mirror of
https://github.com/microsoft/onefuzz.git
synced 2025-06-06 07:11:35 +00:00
3c3f12a7e4
- Turn `ImageReference` into its own type so it is validated early on in request submission time, and we don't end up with malformed IDs, etc. - Add in support for shared image galleries since that was easy enough to add while I'm doing this. - Explicitly document which image sources are permitted and how to reference them with resource IDs. This addresses/closes #1464 for the C# port. Also fixes #2927 which was recently reported.
1.8 KiB
1.8 KiB
Fuzzing using Custom OS Images
In order to use custom OS images in OneFuzz, the image must run the Azure VM Agent.
Building custom images can be automated using the Linux or Windows image builders for Azure.
If you have a custom Windows VHD, you should follow the Guide to prepare a VHD for Azure.
From there, rather than using Image SKUs such as
Canonical:0001-com-ubuntu-server-focal:20_04-lts:latest, use the full resource ID for the
shared image. Supported ID formats are:
- VM image:
/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/images/{image} - gallery image (latest):
/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{gallery}/images/{image} - gallery image (specific version):
/subscriptions/{subscription}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{gallery}/images/{image}/versions/{version} - shared gallery image (latest):
/subscriptions/{subscription}/providers/Microsoft.Compute/locations/{location}/sharedGalleries/{gallery}/images/{image}, - shared gallery image (specific version):
/subscriptions/{subscription}/providers/Microsoft.Compute/locations/{location}/sharedGalleries/{gallery}/images/{image}/versions/{version}
The Service Principal for the OneFuzz instance must have RBAC to the image sufficient to read and deploy the images, and the image must be replicated into the region of the scaleset.