[Breaking Change] Default New-AzGalleryImageDefinition to HyperV Gen2 and Trusted Launch (#24869)

* development

* finish feature dev

* changelog and md file

* add new test

* update working in changelog

* add one more scenario to test

* assert line

* collap function to one line code

* add closing brace back to fix the error in code structure

* update documentation

* better wording

* Update New-AzGalleryImageDefinition.md

* Update New-AzGalleryImageDefinition.md

---------

Co-authored-by: YanaXu <[email protected]>

Author: grizzlytheodore

src/Compute/Compute.Test/ScenarioTests/GalleryTests.cs

@@ -64,5 +64,12 @@ public void TestGalleryVersionWithSourceImageVMId()
         {
             TestRunner.RunTestScript("Test-GalleryVersionWithSourceImageVMId");
         }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestGalleryImageDefinitionDefaults()
+        {
+            TestRunner.RunTestScript("Test-GalleryImageDefinitionDefaults");
+        }
     }
 }

src/Compute/Compute.Test/ScenarioTests/GalleryTests.ps1

@@ -893,3 +893,100 @@ function Test-GalleryVersionWithSourceImageVMId
         Clean-ResourceGroup $rgname;
     }
 }
+
+<#
+.SYNOPSIS
+Tests New-AzGalleryImageDefinition to default to HyperVGen V2 and TL
+#>
+function Test-GalleryImageDefinitionDefaults
+{
+    # Setup
+    $rgname = Get-ComputeTestResourceName;
+    $loc = Get-ComputeVMLocation;
+
+    try
+    {
+    
+        $location = $loc;
+        New-AzResourceGroup -Name $rgname -Location $loc -Force;
+
+        # Gallery variables
+        $resourceGroup = $rgname
+        $galleryName = 'gl' + $rgname
+        $definitionName = 'def' + $rgname
+        $definitionName2 = $definitionName + '2'
+        $skuDetails = @{
+            Publisher = 'test'
+            Offer = 'test'
+            Sku = 'test'
+        }
+        $osType = 'Windows'
+        $osState = 'Specialized'
+        $storageAccountSku = 'Standard_LRS'
+        
+        # Setup Image Gallery
+        New-AzGallery -ResourceGroupName $rgname -Name $galleryName -location $location
+
+        # Setup Image Definition
+        $paramNewAzImageDef = @{
+            ResourceGroupName = $rgname
+            GalleryName       = $galleryName
+            Name              = $definitionName
+            Publisher         = $skuDetails.Publisher
+            Offer             = $skuDetails.Offer
+            Sku               = $skuDetails.Sku
+            Location          = $location
+            OSState           = $osState
+            OsType            = $osType
+            ErrorAction       = 'Stop'
+        }
+        
+        New-AzGalleryImageDefinition @paramNewAzImageDef;
+
+        $definition = Get-AzGalleryImageDefinition -ResourceGroupName $rgname -GalleryName $galleryName -Name $definitionName;
+
+        # verify HyperVGeneration and TL default 
+         Assert-AreEqual $definition.HyperVGeneration "V2";
+         Assert-AreEqual $definition.features[0].Name "SecurityType";
+         Assert-AreEqual $definition.features[0].Value "TrustedLaunchSupported";
+
+
+         # Testing by passing TL default by explictly setting securityType 
+
+        $skuDetails2 = @{
+            Publisher = 'test0'
+            Offer = 'test0'
+            Sku = 'test0'
+        }
+
+        $paramNewAzImageDef2 = @{
+            ResourceGroupName = $rgname
+            GalleryName       = $galleryName
+            Name              = $definitionName2
+            Publisher         = $skuDetails2.Publisher
+            Offer             = $skuDetails2.Offer
+            Sku               = $skuDetails2.Sku
+            Location          = $location
+            OSState           = $osState
+            OsType            = $osType
+            ErrorAction       = 'Stop'
+            Feature           = @{Name="SecurityType"; Value="ConfidentialVM"}
+        }
+
+
+         New-AzGalleryImageDefinition @paramNewAzImageDef2
+         $definition2 = Get-AzGalleryImageDefinition -ResourceGroupName $rgname -GalleryName $galleryName -Name $definitionName2;
+
+         # verify HyperVGeneration and TL default 
+         Assert-AreNotEqual $definition2.features[0].Value "TrustedLaunchSupported";
+         Assert-AreEqual $definition2.features.count 1
+
+
+    }
+    finally 
+    {
+        # Cleanup
+        Clean-ResourceGroup $rgname;
+    }
+}
+

src/Compute/Compute.Test/SessionRecords/Microsoft.Azure.Commands.Compute.Test.ScenarioTests.GalleryTests/TestGalleryImageDefinitionDefaults.json

@@ -24,6 +24,7 @@
 * [Breaking Change] Added ValidateNotNullOrEmpty for `-ResourceGroupName` and `-VMScaleSetName` parameters to `Get-AzVmss` cmdlet. [#20095]
 * Added `Etag` property to PSVirtualMachine and PSVirtualMachineScaleSet objects.   
 * Added parameters `-IfMatch` and `-IfNoneMatch` to `Update-AzVM`, `Update-AzVmss`, `New-AzVm`, `New-AzVmss`, `New-AzVmConfig`, and `New-AzVmssConfig` cmdlets.
+* [Breaking Change] Cmdlet `New-AzGalleryImageDefinition` will default parameter `-HyperVGeneration` to `V2` if it is not set as `V1` explicitly, and also default parameter `-Feature` by adding `@{Name='SecurityType';Value='TrustedLaunchSupported'}` if the `SecurityType` feature is not set explicitly. 
 * Resolved the bug with `New-AzVMConfig` for `-CommunityGalleryImageId` and `-SharedGalleryImageId` parameters.
 * [Breaking Change] Added ValidateNotNullOrEmpty for `-ResourceGroupName` and `-VMScaleSetName` parameters to `Get-AzVmss` cmdlet. [#20095]
 * [Breaking Change] Added new business logic to `New-AzVmss` and `New-AzVM` cmdlets. When the user explicitly sets the `SecurityType` to `Standard`, the Image alias defaults to `Win2022AzureEdition` to make future migrations to Trusted Launch easier.

src/Compute/Compute/ChangeLog.md

@@ -68,6 +68,10 @@ public override void ExecuteCmdlet()
                     {
                         galleryImage.HyperVGeneration = this.HyperVGeneration;
                     }
+                    else //default HyperVGenration V2 if not specified
+                    {
+                        galleryImage.HyperVGeneration = "V2";
+                    }
 
                     if (this.IsParameterBound(c => c.PrivacyStatementUri))
                     {
@@ -184,7 +188,20 @@ public override void ExecuteCmdlet()
 
                     if (this.IsParameterBound(c => c.Feature))
                     {
-                        galleryImage.Features = this.Feature;
+                        galleryImage.Features = new List<GalleryImageFeature>();
+                        for (int i = 0; i < this.Feature.Length; i++)
+                        {
+                            galleryImage.Features.Add(this.Feature[i]);
+                        }
+                    }
+
+                    if ((!this.IsParameterBound(c => c.Feature) || galleryImage.Features?.All(f => f.Name.ToLower() != "securitytype") == true) && galleryImage.HyperVGeneration == "V2")
+                    {
+                        if (galleryImage.Features == null)
+                        {
+                            galleryImage.Features = new List<GalleryImageFeature>();
+                        }
+                        galleryImage.Features.Add(new GalleryImageFeature("SecurityType", "TrustedLaunchSupported"));
                     }
 
                     var result = GalleryImagesClient.CreateOrUpdate(resourceGroupName, galleryName, galleryImageName, galleryImage);

src/Compute/Compute/Generated/GalleryImage/GalleryImageCreateOrUpdateMethod.cs

@@ -27,7 +27,8 @@ New-AzGalleryImageDefinition [-ResourceGroupName] <String> [-GalleryName] <Strin
 
 ## DESCRIPTION
 
-Create a gallery image definition.
+Create a gallery image definition. 
+The gallery image definition will default to 'HyperVGeneration: V2' and 'SecurityType: TrustedLaunchSupported' if `-HyperVGeneration` and `-Feature @{Name: SecurityType}` is not set explicitly. Set SecurityType to 'None' to opt out of this defaulting (See Example 10). 
 
 ## EXAMPLES
 
@@ -45,7 +46,7 @@ $description = "My gallery"
 New-AzGalleryImageDefinition -ResourceGroupName $rgName -GalleryName $galleryName -Name $galleryImageDefinitionName -Location $location -Publisher $publisherName -Offer $offerName -Sku $skuName -OsState "Specialized" -OsType "Linux" -Description $description
 ```
 
-Creates a gallery image definition to contain image versions for specialized linux images.
+Creates a gallery image definition to contain image versions for specialized linux images. This will default the Gallery Image to HyperVGeneration V2 and Trusted Launch as `-HyperVGeneration` and `-Feature SecurityType` is not set explicitly.
 
 ### Example 2: Create an image definition for generalized linux images
 
@@ -186,6 +187,25 @@ New-AzGalleryImageDefinition -ResourceGroupName $rgName -GalleryName $galleryNam
 
 Creates a gallery image definition for linux generalized images and specify either the string or path to an EULA agreement, privacy statement, and release notes tied to all image versions in the image definition.
 
+### Example 10: Create a gallery image definition with Standard SecurityType feature
+
+```powershell
+$rgName = "myResourceGroup"
+$galleryName = "myGallery"
+$galleryImageDefinitionName = "myImage"
+$location = "eastus"
+$publisherName = "GreatPublisher"
+$offerName = "GreatOffer"
+$skuName = "GreatSku"
+
+$Feature1 = @{Name='SecurityType';Value='None'}
+$Features = @($Feature1)
+
+New-AzGalleryImageDefinition -ResourceGroupName $rgName -GalleryName $galleryName -Name $galleryImageDefinitionName -Location $location -Publisher $publisherName -Offer $offerName -Sku $skuName -OsState "Generalized" -OsType "Linux" -Feature $Features
+```
+
+Create a gallery image definition with standard security type feature by providing 'None' as the value of the SecurityType feature.
+
 ## PARAMETERS
 
 ### -Architecture
@@ -302,6 +322,7 @@ Accept wildcard characters: False
 ### -Feature
 
 A list of gallery image features.
+For SecurityType, acceptable inputs are: None, TrustedlaunchSupported, Trustedlaunch, ConfidentialVM, ConfidentialVMSupported, TrustedandConfidentialVMSupported
 
 ```yaml
 Type: Microsoft.Azure.Management.Compute.Models.GalleryImageFeature[]