[CI] Add a pipeline to build docker images with copa #32308
Conversation
Added command line argument parsing to control RPM installation.
This YAML file defines an Azure pipeline for building and testing RPM packages and Docker images for Azure Linux. It includes jobs for extracting metadata, building RPM packages, building Docker images, and testing both RPM packages and Docker images across different architectures.
|
Validation for Azure CLI Full Test Starting...
Thanks for your contribution! |
azure-client-tools-bot-prd
bot
added this to the
November 2025 (2025-11-18)❗ Breaking change release ❗ milestone
|
Hi @YanaXu, |
|
Validation for Breaking Change Starting...
Thanks for your contribution! |
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
requested review from
Pan-Qi,
bebound,
jiasli,
jsntcy,
kairu-ms,
wangzelin007 and
yonzhan
.azure-pipelines/test-with-copa.yml
Outdated
| script: | | ||
| export COPA_EXPERIMENTAL=1 | ||
| export IMAGE=$(AzCliImageName):$(AzCliImageTag) | ||
| copa patch -i $IMAGE -r trivy-scan-before.json --pkg-types os,library --library-patch-level ${{parameters.PatchLevel}} --tag $(AzCliImagePatchedTag) |
There was a problem hiding this comment.
Any doc for these options?
There was a problem hiding this comment.
Pull Request Overview
This PR adds a CI pipeline to build and test Docker images with Copa (Container Patching) support. The pipeline builds Azure CLI Docker images, patches them using Copa to address vulnerabilities, and validates both original and patched images through comprehensive testing.
Key changes:
- Adds Copa patching pipeline with multi-architecture support (AMD64/ARM64)
- Implements smoke and unit testing framework for Docker images
- Adds command-line argument support to test scripts for conditional RPM installation
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
.azure-pipelines/test-with-copa.yml |
Main pipeline orchestrating build, Copa patching, and testing stages |
.azure-pipelines/templates/test-docker-image-smoke.yml |
Template for smoke testing Docker images with Azure CLI commands |
.azure-pipelines/templates/test-docker-image-unit.yml |
Template for unit testing Docker images |
scripts/release/rpm/test_azurelinux_in_docker.sh |
Updated to support optional RPM installation via command-line flag |
scripts/release/docker/test_az_cli_in_pipeline.sh |
Test script that executes and validates Azure CLI commands |
scripts/release/docker/az_cli_commands.sh |
Collection of Azure CLI commands for smoke testing |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| set -exv | ||
|
|
||
| # Parse command line arguments | ||
| InstallRPM=true # Default value |
There was a problem hiding this comment.
Variable name should use snake_case instead of CamelCase. Rename 'InstallRPM' to 'install_rpm'.
| --InstallRPM) | ||
| InstallRPM="$2" |
There was a problem hiding this comment.
Parameter and variable names should use snake_case. Rename '--InstallRPM' to '--install-rpm' and 'InstallRPM' to 'install_rpm' for consistency with bash naming conventions.
|
|
||
| # Set output file with timestamp | ||
| OUTPUT_FILE="/test/azure_cli_test_output.log" | ||
| OUTPUT_FILE_Result="/test/azure_cli_test_result.csv" |
There was a problem hiding this comment.
Variable name mixes snake_case and CamelCase. Rename 'OUTPUT_FILE_Result' to 'OUTPUT_FILE_RESULT' for consistency with constant naming conventions.
bebound
modified the milestones:
November 2025 (2025-11-18)❗ Breaking change release ❗,
December 2025 (2025-12-02)
4 participants
Related command
Description
Testing Guide
History Notes
[Component Name 1] BREAKING CHANGE:
az command a: Make some customer-facing breaking change[Component Name 2]
az command b: Add some customer-facing featureThis checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.