chore(windows): update e2e tests to check dotnet deprecation

e2e/scenario_win_test.go

@@ -65,6 +65,7 @@ func Test_Windows2022_AzureNetwork(t *testing.T) {
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateWindowsProcessHasCliArguments(ctx, s, "kubelet.exe", []string{"--rotate-certificates=true", "--client-ca-file=c:\\k\\ca.crt"})
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -106,6 +107,7 @@ func Test_Windows2022Gen2AzureNetwork(t *testing.T) {
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateWindowsProcessHasCliArguments(ctx, s, "kubelet.exe", []string{"--rotate-certificates=true", "--client-ca-file=c:\\k\\ca.crt"})
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 				ValidateFileHasContent(ctx, s, "/AzureData/CustomDataSetupScript.log", "CSEScriptsPackageUrl used for provision is https://packages.aks.azure.com/aks/windows/cse/aks-windows-cse-scripts-current.zip")
 			},
 		},
@@ -273,6 +275,7 @@ func Test_Windows2025(t *testing.T) {
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateWindowsProcessHasCliArguments(ctx, s, "kubelet.exe", []string{"--rotate-certificates=true", "--client-ca-file=c:\\k\\ca.crt"})
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -295,6 +298,7 @@ func Test_Windows2025Gen2(t *testing.T) {
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateWindowsProcessHasCliArguments(ctx, s, "kubelet.exe", []string{"--rotate-certificates=true", "--client-ca-file=c:\\k\\ca.crt"})
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -323,6 +327,7 @@ func Test_Windows2022_SecureTLSBootstrapping_BootstrapToken_Fallback(t *testing.
 				ValidateWindowsDisplayVersion(ctx, s, "21H2")
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -347,6 +352,7 @@ func Test_Windows2022_DisableKubeletServingCertificateRotationWithTags(t *testin
 				ValidateWindowsDisplayVersion(ctx, s, "21H2")
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -374,6 +380,7 @@ func Test_Windows2022_VHDCaching(t *testing.T) {
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateWindowsProcessHasCliArguments(ctx, s, "kubelet.exe", []string{"--rotate-certificates=true", "--client-ca-file=c:\\k\\ca.crt"})
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -397,6 +404,7 @@ func Test_Windows2022Gen2_k8s_133(t *testing.T) {
 				ValidateWindowsDisplayVersion(ctx, s, "21H2")
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -464,6 +472,7 @@ func Test_Windows2022_McrChinaCloud_Windows(t *testing.T) {
 				ValidateFileHasContent(ctx, s,
 					`C:\ProgramData\containerd\certs.d\mcr.azk8s.cn\hosts.toml`,
 					`https://mcr.azk8s.cn`)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})
@@ -489,6 +498,7 @@ func Test_Windows2025Gen2_McrChinaCloud_Windows(t *testing.T) {
 				ValidateFileHasContent(ctx, s, "/k/kubeletstart.ps1", "--container-runtime=remote")
 				ValidateWindowsProcessHasCliArguments(ctx, s, "kubelet.exe", []string{"--rotate-certificates=true", "--client-ca-file=c:\\k\\ca.crt"})
 				ValidateCiliumIsNotRunningWindows(ctx, s)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 				ValidateFileExists(ctx, s, `C:\ProgramData\containerd\certs.d\docker.io\hosts.toml`)
 				ValidateFileExists(ctx, s, `C:\ProgramData\containerd\certs.d\mcr.azk8s.cn\hosts.toml`)
 				ValidateFileHasContent(ctx, s,
@@ -524,6 +534,7 @@ func Test_NetworkIsolatedCluster_Windows_WithEgress(t *testing.T) {
 				// Verify mcr.microsoft.com host config exist
 				ValidateFileExists(ctx, s, `C:\ProgramData\containerd\certs.d\mcr.microsoft.com\hosts.toml`)
 				ValidateFileDoesNotExist(ctx, s, `C:\ProgramData\containerd\certs.d\mcr.azk8s.cn\hosts.toml`)
+				ValidateDotnetNotInstalledWindows(ctx, s)
 			},
 		},
 	})

e2e/validators.go

@@ -724,6 +724,18 @@ func ValidateWindowsServiceIsNotRunning(ctx context.Context, s *Scenario, servic
 		fmt.Sprintf("Windows service %s validation failed", serviceName))
 }
 
+func ValidateDotnetNotInstalledWindows(ctx context.Context, s *Scenario) {
+	s.T.Helper()
+	command := []string{
+		"$ErrorActionPreference = \"Continue\"",
+		"$dotnetCmd = Get-Command dotnet -ErrorAction SilentlyContinue",
+		"if ($dotnetCmd) { $result = & dotnet --list-runtimes 2>&1; if ($LASTEXITCODE -eq 0 -and $result) { throw \".NET runtime is installed but should not be: $result\" } }",
+		"Write-Host \".NET runtime is not installed\"",
+	}
+	execScriptOnVMForScenarioValidateExitCode(ctx, s, strings.Join(command, "\n"), 0,
+		".NET runtime should not be installed on the Windows node")
+}
+
 func ValidateSystemdUnitIsNotFailed(ctx context.Context, s *Scenario, serviceName string) {
 	s.T.Helper()
 	command := []string{

vhdbuilder/packer/test/windows-vhd-content-test.ps1

@@ -750,6 +750,32 @@ function Test-SSHDConfig
 }
 
 
+# Verify no .NET runtime/CLI is present on the VHD
+function Test-DotnetNotInstalled
+{
+    $dotnetCmd = Get-Command dotnet -ErrorAction SilentlyContinue
+    if (-not $dotnetCmd)
+    {
+        Write-OutputWithTimestamp ".NET runtime is not installed on the VHD"
+        return
+    }
+    $result = & dotnet --list-runtimes 2>&1
+    if ($LASTEXITCODE -ne 0)
+    {
+        Write-ErrorWithTimestamp "Failed to query .NET runtimes via 'dotnet --list-runtimes': $result"
+        exit 1
+    }
+    if ($result)
+    {
+        Write-ErrorWithTimestamp ".NET runtime is installed on the VHD but should not be: $result"
+        exit 1
+    }
+    else
+    {
+        Write-OutputWithTimestamp ".NET runtime is not installed on the VHD"
+    }
+}
+
 # Test-ValidateImageBinarySignature create a not-running container from the image to validate the signature of the binaries in the image
 function Test-ValidateImageBinarySignature {
     # imageBinaryNotSigned is used to record binaries in image that are not signed
@@ -849,5 +875,8 @@ Test-ToolsToCacheOnVHD
 Write-OutputWithTimestamp "Test: ExpandVolumeTask"
 Test-ExpandVolumeTask
 
+Write-OutputWithTimestamp "Test: DotnetNotInstalled"
+Test-DotnetNotInstalled
+
 Write-OutputWithTimestamp "Test: ValidateImageBinarySignature"
-Test-ValidateImageBinarySignature
+Test-ValidateImageBinarySignature