Andsmi/ea module start mode #11
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Issue: The release pipeline uploads debug and development packages to GitHub release page even if the build is configured under `release` mode. Fixes: - Disabled the build of RPM debug artifact for Centos7 - Disabled DownloadIdentityService.ps1 from downloading debug or developing artifacts. - Updated display name for a pipeline task ## Azure IoT Edge PR checklist:
The `/images/create` Docker API returns a stream of JSON objects whose last one indicates success (irrespective of initial status code). `release/1.2` properly handles this, but the corrected handling was lost during the upgrade to `async/await`. These changes reintroduce the correct handling and add verification tests. ## Azure IoT Edge PR checklist:
This change makes several updates to schedule triggers in various pipelines to bring them up to date and make them more consistent with one another: - Update triggers to target release/1.3 instead of release/1.2. Note that, given how [schedule triggers work](https://docs.microsoft.com/en-us/azure/devops/pipelines/process/scheduled-triggers?view=azure-devops&tabs=yaml#branch-considerations-for-scheduled-triggers) in Azure pipelines, these changes in `main` won't actually impact the schedules in `release/1.2` or `release/1.3`. To do that, we'll need to make changes in the respective branches. Azure#6453 covers `release/1.2`, and I'll merge this change into `release/1.3` as well. - In cases where schedule triggers are found in other branches besides `main` for a given pipeline, bring those changes into `main` for consistency. Again, this doesn't actually change how the schedule triggers will work, it simply brings all the information together into one place. - In nested-e2e.yaml, restore time offsets to "0 0 ..." and "0 12 ..." for consistency with other pipelines, since it no longer shares test agents with the recently removed nested connectivity pipeline. - In upgrade-scenarios.yaml, fix a problem where the schedule trigger was only firing for `main`. We want it to fire for the release branches as well. - In service-deployment.yaml, update the schedule trigger to be consistent with how it's defined in `release/1.1`. - Remove trailing whitespace as needed. ## Azure IoT Edge PR checklist:
…#6463) This was an oversight when forward-porting from release/1.2; configuration items for additional information are no longer renamed during merging. ## Azure IoT Edge PR checklist:
Updates the iotedge config apply tool to enable automatic renewal of the Edge CA by default.
During the `tokio 0.1` to `1.0` transition, non-successful error codes originating from the underlying container runtime were subsumed into `HTTP 500` responses. So, for example, it would not be possible to determine through the management API whether a module operation failed due to the module being missing or due to some other internal error. This PR restores error code propagation from the container runtime through the management API. Propagation was manually verified with `curl` in the interest of time. The large line removal count is due to the deletion of unused code: some already unreferenced (e.g. `edgelet_core::logs`), others no longer supported (e.g. `edgelet_docker::notary`). The most substantial structural code change is in `docker::apis::client`, which now uses `hyper` directly instead of using `http_common`. ## Azure IoT Edge PR checklist:
Publish to `unlisted/azureiotedge-diagnostics` instead of `public/azureiotedge-diagnostics` to not cobble Discovery Portal with self-debugging module. Related PR: microsoft/mcr#2040, Azure#6484 ## Azure IoT Edge PR checklist:
Although arm64 1ES-hosted agents are still in preview, we are now able to define a custom arm64 agent image instead of using the generic Ubuntu arm64 image supplied by 1ES. That means all dependencies are pre-installed on the agent; we no longer have to install software dependencies at runtime. This change removes `builds/templates/prep-arm-agent.yaml` from this repo. To test, I ran the build images, compatibility, and end-to-end test pipelines and confirmed the new arm64 agent was used.
Recently, Microsoft Linux Repository Admins required that RHEL8.X RPM packages to be signed before the packages be admitted to the packages.microsoft.com. This PR improves our build pipeline to incorporate ESRP signing into our release process. Also corrected the iot-identity-service version dependency. Cherry-picked: Azure@7cfa686 , Azure@935d7d1, Azure@39df17e ## Azure IoT Edge PR checklist:
This is our monthly toolchain upgrade to the latest stable version. Since iotedge/edgelet is a binary package, we want to be tracking Rust compiler releases closely in the event a stdlib vulnerability is found. We do not pin to "stable", however, since that has caused pipeline breakage when some code patterns are made illegal (like in the upgrade from 1.47 to 1.48 [^0]) or, more often, clippy lints are added. - Use $crate metavariable in macros referencing crate - Remove `let () = ..` - Fix build failure in edgehub-proxy [^0]: https://github.com/rust-lang/rust/blob/master/RELEASES.md#compatibility-notes-11 Namely, the point on `mem::uninitialized`. ## Azure IoT Edge PR checklist:
Adds the Mariner builds present in the release/1.2 pipeline to the main branch ## Azure IoT Edge PR checklist:
When we build our Docker images for official release, we want to be able to override, at build time, the source images specified in the `FROM` statements in our Dockerfiles. Specifically, we want to base our Docker images on source images that meet Microsoft's security policy requirements. Most of our Docker images are already based on .NET source images from mcr.microsoft.com (which meet the policy), but a few are based on source images from DockerHub, e.g., alpine. In those cases, this new logic will allow us to use Microsoft's internally available "golden" images instead. People in the community who clone this repo will still be able to build our Docker images because the `FROM` statements haven't changed; they still refer to publicly available source images. And there should be effectively no difference between the source images we use in our official builds and the source images in our Dockerfiles. Build-time replacement is achieved using the `--build-context` parameter of `docker buildx build`. To automatically generate the argument value, we use the ['dockersource' tool](https://github.com/cpuguy83/dockersource). The two bash scripts in our repo that are used to build Docker images now take an optional `--source-map` parameter that points to a JSON file. If either of these scripts are invoked without the optional parameter, they will behave as they did previously; source images will not be replaced. With this change, our build pipelines invoke these scripts using the new parameter, and they expect that the source map file has been pre-installed at /etc/iotedge-source-map.json on our build agents. To test, I created a new build agent image with the pre-installed source mapping and ran the Build Images pipeline against it. I used the command `docker buildx imagetools inspect <image> --format "{{json .BuildInfo}}"` to confirm that the produced images are based on the expected source image. I also used the built images in the end-to-end, nested end-to-end, and connectivity test pipelines to confirm that the images are functional. ## Azure IoT Edge PR checklist:
Removing docker mode from EdgeAgent. Synced with @marianan to confirm docker mode not used in our tooling. It certainly isn't used by the product. I have removed docker command factory and related test. Reasoning: > we have this docker command factory here: https://github.com/Azure/iotedge/blob/main/edge-agent/src/Microsoft.Azure.Devices.Edge.Agent.Docker/DockerCommandFactory.cs > This is not used for anything except for this E2E test: https://github.com/Azure/iotedge/blob/main/edge-agent/test/Microsoft.Azure.Devices.Edge.Agent.Docker.E2E.Test/AgentTests.cs > The E2E test doesn't make much sense to keep around for me, since the benefit of it on top of existing integration tests is to test whether the plan being executed manifests in docker containers state being altered. However it is not using the command factory we actually use, but a different one. In my opinion this makes it pointless. > I'd like to remove both these files so I can fully remove DockerCommandFactory from EdgeAgent. This will also make it easier for the work we are doing now because we won't have to worry about altering DockerCommandFacotry. ## Azure IoT Edge PR checklist:
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Please replace this line with your PR description and read PR checklist below
Azure IoT Edge PR checklist:
This checklist is used to make sure that common guidelines for a pull request are followed.
General Guidelines and Best Practices
Testing Guidelines
Draft PRs
Draftmode if it is:Note: We use the kodiakhq bot to merge PRs once the necessary checks and approvals are in place. When it merges a PR, kodiakhq converts the PR title to the commit title, PR description to the commit description, and squashes all the commits in the PR to a single commit. The net effect is that entire PR becomes a single commit. Please follow the best practices mentioned here for the PR title and description