Skip to content

feat: Script Provisioning Provider extension (microsoft.azd.scripts)#7737

Draft
wbreza wants to merge 2 commits intoAzure:feature/ext-provisioning-providerfrom
wbreza:feature/script-provisioning-provider
Draft

feat: Script Provisioning Provider extension (microsoft.azd.scripts)#7737
wbreza wants to merge 2 commits intoAzure:feature/ext-provisioning-providerfrom
wbreza:feature/script-provisioning-provider

Conversation

@wbreza
Copy link
Copy Markdown
Contributor

@wbreza wbreza commented Apr 15, 2026

Description

Implements the Script Provisioning Provider extension (microsoft.azd.scripts) that enables shell script-based provisioning and teardown workflows in azd. This is a first-party extension that registers a scripts provisioning provider via gRPC.

Epic: #7733
Depends on: #7482 (provisioning provider framework)
Resolves: #7734, #7735, #7736

Architecture

The extension is a pure provisioning provider — no custom CLI commands, no MCP server. It registers via WithProvisioningProvider("scripts", factory) and implements the full azdext.ProvisioningProvider interface.

Key Components

Component File Purpose
Config parser internal/provisioning/config.go Typed config from infra.config with validation
EnvResolver internal/provisioning/env_resolver.go 4-layer environment variable merging
ScriptExecutor internal/provisioning/executor.go Runs bash/pwsh scripts with merged env
OutputCollector internal/provisioning/output_collector.go Discovers/parses outputs.json files
Provider internal/provisioning/provider.go Full ProvisioningProvider implementation

User Configuration

infra:
  provider: scripts
  config:
    provision:
      - kind: sh
        run: scripts/setup.sh
        name: Setup Infrastructure
        env:
          AZURE_LOCATION: ${AZURE_LOCATION}
          RESOURCE_GROUP: rg-${AZURE_ENV_NAME}
    destroy:
      - kind: sh
        run: scripts/teardown.sh

Testing

  • 25 unit tests covering config parsing, validation, env resolution, output collection, and executor
  • All paths tested: happy path, error cases, edge cases, security (path traversal, absolute paths)
  • Lint, spellcheck, copyright all pass

Checklist

  • Extension compiles with go build
  • Registers scripts provider via gRPC
  • Config validation (missing run, absolute paths, path traversal, missing files, unknown kinds)
  • Kind auto-inference from file extension (.sh -> sh, .ps1 -> pwsh)
  • Shell -> Kind backward compatibility mapping
  • Platform-specific overrides (Windows/Posix)
  • 4-layer env var merging with ${EXPRESSION} substitution
  • Output collection with 10MB size limit
  • golangci-lint: 0 issues
  • cspell: 0 issues
  • All tests pass

@wbreza wbreza changed the base branch from main to feature/ext-provisioning-provider April 15, 2026 02:23
wbreza and others added 2 commits April 14, 2026 21:39
@wbreza
feat: add Script Provisioning Provider extension (microsoft.azd.scripts)
9b379f9 
Implements the Script Provisioning Provider extension that enables
shell script-based provisioning and teardown workflows in azd.

This extension registers a 'scripts' provisioning provider via gRPC,
allowing users to configure bash/PowerShell scripts as their
infrastructure provider in azure.yaml.

Key components:
- Extension scaffold following microsoft.azd.demo pattern
- Config parsing with validation (path safety, kind inference, platform overrides)
- EnvResolver with 4-layer environment variable merging
- ScriptExecutor for bash/pwsh script execution
- OutputCollector for outputs.json discovery and parsing
- Full ProvisioningProvider interface implementation

Resolves Azure#7734, Azure#7735, Azure#7736
Part of Azure#7733

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@wbreza
fix: address code review findings for script provisioning provider
30e76ca 
- Fix ContinueOnError bug: platform override no longer unconditionally
  resets the field when the override doesn't set it
- Fix getAzdEnv: propagate context cancellation, warn on other errors
  instead of silently swallowing all failures
- Add 10MB size limit on outputs.json to prevent OOM
- Remove dead ScriptResult fields (Stdout/Stderr never populated)
- Remove unused exported functions (OutputsToEnvMap, OutputsToProvisioning)
- Extract toProtoOutputs helper to reduce duplication
- Improve shBinary() portability: use LookPath with /bin/sh fallback
- Add platform override tests (ContinueOnError preservation, env merge)
- Add executor unit tests (buildShellCommand, mapToEnvSlice)
- Fix hardcoded /tmp path in test to use t.TempDir()
- Update README: clarify secrets are plain values in alpha

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@wbreza wbreza force-pushed the feature/script-provisioning-provider branch from 0665896 to 30e76ca Compare April 15, 2026 04:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vhvb1989 vhvb1989 Awaiting requested review from vhvb1989 vhvb1989 will be requested when the pull request is marked ready for review vhvb1989 is a code owner

@hemarina hemarina Awaiting requested review from hemarina hemarina will be requested when the pull request is marked ready for review hemarina is a code owner

@weikanglim weikanglim Awaiting requested review from weikanglim weikanglim will be requested when the pull request is marked ready for review weikanglim is a code owner

@JeffreyCA JeffreyCA Awaiting requested review from JeffreyCA JeffreyCA will be requested when the pull request is marked ready for review JeffreyCA is a code owner

@tg-msft tg-msft Awaiting requested review from tg-msft tg-msft will be requested when the pull request is marked ready for review tg-msft is a code owner

@rajeshkamal5050 rajeshkamal5050 Awaiting requested review from rajeshkamal5050 rajeshkamal5050 will be requested when the pull request is marked ready for review rajeshkamal5050 is a code owner

@jongio jongio Awaiting requested review from jongio jongio will be requested when the pull request is marked ready for review jongio is a code owner

Assignees

@wbreza wbreza

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wbreza