Disable Azure VM agent and report VM as ready

cli/internal/terraform/terraform/azure/modules/scale_set/main.tf

@@ -24,6 +24,7 @@ resource "azurerm_linux_virtual_machine_scale_set" "scale_set" {
   admin_username                  = "adminuser"
   admin_password                  = random_password.password.result
   overprovision                   = false
+  provision_vm_agent              = false
   vtpm_enabled                    = true
   disable_password_authentication = false
   upgrade_mode                    = "Manual"

image/mkosi.skeleton/usr/lib/dracut/modules.d/38azure-provision/azure-provisioning.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Azure Provisioning
+After=network-online.target
+Wants=network-online.target
+ConditionKernelCommandLine=constel.csp=azure
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/azure-provisioning
+RemainAfterExit=yes
+StandardOutput=tty
+StandardInput=tty
+StandardError=tty

image/mkosi.skeleton/usr/lib/dracut/modules.d/38azure-provision/azure-provisioning.sh

@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# source https://learn.microsoft.com/en-us/azure/virtual-machines/linux/no-agent
+
+attempts=1
+until [ "$attempts" -gt 5 ]
+do
+    echo "obtaining goal state - attempt $attempts"
+    goalstate=$(curl --fail -v -X 'GET' -H "x-ms-agent-name: azure-vm-register" \
+                                        -H "Content-Type: text/xml;charset=utf-8" \
+                                        -H "x-ms-version: 2012-11-30" \
+                                           "http://168.63.129.16/machine/?comp=goalstate")
+    if [ $? -eq 0 ]
+    then
+       echo "successfully retrieved goal state"
+       retrieved_goal_state=true
+       break
+    fi
+    sleep 5
+    attempts=$((attempts+1))
+done
+
+if [ "$retrieved_goal_state" != "true" ]
+then
+    echo "failed to obtain goal state - cannot register this VM"
+    exit 1
+fi
+
+container_id=$(grep ContainerId <<< "$goalstate" | sed 's/\s*<\/*ContainerId>//g' | sed 's/\r$//')
+instance_id=$(grep InstanceId <<< "$goalstate" | sed 's/\s*<\/*InstanceId>//g' | sed 's/\r$//')
+
+ready_doc=$(cat << EOF
+<?xml version="1.0" encoding="utf-8"?>
+<Health xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <GoalStateIncarnation>1</GoalStateIncarnation>
+  <Container>
+    <ContainerId>$container_id</ContainerId>
+    <RoleInstanceList>
+      <Role>
+        <InstanceId>$instance_id</InstanceId>
+        <Health>
+          <State>Ready</State>
+        </Health>
+      </Role>
+    </RoleInstanceList>
+  </Container>
+</Health>
+EOF
+)
+
+attempts=1
+until [ "$attempts" -gt 5 ]
+do
+    echo "registering with Azure - attempt $attempts"
+    curl --fail -v -X 'POST' -H "x-ms-agent-name: azure-vm-register" \
+                             -H "Content-Type: text/xml;charset=utf-8" \
+                             -H "x-ms-version: 2012-11-30" \
+                             -d "$ready_doc" \
+                             "http://168.63.129.16/machine?comp=health"
+    if [ $? -eq 0 ]
+    then
+       echo "successfully register with Azure"
+       break
+    fi
+    sleep 5 # sleep to prevent throttling from wire server
+done

image/mkosi.skeleton/usr/lib/dracut/modules.d/38azure-provision/module-setup.sh

@@ -0,0 +1,30 @@
+#!/usr/bin/env bash
+# Copyright (c) Edgeless Systems GmbH
+#
+# SPDX-License-Identifier: AGPL-3.0-only
+
+depends() {
+    echo systemd
+}
+
+install_and_enable_unit() {
+    unit="$1"; shift
+    target="$1"; shift
+    inst_simple "$moddir/$unit" "$systemdsystemunitdir/$unit"
+    mkdir -p "${initdir}${systemdsystemconfdir}/${target}.wants"
+    ln_r "${systemdsystemunitdir}/${unit}" \
+        "${systemdsystemconfdir}/${target}.wants/${unit}"
+}
+
+install() {
+    inst_multiple \
+        bash \
+        curl \
+        grep \
+        sed
+
+    inst_script "$moddir/azure-provisioning.sh" \
+        "/usr/local/bin/azure-provisioning"
+    install_and_enable_unit "azure-provisioning.service" \
+        "basic.target"
+}