Merged
Conversation
mxj220
requested review from
AbelHu,
Devinwong,
YaoC,
awesomenix,
calvin197,
cameronmeissner,
djsly,
ganeshkumarashok,
juan-lee,
junjiezhang1997,
lilypan26,
pdamianov-dev,
phealy,
r2k1,
timmy-wright,
yewmsft and
zachary-bailey
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
Adds support for installing/upgrading WALinuxAgent via the Azure wireserver manifest and running the install post-deprovision during VHD build, with accompanying VHD validation and regenerated CustomData snapshots.
Changes:
- Update packer deprovision steps to optionally run a post-deprovision WALinuxAgent install script.
- Add
installWALinuxAgent(wireserver/manifest-based) and a VHD content test validating the cached agent + waagent.conf settings. - Add a
walinuxagententry tocomponents.json, update build logging, capture waagent logs in e2e, and regenerate snapshot testdata.
Reviewed changes
Copilot reviewed 51 out of 78 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| vhdbuilder/packer/vhd-image-builder-mariner.json | Run post-deprovision WALinuxAgent install after waagent deprovision. |
| vhdbuilder/packer/vhd-image-builder-mariner-cvm.json | Same post-deprovision WALinuxAgent install hook (Mariner CVM). |
| vhdbuilder/packer/vhd-image-builder-mariner-arm64.json | Same post-deprovision WALinuxAgent install hook (Mariner arm64). |
| vhdbuilder/packer/vhd-image-builder-cvm.json | Same post-deprovision WALinuxAgent install hook (Ubuntu CVM). |
| vhdbuilder/packer/vhd-image-builder-base.json | Same post-deprovision WALinuxAgent install hook (Ubuntu base). |
| vhdbuilder/packer/vhd-image-builder-arm64-gen2.json | Same post-deprovision WALinuxAgent install hook (Ubuntu arm64 gen2). |
| vhdbuilder/packer/test/linux-vhd-content-test.sh | Add WALinuxAgent validation in VHD content tests. |
| vhdbuilder/packer/pre-install-dependencies.sh | Add OS variant detection. |
| vhdbuilder/packer/install-dependencies.sh | Add walinuxagent handling/logging in package loop. |
| vhdbuilder/packer/cleanup-vhd.sh | Generate post-deprovision WALinuxAgent install script driven by components.json. |
| pkg/agent/testdata/MarinerV2+Kata/CustomData | Regenerated CustomData snapshot. |
| pkg/agent/testdata/MarinerV2+CustomCloud/CustomData | Regenerated CustomData snapshot. |
| pkg/agent/testdata/Flatcar/CustomData.inner | Regenerated CustomData snapshot. |
| pkg/agent/testdata/CustomizedImageLinuxGuard/CustomData | Regenerated CustomData snapshot. |
| pkg/agent/testdata/CustomizedImageKata/CustomData | Regenerated CustomData snapshot. |
| pkg/agent/testdata/CustomizedImage/CustomData | Regenerated CustomData snapshot. |
| parts/linux/cloud-init/artifacts/cse_install.sh | Add manifest-based installWALinuxAgent implementation. |
| parts/common/components.json | Add walinuxagent downloadLocation entry. |
| e2e/vmss.go | Collect /var/log/waagent.log in VM log extraction. |
github-actions
bot
added
the
components
Member
I think this is a good idea (predictability, consistency, less work during first boot), I just want to call out for everyone's awareness that this means all nodepools running not-the-latest image versions will not get WALinuxAgent updates during their lifetime. Even when scaling existing nodepools, new nodes running older images will still be running the same waagent version. |
awesomenix
reviewed
Mar 5, 2026
awesomenix
reviewed
Mar 5, 2026
awesomenix
approved these changes
Mar 5, 2026
Contributor
awesomenix
left a comment
awesomenix
left a comment
There was a problem hiding this comment.
Everything looks good apart from AutoUpgradeToLatestVersion case.
aadhar-agarwal
added a commit
that referenced
this pull request
Mar 7, 2026
PR #7987 added post-deprovision WALinuxAgent install but the guard in packer_source.sh only excluded Flatcar, not ACL. ACL also does not upload these files via its packer JSON, causing the same exit code 113 failure pattern. Adds isACL to the guard and skips testWALinuxAgentInstalled for AzureContainerLinux. Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com>
djsly
reviewed
Mar 13, 2026
djsly
reviewed
Mar 13, 2026
djsly
reviewed
Mar 13, 2026
djsly
reviewed
Mar 13, 2026
djsly
reviewed
Mar 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Upgrades WALinuxAgent through manifest to preserve existing configurations but support the latest features (including FIPS 140-3 compatibility). Upgrading during build means that the customer faces no waagent update delays during AKS boot, as the latest version is baked into the VHD.
This update also blocks the WALinuxAgent from automatically updating afterwards.
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #