feat: ACR-based SDK distribution with feature flag#2837
Draft
CodingIsBliss wants to merge 37 commits intomainfrom
Draft
feat: ACR-based SDK distribution with feature flag#2837CodingIsBliss wants to merge 37 commits intomainfrom
CodingIsBliss wants to merge 37 commits intomainfrom
Conversation
added 4 commits
April 1, 2026 13:14
Add two separate ACR SDK providers behind ORYX_ENABLE_ACR_SDK_PROVIDER: 1. ExternalAcrSdkProvider - communicates with LWASv2 via Unix socket to pull SDK images from WAWS Images ACR 2. AcrSdkProvider (direct) - downloads SDKs from Oryx ACR (oryxsdks.azurecr.io) using OCI Distribution API New files: - IExternalAcrSdkProvider.cs / ExternalAcrSdkProvider.cs - OciRegistryClient.cs - HTTP client for OCI Distribution API - AcrVersionProviderBase.cs - base class for ACR version discovery - Per-platform ACR version providers (Node, Python, PHP, DotNetCore) - publishSdkImageToAcr.sh / publishSdkToAcr.yml - ACR publish pipeline Modified files: - Platform install decisions (NodePlatform, PythonPlatform, PhpPlatform, DotNetCorePlatform) with ACR branch before existing DynamicInstall - Version provider orchestrators with ACR provider chain - PlatformInstallerBase with GetAcrInstallerScriptSnippet() - Go startup script generator with ACR download path - DI registrations for all new providers - Constants, options, settings keys for ACR configuration All changes are additive and behind feature flags. Existing blob storage code paths are completely untouched.
…esolution Remove ACR repository/tag construction from ExternalAcrSdkProvider. Now sends only platform, version, and debianFlavor to LWASv2. LWASv2 resolves the SDK companion image from LinuxAssets and handles pinning, containerd pull, mount, and extraction.
… OneBranch pipeline) Remove publishSdkImageToAcr.sh and publishSdkToAcr.yml since SDK images are now built and pushed using onebranch.pipeline.imagebuildinfo in the AAPT-Antares-Oryx pipeline, not via custom scripts.
CodingIsBliss
changed the title
Use the same ACR that AAPT-Antares-Oryx publishes SDK images to. Updated both C# constant and Go constant.
CodingIsBliss
force-pushed
the
feature/oryx-sdk-acr-distribution
branch
from
259f0c4 to
faa6b2d
Compare
added 2 commits
April 1, 2026 19:22
- SA1204: Move static GetFirstLayerDigest before instance members (OciRegistryClient.cs) - SA1124: Remove #region/#endregion around OCI JSON models (OciRegistryClient.cs) - SA1202: Move protected GetAcrInstallerScriptSnippet before private methods (PlatformInstallerBase.cs) - SA1116/SA1117: Place multi-line parameters each on own line (ExternalAcrSdkProvider.cs) - SA1515: Add blank line before single-line comment (DotNetCoreAcrVersionProvider.cs)
- SA1204: Move static GetFirstLayerDigest before instance members (OciRegistryClient.cs) - SA1124: Remove #region/#endregion around OCI JSON models (OciRegistryClient.cs) - SA1202: Move protected GetAcrInstallerScriptSnippet before private methods (PlatformInstallerBase.cs) - SA1116/SA1117: Place multi-line parameters each on own line (ExternalAcrSdkProvider.cs) - SA1515: Add blank line before single-line comment (DotNetCoreAcrVersionProvider.cs)
CodingIsBliss
force-pushed
the
feature/oryx-sdk-acr-distribution
branch
from
505580f to
3a88dfe
Compare
* fix: Resolve StyleCop analyzer errors in ACR SDK provider files - SA1204: Move static GetFirstLayerDigest before instance members (OciRegistryClient.cs) - SA1124: Remove #region/#endregion around OCI JSON models (OciRegistryClient.cs) - SA1202: Move protected GetAcrInstallerScriptSnippet before private methods (PlatformInstallerBase.cs) - SA1116/SA1117: Place multi-line parameters each on own line (ExternalAcrSdkProvider.cs) - SA1515: Add blank line before single-line comment (DotNetCoreAcrVersionProvider.cs) * fix sdk providers logic * refactor pythonPlatform * refctor for dotnet,php and node --------- Co-authored-by: Sarath chandra Bussa <sbussa@microsoft.com>
Member
|
Maybe we need 2 config flags here? |
…m/microsoft/Oryx into feature/oryx-sdk-acr-distribution
…LWASv2 socket contract - Fix socket path to /var/sdk-image-sockets/oryx-pull-sdk-image.socket (ACR socket) - Add ExternalAcrSdksStorageDir constant (/var/OryxAcrSdks) for ACR SDK cache - Add top-level Action field (pull-sdk / get-version) to request DTOs - Remove BlobName and UrlParameters from ExternalAcrSdkProvider request - Accept server-returned filename as success response instead of expecting 'Success$'
* update logic for dotnet and default versions * Refactor ACR SDK provider to return tarball path
sarsharma
reviewed
Apr 4, 2026
| public const string EnableExternalAcrSdkProviderKey = "ORYX_ENABLE_EXTERNAL_ACR_SDK_PROVIDER"; | ||
| public const string EnableAcrSdkProviderKey = "ORYX_ENABLE_ACR_SDK_PROVIDER"; | ||
| public const string AcrSdkRegistryUrlKeyName = "ORYX_ACR_SDK_REGISTRY_URL"; | ||
| public const string DefaultAcrSdkRegistryUrl = "https://oryxacr.azurecr.io"; |
Member
There was a problem hiding this comment.
before merging, lets update this to mcr if required
sarsharma
reviewed
Apr 4, 2026
| public const string EnableAcrSdkProviderKey = "ORYX_ENABLE_ACR_SDK_PROVIDER"; | ||
| public const string AcrSdkRegistryUrlKeyName = "ORYX_ACR_SDK_REGISTRY_URL"; | ||
| public const string DefaultAcrSdkRegistryUrl = "https://oryxacr.azurecr.io"; | ||
| public const string AcrSdkRepositoryPrefix = "sdks"; |
Member
There was a problem hiding this comment.
same here, for prod case + mcr, this might become <mcr>/oryx/sdks
…po constants (#2867) * update logic for dotnet and default versions * Refactor ACR SDK provider to return tarball path * Cleanup startupscriptgen and refactor ACR SDK distribution constants
* update logic for dotnet and default versions * Refactor ACR SDK provider to return tarball path * Cleanup startupscriptgen and refactor ACR SDK distribution constants * Refactor ACR SDK provider methods to return boolean status and update related logic across platforms * Update version provider logic to check for external SDK provider option
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add ACR-based SDK distribution behind
ORYX_ENABLE_ACR_SDK_PROVIDERfeature flag. SDKs can be pulled from Azure Container Registry instead of blob storage, with two separate provider paths and full fallback to existing blob storage.Architecture
Two separate ACR SDK providers:
ExternalAcrSdkProvider - Communicates with LWASv2 via Unix socket (source=acr). LWASv2 resolves the SDK companion image from LinuxAssets (same build tag as runtime image), pulls via containerd, mounts, and extracts SDK to disk.
AcrSdkProvider (direct) - Downloads SDKs directly from Oryx ACR (oryxsdks.azurecr.io) using OCI Distribution API via curl/HTTP. Used as a fallback when LWASv2 is not available.
Fallback Chain
New Files (8)
IExternalAcrSdkProvider.cs/ExternalAcrSdkProvider.cs- ACR SDK provider via LWASv2OciRegistryClient.cs- HTTP client for OCI Distribution APIAcrVersionProviderBase.cs- Base class for ACR version discoveryModified Files (27)
Feature Flag
ORYX_ENABLE_ACR_SDK_PROVIDER(default: false)ORYX_ACR_SDK_REGISTRY_URL(default: https://oryxsdks.azurecr.io)All changes additive. Existing blob storage paths untouched.
Related PRs