Stdout @@ -64,7 +94,7 @@ func (h *PushToACRHelper) loginToACR() error { return cmd.Run() } -func (h *PushToACRHelper) pushFiles(tagBase string) error { +func (h *AcrHelper) pushFiles(tagBase string) error { for i, filePath := range h.args.FilePaths { // Check if file exists if _, err := os.Stat(filePath); os.IsNotExist(err) { @@ -90,7 +120,7 @@ func (h *PushToACRHelper) pushFiles(tagBase string) error { return nil } -func (h *PushToACRHelper) pushImage(filePath, tag string) error { +func (h *AcrHelper) pushImage(filePath, tag string) error { registryURL := fmt.Sprintf("%s.azurecr.io", h.args.AcrName) fullImageName := fmt.Sprintf("%s/%s:%s", registryURL, h.args.RepoName, tag) @@ -116,7 +146,7 @@ func (h *PushToACRHelper) pushImage(filePath, tag string) error { return nil } -func (h *PushToACRHelper) verifyImage(repository, tag string) error { +func (h *AcrHelper) verifyImage(repository, tag string) error { logrus.Infof("Verifying %s:%s was pushed successfully...\n", repository, tag) cmd := exec.Command("az", "acr", "repository", "show", @@ -127,3 +157,43 @@ func (h *PushToACRHelper) verifyImage(repository, tag string) error { return cmd.Run() } + +func (h *AcrHelper) deleteImagesWithTagBase(tagBase string) { + logrus.Infof("Deleting images from repository %s with tag base %s", h.args.RepoName, tagBase) + + for i := 1; i <= h.args.NumClones; i++ { + tag := fmt.Sprintf("%s.%d", tagBase, i) + err := h.deleteImageIfExists(h.args.RepoName, tag) + if err != nil { + logrus.Warnf("Failed to delete %s:%s: %v", h.args.RepoName, tag, err) + // Continue with other images even if one fails + } + } +} + +func (h *AcrHelper) deleteImageIfExists(repository, tag string) error { + // First check if the image exists + imageName := fmt.Sprintf("%s:%s", repository, tag) + checkCmd := exec.Command("az", "acr", "repository", "show", + "--name", h.args.AcrName, + "--image", imageName) + checkCmd.Stdout = os.Stdout + checkCmd.Stderr = os.Stderr + err := checkCmd.Run() + if err != nil { + // Image doesn't exist, skip deletion + logrus.Debugf("Image %s/%s does not exist, skipping deletion", h.args.AcrName, imageName) + return nil + } + + // Image exists, delete it + logrus.Infof("Deleting image: %s", imageName) + deleteCmd := exec.Command("az", "acr", "repository", "delete", + "--name", h.args.AcrName, + "--image", imageName, + "--yes") + deleteCmd.Stdout = os.Stdout + deleteCmd.Stderr = os.Stderr + + return deleteCmd.Run() +} diff --git a/tools/storm/helpers/init.go b/tools/storm/helpers/init.go index fd18a8c44..1eebdd327 100644 --- a/tools/storm/helpers/init.go +++ b/tools/storm/helpers/init.go @@ -9,5 +9,5 @@ var TRIDENT_HELPERS = []storm.Helper{ &BootMetricsHelper{}, &CheckSelinuxHelper{}, &BuildExtensionImagesHelper{}, - &PushToACRHelper{}, + &AcrHelper{}, } From be9ff2f6dea8f4e7f2cd67c8f31d9380f2a8d287 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 18:43:36 +0000 Subject: [PATCH 46/65] remove false --- .pipelines/templates/stages/common_tasks/remove-from-acr.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index c92ea901b..4574b4fa6 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -28,7 +28,6 @@ steps: if [ ${{ parameters.config }} == 'misc' ]; then # Remove COSI images ./bin/storm-trident helper acr \ - --push=false \ --config ${{ parameters.config }} \ --deployment-environment \ --acr-name $(ACR_NAME) \ @@ -38,7 +37,6 @@ steps: elif [ "${{ parameters.config }}" == 'extensions' ]; then ./bin/storm-trident helper acr \ - --push=false \ --config ${{ parameters.config }} \ --deployment-environment \ --acr-name $(ACR_NAME) \ @@ -46,7 +44,6 @@ steps: --build-id $(Build.BuildId) \ --num-clones 4 ./bin/storm-trident helper acr \ - --push=false \ --config ${{ parameters.config }} \ --deployment-environment \ --acr-name $(ACR_NAME) \ From 51dabce64cf71e61480413cb595edbfdbc24fa7a Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:00:22 +0000 Subject: [PATCH 47/65] fix --- .../templates/stages/common_tasks/remove-from-acr.yml | 6 +++--- tools/storm/helpers/acr.go | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 4574b4fa6..c32123a3c 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -29,7 +29,7 @@ steps: # Remove COSI images ./bin/storm-trident helper acr \ --config ${{ parameters.config }} \ - --deployment-environment \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ --repo-name ${{ parameters.repository }} \ --build-id $(Build.BuildId) \ @@ -38,14 +38,14 @@ steps: elif [ "${{ parameters.config }}" == 'extensions' ]; then ./bin/storm-trident helper acr \ --config ${{ parameters.config }} \ - --deployment-environment \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ --repo-name sysext \ --build-id $(Build.BuildId) \ --num-clones 4 ./bin/storm-trident helper acr \ --config ${{ parameters.config }} \ - --deployment-environment \ + --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ --repo-name confext \ --build-id $(Build.BuildId) \ diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index 270d86e1d..43d8b20ff 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -57,8 +57,8 @@ func (h *AcrHelper) pushToACR(tc storm.TestCase) error { } // Set output variable by writing to stdout - fmt.Printf("##vso[task.setvariable variable=TAG_BASE]%s\n", tagBase) - logrus.Infof("TAG_BASE set to: %s\n", tagBase) + fmt.Printf("##vso[task.setvariable variable=TAG_BASE]%s", tagBase) + logrus.Infof("TAG_BASE set to: %s", tagBase) return nil } @@ -87,7 +87,7 @@ func (h *AcrHelper) generateTagBase() string { } func (h *AcrHelper) loginToACR() error { - logrus.Infof("Logging in to ACR: %s\n", h.args.AcrName) + logrus.Infof("Logging in to ACR: %s", h.args.AcrName) cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr @@ -124,7 +124,7 @@ func (h *AcrHelper) pushImage(filePath, tag string) error { registryURL := fmt.Sprintf("%s.azurecr.io", h.args.AcrName) fullImageName := fmt.Sprintf("%s/%s:%s", registryURL, h.args.RepoName, tag) - logrus.Infof("Pushing %s with tag %s to %s\n", filePath, tag, registryURL) + logrus.Infof("Pushing %s with tag %s to %s", filePath, tag, registryURL) // Get the directory and filename from the full path dir := filepath.Dir(filePath) @@ -147,7 +147,7 @@ func (h *AcrHelper) pushImage(filePath, tag string) error { } func (h *AcrHelper) verifyImage(repository, tag string) error { - logrus.Infof("Verifying %s:%s was pushed successfully...\n", repository, tag) + logrus.Infof("Verifying %s:%s was pushed successfully...", repository, tag) cmd := exec.Command("az", "acr", "repository", "show", "--name", h.args.AcrName, From ebee9f3d89d96ac2d5b8e04ad96e3731d611b93f Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:15:07 +0000 Subject: [PATCH 48/65] add extensions to pre2e --- tests/e2e_tests/target-configurations.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/e2e_tests/target-configurations.yaml b/tests/e2e_tests/target-configurations.yaml index b46e24585..88509889c 100644 --- a/tests/e2e_tests/target-configurations.yaml +++ b/tests/e2e_tests/target-configurations.yaml @@ -124,6 +124,7 @@ virtualMachine: pullrequest: - base - combined + - extensions - misc - raid-mirrored - raid-resync-small From 5c2a931b013eadb42ca28e1dfbbae409fbe48d41 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:21:48 +0000 Subject: [PATCH 49/65] remove commented code --- .../stages/common_tasks/remove-from-acr.yml | 28 ------------------- 1 file changed, 28 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index c32123a3c..779188729 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -56,34 +56,6 @@ steps: exit 0 fi - # # Login to ACR - # az acr login -n $(ACR_NAME) - # sleep 5 - - # cosi_repository_name="${{ parameters.repository }}" - # build_id="$(Build.BuildId)" - # az acr repository show-tags -n $(ACR_NAME) --repository $cosi_repository_name - - # # Delete repository with COSI images - # for i in {1..4}; do - # tag="$(TAG_BASE).${i}" - # if az acr repository show --name $(ACR_NAME) --image ${cosi_repository_name}:${tag} &> /dev/null; then - # az acr repository delete --name $(ACR_NAME) --image ${cosi_repository_name}:${tag} --yes - # fi - # done - - # for i in 1 2; do - # tag="$(TAG_BASE).${i}" - # # Delete repository with sysext images - # if az acr repository show --name $(ACR_NAME) --image sysext:${tag} &> /dev/null; then - # az acr repository delete --name $(ACR_NAME) --image sysext:${tag} --yes - # fi - # # Delete repository with confext images - # if az acr repository show --name $(ACR_NAME) --image confext:${tag} &> /dev/null; then - # az acr repository delete --name $(ACR_NAME) --image confext:${tag} --yes - # fi - # done - displayName: "Log into ACR and delete images by tag" retryCountOnTaskFailure: 3 condition: always() From 6f9eb0993e34f9ab43773ff31cb0fc6bcaa4a7b8 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:24:01 +0000 Subject: [PATCH 50/65] ai fixes --- tools/storm/helpers/acr.go | 2 +- tools/storm/helpers/build_extension_images.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index 43d8b20ff..e8396a67b 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -13,7 +13,7 @@ import ( type AcrHelper struct { args struct { - Push bool `required:"" help:"'true' if AcrHelper should push images to the ACR; 'false' if AcrHelper should remove images from ACR" type:"bool"` + Push bool `required:"" help:"If true, push images to ACR; if false, remove images from ACR" type:"bool"` Config string `required:"" help:"Trident configuration (e.g., 'extensions')" type:"string"` DeploymentEnvironment string `required:"" help:"Deployment environment (virtualMachine or bareMetal)" type:"string"` AcrName string `required:"" help:"Azure Container Registry name" type:"string"` diff --git a/tools/storm/helpers/build_extension_images.go b/tools/storm/helpers/build_extension_images.go index eade937bf..c21e61439 100644 --- a/tools/storm/helpers/build_extension_images.go +++ b/tools/storm/helpers/build_extension_images.go @@ -12,7 +12,7 @@ import ( type BuildExtensionImagesHelper struct { args struct { - NumClones int `required:"" help:"Number of sysexts and confexts to build." type:"int"` + NumClones int `help:"Number of sysexts and confexts to build." type:"int"` BuildSysexts bool `help:"Indicates that test sysext images should be built." type:"bool"` BuildConfexts bool `help:"Indicates that test confext images should be built." type:"bool"` } From 90652f244487a7d40810070962036bf0636f3471 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:29:45 +0000 Subject: [PATCH 51/65] ran go mod tidy --- tools/go.mod | 13 ++++--------- tools/go.sum | 45 ++++++++------------------------------------- 2 files changed, 12 insertions(+), 46 deletions(-) diff --git a/tools/go.mod b/tools/go.mod index 2bc7c0d65..d1b50e5fd 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -22,24 +22,19 @@ require ( gopkg.in/yaml.v2 v2.4.0 libvirt.org/go/libvirtxml v1.11007.0 libvirt.org/libvirt-go-xml v7.4.0+incompatible + oras.land/oras-go/v2 v2.6.0 ) require ( - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0 // indirect - github.com/golang-jwt/jwt/v5 v5.3.0 // indirect - github.com/kylelemons/godebug v1.1.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.1 // indirect - github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect + github.com/rogpeppe/go-internal v1.12.0 // indirect + github.com/stretchr/testify v1.11.1 // indirect golang.org/x/sync v0.16.0 // indirect - oras.land/oras-go/v2 v2.6.0 // indirect + gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect ) require ( - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.0 - github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry v0.2.3 github.com/VictorLowther/simplexml v0.0.0-20180716164440-0bff93621230 // indirect github.com/VictorLowther/soap v0.0.0-20150314151524-8e36fca84b22 // indirect github.com/alecthomas/kong v1.8.1 diff --git a/tools/go.sum b/tools/go.sum index f8fea3f1e..7610976ee 100644 --- a/tools/go.sum +++ b/tools/go.sum @@ -1,17 +1,3 @@ -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1 h1:5YTBM8QDVIBN3sxBil89WfdAAqDZbyJTgh688DSxX5w= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.19.1/go.mod h1:YD5h/ldMsG0XiIw7PdyNhLxaM317eFh5yNLccNfGdyw= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.0 h1:KpMC6LFL7mqpExyMC9jVOYRiVhLmamjeZfRsUpB7l4s= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.0/go.mod h1:J7MUC/wtRpfGVbQ5sIItY5/FuVWmvzlY21WAOfQnq/I= -github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry v0.2.3 h1:ldKsKtEIblsgsr6mPwrd9yRntoX6uLz/K89wsldwx/k= -github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry v0.2.3/go.mod h1:MAm7bk0oDLmD8yIkvfbxPW04fxzphPyL+7GzwHxOp6Y= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 h1:9iefClla7iYpfYWdzPCRDozdmndjTm8DXdpCzPajMgA= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2/go.mod h1:XtLgD3ZD34DAaVIIAyG3objl5DynM3CQ/vMcbBNJZGI= -github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0 h1:XkkQbfMyuH2jTSjQjSoihryI8GINRcs4xp8lNawg0FI= -github.com/AzureAD/microsoft-authentication-library-for-go v1.5.0/go.mod h1:HKpQxkWaGLJ+D/5H8QRpyQXA1eKjxkFlOMwck5+33Jk= github.com/VictorLowther/simplexml v0.0.0-20180716164440-0bff93621230 h1:t95Grn2mOPfb3+kPDWsNnj4dlNcxnvuR72IjY8eYjfQ= github.com/VictorLowther/simplexml v0.0.0-20180716164440-0bff93621230/go.mod h1:t2EzW1qybnPDQ3LR/GgeF0GOzHUXT5IVMLP2gkW1cmc= github.com/VictorLowther/soap v0.0.0-20150314151524-8e36fca84b22 h1:a0MBqYm44o0NcthLKCljZHe1mxlN6oahCQHHThnSwB4= @@ -45,8 +31,6 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= -github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -70,12 +54,13 @@ github.com/klauspost/compress v1.17.10 h1:oXAz+Vh0PMUvJczoi+flxpnBEPxoER1IaAnU/N github.com/klauspost/compress v1.17.10/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -93,8 +78,6 @@ github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJw github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M= github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= -github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= -github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.13.9 h1:4NGkvGudBL7GteO3m6qnaQ4pC0Kvf0onSVc9gR3EWBw= @@ -102,8 +85,8 @@ github.com/pkg/sftp v1.13.9/go.mod h1:OBN7bVXdstkFFN/gdnHPUb5TE8eb8G1Rp9wCItqjkk github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sagikazarmark/locafero v0.6.0 h1:ON7AQg37yzcRPU69mt7gwhFEBwxI6P9T4Qu3N51bwOk= github.com/sagikazarmark/locafero v0.6.0/go.mod h1:77OmuIc6VTraTXKXIs/uvUxKGUXjE1GbemJYHqdNjX0= @@ -136,9 +119,8 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/vishvananda/netlink v1.3.0 h1:X7l42GfcV4S6E4vHTsw48qbrV+9PVojNfIhZcwQdrZk= @@ -153,8 +135,6 @@ go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN8 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc= -golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= -golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 h1:kx6Ds3MlpiUHKj7syVnbp57++8WpuKPcR5yjLBjvLEA= @@ -172,8 +152,6 @@ golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= -golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ= -golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw= golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -181,7 +159,6 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -190,24 +167,18 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= -golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw= -golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= -golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= -golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4= -golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA= golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -217,8 +188,8 @@ golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/go-playground/assert.v1 v1.2.1 h1:xoYuJVE7KT85PYWrN730RguIQO0ePzVRfFMXadIrXTM= gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= From ba7928bf945078f1331e5b0eef818dcaa75996ef Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:32:59 +0000 Subject: [PATCH 52/65] add push=false --- .pipelines/templates/stages/common_tasks/remove-from-acr.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 779188729..8151503ab 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -28,6 +28,7 @@ steps: if [ ${{ parameters.config }} == 'misc' ]; then # Remove COSI images ./bin/storm-trident helper acr \ + --push=false \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -37,6 +38,7 @@ steps: elif [ "${{ parameters.config }}" == 'extensions' ]; then ./bin/storm-trident helper acr \ + --push=false \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -44,6 +46,7 @@ steps: --build-id $(Build.BuildId) \ --num-clones 4 ./bin/storm-trident helper acr \ + --push=false \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ From 20ba9856a6f0690c27169293e7c8307263e32012 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 19:33:43 +0000 Subject: [PATCH 53/65] fix num clones --- .pipelines/templates/stages/common_tasks/remove-from-acr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 8151503ab..062d93693 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -44,7 +44,7 @@ steps: --acr-name $(ACR_NAME) \ --repo-name sysext \ --build-id $(Build.BuildId) \ - --num-clones 4 + --num-clones 2 ./bin/storm-trident helper acr \ --push=false \ --config ${{ parameters.config }} \ @@ -52,7 +52,7 @@ steps: --acr-name $(ACR_NAME) \ --repo-name confext \ --build-id $(Build.BuildId) \ - --num-clones 4 + --num-clones 2 else echo "Skipping step. Configuration is '${{ parameters.config }}'." From fb16b9c88fe57babc46c301440145421216153ef Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 20:00:56 +0000 Subject: [PATCH 54/65] remove = --- .../templates/stages/common_tasks/remove-from-acr.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 062d93693..064d74379 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -28,7 +28,7 @@ steps: if [ ${{ parameters.config }} == 'misc' ]; then # Remove COSI images ./bin/storm-trident helper acr \ - --push=false \ + --push false \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -38,7 +38,7 @@ steps: elif [ "${{ parameters.config }}" == 'extensions' ]; then ./bin/storm-trident helper acr \ - --push=false \ + --push false \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -46,7 +46,7 @@ steps: --build-id $(Build.BuildId) \ --num-clones 2 ./bin/storm-trident helper acr \ - --push=false \ + --push false \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ From 38f9d44bc6b66bf0bc100d90a7b8d8f7872c9e5a Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 20:25:17 +0000 Subject: [PATCH 55/65] please work --- .../templates/stages/common_tasks/remove-from-acr.yml | 6 +++--- tools/storm/helpers/acr.go | 5 +++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 064d74379..2279ec2d3 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -28,7 +28,7 @@ steps: if [ ${{ parameters.config }} == 'misc' ]; then # Remove COSI images ./bin/storm-trident helper acr \ - --push false \ + --remove \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -38,7 +38,7 @@ steps: elif [ "${{ parameters.config }}" == 'extensions' ]; then ./bin/storm-trident helper acr \ - --push false \ + --remove \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ @@ -46,7 +46,7 @@ steps: --build-id $(Build.BuildId) \ --num-clones 2 ./bin/storm-trident helper acr \ - --push false \ + --remove \ --config ${{ parameters.config }} \ --deployment-environment ${{ parameters.deploymentEnvironment }} \ --acr-name $(ACR_NAME) \ diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index e8396a67b..22abb82cb 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -13,7 +13,8 @@ import ( type AcrHelper struct { args struct { - Push bool `required:"" help:"If true, push images to ACR; if false, remove images from ACR" type:"bool"` + Push bool `help:"If set, push images to ACR"` + Remove bool `help:"If set, remove images from ACR" type:"bool` Config string `required:"" help:"Trident configuration (e.g., 'extensions')" type:"string"` DeploymentEnvironment string `required:"" help:"Deployment environment (virtualMachine or bareMetal)" type:"string"` AcrName string `required:"" help:"Azure Container Registry name" type:"string"` @@ -64,7 +65,7 @@ func (h *AcrHelper) pushToACR(tc storm.TestCase) error { } func (h *AcrHelper) removeFromAcr(tc storm.TestCase) error { - if h.args.Push { + if !h.args.Remove { tc.Skip("Remove from ACR not requested.") } From 73ee858a720a58f8f560efe5bfb5a2e257427e19 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 20:31:44 +0000 Subject: [PATCH 56/65] fix --- tools/storm/helpers/acr.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index 22abb82cb..a3e7b2ff6 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -13,8 +13,8 @@ import ( type AcrHelper struct { args struct { - Push bool `help:"If set, push images to ACR"` - Remove bool `help:"If set, remove images from ACR" type:"bool` + Push bool `help:"If set, push images to ACR" type:"bool"` + Remove bool `help:"If set, remove images from ACR" type:"bool"` Config string `required:"" help:"Trident configuration (e.g., 'extensions')" type:"string"` DeploymentEnvironment string `required:"" help:"Deployment environment (virtualMachine or bareMetal)" type:"string"` AcrName string `required:"" help:"Azure Container Registry name" type:"string"` From 0032327692c40b9b94bb3b1ae5f7ad9d11d44b9d Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 20:38:24 +0000 Subject: [PATCH 57/65] remove quote --- .pipelines/templates/stages/common_tasks/remove-from-acr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml index 2279ec2d3..d99f671ca 100644 --- a/.pipelines/templates/stages/common_tasks/remove-from-acr.yml +++ b/.pipelines/templates/stages/common_tasks/remove-from-acr.yml @@ -36,7 +36,7 @@ steps: --build-id $(Build.BuildId) \ --num-clones 4 - elif [ "${{ parameters.config }}" == 'extensions' ]; then + elif [ ${{ parameters.config }} == 'extensions' ]; then ./bin/storm-trident helper acr \ --remove \ --config ${{ parameters.config }} \ From 165299bbeb85b8d326660a2454d31e40b95be652 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 21:10:35 +0000 Subject: [PATCH 58/65] return err --- tools/storm/helpers/acr.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index a3e7b2ff6..3a88a5114 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -184,7 +184,7 @@ func (h *AcrHelper) deleteImageIfExists(repository, tag string) error { if err != nil { // Image doesn't exist, skip deletion logrus.Debugf("Image %s/%s does not exist, skipping deletion", h.args.AcrName, imageName) - return nil + return err } // Image exists, delete it From cd8bd7a425738ba7c49efedbcf5b632324cdd9d4 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 21:15:30 +0000 Subject: [PATCH 59/65] add debug --- tools/storm/helpers/acr.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index 3a88a5114..0b8eba161 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -5,6 +5,7 @@ import ( "os" "os/exec" "path/filepath" + "strings" "time" "github.com/microsoft/storm" @@ -178,6 +179,7 @@ func (h *AcrHelper) deleteImageIfExists(repository, tag string) error { checkCmd := exec.Command("az", "acr", "repository", "show", "--name", h.args.AcrName, "--image", imageName) + logrus.Debugf("Executing command: %s %s", checkCmd.Path, strings.Join(checkCmd.Args[1:], " ")) checkCmd.Stdout = os.Stdout checkCmd.Stderr = os.Stderr err := checkCmd.Run() From 9b1a162701982856584dbac9aa7a9c83be552c3e Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 21:15:57 +0000 Subject: [PATCH 60/65] print out command --- tools/storm/helpers/acr.go | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index 0b8eba161..b2903cd2c 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -195,6 +195,7 @@ func (h *AcrHelper) deleteImageIfExists(repository, tag string) error { "--name", h.args.AcrName, "--image", imageName, "--yes") + logrus.Debugf("Executing command: %s %s", deleteCmd.Path, strings.Join(deleteCmd.Args[1:], " ")) deleteCmd.Stdout = os.Stdout deleteCmd.Stderr = os.Stderr From 2cb047b02fa660f588b19192598b092b20c07fbf Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 22:14:55 +0000 Subject: [PATCH 61/65] remove stdout --- tools/storm/helpers/acr.go | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/tools/storm/helpers/acr.go b/tools/storm/helpers/acr.go index b2903cd2c..4de98c3d3 100644 --- a/tools/storm/helpers/acr.go +++ b/tools/storm/helpers/acr.go @@ -91,8 +91,6 @@ func (h *AcrHelper) generateTagBase() string { func (h *AcrHelper) loginToACR() error { logrus.Infof("Logging in to ACR: %s", h.args.AcrName) cmd := exec.Command("az", "acr", "login", "-n", h.args.AcrName) - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr return cmd.Run() } @@ -135,8 +133,6 @@ func (h *AcrHelper) pushImage(filePath, tag string) error { // Use ORAS to push the image cmd := exec.Command("oras", "push", fullImageName, fileName) cmd.Dir = dir - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr err := cmd.Run() if err != nil { return fmt.Errorf("oras push failed for %s: %w", filePath, err) @@ -154,9 +150,6 @@ func (h *AcrHelper) verifyImage(repository, tag string) error { cmd := exec.Command("az", "acr", "repository", "show", "--name", h.args.AcrName, "--image", fmt.Sprintf("%s:%s", repository, tag)) - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - return cmd.Run() } @@ -180,8 +173,6 @@ func (h *AcrHelper) deleteImageIfExists(repository, tag string) error { "--name", h.args.AcrName, "--image", imageName) logrus.Debugf("Executing command: %s %s", checkCmd.Path, strings.Join(checkCmd.Args[1:], " ")) - checkCmd.Stdout = os.Stdout - checkCmd.Stderr = os.Stderr err := checkCmd.Run() if err != nil { // Image doesn't exist, skip deletion @@ -196,8 +187,5 @@ func (h *AcrHelper) deleteImageIfExists(repository, tag string) error { "--image", imageName, "--yes") logrus.Debugf("Executing command: %s %s", deleteCmd.Path, strings.Join(deleteCmd.Args[1:], " ")) - deleteCmd.Stdout = os.Stdout - deleteCmd.Stderr = os.Stderr - return deleteCmd.Run() } From e3fd45297d72ade91f2babcc2f435747a3afeade Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 23:16:07 +0000 Subject: [PATCH 62/65] temporarily stop removing images from acr --- .../templates/stages/testing_vm/netlaunch-testing.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml index 01fb1fe3e..b5fbf9212 100644 --- a/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml +++ b/.pipelines/templates/stages/testing_vm/netlaunch-testing.yml @@ -323,11 +323,11 @@ stages: artifactsDirectory: artifacts/test-image netlistenPort: ${{variables.netlaunchPort}} - - template: ../common_tasks/remove-from-acr.yml - parameters: - repository: ${{ variables.testImageName }} - config: ${{ variables.tridentConfigurationName }} - deploymentEnvironment: "virtualMachine" + # - template: ../common_tasks/remove-from-acr.yml + # parameters: + # repository: ${{ variables.testImageName }} + # config: ${{ variables.tridentConfigurationName }} + # deploymentEnvironment: "virtualMachine" - bash: | set -eux From 2814a6aa278b160976112ae02fda7f36b98f7b97 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Thu, 30 Oct 2025 23:16:56 +0000 Subject: [PATCH 63/65] try mounting var etc --- .../trident_configurations/root-verity/trident-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml b/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml index 95e2ddca8..0c07d15c8 100644 --- a/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml +++ b/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml @@ -83,7 +83,7 @@ storage: source: new mountPoint: /var/lib/trident - deviceId: var - mountPoint: /var + mountPoint: /var/etc - deviceId: root mountPoint: path: / From e0940d1bfff08233f8cc30281bf0505a02826597 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 31 Oct 2025 04:14:19 +0000 Subject: [PATCH 64/65] fix mp --- .../trident_configurations/root-verity/trident-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml b/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml index 0c07d15c8..ce7014e18 100644 --- a/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml +++ b/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml @@ -83,7 +83,7 @@ storage: source: new mountPoint: /var/lib/trident - deviceId: var - mountPoint: /var/etc + mountPoint: /var/tmp - deviceId: root mountPoint: path: / From eac8ff889b92c9282bb187f642e93740dcd5cfe1 Mon Sep 17 00:00:00 2001 From: Ayana Yaegashi Date: Fri, 31 Oct 2025 05:52:01 +0000 Subject: [PATCH 65/65] define new device --- .../root-verity/trident-config.yaml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml b/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml index ce7014e18..e1b0da5b9 100644 --- a/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml +++ b/tests/e2e_tests/trident_configurations/root-verity/trident-config.yaml @@ -43,6 +43,12 @@ storage: - id: var type: linux-generic size: 1G + - id: exts-a + type: linux-generic + size: 1G + - id: exts-b + type: linux-generic + size: 1G - id: disk2 device: /dev/disk/by-path/pci-0000:00:1f.2-ata-3 partitionTableType: gpt @@ -61,6 +67,9 @@ storage: - id: trident-overlay volumeAId: trident-overlay-a volumeBId: trident-overlay-b + - id: exts + volumeAId: exts-a + volumeBId: exts-b verity: - id: root name: root @@ -83,7 +92,9 @@ storage: source: new mountPoint: /var/lib/trident - deviceId: var - mountPoint: /var/tmp + mountPoint: /var + - deviceId: exts + mountPoint: /var/lib - deviceId: root mountPoint: path: /