ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-09 00:31:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
onefuzz/docs/custom-images.md
George Pollard 3c3f12a7e4
Make ImageReference strongly-typed and checked up-front (#2369) 
- Turn `ImageReference` into its own type so it is validated early on in request submission time, and we don't end up with malformed IDs, etc.
- Add in support for shared image galleries since that was easy enough to add while I'm doing this.
- Explicitly document which image sources are permitted and how to reference them with resource IDs.

This addresses/closes #1464 for the C# port. Also fixes #2927 which was recently reported.
2023-03-26 22:20:08 +00:00

34 lines
1.8 KiB
Markdown
Raw Permalink Blame History

# Fuzzing using Custom OS Images
In order to use custom OS images in OneFuzz, the image _must_ run the [Azure VM
Agent](https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/overview).
Building custom images can be automated using the
[Linux](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/image-builder)
or
[Windows](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/image-builder)
image builders for Azure.
If you have a custom Windows VHD, you should follow the [Guide to prepare a VHD
for
Azure](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image).
From there, rather than using Image SKUs such as
`Canonical:0001-com-ubuntu-server-focal:20_04-lts:latest`, use the full resource ID for the
shared image. Supported ID formats are:
- VM image:<br/>
`/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/images/{image}`
- gallery image (latest):<br/>
`/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{gallery}/images/{image}`
- gallery image (specific version):<br/>
`/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{gallery}/images/{image}/versions/{version}`
- shared gallery image (latest):<br/>
`/subscriptions/{subscription}/providers/Microsoft.Compute/locations/{location}/sharedGalleries/{gallery}/images/{image}`,
- shared gallery image (specific version):<br/>
`/subscriptions/{subscription}/providers/Microsoft.Compute/locations/{location}/sharedGalleries/{gallery}/images/{image}/versions/{version}`
The Service Principal for the OneFuzz instance must have RBAC to the image
sufficient to read and deploy the images, and the image must be replicated into
the region of the scaleset.
Reference in New Issue View Git Blame Copy Permalink