Azure
diff --git a/‎devops/e2e/cloudtest/README.md
+1-1 b/‎devops/e2e/cloudtest/README.md
+1-1
diff --git a/‎src/tests/universal-nrp-e2e/README.md
+9-12 b/‎src/tests/universal-nrp-e2e/README.md
+9-12
diff --git a/‎src/tests/universal-nrp-e2e/StartLocalTest.sh
+58-14 b/‎src/tests/universal-nrp-e2e/StartLocalTest.sh
+58-14
@@ -18,4 +18,4 @@ In addition to performing distro specific setup for [Preparing Linux for imaging
 
  # Azure Helpers
 
- The PowerShell module [AzureInfrastructureHelpers.psm1](./AzureInfrastructureHelpers.psm1) provides the `Create-AzureManagedDisk` PowerShell cmdlet which helps onboard a generalized Hyper-V Linux VHD into an Azure Compute Gallery. See the internal documentation for full onboarding instructions.
+ The PowerShell module [AzureInfrastructureHelpers.psm1](./AzureInfrastructureHelpers.psm1) provides the `Create-AzureManagedDisk` PowerShell cmdlet which helps onboard a generalized Hyper-V Linux VHD into an Azure Compute Gallery. See the internal documentation for full onboarding instructions ([Onboarding new VM Images](https://eng.ms/docs/cloud-ai-platform/azure-edge-platform-aep/aep-security/ens-enterprise-and-security/commercial-fist/edge-security-platform-documentation/teams/est/osconfig/linux/readme#onboarding-new-vm-images)).
@@ -15,13 +15,13 @@ To perform tests on VMs the `StartVMTest.sh` allows you to perform tests on spec
  - cloud-image-utils
 
 ## Example
-The following example performs tests on an [Ubuntu Noble cloud image](https://cloud-images.ubuntu.com/noble/current/) on the AzureLinuxBaseline.zip (built in directory tree) which has 168 resources defined.
+The following example performs tests on an [Ubuntu Noble cloud image](https://cloud-images.ubuntu.com/noble/current/) on the AzureLinuxBaseline.zip (built in directory tree).
 ```sh
 # Download image https://cloud-images.ubuntu.com/
 wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
 # Add 2Gb to filesystem in order to install all necessary dependencies
 qemu-img resize noble-server-cloudimg-amd64.img +2G
-./StartVMTest.sh -i noble-server-cloudimg-amd64.img -p ../../build/AzureLinuxBaseline.zip -c 168
+./StartVMTest.sh -i noble-server-cloudimg-amd64.img -p ../../build/AzureLinuxBaseline.zip
 ```
 Once completed, log archives are created under `_<distro-image>` directory (in this case __focal-server-cloudimg-amd64.img_) which contain the JUnit test report along with the osconfig logs contained under `/var/log/osconfig*`
 
@@ -35,7 +35,7 @@ You need to copy over the following files onto the target machine:
 
 ## Example
 ```sh
-./StartLocalTest.sh -p AzureLinuxBaseline.zip -c 168
+./StartLocalTest.sh -p AzureLinuxBaseline.zip
 ```
 
 # Testing all supported distributions (Internal-Only)
@@ -63,7 +63,7 @@ Usage: ./StartTests.sh [-r run-id] [-m vm-memory-mb] [-j max-concurrent-jobs]
 ## Testing locally/directly on target machine
 Although `StartLocalTest.sh` can be used to simply test a policy package, it can also invoke "Stages" which is used by the `StartVMTest.sh` to orchestrate tests on the VM through its ssh session and provide accurate exit codes for error reporting. It also provides the `-g` flag used to [generalize the image](#generalizing-a-vm-image) which is useful when preparing an image that will be reused/shared.
 ```
-Usage: ./StartLocalTest.sh [-s stage-name] [-p policy-package.zip -c resource-count [-r]]
+Usage: ./StartLocalTest.sh [-s stage-name] [-p policy-package.zip [-r]]
         -s stage-name:         Specify the stage name. Valid options are: dependency_check, run_tests, collect_logs.
                                If no stage is specified, all stages will be executed in this order:
                                     dependency_check, run_tests, collect_logs
@@ -79,8 +79,6 @@ Usage: ./StartLocalTest.sh [-s stage-name] [-p policy-package.zip -c resource-co
 
         -p policy-package.zip:  The Azure Policy Package to test
 
-        -c resource-count:      The number of resources to validate, tests will fail if this doesn't match (Default: 0)
-
         -r remediate-flag:      When the flag is enabled, performs remediation on the Policy Package (Default: No remediation performed)
 
         -g generalize-flag:     Generalize the current machine for tests. Performs the following:
@@ -91,18 +89,17 @@ Usage: ./StartLocalTest.sh [-s stage-name] [-p policy-package.zip -c resource-co
 
 ## Testing on VMs
 ```
-Usage: ./StartVMTest.sh [-i /path/to/image.img -p /path/to/policypackage.zip -c resource-count [-g]] [-m 512] [-r] [-d]
-       -i Image Path:            Path to the image qcow2 format
+Usage: ./StartVMTest.sh [-i image.img -p policypackage.zip [-r]] [-i image.img -g] [-m 512] [-d]
+       -i Image Path:            Path to the image (raw or qcow2 format)
        -p Policy Package:        Path to the policy package
-       -c Resource Count:        The number of resources to validate, tests will fail if this doesn't match (Default: 0)
        -m VM Memory (Megabytes): Size of VMs RAM (Default: 512)
        -r Remediation:           Perform remediation flag (Default: false)
        -g Generalize Flag:       Generalize the current machine for tests. Performs the following:
                                    - Remove logs and tmp directories
                                    - Clean package management cache
                                    - Clean cloud-init flags to reset cloud-init to initial-state
        -l Log Directory:         Directory used to place output logs
-       -d Debug Mode:            VM stays up for debugging (Default: false)
+       -d Debug Mode Flag:       VM stays up for debugging (Default: false)
 ```
 ### VM Image Sources
 It's preferable for images to be "Cloud" images (contain cloud-init) as it makes tooling work out-of-box and does not require creating your own image of the distro and getting all the necessary packages/dependencies installed.
@@ -248,10 +245,9 @@ qemu-img convert -c -O qcow2 CentOS-7-x86_64-GenericCloud-2211.qcow2 CentOS-7-x8
 ```
 Let's try the image and ensure it works before widely sharing...
 ```
-./StartVMTest.sh -i CentOS-7-x86_64-GenericCloud-2211.qcow2 -p /mnt/c/Users/ahbenmes/Downloads/AzureLinuxBaseline.zip -c 168
+./StartVMTest.sh -i CentOS-7-x86_64-GenericCloud-2211.qcow2 -p /mnt/c/Users/ahbenmes/Downloads/AzureLinuxBaseline.zip
 Image path: CentOS-7-x86_64-GenericCloud-2211.qcow2.
 Policy package: /mnt/c/Users/ahbenmes/Downloads/AzureLinuxBaseline.zip.
-Resource count: 168.
 ...
 ...
 Tests Passed: 4, Failed: 0, Skipped: 0, Inconclusive: 0, NotRun: 0
@@ -288,5 +284,6 @@ az storage blob upload \
   --container-name diskimages \
   --name centos-7.qcow2 \
   --file CentOS-7-x86_64-GenericCloud-2211-Generalized.qcow2 \
+  --content-md5 $(md5sum CentOS-7-x86_64-GenericCloud-2211-Generalized.qcow2 | awk '{ print $1 }') \
   --auth-mode login
 ```
@@ -4,18 +4,20 @@
 # Description: This script orchestrates tests on a local machine. Installs dependencies,
 #              runs tests, and collects logs/reports. Returns an error code if any stage fails.
 #
-# Usage: ./StartLocalTest.sh [-s stage-name] [-p policy-package.zip -c resource-count [-r] [-g]]
+# Usage: ./StartLocalTest.sh [-s stage-name] [-p policy-package.zip [-r] [-g]] [-g]
 #        -s stage-name:         Specify the stage name. Valid options are: dependency_check, run_tests, collect_logs.
 #                               If no stage is specified, all stages will be executed in this order:
 #                                   dependency_check, run_tests, collect_logs
 #        -p policy-package.zip: The Azure Policy Package to test
-#        -c resource-count:     The number of resources to validate, tests will fail if this doesn't match (Default: 0)
 #        -r remediate-flag:     When the flag is enabled, performs remediation on the Policy Package (Default: No remediation performed)
 #        -g generalize-flag:    Generalize the current machine for tests. Performs the following:
 #                                   - Remove logs and tmp directories
 #                                   - Clean package management cache
 #                                   - Clean cloud-init flags to reset cloud-init to initial-state
+# Dependencies: curl, wget, unzip
 
+# Powershell and OMI are also required for the tests but they have different installation steps and do not use the distros package manager.
+dependencies=(curl wget unzip)
 powershell_version="7.4.6"
 powershell_uri="https://github.com/PowerShell/PowerShell/releases/download/v$powershell_version/powershell-$powershell_version-linux-x64.tar.gz"
 omi_base_uri="https://github.com/microsoft/omi/releases/download/v1.9.1-0/omi-1.9.1-0"
@@ -30,7 +32,7 @@ generalize=false
 use_sudo=false
 
 usage() {
-    echo "Usage: $0 [-s stage-name] [-p policy-package.zip -c resource-count [-r]]
+    echo "Usage: $0 [-s stage-name] [-p policy-package.zip [-r]] [-g]
         -s stage-name:         Specify the stage name. Valid options are: dependency_check, run_tests, collect_logs.
                                If no stage is specified, all stages will be executed in this order:
                                     dependency_check, run_tests, collect_logs
@@ -39,15 +41,14 @@ usage() {
                                 Checks for and installs them if not present:
                                     - Powershell +modules: MachineConfiguration, Pester
                                     - OMI
+                                    - unzip, curl, wget
 
             - run_tests:        Runs the tests (Powershell Pester Tests).
 
             - collect_logs:     Creates a tar.gz archive with the osconfig logs and JUnit Test Report
 
         -p policy-package.zip:  The Azure Policy Package to test
 
-        -c resource-count:      The number of resources to validate, tests will fail if this doesn't match (Default: 0)
-
         -r remediate-flag:      When the flag is enabled, performs remediation on the Policy Package (Default: No remediation performed)
 
         -g generalize-flag:     Generalize the current machine for tests. Performs the following:
@@ -57,8 +58,40 @@ usage() {
 
     exit 1;
 }
+
+install_package() {
+    if command -v apt &> /dev/null; then
+        sudo apt update
+        sudo apt install -y "$@"
+    elif command -v yum &> /dev/null; then
+        sudo yum update
+        sudo yum install -y "$@"
+    elif command -v dnf &> /dev/null; then
+        sudo dnf update
+        sudo dnf install -y "$@"
+    elif command -v zypper &> /dev/null; then
+        sudo zypper refresh
+        sudo zypper install -y "$@"
+    else
+        echo "Unsupported Linux distribution." >&2
+        exit 1
+    fi
+}
+_unzip() {
+    if ! command -v unzip &> /dev/null; then
+        echo "unzip not found. Installing unzip..." >&2
+        install_package unzip > /dev/null 2>&1
+    fi
+    unzip "$@"
+}
 dependency_check() {
     echo "Checking dependencies..."
+    for dep in "${dependencies[@]}"; do
+        if ! command -v $dep &> /dev/null; then
+            echo -e "\n$dep not found. Installing $dep..."
+            install_package $dep > /dev/null 2>&1
+        fi
+    done
     if ! pwsh --version > /dev/null 2>&1; then
         echo -e "\nPowershell not found. Installing Powershell..."
         # Download the powershell '.tar.gz' archive
@@ -125,6 +158,15 @@ dependency_check() {
     echo "done!"
     return 0
 }
+get_instance_count() {
+    local package=$1
+    local instanceCount=0
+    tempDir=$(mktemp -d)
+    _unzip -q $package -d $tempDir > /dev/null 2>&1
+    instanceCount=$(find $tempDir -name "${package%.*}.mof" -exec grep -c "instance of OsConfigResource as \$OsConfigResource" {} \;)
+    rm -rf $tempDir
+    echo $instanceCount
+}
 run_tests() {
     echo "Running tests..."
     echo "Policy Package: $policypackage"
@@ -168,7 +210,10 @@ EOF
 }
 generalize() {
     echo "Generalizing machine..."
+    # Clear bash history both for current user and root
+    rm -f ~/.bash_history
     do_sudo su -c "
+        rm -f ~/.bash_history
         # Clear system logs
         rm -rf /var/log/*
         # Clear authentication logs
@@ -212,7 +257,7 @@ do_sudo() {
     fi
 }
 
-OPTSTRING=":s:p:c:rg"
+OPTSTRING=":s:p:rg"
 
 while getopts ${OPTSTRING} opt; do
     case ${opt} in
@@ -227,9 +272,6 @@ while getopts ${OPTSTRING} opt; do
         p)
             policypackage=${OPTARG}
             ;;
-        c)
-            resourcecount=${OPTARG}
-            ;;
         r)
             remediation=true
             ;;
@@ -271,15 +313,17 @@ if [ $generalize = true ]; then
 fi
 
 if [ -z "$policypackage" ]; then
-    echo "Policy package not provided." 1>&2;
+    echo "Policy package not provided." >&2
     usage
 fi
-if [ "$resourcecount" -eq 0 ]; then
-    echo "Resource count not provided." 1>&2;
-    usage
+
+resourcecount=$(get_instance_count $policypackage)
+if [ -z "$resourcecount" ] || [ "$resourcecount" -eq 0 ]; then
+    echo "Resource count invalid: $resourcecount" >&2
+    exit 1
 fi
 if [ -z "$HOME/UniversalNRP.Tests.ps1" ]; then
-    echo "UniversalNRP.Tests.ps1 not found. Copy Powershell script into $HOME directory" 1>&2;
+    echo "UniversalNRP.Tests.ps1 not found. Copy Powershell script into $HOME directory" >&2
 fi
 
 if [ "$stageName" = "run_tests" ]; then
Original file line number	Diff line number	Diff line change
`@@ -18,4 +18,4 @@ In addition to performing distro specific setup for [Preparing Linux for imaging`
`18`	`18`
`19`	`19`	`# Azure Helpers`
`20`	`20`
`21`		- The PowerShell module [AzureInfrastructureHelpers.psm1](./AzureInfrastructureHelpers.psm1) provides the `Create-AzureManagedDisk` PowerShell cmdlet which helps onboard a generalized Hyper-V Linux VHD into an Azure Compute Gallery. See the internal documentation for full onboarding instructions.
	`21`	+ The PowerShell module [AzureInfrastructureHelpers.psm1](./AzureInfrastructureHelpers.psm1) provides the `Create-AzureManagedDisk` PowerShell cmdlet which helps onboard a generalized Hyper-V Linux VHD into an Azure Compute Gallery. See the internal documentation for full onboarding instructions ([Onboarding new VM Images](https://eng.ms/docs/cloud-ai-platform/azure-edge-platform-aep/aep-security/ens-enterprise-and-security/commercial-fist/edge-security-platform-documentation/teams/est/osconfig/linux/readme#onboarding-new-vm-images)).