Skip to content

infra: Add AZL4 builder infrastructure and image acquisition#680

Draft
Britel wants to merge 5 commits into
user/britel/azl4-2b-bls-grubfrom
user/britel/azl4-5a-builder-infra
Draft

infra: Add AZL4 builder infrastructure and image acquisition#680
Britel wants to merge 5 commits into
user/britel/azl4-2b-bls-grubfrom
user/britel/azl4-5a-builder-infra

Conversation

@Britel

@Britel Britel commented Jun 8, 2026

Copy link
Copy Markdown
Collaborator

Summary

Adds the CI pipeline infrastructure to build AZL4 test images: base VHDX acquisition from the AZL preview gallery, MIC container from MCR, blob download tooling, and the AZL4 build pipeline stages.

Part 4 of the AZL4 enablement stack. Depends on PR #679 (BLS entry support).

Changes

Base VHDX acquisition

  • Download AZL4 base VHDX from the AZL preview gallery's backing storage (azlpubdev2mruiyvi/images-dev)
  • Pin to daily version 4.0.2026051502 (Beta build)
  • Add blobSubscription parameter for cross-subscription context (storage account is in a different subscription than the service connection)
  • BlobImageManifest with file_suffix=".vhdfixed" for the gallery's VHD format

MIC container

  • Use released imagecustomizer:1.4.0-1 from MCR (AZL4 support included)
  • Pull + tag locally so testimages.py can reference by short name

Pipeline stages

  • build-image-azl4.yml — AZL4 stage wrapper (mirrors AZL3's build-image.yml)
  • build-image-template-azl4.yml — AZL4 step template (blob download + MIC build)

Blob download tooling

  • download.pydownload_blob_image() with date-versioned blob selection and atomic download
  • BlobImageManifest dataclass in builder/__init__.py
  • _BLOB_NAME_VERSION_RE regex for AZL4 date format (4.0.YYYYMMDDNN)

Testing

  • Pipeline build 1133385: AZL4 image builds succeeded (both qcow2 base and COSI)
  • All AZL3 stages passed

PR Stack

# PR Description Diff
1 #642 AZL4 distro detection + GRUB update path vs main
2 #672 Generic EFI vendor-dir discovery + AZL4 ESP vs PR-1
3 #679 BLS entry support for boot arg extraction vs PR-2
4 this Builder infra + image acquisition vs PR-3
5 Image configs + pipeline stages vs PR-4
6 BM-simulated netlaunch stage vs PR-5
7 qcow2 base + offline-init vs PR-6
8 VM rollback test stage vs PR-7

Britel and others added 5 commits June 5, 2026 12:37
@Britel
infra: Add AZL4 builder infrastructure and image acquisition
1796dfc 
Adds AZL4 build pipeline stages with MCR-hosted MIC container,
BlobImageManifest class for ACG blob source downloads,
and service connection runbook.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Britel
fix: Tag MCR MIC container with local short name after pull
eae6848 
testimages.py runs docker with the short tag (imagecustomizer:1.4.0-1)
but docker pull uses the full MCR path. Without a local tag, docker run
fails with 'pull access denied'.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Britel
docs: Update TODOs to not assume AzureLinuxArtifacts feed for AZL4
73835d5 
AZL4 base VHDXes may continue to come from blob storage rather than
the ADO feed. The trident-service RPM will come from an AZL4 package
repo, not ADO. Update comments to reflect this.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Britel
fix: Remove SERVICE-CONNECTION-RUNBOOK from public repo
9dabb18 
Contains internal infrastructure details (UAMI names, principal IDs,
subscription IDs, FIC configuration) that should not be published
to a public GitHub repository.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Britel
docs: Trim verbose CLI help strings in testimages.py
f81d73e 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Britel