[Do not merge] Testing ASO windows cluster

[song-jiang]

Description

Related issues/PRs

Todos

• Tests
• Documentation
• Release note

Release Note

TBD

Reminder for the reviewer

Make sure that this PR has the correct labels and milestone set.

Every PR needs one docs-* label.

• docs-pr-required: This change requires a change to the documentation that has not been completed yet.
• docs-completed: This change has all necessary documentation completed.
• docs-not-required: This change has no user-facing impact and requires no docs.

Every PR needs one release-note-* label.

• release-note-required: This PR has user-facing changes. Most PRs should have this label.
• release-note-not-required: This PR has no user-facing changes.

Other optional labels:

• cherry-pick-candidate: This PR should be cherry-picked to an earlier release. For bug fixes only.
• needs-operator-pr: This PR is related to install and requires a corresponding change to the operator.

[Copilot]

Pull Request Overview

This is a testing/experimental PR (marked "Do not merge") that sets up infrastructure and tests for Windows CNI plugin functional verification using Azure Service Operator (ASO) clusters. The changes focus on updating the Windows test environment to use Windows Server 2022 and improving the Linux VM setup for containerd/Docker installation.

Key changes:

• Upgrades Windows Server from 2019 to 2022 (latest version)
• Adds comprehensive containerd and Docker installation script for Linux VMs
• Fixes case-sensitivity issues in Windows HNS GUID comparisons
• Simplifies CI pipeline to single l2bridge test configuration

Reviewed Changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
process/testing/winfv-cni-plugin/aso/setup-fv.sh	Adds early exit after node preparation (blocks test execution)
process/testing/winfv-cni-plugin/aso/infra/templates/vmss-linux.yaml	Replaces simple echo with full Docker/containerd installation; renames extensions
process/testing/winfv-cni-plugin/aso/export-env.sh	Updates to Windows Server 2022 image version 20348.4405.251112
cni-plugin/win_tests/calico_cni_k8s_windows_test.go	Adds case-insensitive GUID comparison (10 occurrences) using strings.ToUpper()
.semaphore/semaphore.yml	Removes most CI blocks, keeps only Windows CNI test; has YAML syntax error

[Copilot]

The exit 0 statement prevents the test execution from reaching the backend-specific logic below. This causes the script to terminate successfully after prepare_windows_node() without actually creating the network or running the functional verification tests.

Either this is intentional for testing setup steps only, or this is a debugging statement that should be removed to allow the full test flow to execute.

Suggested change

exit 0

[Copilot]

The apt-get update command runs without sudo, which may fail if the VM extension doesn't run with root privileges. Azure VM extensions typically run as root, but it's best practice to be explicit about privilege escalation requirements or verify the execution context.

Suggested change

	apt-get update
	# Install prerequisites
	apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
	# Install Docker (includes containerd)
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
	apt-get update
	apt-get install -y docker-ce docker-ce-cli containerd.io
	sudo apt-get update
	# Install prerequisites
	sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
	# Install Docker (includes containerd)
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
	sudo apt-get update
	sudo apt-get install -y docker-ce docker-ce-cli containerd.io

[Copilot]

Duplicate commands field in the job definition. The YAML structure shows two commands: keys at lines 80 and 85. The second one (line 85-86) will override the first one (lines 80-84), causing the Windows FV test command to be replaced with a generic CI command.

Remove the second commands: block (lines 85-86) to fix this issue.

Suggested change

	commands:
	- ../.semaphore/run-and-monitor ci.log make ci

[Copilot]

The removal of the conditional check if [[ "${SEMAPHORE_BLOCK_NAME}" != "Prerequisites" ]]; then means that git fetch --unshallow will now run for all blocks, including the "Prerequisites" block. This could cause issues if the Prerequisites block has special requirements or if running unshallow on it causes problems. The original conditional was likely intentional to avoid this operation in certain contexts.

Suggested change

	- retry git fetch --unshallow
	- if [[ "${SEMAPHORE_BLOCK_NAME}" != "Prerequisites" ]]; then retry git fetch --unshallow; fi