Conversation
chmill-zz
requested review from
AbelHu,
Devinwong,
awesomenix,
cameronmeissner,
djsly,
ganeshkumarashok,
juan-lee,
junjiezhang1997,
lilypan26,
phealy,
r2k1,
timmy-wright and
zachary-bailey
as code owners
github-actions
bot
added
the
components
chmill-zz
requested review from
SriHarsha001,
yagmurbaydogan and
yewmsft
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR integrates Inspektor Gadget (IG) into AgentBaker's VHD build process by default. Inspektor Gadget is an eBPF-based observability tool for Kubernetes that will be pre-installed and configured on node VHDs.
Changes:
- Adds installation script (install-ig.sh) that downloads and installs IG packages for Ubuntu (via deb) and Mariner/Azure Linux (via rpm)
- Integrates IG installation into the existing VHD build pipeline via install-dependencies.sh
- Provides baseline artifacts including helper scripts for gadget import/removal and a systemd service
- Adds E2E validation and VHD content tests for IG installation
- Excludes IG installation for Flatcar, OSGuard, and Kata variants where it's not applicable
Reviewed changes
Copilot reviewed 21 out of 23 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| vhdbuilder/packer/vhd-image-builder-*.json | Adds file provisioners to copy install-ig.sh script and inspektor-gadget artifacts to all VHD build configurations |
| vhdbuilder/packer/install-ig.sh | New script containing all IG installation logic, including package download, installation, and configuration |
| vhdbuilder/packer/install-dependencies.sh | Integrates IG installation by sourcing install-ig.sh and calling installIG function |
| vhdbuilder/packer/test/linux-vhd-content-test.sh | Adds testInspektorGadgetAssets test to verify IG files are properly installed in VHD |
| parts/linux/cloud-init/artifacts/inspektor-gadget/ | Baseline artifacts including import/remove gadget helper scripts, systemd service unit, and skip sentinel file |
| parts/common/components.json | Adds inspektor-gadget component metadata with version 0.45.0 and revision 1 |
| schemas/components.cue | Adds optional revision field to VersionV2 schema for package versioning |
| e2e/validators.go | Adds ValidateInspektorGadget function to validate IG installation and functionality in E2E tests |
| e2e/validation.go | Integrates ValidateInspektorGadget into common Linux validation flow |
| vhdbuilder/packer/imagecustomizer/azlosguard/azlosguard.yml | Adds file provisioners for IG scripts needed by OSGuard builds |
| vhdbuilder/packer/imagecustomizer/azlosguard/scripts/azlosguard-postinstall.sh | Adds cleanup of install-ig.sh after build |
| .pipelines/scripts/verify_shell.sh | Excludes bash-only scripts from POSIX compliance checks |
| vhdbuilder/packer/test/run-pretest.sh | Removes trailing whitespace |
.../cloud-init/artifacts/inspektor-gadget/baseline/usr/share/inspektor-gadget/import_gadgets.sh
Show resolved
Hide resolved
vhdbuilder/packer/imagecustomizer/azlosguard/scripts/azlosguard-postinstall.sh
Show resolved
Hide resolved
...ud-init/artifacts/inspektor-gadget/baseline/usr/lib/systemd/system/ig-import-gadgets.service
Show resolved
Hide resolved
| local download_dir="${IG_BUILD_ROOT}/downloads" | ||
| mkdir -p "${download_dir}" | ||
|
|
||
| local ig_tag="${IG_VERSION}-ubuntu18.04u${IG_REVISION}" |
Contributor
There was a problem hiding this comment.
we don't support 18.04 anymore :D
Contributor
Author
There was a problem hiding this comment.
ah yeah this is fun... IG is agnostic here. So they've got their generic in 18.04 for ig then ig-gadgets live in 20.04, but they're maintained. This was exciting to learn.
Contributor
Author
There was a problem hiding this comment.
this is how extension is currently pulling in ig components.
Contributor
There was a problem hiding this comment.
hrm... so we're forced to take from 18.04 repo... wondering if we could create a dalec spec for each OS version so we're not pinned
in the meantime if this works on all OS versions then I guess it's not blocking
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
cameronmeissner
approved these changes
Feb 9, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind feature
What this PR does / why we need it:
this is getting inspektor gadget into agentbaker by default.
Which issue(s) this PR fixes:
Requirements:
Special notes for your reviewer:
Release note: