Skip to content

Confcom Release 1.5.0 #9477

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
necusjz merged 1 commit into from
Dec 16, 2025
Merged

Confcom Release 1.5.0 #9477

necusjz merged 1 commit into from
Dec 16, 2025

Conversation

@DomAyre
Copy link
Contributor

@DomAyre DomAyre commented Dec 16, 2025

Why

This PR contains all currently ready PRs for the confcom extension. They are grouped together to speed up merging and releasing time.

How

The only commits in this PR should be merged PRs for individual changes, and merges from main.

This checklist is used to make sure that common guidelines for a pull request are followed.

Related command

General Guidelines

  • Have you run azdev style <YOUR_EXT> locally? (pip install azdev required)
  • Have you run python scripts/ci/test_index.py -q locally? (pip install wheel==0.30.0 required)
  • My extension version conforms to the Extension version schema

Copilot AI review requested due to automatic review settings December 16, 2025 09:18
@azure-client-tools-bot-prd
Copy link

azure-client-tools-bot-prd bot commented Dec 16, 2025
edited
Loading

⚠️Azure CLI Extensions Breaking Change Test
⚠️confcom
rule cmd_name rule_message suggest_message
⚠️ 1006 - ParaAdd confcom acifragmentgen cmd confcom acifragmentgen added parameter out_signed_fragment
⚠️ 1011 - SubgroupAdd confcom fragment sub group confcom fragment added

@yonzhan
Copy link
Collaborator

yonzhan commented Dec 16, 2025

Thank you for your contribution! We will review the pull request and get back to you soon.

@github-actions
Copy link

github-actions bot commented Dec 16, 2025

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

@DomAyre DomAyre mentioned this pull request Dec 16, 2025
Closed
6 tasks
@github-actions
Copy link

github-actions bot commented Dec 16, 2025

Copilot AI reviewed Dec 16, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR bundles multiple changes for the confcom extension release 1.5.0, focusing on improving fragment handling capabilities and test infrastructure improvements.

Key Changes:

  • Added new CLI commands confcom fragment push and confcom fragment attach for standalone fragment operations
  • Enhanced acifragmentgen with --out-signed-fragment flag to output signed fragments to stdout for piping
  • Improved test infrastructure with better certificate chain generation and Docker cleanup coordination
  • Extracted BUNDLE_ID constant in Rego rules for better maintainability

Reviewed changes

Copilot reviewed 17 out of 17 changed files in this pull request and generated 13 comments.

Show a summary per file
File Description
src/confcom/setup.py Version bump from 1.4.5 to 1.5.0
src/confcom/samples/certs/create_certchain.sh Added support for custom output directory via optional parameter
src/confcom/azext_confcom/tests/latest/test_confcom_virtual_node.py Updated cert generation to use temp directory and fixed subprocess call
src/confcom/azext_confcom/tests/latest/test_confcom_tar.py Fixed temp file path to use temp directory instead of test path
src/confcom/azext_confcom/tests/latest/test_confcom_fragment.py Updated cert generation to use temp directory and fixed subprocess call
src/confcom/azext_confcom/tests/latest/test_confcom_arm.py Added Docker prune coordination with file locking to prevent xdist conflicts
src/confcom/azext_confcom/tests/latest/test_confcom_acifragmentgen.py New comprehensive tests for fragment generation, signing, and upload features
src/confcom/azext_confcom/data/rules.rego Extracted BUNDLE_ID constant and added validation for bundle_id format
src/confcom/azext_confcom/data/genpolicy-settings.json New configuration file with default policy settings for containers and volumes
src/confcom/azext_confcom/custom.py Added fragment push/attach functions and --out-signed-fragment support
src/confcom/azext_confcom/commands.py Registered new fragment push and attach commands
src/confcom/azext_confcom/command/fragment_push.py New command implementation for pushing fragments to registry
src/confcom/azext_confcom/command/fragment_attach.py New command implementation for attaching fragments to images
src/confcom/azext_confcom/_params.py Added parameter definitions for new fragment commands
src/confcom/azext_confcom/_help.py Added help documentation for new fragment commands
src/confcom/HISTORY.rst Release notes for version 1.5.0
linter_exclusions.yml Excluded positional parameter warnings for fragment commands

@yonzhan yonzhan requested a review from jsntcy December 16, 2025 10:44
@yonzhan yonzhan requested a review from necusjz December 16, 2025 10:44
@DomAyre
Restore the behaviour of --upload-fragment for acifragmentgen (#13)
646e4a5 
Addresses
- Azure#9222

- [x] Update the code to restore the "attach to first image in input" behaviour
- [x] Add two new commands: `fragment push` and `fragment attach` to allow the user to explicitly do one or the other (or both!)
- [x] Add new tests which run a local docker registry, and test that the fragments are generated, signed, pushed and attached as expected (as well as the default behaviour)

---

This checklist is used to make sure that common guidelines for a pull request are followed.

<!--- Please provide the related command with az {command} if you can, so that we can quickly route to the related person to review. --->

- [x] Have you run `azdev style <YOUR_EXT>` locally? (`pip install azdev` required)
- [x] Have you run `python scripts/ci/test_index.py -q` locally? (`pip install wheel==0.30.0` required)
- [x] My extension version conforms to the [Extension version schema](https://github.com/Azure/azure-cli/blob/release/doc/extensions/versioning_guidelines.md)
@necusjz necusjz merged commit 51db435 into Azure:main Dec 16, 2025
24 checks passed
@azclibot
Copy link
Collaborator

azclibot commented Dec 16, 2025

[Release] Update index.json for extension [ confcom ] : https://dev.azure.com/msazure/One/_build/results?buildId=146898724&view=results

necusjz added a commit that referenced this pull request Dec 17, 2025
@necusjz
Revert "Restore the behaviour of --upload-fragment for acifragmentg…
be869fb 
…en (#9477)"

This reverts commit 51db435.
This was referenced Dec 17, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@necusjz necusjz necusjz approved these changes

@kairu-ms kairu-ms Awaiting requested review from kairu-ms kairu-ms is a code owner

@wangzelin007 wangzelin007 Awaiting requested review from wangzelin007 wangzelin007 is a code owner

@jsntcy jsntcy Awaiting requested review from jsntcy

Assignees

@kairu-ms kairu-ms

Labels

None yet

Projects

None yet

Milestone

January 2026 (2026-01-13)

Development

Successfully merging this pull request may close these issues.

5 participants

@DomAyre @yonzhan @azclibot @necusjz @kairu-ms