microsoft · zanejohnson-azure · Dec 4, 2025 · Dec 4, 2025 · Dec 5, 2025 · Dec 5, 2025
@@ -42,7 +42,15 @@ extends:
     customBuildTags:
     - ES365AIMigrationTooling
     stages:
+    # This stage will be skipped when LinuxImageOverride and WindowsImageOverride are both set
+    # This feature allows bypassing the build stage when using pre-built images for testing, which saves time and resources.
     - stage: stage
+      displayName: 'Build and Publish Container Images'
+      condition: |
+        or(
+          eq(variables['LinuxImageOverride'], ''),
+          eq(variables['WindowsImageOverride'], '')
+        )
       jobs:
       - job: common
         pool:
@@ -185,7 +193,17 @@ extends:
               docker pull mcr.microsoft.com/azuremonitor/containerinsights/cidev/prometheus-collector/images:buildx-stable-1
               docker buildx create --name dockerbuilder --driver docker-container --driver-opt image=mcr.microsoft.com/azuremonitor/containerinsights/cidev/prometheus-collector/images:buildx-stable-1 --use
               docker buildx inspect --bootstrap
+              # Determine if we should push to ACR
+              # Push when: NOT a PR, OR when PR is from specific branches (zane/ci-agent-auto-deploy or branches containing 'run-e2e')
+              SHOULD_PUSH="false"
               if [ "$(Build.Reason)" != "PullRequest" ]; then
+                SHOULD_PUSH="true"
+              elif [[ "$(System.PullRequest.SourceBranch)" == "zane/ci-agent-auto-deploy" ]] || [[ "$(System.PullRequest.SourceBranch)" == *"run-e2e"* ]]; then
+                SHOULD_PUSH="true"
+                echo "PR from branch $(System.PullRequest.SourceBranch) - will push image to ACR for E2E testing"
+              fi
+
+              if [ "$SHOULD_PUSH" == "true" ]; then
                 docker buildx build --platform $(BUILD_PLATFORMS) --tag ${{ variables.repoImageName }}:$(linuxImagetag) -f kubernetes/linux/Dockerfile.multiarch --metadata-file $(Build.ArtifactStagingDirectory)/linux/metadata.json --build-arg IMAGE_TAG=$(linuxTelemetryTag) --build-arg GOLANG_BASE_IMAGE=$(GOLANG_BASE_IMAGE) --build-arg CI_BASE_IMAGE=$(CI_BASE_IMAGE) --push --provenance=false .
                 echo "##vso[task.logissue type=warning]Linux image built with tag: ${{ variables.repoImageName }}:$(linuxImagetag)"
                 docker pull ${{ variables.repoImageName }}:$(linuxImagetag)
@@ -543,7 +561,16 @@ extends:
           inputs:
             targetType: 'inline'
             script: |
+              # Push when: NOT a PR, OR when PR is from specific branches (zane/ci-agent-auto-deploy or branches containing 'run-e2e')
+              $shouldPush = $false
               if ("$(Build.Reason)" -ne "PullRequest") {
+                $shouldPush = $true
+              } elseif ("$(System.PullRequest.SourceBranch)" -eq "zane/ci-agent-auto-deploy" -or "$(System.PullRequest.SourceBranch)" -like "*run-e2e*") {
+                $shouldPush = $true
+                Write-Host "PR from branch $(System.PullRequest.SourceBranch) - will push image to ACR for E2E testing"
+              }
+
+              if ($shouldPush) {
                 docker push ${{ variables.repoImageName }}:$(windowsImageTag)-$(windows2019BaseImageVersion)
               }
         - task: CodeQL3000Finalize@0
@@ -751,7 +778,16 @@ extends:
           inputs:
             targetType: 'inline'
             script: |
+              # Push when: NOT a PR, OR when PR is from specific branches (zane/ci-agent-auto-deploy or branches containing 'run-e2e')
+              $shouldPush = $false
               if ("$(Build.Reason)" -ne "PullRequest") {
+                $shouldPush = $true
+              } elseif ("$(System.PullRequest.SourceBranch)" -eq "zane/ci-agent-auto-deploy" -or "$(System.PullRequest.SourceBranch)" -like "*run-e2e*") {
+                $shouldPush = $true
+                Write-Host "PR from branch $(System.PullRequest.SourceBranch) - will push image to ACR for E2E testing"
+              }
+
+              if ($shouldPush) {
                 docker push ${{ variables.repoImageName }}:$(windowsImageTag)-$(windows2022BaseImageVersion)
               }
         - task: CodeQL3000Finalize@0
@@ -792,7 +828,16 @@ extends:
               az account set -s ${{ variables.subscription }}
               az acr login -n ${{ variables.containerRegistry }}
               @{"image.name"="${{ variables.repoImageName }}:$(windowsImageTag)"} | ConvertTo-Json -Compress | Out-File -Encoding ascii $(Build.ArtifactStagingDirectory)/windows/metadata.json
+              # Push when: NOT a PR, OR when PR is from specific branches (zane/ci-agent-auto-deploy or branches containing 'run-e2e')
+              $shouldPush = $false
               if ("$(Build.Reason)" -ne "PullRequest") {
+                $shouldPush = $true
+              } elseif ("$(System.PullRequest.SourceBranch)" -eq "zane/ci-agent-auto-deploy" -or "$(System.PullRequest.SourceBranch)" -like "*run-e2e*") {
+                $shouldPush = $true
+                Write-Host "PR from branch $(System.PullRequest.SourceBranch) - will push multi-arch image to ACR for E2E testing"
+              }
+
+              if ($shouldPush) {
                  docker manifest create ${{ variables.repoImageName }}:$(windowsImageTag) ${{ variables.repoImageName }}:$(windowsImageTag)-$(windows2019BaseImageVersion) ${{ variables.repoImageName }}:$(windowsImageTag)-$(windows2022BaseImageVersion)
                  docker manifest push ${{ variables.repoImageName }}:$(windowsImageTag)
                  Write-Host "##vso[task.logissue type=warning]Windows image built with tag: ${{ variables.repoImageName }}:$(windowsImageTag)"
@@ -880,4 +925,70 @@ extends:
             ScanType: CustomScan
             FileDirPath: '$(Build.ArtifactStagingDirectory)'
             DisableRemediation: false
-            AcceptableOutdatedSignatureInHours: 72
+            AcceptableOutdatedSignatureInHours: 72
+
+    - stage: Deploy_and_Test_Images_In_Dev_Clusters
+      displayName: Deploy and Test Images in Dev Clusters
+      lockBehavior: sequential
+      dependsOn: 
+        - stage
+      # Deploy runs when Build succeeds OR when Build is skipped with valid overrides
+      # This stage runs when:
+      # 1. Direct push to ci_prod or zane/ci-agent-auto-deploy or branches containing 'run-e2e'
+      # 2. PR from zane/ci-agent-auto-deploy branch OR PR from branch containing 'run-e2e'
+      condition: |
+        and(
+          or(
+            eq(variables['Build.SourceBranch'], 'refs/heads/ci_prod'),
+            eq(variables['Build.SourceBranch'], 'refs/heads/zane/ci-agent-auto-deploy'),
+            contains(variables['Build.SourceBranch'], 'run-e2e'),
+            and(
+              eq(variables['Build.Reason'], 'PullRequest'),
+              or(
+                eq(variables['System.PullRequest.SourceBranch'], 'zane/ci-agent-auto-deploy'),
+                contains(variables['System.PullRequest.SourceBranch'], 'run-e2e')
+              )
+            )
+          ),
+          or(
+            eq(dependencies.stage.result, 'Succeeded'),
+            and(
+              eq(dependencies.stage.result, 'Skipped'),
+              ne(variables['LinuxImageOverride'], ''),
+              ne(variables['WindowsImageOverride'], '')
+            )
+          )
+        )
+      variables:
+        # Use images built from previous build stage by default
+        # To override: Set pipeline variables 'LinuxImageOverride' and 'WindowsImageOverride' when queuing
+        linuxImageTagUnderTest: $[coalesce(variables['LinuxImageOverride'], stageDependencies.stage.common.outputs['setup.linuxImagetag'])]
+        windowsImageTagUnderTest: $[coalesce(variables['WindowsImageOverride'], stageDependencies.stage.common.outputs['setup.windowsImageTag'])]
+      jobs:
+      # TODO: gradually add more clusters from test automation framework when the tests are stable
+      # TODO: TeamsWebhookUri to be added
+      # Cluster 1: zane-test Cluster
+      - template: /.pipelines/e2e-test/azure-template-deploy-and-test-ci-image-in-aks-cluster.yml@self
+        parameters:
+          clusterName: 'zane-test'
+          resourceGroup: 'zane-test'
+          azureSubscription: 'ContainerInsights_Build_Subscription_CI'
+          environmentName: 'CI-Agent-Dev'
+          linuxImageTag: $(linuxImageTagUnderTest)
+          windowsImageTag: $(windowsImageTagUnderTest)
+          azureClientId: $(AksZaneTestClientId)
+          azureTenantId: $(AzureZaneTestTenantId)
+          teamsWebhookUri: $(TeamsWebhookUri)
+
+      # Cluster 2: zane-test2 Cluster
+      - template: /.pipelines/e2e-test/azure-template-deploy-and-test-ci-image-in-aks-cluster.yml@self
+        parameters:
+          clusterName: 'zane-test2'
+          resourceGroup: 'zane-test'
+          azureSubscription: 'ContainerInsights_Build_Subscription_CI'
+          environmentName: 'CI-Agent-Dev2'
+          linuxImageTag: $(linuxImageTagUnderTest)
+          windowsImageTag: $(windowsImageTagUnderTest)
+          azureClientId: $(AksZaneTest2ClientId)
+          azureTenantId: $(AzureZaneTestTenantId)
+          teamsWebhookUri: $(TeamsWebhookUri)