From 5cc10249368616914ccb2badd53b76aa47aa2e1b Mon Sep 17 00:00:00 2001
From: Dan Mihai <dmihai@microsoft.com>
Date: Wed, 29 Oct 2025 16:14:18 +0000
Subject: [PATCH] ci: k8s: AUTO_GENERATE_POLICY for coco-dev

Re-enable AUTO_GENERATE_POLICY for coco-dev Hosts, unless PULL_TYPE is
"experimental-force-guest-pull", or the caller specified a different
value for AUTO_GENERATE_POLICY.

Auto-generated Policy has been disabled accidentally and recently for
these Hosts, by a GHA workflow change.

Signed-off-by: Dan Mihai <dmihai@microsoft.com>
---
 tests/integration/kubernetes/gha-run.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tests/integration/kubernetes/gha-run.sh b/tests/integration/kubernetes/gha-run.sh
index 09927ccd61..16872fe0b1 100755
--- a/tests/integration/kubernetes/gha-run.sh
+++ b/tests/integration/kubernetes/gha-run.sh
@@ -35,6 +35,7 @@ export NO_PROXY="${NO_PROXY:-${no_proxy:-}}"
 export PULL_TYPE="${PULL_TYPE:-default}"
 export TEST_CLUSTER_NAMESPACE="${TEST_CLUSTER_NAMESPACE:-kata-containers-k8s-tests}"
 export GENPOLICY_PULL_METHOD="${GENPOLICY_PULL_METHOD:-oci-distribution}"
+export TARGET_ARCH="${TARGET_ARCH:-x86_64}"
 
 function configure_devmapper() {
 	sudo mkdir -p /var/lib/containerd/devmapper
@@ -593,6 +594,10 @@ function main() {
 	if [[ -z "${AUTO_GENERATE_POLICY}" ]]; then
 		if [[ "${KATA_HOST_OS}" = "cbl-mariner" ]]; then
 			AUTO_GENERATE_POLICY="yes"
+		elif [[ "${KATA_HYPERVISOR}" = "qemu-coco-dev" && \
+		        "${TARGET_ARCH}" = "x86_64" && \
+		        "${PULL_TYPE}" != "experimental-force-guest-pull" ]]; then
+			AUTO_GENERATE_POLICY="yes"
 		fi
 	fi