feat: windows cse ensure oras and reserve some exit code for network isolated cluster#7995
feat: windows cse ensure oras and reserve some exit code for network isolated cluster#7995
Conversation
fseldow
requested review from
AbelHu,
Devinwong,
awesomenix,
calvin197,
cameronmeissner,
djsly,
ganeshkumarashok,
juan-lee,
junjiezhang1997,
lilypan26,
mxj220,
pdamianov-dev,
phealy,
r2k1,
timmy-wright and
zachary-bailey
as code owners
fseldow
changed the title
fseldow
changed the title
There was a problem hiding this comment.
Pull request overview
Adds initial ORAS bootstrap support for network-isolated Windows clusters and reserves dedicated exit codes to classify ORAS-related failures.
Changes:
- Introduces
Ensure-Orasto install ORAS from a cached archive on Windows nodes. - Reserves/records new ORAS-related Windows CSE exit codes and registers them in
ErrorCodeNames. - Wires ORAS bootstrapping into
BasePrepwhen a bootstrap profile registry server is configured, and adds Pester coverage.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
| parts/windows/windowscsehelper.tests.ps1 | Adds Pester tests covering Ensure-Oras success and failure paths. |
| parts/windows/windowscsehelper.ps1 | Adds ORAS-related exit codes and implements Ensure-Oras. |
| parts/windows/kuberneteswindowssetup.ps1 | Defines ORAS globals for network-isolated clusters and calls Ensure-Oras during base prep. |
| $global:BOOTSTRAP_PROFILE_CONTAINER_REGISTRY_SERVER="{{GetBootstrapProfileContainerRegistryServer}}" | ||
| $global:MCR_REPOSITORY_BASE="{{GetMCRRepositoryBase}}" | ||
| $global:BootstrapProfileContainerRegistryServer="{{GetBootstrapProfileContainerRegistryServer}}" | ||
| $global:MCRRepositoryBase="{{GetMCRRepositoryBase}}" |
There was a problem hiding this comment.
These variables (MCR_REPOSITORY_BASE and BOOTSTRAP_PROFILE_CONTAINER_REGISTRY_SERVER) are used in "containerdfunc.ps1". This file is cached on the VHD so will not be updateded in older VHDs. This will create an inconsistency when we bootstrap older VHDS and potentially cause bootstrap/provision failure. Please change back to the old variable name.
There was a problem hiding this comment.
the variable BOOTSTRAP_PROFILE_CONTAINER_REGISTRY_SERVER is added in #7902
I think there is no vhd released since that time?
There was a problem hiding this comment.
Besides, when network isolated cluster allow windows for preview, i will setup one minimun supported vhd version for this feature. So it should not appear old vhd with old variable name
For non-network isolated cluster,
if ((Test-Path variable:global:BOOTSTRAP_PROFILE_CONTAINER_REGISTRY_SERVER) -and -not [string]::IsNullOrEmpty($global:BOOTSTRAP_PROFILE_CONTAINER_REGISTRY_SERVER)) {
should directly return false, if no BOOTSTRAP_PROFILE_CONTAINER_REGISTRY_SERVER is defined, which is by expected
What this PR does / why we need it:
init oras and reserve some exit code for network isolated cluster
Which issue(s) this PR fixes:
Fixes #