microsoft/trident v0.23.0

v0.23.0

Repository: microsoft/trident

Tag: v0.23.0

Published: 2026-05-20T01:10:21Z

Prerelease: no

Release notes: Full version: 0.23.0-2026051302.v9a51c88

New Preview (subject to change) Features

gRPC Client CLI

Trident now includes a grpc-client CLI that communicates with the Trident gRPC daemon (tridentd) over Unix socket. This enables scripted and programmatic interactions with Trident's servicing APIs.

Available commands:

• trident grpc-client update — perform a unified update (stage + finalize) via gRPC
• trident grpc-client commit — commit a staged update via gRPC

The gRPC UpdateService and Commit APIs have been promoted to v1 stable in this release.

(https://github.com/microsoft/trident/pull/585, https://github.com/microsoft/trident/pull/603, https://github.com/microsoft/trident/pull/581, https://github.com/microsoft/trident/pull/582)

Azure Container Linux (ACL) Support

This release introduces initial support for Azure Container Linux (ACL), Microsoft's container-optimized Linux distribution. ACL uses a minimal, immutable root filesystem with a specific partition layout and security posture than standard Azure Linux.

Key changes for ACL:

• Added a dedicated trident-acl-agent sub-package that provides a service to query Omaha servers and trigger updates. (https://github.com/microsoft/trident/pull/640, https://github.com/microsoft/trident/pull/593, https://github.com/microsoft/trident/pull/614)
• Added support for non-default ESP mount paths, enabling servicing for distros that do not mount the ESP at /boot/efi. (https://github.com/microsoft/trident/pull/595, https://github.com/microsoft/trident/pull/596)
• SELinux policies are now modular — rules for optional components (cloud-init, GPG/rpm paths, ACL-removed modules) are only applied when those components are present. (https://github.com/microsoft/trident/pull/636, https://github.com/microsoft/trident/pull/611, https://github.com/microsoft/trident/pull/643)
• Added support for initializing an empty datastore during updates on ACL distributions. (https://github.com/microsoft/trident/pull/590)
• Expanded partition validation to accept ACL's custom USR partition type. (https://github.com/microsoft/trident/pull/625)

Changes

• Updates now validate that host and COSI os-release metadata align before proceeding. (https://github.com/microsoft/trident/pull/617)

Bug Fixes

• Mitigated possible initramfs boot hangs caused by stale disk UUIDs by forcing a device table refresh before dracut invocation. (https://github.com/microsoft/trident/pull/633)
• Fixed OCI pulls to honor HTTPS_PROXY environment variables. (https://github.com/microsoft/trident/pull/637)
• Fixed A/B update validation for systems where root (/) is not an A/B volume. (https://github.com/microsoft/trident/pull/619)
• Fixed validation to require grub.cfg only for non-UKI images. (https://github.com/microsoft/trident/pull/618)

Known Issues

• ImageCustomizer v1.2.0 produces UKI COSI files that are only compatible with Trident v0.21+. Trident v0.23 works with COSI files created by *any* recent ImageCustomizer.
• Integration with systemd-journald is not compatible with chrooted environments, which causes Trident logs produced during the chroot steps to be missing from the system journal. All logs are still available in the background log file.

Links

• Docs – README, Docs
• Release date – 2026/05/19
• Commit – 9a51c88