feat(azure): Fix imds-based ssh_pwauth (#6002)

To enable/disable password authentication is only possible in the OVF code path. If OVF is unavailable, we fall back to IMDS and we want to have the same logic.
canonical · Feb 20, 2025 · 39937db · 39937db
1 parent 1fbdb3e
commit 39937db
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 6 deletions.
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
@@ -758,14 +758,12 @@ def crawl_metadata(self):
         if imds_hostname:
             LOG.debug("Hostname retrieved from IMDS: %s", imds_hostname)
             crawled_data["metadata"]["local-hostname"] = imds_hostname
-        if imds_disable_password:
+        if imds_disable_password is not None:
             LOG.debug(
                 "Disable password retrieved from IMDS: %s",
                 imds_disable_password,
             )
-            crawled_data["metadata"][
-                "disable_password"
-            ] = imds_disable_password
+            crawled_data["cfg"]["ssh_pwauth"] = not imds_disable_password
 
         if self.seed == "IMDS" and not crawled_data["files"]:
             try:

diff --git a/tests/unittests/sources/test_azure.py b/tests/unittests/sources/test_azure.py
@@ -2274,7 +2274,7 @@ def test_username_from_imds(self):
             dsrc.cfg["system_info"]["default_user"]["name"], "username1"
         )
 
-    def test_disable_password_from_imds(self):
+    def test_disable_password_from_imds_true(self):
         sys_cfg = {"datasource": {"Azure": {"apply_network_config": True}}}
         data = {
             "ovfcontent": construct_ovf_env(),
@@ -2289,7 +2289,25 @@ def test_disable_password_from_imds(self):
         self.m_fetch.return_value = imds_data_with_os_profile
         dsrc = self._get_ds(data)
         dsrc.get_data()
-        self.assertTrue(dsrc.metadata["disable_password"])
+        self.assertFalse(dsrc.cfg["ssh_pwauth"])
+
+    def test_disable_password_from_imds_false(self):
+        sys_cfg = {"datasource": {"Azure": {"apply_network_config": True}}}
+        data = {
+            "ovfcontent": construct_ovf_env(),
+            "sys_cfg": sys_cfg,
+            "write_ovf_to_seed_dir": False,
+        }
+        imds_data_with_os_profile = copy.deepcopy(NETWORK_METADATA)
+        imds_data_with_os_profile["compute"]["osProfile"] = dict(
+            adminUsername="username1",
+            computerName="hostname1",
+            disablePasswordAuthentication="false",
+        )
+        self.m_fetch.return_value = imds_data_with_os_profile
+        dsrc = self._get_ds(data)
+        dsrc.get_data()
+        self.assertTrue(dsrc.cfg["ssh_pwauth"])
 
     def test_userdata_from_imds(self):
         sys_cfg = {"datasource": {"Azure": {"apply_network_config": True}}}