From e06f757a32c87ae75d1eb9eb387cff644eff9c93 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Thu, 13 Feb 2025 21:32:28 +0000 Subject: [PATCH 1/8] start work to add patches to windows_settings.json --- schemas/windows_settings.cue | 8 +++++ .../windows/components_json_helpers.ps1 | 27 +++++++++++++++ .../windows/components_json_helpers.tests.ps1 | 28 ++++++++++++++++ .../windows/windows-vhd-configuration.ps1 | 33 +++++++++---------- .../packer/windows/windows_settings.json | 18 ++++++---- 5 files changed, 91 insertions(+), 23 deletions(-) diff --git a/schemas/windows_settings.cue b/schemas/windows_settings.cue index e72e7784364..7228ac3c168 100644 --- a/schemas/windows_settings.cue +++ b/schemas/windows_settings.cue @@ -11,11 +11,19 @@ #WindowsRegistryKeys: [...#WindowsRegistryKey] +#WindowsPatch: { + id: string + url: string +} + +#WindowsPatches: [...#WindowsPatch] + #WindowsBaseVersion: { os_disk_size?: string base_image_sku: string, base_image_version: string windows_image_name: string + patches_to_apply: #WindowsPatches } #WindowsBaseVersions: { diff --git a/vhdbuilder/packer/windows/components_json_helpers.ps1 b/vhdbuilder/packer/windows/components_json_helpers.ps1 index 621da14ab25..4eac2928db4 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.ps1 @@ -202,4 +202,31 @@ function LogReleaseNotesForWindowsRegistryKeys } return $logLines +} + +function GetPatchUrls +{ + Param( + [Parameter(Mandatory = $true)][Object] + $windowsSku, + + [Parameter(Mandatory = $true)][Object] + $windowsSettingsContent + ) + + $output = New-Object System.Collections.ArrayList + + $baseVersionBlock = $windowsSettingsContent.WindowsBaseVersions.$windowsSku; + + if ($baseVersionBlock = $null) { + return $output + } + + $patchData = return $baseVersionBlock.patches_to_apply + + foreach ($patchDatum in $patchData) { + $output += $patchDatum.patch_url + } + + return $output } \ No newline at end of file diff --git a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 index a8c83573c1b..b75ec7670fa 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 @@ -3,6 +3,34 @@ BeforeAll { . $PSCommandPath.Replace('.tests.ps1', '.ps1') } +Describe 'WindowsBaseVersions' { + BeforeEach { + $testString = '{ + "WindowsBaseVersions": { + "2019": { + "base_image_sku": "2019-Datacenter-Core-smalldisk", + "windows_image_name": "windows-2019", + "base_image_version": "17763.6893.250210", + "patches_to_apply": [{"id": "patchid", "url": "patch_url"}] + } + } +}' + $windowsSettings = echo $testString | ConvertFrom-Json + } + + it "returns an empty array for an unknown windows sku" { + $patchurls = GetPatchUrls "12345" $windowsSettings + $patchurls.Length | Should -Be 0 + } + + it "can extract patch urls for windows 2019" { + $patchurls = GetPatchUrls "2019" $windowsSettings + $patchurls | Should -Contain "patch_url" + $patchurls.Length | Should -Be 1 + } + it "can extract patch names for windows 2019" {} +} + Describe 'LogReleaseNotesForWindowsRegistryKeys' { BeforeEach { $testString = '{ diff --git a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 index 2860177cf0b..c600f22dc6f 100644 --- a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 +++ b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 @@ -39,23 +39,6 @@ $global:defenderUpdateUrl = "https://go.microsoft.com/fwlink/?linkid=870379&arch # defenderUpdateInfoUrl refers to the info of latest windows defender platform update $global:defenderUpdateInfoUrl = "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64&action=info" -switch -Regex ($windowsSku) -{ - "2019-containerd" { - $global:patchUrls = @() - $global:patchIDs = @() - } - "2022-containerd*" { - $global:patchUrls = @() - $global:patchIDs = @() - } - "23H2*" { - $global:patchUrls = @() - $global:patchIDs = @() - } -} - - $HelpersFile = "c:/k/components_json_helpers.ps1" $ComponentsJsonFile = "c:/k/components.json" $WindowsSettingsFile = "c:/k/windows_settings.json" @@ -82,6 +65,22 @@ Write-Output "WindowsSettingsFile: $WindowsSettingsFile" . "$HelpersFile" +switch -Regex ($windowsSku) +{ + "2019-containerd" { + $global:patchUrls = @() + $global:patchIDs = @() + } + "2022-containerd*" { + $global:patchUrls = @() + $global:patchIDs = @() + } + "23H2*" { + $global:patchUrls = @() + $global:patchIDs = @() + } +} + $componentsJson = Get-Content $ComponentsJsonFile | Out-String | ConvertFrom-Json $windowsSettingsJson = Get-Content $WindowsSettingsFile | Out-String | ConvertFrom-Json diff --git a/vhdbuilder/packer/windows/windows_settings.json b/vhdbuilder/packer/windows/windows_settings.json index 7469ce8b40e..2eb0232e3f0 100644 --- a/vhdbuilder/packer/windows/windows_settings.json +++ b/vhdbuilder/packer/windows/windows_settings.json @@ -3,36 +3,42 @@ "2019": { "base_image_sku": "2019-Datacenter-Core-smalldisk", "windows_image_name": "windows-2019", - "base_image_version": "17763.6893.250210" + "base_image_version": "17763.6893.250210", + "patches_to_apply": [] }, "2019-containerd": { "base_image_sku": "2019-Datacenter-Core-smalldisk", "windows_image_name": "windows-2019-containerd", - "base_image_version": "17763.6893.250210" + "base_image_version": "17763.6893.250210", + "patches_to_apply": [] }, "2022-containerd": { "os_disk_size": "35", "base_image_sku": "2022-Datacenter-Core-smalldisk", "windows_image_name": "windows-2022-containerd", - "base_image_version": "20348.3207.250210" + "base_image_version": "20348.3207.250210", + "patches_to_apply": [] }, "2022-containerd-gen2": { "os_disk_size": "35", "base_image_sku": "2022-datacenter-core-smalldisk-g2", "windows_image_name": "windows-2022-containerd", - "base_image_version": "20348.3207.250210" + "base_image_version": "20348.3207.250210", + "patches_to_apply": [] }, "23H2": { "os_disk_size": "35", "base_image_sku": "23h2-datacenter-core", "windows_image_name": "windows-23H2", - "base_image_version": "25398.1425.250210" + "base_image_version": "25398.1425.250210", + "patches_to_apply": [] }, "23H2-gen2": { "os_disk_size": "35", "base_image_sku": "23h2-datacenter-core-g2", "windows_image_name": "windows-23H2", - "base_image_version": "25398.1425.250210" + "base_image_version": "25398.1425.250210", + "patches_to_apply": [] } }, "WindowsRegistryKeys": [ From e87aa77d441dea0284a841d2d22ff5b64045ddd8 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Thu, 13 Feb 2025 23:06:21 +0000 Subject: [PATCH 2/8] tests --- .../windows/components_json_helpers.ps1 | 8 ++++---- .../windows/components_json_helpers.tests.ps1 | 19 +++++++++++++++++++ 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/vhdbuilder/packer/windows/components_json_helpers.ps1 b/vhdbuilder/packer/windows/components_json_helpers.ps1 index 4eac2928db4..f64bd54dfa2 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.ps1 @@ -216,16 +216,16 @@ function GetPatchUrls $output = New-Object System.Collections.ArrayList - $baseVersionBlock = $windowsSettingsContent.WindowsBaseVersions.$windowsSku; + $baseVersionBlock = $windowsSettingsContent.WindowsBaseVersions."$windowsSku"; - if ($baseVersionBlock = $null) { + if ($baseVersionBlock -eq $null) { return $output } - $patchData = return $baseVersionBlock.patches_to_apply + $patchData = $baseVersionBlock.patches_to_apply foreach ($patchDatum in $patchData) { - $output += $patchDatum.patch_url + $output += $patchDatum.url } return $output diff --git a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 index b75ec7670fa..31ae6e612ba 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 @@ -28,6 +28,25 @@ Describe 'WindowsBaseVersions' { $patchurls | Should -Contain "patch_url" $patchurls.Length | Should -Be 1 } + + it "can extract two patch urls for windows 2019" { + $testString = '{ + "WindowsBaseVersions": { + "2019": { + "base_image_sku": "2019-Datacenter-Core-smalldisk", + "windows_image_name": "windows-2019", + "base_image_version": "17763.6893.250210", + "patches_to_apply": [{"id": "patchid", "url": "patch_url1"},{"id": "patchid", "url": "patch_url2"}] + } + } +}' + $windowsSettings = echo $testString | ConvertFrom-Json + $patchurls = GetPatchUrls "2019" $windowsSettings + $patchurls | Should -Contain "patch_url1" + $patchurls | Should -Contain "patch_url2" + $patchurls.Length | Should -Be 2 + } + it "can extract patch names for windows 2019" {} } From 46b7d42ea48860f63935b979a1c22d48d5860b99 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Sun, 16 Feb 2025 20:38:43 +0000 Subject: [PATCH 3/8] fix test --- .../windows/components_json_helpers.ps1 | 12 ++++++------ .../windows/components_json_helpers.tests.ps1 | 19 ++++++++++--------- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/vhdbuilder/packer/windows/components_json_helpers.ps1 b/vhdbuilder/packer/windows/components_json_helpers.ps1 index f64bd54dfa2..192e6035903 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.ps1 @@ -204,7 +204,7 @@ function LogReleaseNotesForWindowsRegistryKeys return $logLines } -function GetPatchUrls +function GetPatchInfo { Param( [Parameter(Mandatory = $true)][Object] @@ -224,9 +224,9 @@ function GetPatchUrls $patchData = $baseVersionBlock.patches_to_apply - foreach ($patchDatum in $patchData) { - $output += $patchDatum.url - } - - return $output + # I'd much rather have two functions here - one to return the ids and one to return the urls. But annoyingly + # powershell converts an array of strings of size 1 into a string. Which is super dumb. And means we can't trust + # the return value of the function to be an array. It's OK for some of the functions above as they'll always be + # returning lots of items. But there is usually only one patch to apply. + return $patchData } \ No newline at end of file diff --git a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 index 31ae6e612ba..9a5ba04ee62 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 @@ -19,13 +19,14 @@ Describe 'WindowsBaseVersions' { } it "returns an empty array for an unknown windows sku" { - $patchurls = GetPatchUrls "12345" $windowsSettings + $patchurls = GetPatchInfo "12345" $windowsSettings $patchurls.Length | Should -Be 0 } it "can extract patch urls for windows 2019" { - $patchurls = GetPatchUrls "2019" $windowsSettings - $patchurls | Should -Contain "patch_url" + $patchurls = GetPatchInfo "2019" $windowsSettings + $patchurls[0].url | Should -Be "patch_url" + $patchurls[0].id | Should -Be "patchid" $patchurls.Length | Should -Be 1 } @@ -36,18 +37,18 @@ Describe 'WindowsBaseVersions' { "base_image_sku": "2019-Datacenter-Core-smalldisk", "windows_image_name": "windows-2019", "base_image_version": "17763.6893.250210", - "patches_to_apply": [{"id": "patchid", "url": "patch_url1"},{"id": "patchid", "url": "patch_url2"}] + "patches_to_apply": [{"id": "patchid1", "url": "patch_url1"},{"id": "patchid2", "url": "patch_url2"}] } } }' $windowsSettings = echo $testString | ConvertFrom-Json - $patchurls = GetPatchUrls "2019" $windowsSettings - $patchurls | Should -Contain "patch_url1" - $patchurls | Should -Contain "patch_url2" + $patchurls = GetPatchInfo "2019" $windowsSettings + $patchurls[0].url | Should -Be "patch_url1" + $patchurls[0].id | Should -Be "patchid1" + $patchurls[1].url | Should -Be "patch_url2" + $patchurls[1].id | Should -Be "patchid2" $patchurls.Length | Should -Be 2 } - - it "can extract patch names for windows 2019" {} } Describe 'LogReleaseNotesForWindowsRegistryKeys' { From 34726ea9558e4828ba607c2c6e9fc9950badb24e Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Sun, 16 Feb 2025 20:44:51 +0000 Subject: [PATCH 4/8] get patch data from windows_settings.json --- .../windows/windows-vhd-configuration.ps1 | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 index c600f22dc6f..3008bcb5547 100644 --- a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 +++ b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 @@ -65,24 +65,11 @@ Write-Output "WindowsSettingsFile: $WindowsSettingsFile" . "$HelpersFile" -switch -Regex ($windowsSku) -{ - "2019-containerd" { - $global:patchUrls = @() - $global:patchIDs = @() - } - "2022-containerd*" { - $global:patchUrls = @() - $global:patchIDs = @() - } - "23H2*" { - $global:patchUrls = @() - $global:patchIDs = @() - } -} - $componentsJson = Get-Content $ComponentsJsonFile | Out-String | ConvertFrom-Json $windowsSettingsJson = Get-Content $WindowsSettingsFile | Out-String | ConvertFrom-Json +$patch_data = GetPatchInfo $windowsSKU $windowsSettingsJson +$global:patchUrls = $patch_data | % { $_.url } +$global:patchIDs = $patch_data | % { $_.id } $global:imagesToPull = GetComponentsFromComponentsJson $componentsJson $global:keysToSet = GetRegKeysToApply $windowsSettingsJson From a2ca3bbde1b239eaf578ab76e4f8a0caefc74a86 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Sun, 16 Feb 2025 20:55:22 +0000 Subject: [PATCH 5/8] get windows base versions from windows settings --- schemas/windows_settings.cue | 5 ++++ .../windows/components_json_helpers.ps1 | 9 ++++++ .../windows/components_json_helpers.tests.ps1 | 29 +++++++++++++++++++ .../windows/windows-vhd-configuration.ps1 | 19 ++++-------- .../packer/windows/windows_settings.json | 10 +++++++ 5 files changed, 59 insertions(+), 13 deletions(-) diff --git a/schemas/windows_settings.cue b/schemas/windows_settings.cue index 7228ac3c168..8c2cf764330 100644 --- a/schemas/windows_settings.cue +++ b/schemas/windows_settings.cue @@ -19,6 +19,7 @@ #WindowsPatches: [...#WindowsPatch] #WindowsBaseVersion: { + comment?: string os_disk_size?: string base_image_sku: string, base_image_version: string @@ -26,6 +27,9 @@ patches_to_apply: #WindowsPatches } +#WindowsComments: [...string] + + #WindowsBaseVersions: { "2019": #WindowsBaseVersion "2019-containerd": #WindowsBaseVersion @@ -36,6 +40,7 @@ } #WindowsSettings: { + WindowsComments?: #WindowsComments WindowsRegistryKeys: #WindowsRegistryKeys WindowsBaseVersions: #WindowsBaseVersions } diff --git a/vhdbuilder/packer/windows/components_json_helpers.ps1 b/vhdbuilder/packer/windows/components_json_helpers.ps1 index 192e6035903..47573f275ae 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.ps1 @@ -229,4 +229,13 @@ function GetPatchInfo # the return value of the function to be an array. It's OK for some of the functions above as they'll always be # returning lots of items. But there is usually only one patch to apply. return $patchData +} + +function GetWindowsBaseVersions { + Param( + [Parameter(Mandatory = $true)][Object] + $windowsSettingsContent + ) + + return $windowsSettingsContent.WindowsBaseVersions.PSObject.Properties.Name } \ No newline at end of file diff --git a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 index 9a5ba04ee62..61082615006 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 @@ -3,6 +3,35 @@ BeforeAll { . $PSCommandPath.Replace('.tests.ps1', '.ps1') } +Describe 'GetWindowsBaseVersions' { + BeforeEach { + $testString = '{ + "WindowsBaseVersions": { + "2019": { + "base_image_sku": "2019-Datacenter-Core-smalldisk", + "windows_image_name": "windows-2019", + "base_image_version": "17763.6893.250210", + "patches_to_apply": [{"id": "patchid", "url": "patch_url"}] + }, + "23H2-gen2": { + "base_image_sku": "2019-Datacenter-Core-smalldisk", + "windows_image_name": "windows-2019", + "base_image_version": "17763.6893.250210", + "patches_to_apply": [{"id": "patchid", "url": "patch_url"}] + } + } +}' + $windowsSettings = echo $testString | ConvertFrom-Json + } + + it "returns the bsae versions" { + $baseVersions = GetWindowsBaseVersions $windowsSettings + $baseVersions.Length | Should -Be 2 + $baseVersions | Should -Contain "2019" + $baseVersions | Should -Contain "23H2-gen2" + } +} + Describe 'WindowsBaseVersions' { BeforeEach { $testString = '{ diff --git a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 index 3008bcb5547..6c62646c256 100644 --- a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 +++ b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 @@ -1,9 +1,4 @@ $global:windowsSKU = $env:WindowsSKU -$validSKU = @("2019-containerd", "2022-containerd", "2022-containerd-gen2", "23H2", "23H2-gen2") -if (-not ($validSKU -contains $windowsSKU)) -{ - throw "Unsupported windows image SKU: $windowsSKU" -} # We use the same temp dir for all temp tools that will be used for vhd build $global:aksTempDir = "c:\akstemp" @@ -25,14 +20,6 @@ $global:excludeHashComparisionListInAzureChinaCloud = @( "azure-acr-credential-provider-windows-amd64-v1.29.2.tar.gz" ) -# Windows Server 2019 update history can be found at https://support.microsoft.com/en-us/help/4464619 -# Windows Server 2022 update history can be found at https://support.microsoft.com/en-us/topic/windows-server-2022-update-history-e1caa597-00c5-4ab9-9f3e-8212fe80b2ee -# Windows Server 23H2 update history can be found at https://support.microsoft.com/en-us/topic/windows-server-version-23h2-update-history-68c851ff-825a-4dbc-857b-51c5aa0ab248 -# then you can get download links by searching for specific KBs at http://www.catalog.update.microsoft.com/home.aspx -# -# IMPORTANT NOTES: Please check the KB article before getting the KB links. For example, for 2021-4C: -# You must install the April 22, 2021 servicing stack update (SSU) (KB5001407) before installing the latest cumulative update (LCU). -# SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU. # defenderUpdateUrl refers to the latest windows defender platform update $global:defenderUpdateUrl = "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64" @@ -76,6 +63,12 @@ $global:keysToSet = GetRegKeysToApply $windowsSettingsJson $global:map = GetPackagesFromComponentsJson $componentsJson $global:releaseNotesToSet = GetKeyMapForReleaseNotes $windowsSettingsJson +$validSKU = GetWindowsBaseVersions $windowsSettingsJson +if (-not ($validSKU -contains $windowsSKU)) +{ + throw "Unsupported windows image SKU: $windowsSKU" +} + # Different from other packages which are downloaded/cached and used later only during CSE, windows containerd is installed # during building the Windows VHD to cache container images. # We use the latest containerd package to start containerd then cache images, and the latest one is expected to be diff --git a/vhdbuilder/packer/windows/windows_settings.json b/vhdbuilder/packer/windows/windows_settings.json index 2eb0232e3f0..43a5355bf54 100644 --- a/vhdbuilder/packer/windows/windows_settings.json +++ b/vhdbuilder/packer/windows/windows_settings.json @@ -1,4 +1,14 @@ { + "WindowsComments": [ + "Windows Server 2019 update history can be found at https://support.microsoft.com/en-us/help/4464619", + "Windows Server 2022 update history can be found at https://support.microsoft.com/en-us/topic/windows-server-2022-update-history-e1caa597-00c5-4ab9-9f3e-8212fe80b2ee", + "Windows Server 23H2 update history can be found at https://support.microsoft.com/en-us/topic/windows-server-version-23h2-update-history-68c851ff-825a-4dbc-857b-51c5aa0ab248", + "Then you can get download links by searching for specific KBs at http://www.catalog.update.microsoft.com/home.aspx", + "", + "IMPORTANT NOTES: Please check the KB article before getting the KB links. For example, for 2021-4C:", + "You must install the April 22, 2021 servicing stack update (SSU) (KB5001407) before installing the latest cumulative update (LCU).", + "SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU." + ], "WindowsBaseVersions": { "2019": { "base_image_sku": "2019-Datacenter-Core-smalldisk", From a2904bdf52ac199544044b0c24b66ab1d154776a Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Sun, 16 Feb 2025 21:05:03 +0000 Subject: [PATCH 6/8] move windows defender urls into settings file --- schemas/windows_settings.cue | 6 ++++ .../windows/components_json_helpers.ps1 | 19 ++++++++++ .../windows/components_json_helpers.tests.ps1 | 21 +++++++++++ .../windows/windows-vhd-configuration.ps1 | 35 ++++++++++--------- .../packer/windows/windows_settings.json | 4 +++ 5 files changed, 68 insertions(+), 17 deletions(-) diff --git a/schemas/windows_settings.cue b/schemas/windows_settings.cue index 8c2cf764330..05bcafe387d 100644 --- a/schemas/windows_settings.cue +++ b/schemas/windows_settings.cue @@ -39,8 +39,14 @@ "23H2-gen2": #WindowsBaseVersion } +#WindowsDefenderInfo: { + DefenderUpdateUrl: string, + DefenderUpdateInfoUrl: string +} + #WindowsSettings: { WindowsComments?: #WindowsComments + WindowsDefenderInfo: #WindowsDefenderInfo WindowsRegistryKeys: #WindowsRegistryKeys WindowsBaseVersions: #WindowsBaseVersions } diff --git a/vhdbuilder/packer/windows/components_json_helpers.ps1 b/vhdbuilder/packer/windows/components_json_helpers.ps1 index 47573f275ae..afa20634ce8 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.ps1 @@ -238,4 +238,23 @@ function GetWindowsBaseVersions { ) return $windowsSettingsContent.WindowsBaseVersions.PSObject.Properties.Name +} + +function GetDefenderUpdateUrl { + Param( + [Parameter(Mandatory = $true)][Object] + $windowsSettingsContent + ) + + return $windowsSettingsContent.WindowsDefenderInfo.DefenderUpdateUrl +} + + +function GetDefenderUpdateInfoUrl { + Param( + [Parameter(Mandatory = $true)][Object] + $windowsSettingsContent + ) + + return $windowsSettingsContent.WindowsDefenderInfo.DefenderUpdateInfoUrl } \ No newline at end of file diff --git a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 index 61082615006..a1529341417 100644 --- a/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 +++ b/vhdbuilder/packer/windows/components_json_helpers.tests.ps1 @@ -3,6 +3,27 @@ BeforeAll { . $PSCommandPath.Replace('.tests.ps1', '.ps1') } +Describe 'GetWindowsDefenderInfo' { + BeforeEach { + $testString = '{ + "WindowsDefenderInfo": { + "DefenderUpdateUrl": "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64", + "DefenderUpdateInfoUrl": "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64&action=info" + }, +}' + $windowsSettings = echo $testString | ConvertFrom-Json + } + + it 'returns the right info for GetDefenderUpdateUrl' { + GetDefenderUpdateUrl $windowsSettings | Should -Be "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64" + } + + it 'returns the right info for GetDefenderUpdateInfoUrl' { + GetDefenderUpdateInfoUrl $windowsSettings | Should -Be "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64&action=info" + } + +} + Describe 'GetWindowsBaseVersions' { BeforeEach { $testString = '{ diff --git a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 index 6c62646c256..96d0bfafe0d 100644 --- a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 +++ b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 @@ -9,23 +9,6 @@ $global:aksToolsDir = "c:\aks-tools" # We need to guarantee that the node provisioning will not fail because the vhd is full before resize-osdisk is called in AKS Windows CSE script. $global:lowestFreeSpace = 1*1024*1024*1024 # 1GB -$global:excludeHashComparisionListInAzureChinaCloud = @( - "calico-windows", - "azure-vnet-cni-singletenancy-windows-amd64", - "azure-vnet-cni-singletenancy-swift-windows-amd64", - "azure-vnet-cni-singletenancy-overlay-windows-amd64", - # We need upstream's help to republish this package. Before that, it does not impact functionality and 1.26 is only in public preview - # so we can ignore the different hash values. - "v1.26.0-1int.zip", - "azure-acr-credential-provider-windows-amd64-v1.29.2.tar.gz" -) - - -# defenderUpdateUrl refers to the latest windows defender platform update -$global:defenderUpdateUrl = "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64" -# defenderUpdateInfoUrl refers to the info of latest windows defender platform update -$global:defenderUpdateInfoUrl = "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64&action=info" - $HelpersFile = "c:/k/components_json_helpers.ps1" $ComponentsJsonFile = "c:/k/components.json" $WindowsSettingsFile = "c:/k/windows_settings.json" @@ -75,3 +58,21 @@ if (-not ($validSKU -contains $windowsSKU)) # specified by AKS PR for most of the cases. BUT as long as there's a new unpacked image version, we should keep the # versions synced. $global:defaultContainerdPackageUrl = GetDefaultContainerDFromComponentsJson $componentsJson + +# defenderUpdateUrl refers to the latest windows defender platform update +$global:defenderUpdateUrl = GetDefenderUpdateUrl $windowsSettingsJson +# defenderUpdateInfoUrl refers to the info of latest windows defender platform update +$global:defenderUpdateInfoUrl = GetDefenderUpdateInfoUrl $windowsSettingsJson + +# The following items still need to be migrated into the windows_settings file. +$global:excludeHashComparisionListInAzureChinaCloud = @( + "calico-windows", + "azure-vnet-cni-singletenancy-windows-amd64", + "azure-vnet-cni-singletenancy-swift-windows-amd64", + "azure-vnet-cni-singletenancy-overlay-windows-amd64", + # We need upstream's help to republish this package. Before that, it does not impact functionality and 1.26 is only in public preview + # so we can ignore the different hash values. + "v1.26.0-1int.zip", + "azure-acr-credential-provider-windows-amd64-v1.29.2.tar.gz" +) + diff --git a/vhdbuilder/packer/windows/windows_settings.json b/vhdbuilder/packer/windows/windows_settings.json index 43a5355bf54..a87f589dddc 100644 --- a/vhdbuilder/packer/windows/windows_settings.json +++ b/vhdbuilder/packer/windows/windows_settings.json @@ -9,6 +9,10 @@ "You must install the April 22, 2021 servicing stack update (SSU) (KB5001407) before installing the latest cumulative update (LCU).", "SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU." ], + "WindowsDefenderInfo": { + "DefenderUpdateUrl": "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64", + "DefenderUpdateInfoUrl": "https://go.microsoft.com/fwlink/?linkid=870379&arch=x64&action=info" + }, "WindowsBaseVersions": { "2019": { "base_image_sku": "2019-Datacenter-Core-smalldisk", From 17f00deaf99a2d33b31d23e56762861c6a9f22f8 Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Sun, 16 Feb 2025 21:06:54 +0000 Subject: [PATCH 7/8] add comment --- vhdbuilder/packer/windows/windows-vhd-configuration.ps1 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 index 96d0bfafe0d..dfc9fd45924 100644 --- a/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 +++ b/vhdbuilder/packer/windows/windows-vhd-configuration.ps1 @@ -1,3 +1,7 @@ +# TODO - over time this file should contain less and less info, and really just source the json and helpers file. Then that logic can be moved into +# the scripts that use this file and this file can be deleted. + + $global:windowsSKU = $env:WindowsSKU # We use the same temp dir for all temp tools that will be used for vhd build From 8a05b0fb45bd4d1cd69d353a29416729fee7027c Mon Sep 17 00:00:00 2001 From: Tim Wright Date: Sun, 16 Feb 2025 21:10:45 +0000 Subject: [PATCH 8/8] spaces --- schemas/windows_settings.cue | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/schemas/windows_settings.cue b/schemas/windows_settings.cue index 05bcafe387d..05357cfa3de 100644 --- a/schemas/windows_settings.cue +++ b/schemas/windows_settings.cue @@ -12,14 +12,14 @@ #WindowsRegistryKeys: [...#WindowsRegistryKey] #WindowsPatch: { - id: string - url: string + id: string + url: string } #WindowsPatches: [...#WindowsPatch] #WindowsBaseVersion: { - comment?: string + comment?: string os_disk_size?: string base_image_sku: string, base_image_version: string @@ -40,13 +40,13 @@ } #WindowsDefenderInfo: { - DefenderUpdateUrl: string, - DefenderUpdateInfoUrl: string + DefenderUpdateUrl: string, + DefenderUpdateInfoUrl: string } #WindowsSettings: { - WindowsComments?: #WindowsComments - WindowsDefenderInfo: #WindowsDefenderInfo + WindowsComments?: #WindowsComments + WindowsDefenderInfo: #WindowsDefenderInfo WindowsRegistryKeys: #WindowsRegistryKeys WindowsBaseVersions: #WindowsBaseVersions }