Describe the bug
Trusted VM are instructed to install the integrity extension by default. However nowhere does it check before if the image provides extension support, which was disabled in Debian in response to #26803. So it will wait for a long time, hours or so.
Related command
az vm create --debug -n test -g group --image debian:debian-sid-daily:sid-gen2:latest --security-type TrustedLaunch --enable-secure-boot
Errors
It will wait for extensions.
Issue script & Debug output
Unrelated
Expected behavior
Check the extensions flag or at least not block on the operation.
Environment Summary
azure-cli 2.51.0
core 2.51.0
telemetry 1.1.0
Extensions:
ai-examples 0.2.5
ml 2.19.1
ssh 2.0.1
Dependencies:
msal 1.24.0b1
azure-mgmt-resource 23.1.0b2
Python location '/usr/bin/python3.9'
Extensions directory '/home/test/.azure/cliextensions'
Extensions system directory '/usr/lib/python3.9/site-packages/azure-cli-extensions'
Python (Linux) 3.9.14 (main, Feb 8 2023, 03:39:52)
[GCC 11.2.0]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
Workaround for Debian is to disable the trusted launch flag in the images, then the client gives a somewhat useful error message.
"Use of TrustedLaunch setting is not supported for the provided image."
Describe the bug
Trusted VM are instructed to install the integrity extension by default. However nowhere does it check before if the image provides extension support, which was disabled in Debian in response to #26803. So it will wait for a long time, hours or so.
Related command
az vm create --debug -n test -g group --image debian:debian-sid-daily:sid-gen2:latest --security-type TrustedLaunch --enable-secure-bootErrors
It will wait for extensions.
Issue script & Debug output
Unrelated
Expected behavior
Check the extensions flag or at least not block on the operation.
Environment Summary
Additional context
Workaround for Debian is to disable the trusted launch flag in the images, then the client gives a somewhat useful error message.