@@ -120,6 +120,66 @@ export MANAGED_SIG_ID="$(cat packer-output | grep -a "ManagedImageSharedImageGal
120120echo " Found OS_DISK_URI: ${OS_DISK_URI} "
121121echo " Found MANAGED_SIG_ID: ${MANAGED_SIG_ID} "
122122
123+ # Break gallery lineage if the build was sourced from a shared gallery.
124+ # Sometimes Azure requires AutomaticOSUpgrade on VMSS created from images with gallery lineage.
125+ # Re-creating the SIG image version from a managed disk severs that association.
126+ sig_source_gallery_name=$( jq -r " .WindowsBaseVersions.\" ${WINDOWS_SKU} \" .sig_source_gallery_name // empty" < vhdbuilder/packer/windows/windows_settings.json)
127+ if [ -n " ${sig_source_gallery_name} " && [ -n " ${MANAGED_SIG_ID} " ; then
128+ echo " Build sourced from gallery '${sig_source_gallery_name} ' — breaking gallery lineage on SIG image version"
129+ LINEAGE_DISK_NAME=" lineage-break-${SIG_IMAGE_NAME} -$( date +%s) "
130+ LOCATION=" ${AZURE_LOCATION} "
131+
132+ echo " Creating managed disk from SIG image version..."
133+ az disk create \
134+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
135+ --name " ${LINEAGE_DISK_NAME} "
136+ --gallery-image-reference " ${MANAGED_SIG_ID} "
137+ --location " ${LOCATION} "
138+ --hyper-v-generation " ${HYPERV_GENERATION:- V2} "
139+ --os-type Windows \
140+ -o none
141+
142+ DISK_ID=" /subscriptions/${SUBSCRIPTION_ID} /resourceGroups/${AZURE_RESOURCE_GROUP_NAME} /providers/Microsoft.Compute/disks/${LINEAGE_DISK_NAME} "
143+ echo " Created disk: ${DISK_ID} "
144+
145+ echo " Deleting original SIG image version..."
146+ az sig image-version delete \
147+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
148+ --gallery-name " ${SIG_GALLERY_NAME} "
149+ --gallery-image-definition " ${SIG_IMAGE_NAME} "
150+ --gallery-image-version " ${SIG_IMAGE_VERSION} "
151+
152+ echo " Waiting for deletion to propagate..."
153+ az sig image-version wait \
154+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
155+ --gallery-name " ${SIG_GALLERY_NAME} "
156+ --gallery-image-definition " ${SIG_IMAGE_NAME} "
157+ --gallery-image-version " ${SIG_IMAGE_VERSION} "
158+ --deleted 2> /dev/null || sleep 30
159+
160+ echo " Re-creating SIG image version from managed disk (no gallery lineage)..."
161+ az sig image-version create \
162+ --resource-group " ${AZURE_RESOURCE_GROUP_NAME} "
163+ --gallery-name " ${SIG_GALLERY_NAME} "
164+ --gallery-image-definition " ${SIG_IMAGE_NAME} "
165+ --gallery-image-version " ${SIG_IMAGE_VERSION} "
166+ --os-snapshot " ${DISK_ID} "
167+ --location " ${LOCATION} "
168+ --replica-count 1 \
169+ -o none
170+
171+ NEW_SIG_ID=" /subscriptions/${SUBSCRIPTION_ID} /resourceGroups/${AZURE_RESOURCE_GROUP_NAME} /providers/Microsoft.Compute/galleries/${SIG_GALLERY_NAME} /images/${SIG_IMAGE_NAME} /versions/${SIG_IMAGE_VERSION} "
172+ echo " New SIG image version (lineage-free): ${NEW_SIG_ID} "
173+ export MANAGED_SIG_ID=" ${NEW_SIG_ID} "
174+
175+ echo " Cleaning up temporary disk..."
176+ az disk delete --resource-group " ${AZURE_RESOURCE_GROUP_NAME} " " ${LINEAGE_DISK_NAME} "
177+
178+ echo " 1P gallery lineage successfully broken"
179+ else
180+ echo " Build was not sourced from a gallery — no lineage breaking needed"
181+ fi
182+
123183# if bash is echoing the commands, then ADO processes both the echo of the command to set the variable and the command itself.
124184# This causes super odd behavior in ADO.
125185set +x
0 commit comments