2424# * SKIPVALIDATEREOFFERUPDATE - is always set to True
2525# * BUILD_DATE
2626
27-
2827# First we validate the branch. DRY_RUN is only allowed to be false on release branches - which are of the form
2928# windows/vYYYYMMDD. If we're on the release branch then we also override SIG_FOR_PRODUCTION, because this is a production build.
3029# for dry runs, we set SIG_FOR_PRODUCTION to false.
@@ -34,34 +33,34 @@ echo "Checking SourceBranch: ${BRANCH}"
3433
3534# Check if IS_RELEASE_PIPELINE is already set in the environment
3635if [ -z " ${IS_RELEASE_PIPELINE:- } " ; then
37- if echo " ${BRANCH} " | grep -E ' ^refs/heads/windows/v[[:digit:]]{8}$' > /dev/null; then
38- echo " The branch ${BRANCH} is a release branch. Setting IS_RELEASE_PIPELINE to True."
39- export IS_RELEASE_PIPELINE=" True"
40- echo " ##vso[task.setvariable variable=IS_RELEASE_PIPELINE]True"
41- else
42- echo " The branch ${BRANCH} is not a release branch. Setting IS_RELEASE_PIPELINE to False."
43- export IS_RELEASE_PIPELINE=" False"
44- echo " ##vso[task.setvariable variable=IS_RELEASE_PIPELINE]False"
45- fi
36+ if echo " ${BRANCH} " | grep -E ' ^refs/heads/windows/v[[:digit:]]{8}$' > /dev/null; then
37+ echo " The branch ${BRANCH} is a release branch. Setting IS_RELEASE_PIPELINE to True."
38+ export IS_RELEASE_PIPELINE=" True"
39+ echo " ##vso[task.setvariable variable=IS_RELEASE_PIPELINE]True"
40+ else
41+ echo " The branch ${BRANCH} is not a release branch. Setting IS_RELEASE_PIPELINE to False."
42+ export IS_RELEASE_PIPELINE=" False"
43+ echo " ##vso[task.setvariable variable=IS_RELEASE_PIPELINE]False"
44+ fi
4645fi
4746
4847if [ " ${IS_RELEASE_PIPELINE} " = " True" ; then
49- if [ " ${DRY_RUN} " = " True" ; then
50- echo " This is a test build triggered from the release pipeline"
51- else
52- echo " This is a release build triggered from the release pipeline. DRY_RUN=${DRY_RUN} "
53-
54- if ! (echo " ${BRANCH} " | grep -E ' ^refs/heads/windows/v[[:digit:]]{8}$' > /dev/null); then
55- echo " The branch ${BRANCH} is not release branch. Please use the release branch. Release branch name format: windows/vYYYYMMDD."
56- exit 1
48+ if [ " ${DRY_RUN} " = " True" ; then
49+ echo " This is a test build triggered from the release pipeline"
50+ else
51+ echo " This is a release build triggered from the release pipeline. DRY_RUN=${DRY_RUN} "
52+
53+ if ! (echo " ${BRANCH} " | grep -E ' ^refs/heads/windows/v[[:digit:]]{8}$' > /dev/null); then
54+ echo " The branch ${BRANCH} is not release branch. Please use the release branch. Release branch name format: windows/vYYYYMMDD."
55+ exit 1
56+ fi
57+ echo " ##vso[task.setvariable variable=SIG_FOR_PRODUCTION]True"
5758 fi
58- echo " ##vso[task.setvariable variable=SIG_FOR_PRODUCTION]True"
59- fi
6059else
61- echo " This is a test build triggered from the test pipeline"
62- export DRY_RUN=True
63- echo " ##vso[task.setvariable variable=DRY_RUN]$DRY_RUN " ;
64- echo " ##vso[task.setvariable variable=SIG_FOR_PRODUCTION]False"
60+ echo " This is a test build triggered from the test pipeline"
61+ export DRY_RUN=True
62+ echo " ##vso[task.setvariable variable=DRY_RUN]$DRY_RUN "
63+ echo " ##vso[task.setvariable variable=SIG_FOR_PRODUCTION]False"
6564fi
6665
6766export MODE=" windowsVhdMode"
@@ -74,32 +73,33 @@ echo "Original SIG_IMAGE_VERSION: ${SIG_IMAGE_VERSION:-}"
7473
7574# -n is "not empty"
7675if [ -n " ${SIG_GALLERY_NAME:- } " && [ -n " ${SIG_IMAGE_NAME_PREFIX:- } " && [ -n " ${SIG_IMAGE_VERSION:- } " ; then
77- echo " All of Name, Prefix, and Version have been set"
78- export SIG_IMAGE_NAME=" ${SIG_IMAGE_NAME_PREFIX} -${WINDOWS_SKU} "
76+ echo " All of Name, Prefix, and Version have been set"
77+ export SIG_IMAGE_NAME=" ${SIG_IMAGE_NAME_PREFIX} -${WINDOWS_SKU} "
7978else
80- echo " At least on of the name, prefix or version are empty. Overwriting all values. "
81- export SIG_IMAGE_VERSION=" $( date +" %y%m%d" ) $( date +" %H%M%S" ) $RANDOM "
82- export SIG_IMAGE_NAME=" windows-${WINDOWS_SKU} "
83- export SIG_GALLERY_NAME=" PackerSigGalleryEastUS"
79+ echo " At least on of the name, prefix or version are empty. Overwriting all values. "
80+ export SIG_IMAGE_VERSION=" $( date +" %y%m%d" ) $( date +" %H%M%S" ) $RANDOM "
81+ export SIG_IMAGE_NAME=" windows-${WINDOWS_SKU} "
82+ export SIG_GALLERY_NAME=" PackerSigGalleryEastUS"
8483
85- export WS_SKU=$( echo $WINDOWS_SKU | tr ' -' ' _' )
84+ export WS_SKU=$( echo $WINDOWS_SKU | tr ' -' ' _' )
8685fi
8786
8887if [ " ${USE_RELEASE_DATE:- } " = " False" ; then
89- echo " use current date as build date" ; BUILD_DATE=$( date +" %y%m%d" )
88+ echo " use current date as build date"
89+ BUILD_DATE=$( date +" %y%m%d" )
9090else
91- echo " use release date as build date"
92- echo " ${RELEASE_DATE:- } " | grep -E ' [[:digit:]]{6}'
93- if (( $? != 0 )) ; then
94- echo " The release date ${RELEASE_DATE} is not valid date. Release date format: YYMMDD."
95- exit 1
96- fi
97- export BUILD_DATE=${RELEASE_DATE}
91+ echo " use release date as build date"
92+ echo " ${RELEASE_DATE:- } " | grep -E ' [[:digit:]]{6}'
93+ if (( $? != 0 )) ; then
94+ echo " The release date ${RELEASE_DATE} is not valid date. Release date format: YYMMDD."
95+ exit 1
96+ fi
97+ export BUILD_DATE=${RELEASE_DATE}
9898fi
9999echo " Default BUILD_DATE is $BUILD_DATE "
100100if [ -n " ${CUSTOM_BUILD_DATE:- } " ; then
101- echo " set BUILD_DATE to ${CUSTOM_BUILD_DATE} "
102- export BUILD_DATE=${CUSTOM_BUILD_DATE}
101+ echo " set BUILD_DATE to ${CUSTOM_BUILD_DATE} "
102+ export BUILD_DATE=${CUSTOM_BUILD_DATE}
103103fi
104104
105105echo " Modified SIG_IMAGE_VERSION: ${SIG_IMAGE_VERSION} "
@@ -120,6 +120,66 @@ export MANAGED_SIG_ID="$(cat packer-output | grep -a "ManagedImageSharedImageGal
120120echo " Found OS_DISK_URI: ${OS_DISK_URI} "
121121echo " Found MANAGED_SIG_ID: ${MANAGED_SIG_ID} "
122122
123+ # Break gallery lineage if the build was sourced from a shared gallery.
124+ # Sometimes Azure requires AutomaticOSUpgrade on VMSS created from images with gallery lineage.
125+ # Re-creating the SIG image version from a managed disk severs that association.
126+ sig_source_gallery_name=$( jq -r " .WindowsBaseVersions.\" ${WINDOWS_SKU} \" .sig_source_gallery_name // empty" < vhdbuilder/packer/windows/windows_settings.json)
127+ if [ -n " ${sig_source_gallery_name} " && [ -n " ${MANAGED_SIG_ID} " ; then
128+ echo " Build sourced from gallery '${sig_source_gallery_name} ' — breaking gallery lineage on SIG image version"
129+ LINEAGE_DISK_NAME=" lineage-break-${SIG_IMAGE_NAME} -$( date +%s) "
130+ LOCATION=" ${AZURE_LOCATION} "
131+
132+ echo " Creating managed disk from SIG image version..."
133+ az disk create \
134+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
135+ --name " ${LINEAGE_DISK_NAME} "
136+ --gallery-image-reference " ${MANAGED_SIG_ID} "
137+ --location " ${LOCATION} "
138+ --hyper-v-generation " ${HYPERV_GENERATION:- V2} "
139+ --os-type Windows \
140+ -o none
141+
142+ DISK_ID=" /subscriptions/${SUBSCRIPTION_ID} /resourceGroups/${AZURE_RESOURCE_GROUP_NAME} /providers/Microsoft.Compute/disks/${LINEAGE_DISK_NAME} "
143+ echo " Created disk: ${DISK_ID} "
144+
145+ echo " Deleting original SIG image version..."
146+ az sig image-version delete \
147+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
148+ --gallery-name " ${SIG_GALLERY_NAME} "
149+ --gallery-image-definition " ${SIG_IMAGE_NAME} "
150+ --gallery-image-version " ${SIG_IMAGE_VERSION} "
151+
152+ echo " Waiting for deletion to propagate..."
153+ az sig image-version wait \
154+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
155+ --gallery-name " ${SIG_GALLERY_NAME} "
156+ --gallery-image-definition " ${SIG_IMAGE_NAME} "
157+ --gallery-image-version " ${SIG_IMAGE_VERSION} "
158+ --deleted 2> /dev/null || sleep 30
159+
160+ echo " Re-creating SIG image version from managed disk (no gallery lineage)..."
161+ az sig image-version create \
162+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
163+ --gallery-name " ${SIG_GALLERY_NAME} "
164+ --gallery-image-definition " ${SIG_IMAGE_NAME} "
165+ --gallery-image-version " ${SIG_IMAGE_VERSION} "
166+ --os-snapshot " ${DISK_ID} "
167+ --location " ${LOCATION} "
168+ --replica-count 1 \
169+ -o none
170+
171+ NEW_SIG_ID=" /subscriptions/${SUBSCRIPTION_ID} /resourceGroups/${AZURE_RESOURCE_GROUP_NAME} /providers/Microsoft.Compute/galleries/${SIG_GALLERY_NAME} /images/${SIG_IMAGE_NAME} /versions/${SIG_IMAGE_VERSION} "
172+ echo " New SIG image version (lineage-free): ${NEW_SIG_ID} "
173+ export MANAGED_SIG_ID=" ${NEW_SIG_ID} "
174+
175+ echo " Cleaning up temporary disk..."
176+ az disk delete --resource-group " ${AZURE_RESOURCE_GROUP_NAME} " " ${LINEAGE_DISK_NAME} "
177+
178+ echo " Gallery lineage successfully broken"
179+ else
180+ echo " Build was not sourced from a gallery — no lineage breaking needed"
181+ fi
182+
123183# if bash is echoing the commands, then ADO processes both the echo of the command to set the variable and the command itself.
124184# This causes super odd behavior in ADO.
125185set +x
0 commit comments