feat(azure): report failure if missing customdata#6779
feat(azure): report failure if missing customdata#6779cadejacobson wants to merge 15 commits intocanonical:mainfrom
Conversation
When ovf-env.xml is present but does not contain custom data, yet IMDS indicates that custom data was provided to the VM (via hasCustomData), report a provisioning failure. This helps surface cases where custom data is silently lost during provisioning. The behavior is gated behind a new feature flag, EXPERIMENTAL_FAIL_ON_MISSING_CUSTOMDATA, which is disabled by default while undergoing scale testing. Once validated, it will be renamed and enabled for new distro releases. Changes: - Add EXPERIMENTAL_FAIL_ON_MISSING_CUSTOMDATA feature flag - Add _hascustomdata_from_imds() helper to query IMDS metadata - Report ReportableErrorImdsInvalidMetadata when custom data is expected but missing from OVF provisioning media
cadejacobson
changed the title
|
Hello! Thank you for this proposed change to cloud-init. This pull request is now marked as stale as it has not seen any activity in 14 days. If no activity occurs within the next 7 days, this pull request will automatically close. If you are waiting for code review and you are seeing this message, apologies! Please reply, tagging blackboxsw, and he will ensure that someone takes a look soon. (If the pull request is closed and you would like to continue working on it, please do tag blackboxsw to reopen it.) |
github-actions
bot
added
the
stale-pr
github-actions
bot
removed
the
stale-pr
| "apply_network_config": True, # Use IMDS published network configuration | ||
| "apply_network_config_for_secondary_ips": True, # Configure secondary ips | ||
| "experimental_skip_ready_report": False, # Skip final ready report | ||
| "experimental_fail_on_missing_customdata": False, |
There was a problem hiding this comment.
try to keep in alphabetical order
There was a problem hiding this comment.
Updated to move it above the other experimental key.
cloudinit/sources/DataSourceAzure.py
Outdated
| # only use userdata from imds if OVF did not provide custom data | ||
| # userdata provided by IMDS is always base64 encoded | ||
| if not userdata_raw: | ||
| # first, check to see if the OVF was supposed to provide custom |
There was a problem hiding this comment.
nit, I know it's inconsistent throughout, but use punctuation for multi-sentence/line comments, it just looks incomplete without that final period (and initial caps).
just my opinion anyhow
There was a problem hiding this comment.
Updated to use proper sentence structure and punctuation.
cloudinit/sources/DataSourceAzure.py
Outdated
| and _hascustomdata_from_imds(imds_md) | ||
| ): | ||
| report_diagnostic_event( | ||
| "IMDS did not return userdata as expected", |
There was a problem hiding this comment.
custom data != user data. custom data only comes from provisioning media in ovf-env.xml (or reprovisiondata endpoint for PPS re-use)
There was a problem hiding this comment.
Sounds good, that's my mistake. I saw the userdata_raw and included that into the log. Updated to show custom data.
| assert ret | ||
| assert dsrc.userdata_raw == userdataOVF.encode("utf-8") | ||
|
|
||
| def test_missing_customdata_no_report_when_feature_flag_disabled( |
There was a problem hiding this comment.
combine these two tests into single test with pytest.parametrize() so the differences are obvious on what happens whether flag is enabled, or not
There was a problem hiding this comment.
Combined these into one list.
| class TestHasCustomDataFromImds: | ||
| """Unit tests for the _hascustomdata_from_imds helper.""" | ||
|
|
||
| def test_returns_true_when_present(self): |
There was a problem hiding this comment.
all these tests can be combined into one parametrized list
There was a problem hiding this comment.
Updated these to be a single list.
cloudinit/sources/azure/errors.py
Outdated
| ovf_env_xml_found: bool, | ||
| ) -> None: | ||
| super().__init__( | ||
| "failed finding customData but extended.compute.hasCustomData=true" |
There was a problem hiding this comment.
for consistency with other errors:
| "failed finding customData but extended.compute.hasCustomData=true" | |
| "failure to read customData while hasCustomData=true" |
2 participants
Proposed Commit Message
Additional Context
Test Steps
Merge type