During the recent OCI changes, I mistakenly thought LayerFolderPath is only needed for Windows Server containers (isolation=process) and not for Hyper-V Containers, but it turns out it is also required for servicing containers used to finish installing updates. Since the servicing containers need to reuse the container's create options, this change makes it so that LayerFolderPath is always filled in for all containers as part of constructing the create options.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
Upstream-commit: 78540d0d181d581342b0a2750786ae91e6ed9f91
Component: engine
If Windows updates are being applied via a RUN command in a docker build, the build will not stop if there was a failure in postRunProcessing. To enable this behavior, we explicitly set the exit code of the container to a failure if postRunProcessing fails during servicing container step. For completeness, also avoid running servicing operation if the original exit code of the container is non-zero so that original failure exit code does not get overwritten.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
Upstream-commit: 2266e7f2345c88a8e195fd959550d0d657bec843
Component: engine
This change enables the workflow of finishing installing Windows OS updates in the container after it has completed running, via a special servicing container.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
Upstream-commit: da92dad59f76421a22a955d2aed25bfeb4562385
Component: engine
