feat: add Azure ephemeral full-caching preview

[jwmoss]

Summary

• add --azure-os-disk ephemeral-preview / azure.osDisk: ephemeral-preview for Azure ephemeral OS disk full caching
• set diffDiskSettings.enableFullCaching: true with Compute API 2025-04-01 on direct CLI and Worker VM create paths
• filter Crabbox Azure fallback candidates for preview-compatible x64 and ARM64 local-disk SKUs, including Windows promotion from too-small classes to D8/D16
• reject unsupported explicit preview SKUs before shared Azure network allocation and keep native checkpoint paths refusing ephemeral OS disk leases

Live findings

• Azure announced public preview: Ephemeral OS Disk with full caching for VM/VMSS; this PR wires that preview capability into Crabbox with explicit SKU validation
• Go SDK armcompute/v6 and checked v7.3.0 do not expose enableFullCaching, so only the preview VM create path uses a narrow raw ARM PUT
• direct Linux x64 Standard_D8ads_v6 and brokered Linux x64 Standard_D8ads_v6 both returned diffDiskSettings.enableFullCaching: true from Azure after create
• Azure Resource SKUs audit across the hardcoded Crabbox VM sizes matched the fallback filter; unsupported preview SKUs are now rejected before resource group/VNet/NIC/PIP allocation
• Linux ARM64 pds_v6 SKUs advertise ephemeral OS disk support and NVMe placement in East US; live ARM64 create is blocked in this tenant by Dpdsv6 and spot vCPU quotas
• Windows x64 Standard_D8ads_v6 DiskSpd, 4K random write, 512 MiB, 15s, QD32 x 4: ephemeral = 138.58 MiB/s, 35475.34 IOPS, 3.416 ms avg latency; ephemeral-preview = 139.09 MiB/s, 35607.92 IOPS, 3.551 ms avg latency

Verification

• go build -trimpath -o bin/crabbox ./cmd/crabbox
• go test ./internal/cli -run 'Azure|CoordinatorCreateLease.*Azure|ApplyNativeCheckpointForkConfigHonorsAzureOSDisk'
• go test ./internal/providers/azure
• go vet ./...
• npm run format:check --prefix worker
• npm run lint --prefix worker
• npm run check --prefix worker
• npm test --prefix worker -- test/azure.test.ts test/config.test.ts
• npm run build --prefix worker
• git diff --check
• CRABBOX_CONFIG=/dev/null CRABBOX_AZURE_LOCATION=eastus bin/crabbox run --provider azure --target windows --type Standard_D8ads_v6 --azure-os-disk ephemeral --market on-demand --no-sync --preflight --stop-after always --slug diskspd-ephemeral --shell '<DiskSpd workload>'
• CRABBOX_CONFIG=/dev/null CRABBOX_AZURE_LOCATION=eastus bin/crabbox run --provider azure --target windows --type Standard_D8ads_v6 --azure-os-disk ephemeral-preview --market on-demand --no-sync --preflight --stop-after always --slug diskspd-preview --shell '<DiskSpd workload>'
• az resource list -g crabbox-leases --query "[?contains(name,'diskspd') || contains(name,'ephem-preview')].{type:type,name:name}" -o table returned no leftover resources

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 29, 2026, 10:30 PM ET / 02:30 UTC.

Summary
The PR adds an opt-in Azure ephemeral-preview OS disk mode across CLI and Worker provisioning, SKU filtering, docs, and tests, including a raw Compute API 2025-04-01 path for diffDiskSettings.enableFullCaching.

Reproducibility: not applicable. this is a feature PR, not a bug report. The PR body supplies after-change live Azure proof instead of a failing reproduction path.

Review metrics: 2 noteworthy metrics.

• Changed surface: 14 files, +852/-109. The change spans Go CLI, Worker provisioning, provider docs, and tests, so it should be reviewed as a provider feature rather than a narrow docs update.
• Runtime paths: 2 Azure VM create paths. Both direct CLI and brokered Worker provisioning emit the preview disk settings and API version.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none.

Risk before merge

• [P1] The new mode depends on Azure Compute API 2025-04-01 public-preview behavior and hardcoded SKU heuristics, so CI cannot fully prove behavior across regions, tenants, quotas, and Azure rollout state even though the PR includes East US live checks.

Maintainer options:

1. Land as opt-in preview
   Accept the region and tenant variance and merge with ephemeral-preview documented as an explicit opt-in Azure preview mode.
2. Ask for broader Azure proof
   Request one more live matrix check, such as a second region or ARM64 quota-backed create, if maintainers want more confidence before owning the preview path.
3. Defer preview support
   Pause or close until Azure's API or SDK surface stabilizes if public-preview provider behavior is not desired in Crabbox yet.

Next step before merge

• [P2] Maintainer judgment is needed on accepting the Azure public-preview API surface; I did not find a narrow mechanical repair for ClawSweeper to queue.

Security
Cleared: No concrete security or supply-chain regression was found; the diff adds a raw Azure ARM call using the existing Azure credential scope and does not add dependencies, workflows, or secret exposure.

Review details

Best possible solution:

Either merge the opt-in preview mode with the documented preview caveat and live proof preserved, or defer it until maintainers are comfortable owning Azure public-preview support.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a feature PR, not a bug report. The PR body supplies after-change live Azure proof instead of a failing reproduction path.

Is this the best way to solve the issue?

Unclear as a product decision: the implementation is narrow and provider-scoped, but maintainers must decide whether Crabbox should expose Azure public-preview full-caching behavior now.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 0b131572702b.

Label changes

Label justifications:

• P2: This is a bounded opt-in Azure provider feature with useful proof, but it needs normal maintainer review before merge.
• merge-risk: 🚨 other: The main merge risk is Azure public-preview API and SKU-rollout variance that mocked tests cannot fully settle.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes after-change live Azure output for direct and brokered creates returning enableFullCaching: true, plus Windows DiskSpd comparison and cleanup verification.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-change live Azure output for direct and brokered creates returning enableFullCaching: true, plus Windows DiskSpd comparison and cleanup verification.

Evidence reviewed

What I checked:

• Repository policy read: Full target AGENTS.md was read; the review applied its provider-boundary guidance because this PR keeps Azure-specific semantics in Azure provider code, docs, and tests rather than core provider-neutral routing. (AGENTS.md:1, 0b131572702b)
• Current main lacks the requested mode: Current main only recognizes auto, managed, and ephemeral in NormalizeAzureOSDiskMode, so the central requested ephemeral-preview behavior is not already implemented. (internal/cli/azure.go:276, 0b131572702b)
• Go CLI preview implementation: The PR head adds AzureOSDiskEphemeralPreview, full-caching SKU filtering, and validation before shared Azure network allocation. (internal/cli/azure.go:344, 78dc3255ac43)
• Raw ARM preview path: The PR head uses a narrow raw ARM VM PUT with Compute API 2025-04-01 and injects diffDiskSettings.enableFullCaching: true because the Go SDK type does not expose the preview field. (internal/cli/azure.go:963, 78dc3255ac43)
• Worker preview implementation: The Worker path normalizes ephemeral-preview, chooses filtered Azure defaults, sets enableFullCaching, and switches the VM create API version for that mode. (worker/src/azure.ts:609, 78dc3255ac43)
• Contributor live proof: The PR body reports direct Linux x64 and brokered Linux x64 Azure creates returning diffDiskSettings.enableFullCaching: true, Windows DiskSpd comparison for ephemeral versus preview, and a cleanup check showing no leftover diskspd/preview resources. (78dc3255ac43)

Likely related people:

• Vincent Koc: git log --follow and git blame point to commit 710cf4b5b079a5c9d4f5a59329a5266e440ca931 as the merged Azure provider implementation across the central CLI, Worker, config, and docs files touched here. (role: introduced Azure provider surface; confidence: high; commits: 710cf4b5b079; files: internal/cli/azure.go, worker/src/azure.ts, worker/src/config.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.