Skip to content

Add Azure Linux base image API. #483

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Add Azure Linux base image API. #483

wants to merge 4 commits into from
+780 −48

Conversation

@cwize1
Copy link
Contributor

@cwize1 cwize1 commented Oct 22, 2025

Add API that allows an Azure Linux image to be specified as a base] image. This is mostly just syntactic sugar around the OCI API except that the OCI artifact's signature is checked against the known Azure Linux Certificate Authority.

Checklist

  • Tests added/updated
  • Documentation updated (if needed)
  • Code conforms to style guidelines

@cwize1
Add Azure Linux base image API.
5092ac8 
Add API that allows an Azure Linux image to be specified as a base]
image. This is mostly just syntactic sugar around the OCI API except
that the OCI artifact's signature is checked against the known Azure
Linux Certificate Authority.
@cwize1 cwize1 requested a review from a team as a code owner October 22, 2025 23:45
cwize1
cwize1 commented Oct 23, 2025
View reviewed changes
liulanze
liulanze reviewed Oct 24, 2025
View reviewed changes
himaja-kesari
himaja-kesari reviewed Oct 27, 2025
View reviewed changes
toolkit/tools/pkg/imagecustomizerlib/notary.go
CertificateFsPath string
}

func checkNotationSignature(ctx context.Context, buildDir string, remoteRepo *remote.Repository,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we consider updating this function to reuse subfunctions and improve readability?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand. I don't believe there is any duplicated code in this function.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The current implementation is all inline, but I think breaking it down could make it clearer. Could you try refactoring it into smaller subfunctions?

himaja-kesari
himaja-kesari reviewed Oct 27, 2025
View reviewed changes
docs/imagecustomizer/api/configuration/azurelinuximage.md
ancestor: Image Customizer
---

# azureLinuxImage type
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we expect customers to always use azureLinuxImage if they are using AZL images ? when should one use OCI image type

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Customers should use the dedicated API. The OCI is a generic API that can be used for debug (e.g. private ACR) and/or with other distros.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add a note in the OCI documentation mentioning that there is a dedicated azureLinuxImage API and provide a link to it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@himaja-kesari himaja-kesari himaja-kesari left review comments

@liulanze liulanze liulanze approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cwize1 @liulanze @himaja-kesari