fix(image-boot): address PR review feedback

reubeno · Copilot · reubeno · commit abeebfe2fab7 · 2026-04-17T14:18:29.000-07:00
- Validate '--disk-size' is non-empty when creating an empty disk for ISO boot.
- Lock test user password and disable SSH password auth when no password is provided
  (avoids unlocked account with no defined password).
- Use prereqs.RequireExecutable for qemu-img check to give actionable install hints.
- Use fileutils.MkdirTempInTempDir when WorkDir is unset so injected filesystems
  resolve the temp dir consistently.
- Add unit tests for InstallISOPath bootindex behavior, CreateEmptyQcow2, and
  CheckQEMUImgPrerequisite.

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/internal/app/azldev/cmds/image/boot.go b/internal/app/azldev/cmds/image/boot.go
@@ -330,6 +330,10 @@ func validateBootOptions(options *ImageBootOptions, diskSizeExplicit, needEmptyD
 			"(IMAGE_NAME or '--image-path')")
 	}
 
+	if needEmptyDisk && strings.TrimSpace(options.DiskSize) == "" {
+		return errors.New("'--disk-size' must be non-empty when '--iso' is used without a disk image")
+	}
+
 	return nil
 }
 
@@ -509,14 +513,19 @@ func runQEMUBoot(
 }
 
 // createBootTempDir creates a temporary directory for boot artifacts. It uses the project
-// work directory if available, otherwise falls back to the OS temp directory.
+// work directory if available, otherwise falls back to the OS temp directory (resolved
+// via the injected filesystem).
 func createBootTempDir(env *azldev.Env) (string, error) {
-	var baseDir string
 	if env.WorkDir() != "" {
-		baseDir = env.WorkDir()
+		tempDir, err := fileutils.MkdirTemp(env.FS(), env.WorkDir(), tempDirPrefixBoot)
+		if err != nil {
+			return "", fmt.Errorf("failed to create boot temp dir:\n%w", err)
+		}
+
+		return tempDir, nil
 	}
 
-	tempDir, err := fileutils.MkdirTemp(env.FS(), baseDir, tempDirPrefixBoot)
+	tempDir, err := fileutils.MkdirTempInTempDir(env.FS(), tempDirPrefixBoot)
 	if err != nil {
 		return "", fmt.Errorf("failed to create boot temp dir:\n%w", err)
 	}
@@ -812,12 +821,17 @@ func buildCloudInitMetadataIso(env *azldev.Env, options *ImageBootOptions, outpu
 
 // buildCloudInitConfig creates the cloud-init configuration for the test user.
 func buildCloudInitConfig(env *azldev.Env, options *ImageBootOptions) (*cloudinit.Config, error) {
+	hasPassword := options.TestUserPassword != ""
+
 	testUserConfig := cloudinit.UserConfig{
-		Name:              options.TestUserName,
-		Description:       "Test User",
-		Shell:             "/bin/bash",
-		Sudo:              []string{"ALL=(ALL) NOPASSWD:ALL"},
-		LockPassword:      lo.ToPtr(false),
+		Name:        options.TestUserName,
+		Description: "Test User",
+		Shell:       "/bin/bash",
+		Sudo:        []string{"ALL=(ALL) NOPASSWD:ALL"},
+		// Only unlock the password when one is actually provided. Otherwise the
+		// account would be unlocked with no defined password, which combined with
+		// SSH password auth could allow passwordless login.
+		LockPassword:      lo.ToPtr(!hasPassword),
 		PlainTextPassword: options.TestUserPassword,
 		Groups:            []string{"sudo"},
 	}
@@ -832,7 +846,8 @@ func buildCloudInitConfig(env *azldev.Env, options *ImageBootOptions) (*cloudini
 	}
 
 	return &cloudinit.Config{
-		EnableSSHPasswordAuth: lo.ToPtr(true),
+		// Only enable SSH password auth when a password is actually provided.
+		EnableSSHPasswordAuth: lo.ToPtr(hasPassword),
 		DisableRootUser:       lo.ToPtr(true),
 		ChangePasswords: &cloudinit.PasswordConfig{
 			Expire: lo.ToPtr(false),
diff --git a/internal/utils/qemu/qemu.go b/internal/utils/qemu/qemu.go
@@ -273,9 +273,11 @@ func CheckPrerequisites(ctx opctx.Ctx, arch string) error {
 
 // CheckQEMUImgPrerequisite verifies that the 'qemu-img' tool is available.
 func CheckQEMUImgPrerequisite(ctx opctx.Ctx) error {
-	if !ctx.CommandInSearchPath("qemu-img") {
-		return errors.New("'qemu-img' is not installed or not found in PATH; " +
-			"it is required to create empty disk images for ISO boot")
+	if err := prereqs.RequireExecutable(ctx, "qemu-img", &prereqs.PackagePrereq{
+		AzureLinuxPackages: []string{"qemu-img"},
+		FedoraPackages:     []string{"qemu-img"},
+	}); err != nil {
+		return fmt.Errorf("'qemu-img' prerequisite check failed:\n%w", err)
 	}
 
 	return nil
diff --git a/internal/utils/qemu/qemu_test.go b/internal/utils/qemu/qemu_test.go
@@ -469,6 +469,44 @@ func TestRun(t *testing.T) {
 			wantErr:        true,
 			wantErrContain: "failed to run VM in QEMU",
 		},
+		{
+			name: "VM with install ISO boots ISO first",
+			options: qemu.RunOptions{
+				Arch:           qemu.ArchX86_64,
+				FirmwarePath:   "/usr/share/OVMF/OVMF_CODE.fd",
+				NVRAMPath:      "/tmp/nvram.fd",
+				DiskPath:       "/images/disk.qcow2",
+				DiskType:       "qcow2",
+				InstallISOPath: "/tmp/installer.iso",
+				SecureBoot:     false,
+				SSHPort:        2222,
+				CPUs:           2,
+				Memory:         "2G",
+			},
+			wantArgsContain: []string{
+				"qemu-system-x86_64",
+				"if=none,id=installcd,file=/tmp/installer.iso,media=cdrom,readonly=on",
+				"scsi-cd,drive=installcd,bootindex=1",
+				"scsi-hd,drive=hd,bootindex=2",
+			},
+		},
+		{
+			name: "VM without install ISO boots disk first",
+			options: qemu.RunOptions{
+				Arch:         qemu.ArchX86_64,
+				FirmwarePath: "/usr/share/OVMF/OVMF_CODE.fd",
+				NVRAMPath:    "/tmp/nvram.fd",
+				DiskPath:     "/images/disk.qcow2",
+				DiskType:     "qcow2",
+				SecureBoot:   false,
+				SSHPort:      2222,
+				CPUs:         2,
+				Memory:       "2G",
+			},
+			wantArgsContain: []string{
+				"scsi-hd,drive=hd,bootindex=1",
+			},
+		},
 	}
 
 	for _, testCase := range tests {
@@ -650,3 +688,71 @@ func argsToString(args []string) string {
 
 	return result
 }
+
+func TestCreateEmptyQcow2(t *testing.T) {
+	t.Parallel()
+
+	t.Run("invokes qemu-img with expected args", func(t *testing.T) {
+		t.Parallel()
+
+		ctx := testctx.NewCtx()
+
+		var capturedArgs []string
+
+		ctx.CmdFactory.RunHandler = func(cmd *exec.Cmd) error {
+			capturedArgs = cmd.Args
+
+			return nil
+		}
+
+		runner := qemu.NewRunner(ctx)
+		err := runner.CreateEmptyQcow2(context.Background(), "/tmp/disk.qcow2", "10G")
+		require.NoError(t, err)
+
+		require.NotEmpty(t, capturedArgs)
+		assert.Equal(t, "qemu-img", capturedArgs[0])
+		assert.Equal(t, []string{"qemu-img", "create", "-f", "qcow2", "/tmp/disk.qcow2", "10G"}, capturedArgs)
+	})
+
+	t.Run("propagates errors", func(t *testing.T) {
+		t.Parallel()
+
+		ctx := testctx.NewCtx()
+		ctx.CmdFactory.RunHandler = func(_ *exec.Cmd) error {
+			return errors.New("disk full")
+		}
+
+		runner := qemu.NewRunner(ctx)
+		err := runner.CreateEmptyQcow2(context.Background(), "/tmp/disk.qcow2", "10G")
+		require.Error(t, err)
+		assert.Contains(t, err.Error(), "failed to create empty qcow2 disk image")
+	})
+}
+
+func TestCheckQEMUImgPrerequisite(t *testing.T) {
+	t.Parallel()
+
+	t.Run("qemu-img available", func(t *testing.T) {
+		t.Parallel()
+
+		ctx := testctx.NewCtx()
+		ctx.CmdFactory.RegisterCommandInSearchPath("qemu-img")
+		ctx.DryRunValue = true
+
+		err := qemu.CheckQEMUImgPrerequisite(ctx)
+		require.NoError(t, err)
+	})
+
+	t.Run("qemu-img missing", func(t *testing.T) {
+		t.Parallel()
+
+		ctx := testctx.NewCtx()
+		ctx.DryRunValue = true
+		ctx.PromptsAllowedValue = false
+		ctx.AllPromptsAcceptedValue = false
+
+		err := qemu.CheckQEMUImgPrerequisite(ctx)
+		require.Error(t, err)
+		assert.Contains(t, err.Error(), "'qemu-img' prerequisite check failed")
+	})
+}
