Skip to content

feat: add TL FIPS e2e #7770

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mxj220 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add TL FIPS e2e #7770

mxj220 wants to merge 1 commit into from
+37 −0

Conversation

@mxj220
Copy link
Contributor

@mxj220 mxj220 commented Feb 2, 2026

What this PR does / why we need it:
Adds E2E for TrustedLaunch FIPS 22.04 VHD

Which issue(s) this PR fixes:

Fixes #

Copilot AI review requested due to automatic review settings February 2, 2026 22:53
Copilot AI reviewed Feb 2, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds end-to-end testing support for TrustedLaunch-enabled FIPS Ubuntu 22.04 Gen2 VHD. The changes introduce a new distro constant and corresponding E2E test configuration to validate that nodes using the TrustedLaunch FIPS VHD can be properly bootstrapped with the required security features.

Changes:

  • Added new distro constant for TrustedLaunch FIPS Ubuntu 22.04 Gen2
  • Created E2E test for TrustedLaunch FIPS functionality
  • Added VHD configuration for the new TrustedLaunch FIPS image

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
pkg/agent/datamodel/types.go Defines new distro constant for TrustedLaunch FIPS Ubuntu 22.04 Gen2
e2e/scenario_test.go Implements E2E test validating TrustedLaunch FIPS VHD bootstrapping
e2e/config/vhd.go Configures VHD image metadata for TrustedLaunch FIPS testing

e2e/scenario_test.go

func Test_Ubuntu2204Gen2FIPSTL(t *testing.T) {
RunScenario(t, &Scenario{
Description: "Tests that a node using the Ubuntu 2204 FIPS Gen2 VHD can be properly bootstrapped",
Copy link

Copilot AI Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The description incorrectly states 'Ubuntu 2204 FIPS Gen2 VHD' but should specify 'Ubuntu 2204 FIPS TrustedLaunch Gen2 VHD' to accurately reflect that this test is specifically for the TrustedLaunch variant.

Suggested change
Description: "Tests that a node using the Ubuntu 2204 FIPS Gen2 VHD can be properly bootstrapped",
Description: "Tests that a node using the Ubuntu 2204 FIPS TrustedLaunch Gen2 VHD can be properly bootstrapped",

Copilot uses AI. Check for mistakes.
e2e/scenario_test.go
Description: "Tests that a node using the Ubuntu 2204 FIPS Gen2 VHD can be properly bootstrapped",
Config: Config{
Cluster: ClusterKubenet,
VHD: config.VHDUbuntu2204Gen2FIPSContainerd,
Copy link

Copilot AI Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The VHD configuration references 'VHDUbuntu2204Gen2FIPSContainerd' but should reference 'VHDUbuntu2204Gen2FIPSTLContainerd' to use the TrustedLaunch FIPS VHD that was defined in e2e/config/vhd.go.

Suggested change
VHD: config.VHDUbuntu2204Gen2FIPSContainerd,
VHD: config.VHDUbuntu2204Gen2FIPSTLContainerd,

Copilot uses AI. Check for mistakes.
e2e/scenario_test.go
Comment on lines +447 to +448
BootstrapConfigMutator: func(nbc *datamodel.NodeBootstrappingConfiguration) {
},
Copy link

Copilot AI Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Empty function body. If no bootstrap configuration mutations are needed, consider removing this field entirely or adding a comment explaining why it's intentionally empty.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@juan-lee juan-lee Awaiting requested review from juan-lee juan-lee is a code owner

@cameronmeissner cameronmeissner Awaiting requested review from cameronmeissner cameronmeissner is a code owner

@ganeshkumarashok ganeshkumarashok Awaiting requested review from ganeshkumarashok ganeshkumarashok is a code owner

@Devinwong Devinwong Awaiting requested review from Devinwong Devinwong is a code owner

@lilypan26 lilypan26 Awaiting requested review from lilypan26 lilypan26 is a code owner

@AbelHu AbelHu Awaiting requested review from AbelHu AbelHu is a code owner

@junjiezhang1997 junjiezhang1997 Awaiting requested review from junjiezhang1997 junjiezhang1997 is a code owner

@djsly djsly Awaiting requested review from djsly djsly is a code owner

@phealy phealy Awaiting requested review from phealy phealy is a code owner

@r2k1 r2k1 Awaiting requested review from r2k1 r2k1 is a code owner

@timmy-wright timmy-wright Awaiting requested review from timmy-wright timmy-wright is a code owner

@zachary-bailey zachary-bailey Awaiting requested review from zachary-bailey zachary-bailey is a code owner

@awesomenix awesomenix Awaiting requested review from awesomenix awesomenix is a code owner

@pdamianov-dev pdamianov-dev Awaiting requested review from pdamianov-dev pdamianov-dev is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mxj220