зеркало из https://github.com/microsoft/AzureTRE.git
Apply missing lifecycle blocks. (#3670)
This commit is contained in:
Marcus Robinson
GitHub
Родитель
c3f144f959
Коммит
2c872cf427
|
|
@ -1,12 +1,15 @@
|
|||
<!-- markdownlint-disable MD041 -->
|
||||
## 0.14.0 (Unreleased)
|
||||
|
||||
FEATURES:
|
||||
|
||||
ENHANCEMENTS:
|
||||
|
||||
BUG FIXES:
|
||||
* Apply missing lifecycle blocks. ([#3670](https://github.com/microsoft/AzureTRE/issues/3670))
|
||||
* Outputs of type boolean are stored as strings ([#3655](https://github.com/microsoft/AzureTRE/pulls/3655))
|
||||
|
||||
|
||||
## 0.13.0 (August 9, 2023)
|
||||
|
||||
BUG FIXES:
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@ resource "azurerm_log_analytics_query_pack" "tre" {
|
|||
resource_group_name = var.resource_group_name
|
||||
location = var.location
|
||||
tags = var.tre_core_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_log_analytics_query_pack_query" "rp_logs" {
|
||||
|
|
|
|||
|
|
@ -99,4 +99,6 @@ resource "azurerm_key_vault_secret" "cosmos_mongo_connstr" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.deployer
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -70,6 +70,8 @@ resource "azurerm_key_vault_secret" "api_client_id" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.deployer
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "api_client_secret" {
|
||||
|
|
@ -80,6 +82,8 @@ resource "azurerm_key_vault_secret" "api_client_secret" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.deployer
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "auth_tenant_id" {
|
||||
|
|
@ -90,6 +94,8 @@ resource "azurerm_key_vault_secret" "auth_tenant_id" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.deployer
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "application_admin_client_id" {
|
||||
|
|
@ -100,6 +106,8 @@ resource "azurerm_key_vault_secret" "application_admin_client_id" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.deployer
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "application_admin_client_secret" {
|
||||
|
|
@ -110,6 +118,8 @@ resource "azurerm_key_vault_secret" "application_admin_client_secret" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.deployer
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_monitor_diagnostic_setting" "kv" {
|
||||
|
|
|
|||
|
|
@ -101,6 +101,8 @@ resource "azurerm_network_security_group" "bastion" {
|
|||
source_address_prefix = "*"
|
||||
destination_address_prefix = "Internet"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_subnet_network_security_group_association" "bastion" {
|
||||
|
|
@ -141,6 +143,8 @@ resource "azurerm_network_security_group" "app_gw" {
|
|||
source_address_prefix = "Internet"
|
||||
destination_address_prefix = "*"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_subnet_network_security_group_association" "app_gw" {
|
||||
|
|
@ -156,6 +160,8 @@ resource "azurerm_network_security_group" "default_rules" {
|
|||
location = var.location
|
||||
resource_group_name = var.resource_group_name
|
||||
tags = local.tre_core_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_subnet_network_security_group_association" "shared" {
|
||||
|
|
|
|||
|
|
@ -12,4 +12,6 @@ resource "azurerm_application_insights_workbook" "firewall" {
|
|||
display_name = "Azure Firewall Workbook ${var.tre_id}"
|
||||
data_json = data.http.firewall_workbook_json.response_body
|
||||
tags = local.tre_core_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,6 +38,8 @@ resource "azurerm_key_vault_secret" "resource_processor_vmss_password" {
|
|||
value = random_password.password.result
|
||||
key_vault_id = var.key_vault_id
|
||||
tags = local.tre_core_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_user_assigned_identity" "vmss_msi" {
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
__version__ = "0.8.5"
|
||||
__version__ = "0.8.6"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-shared-service-admin-vm
|
||||
version: 0.4.0
|
||||
version: 0.4.3
|
||||
description: "An admin vm shared service"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ resource "azurerm_network_interface" "jumpbox_nic" {
|
|||
subnet_id = data.azurerm_subnet.shared.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "random_password" "password" {
|
||||
|
|
@ -47,6 +49,8 @@ resource "azurerm_windows_virtual_machine" "jumpbox" {
|
|||
caching = "ReadWrite"
|
||||
storage_account_type = "Standard_LRS"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "jumpbox_credentials" {
|
||||
|
|
@ -54,6 +58,8 @@ resource "azurerm_key_vault_secret" "jumpbox_credentials" {
|
|||
value = random_password.password.result
|
||||
key_vault_id = data.azurerm_key_vault.keyvault.id
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_machine_extension" "antimalware" {
|
||||
|
|
@ -68,4 +74,6 @@ resource "azurerm_virtual_machine_extension" "antimalware" {
|
|||
settings = jsonencode({
|
||||
"AntimalwareEnabled" = true
|
||||
})
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-shared-service-cyclecloud
|
||||
version: 0.5.2
|
||||
version: 0.5.4
|
||||
description: "An Azure TRE Shared Service Template for Azure Cyclecloud"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -79,6 +79,8 @@ resource "azurerm_key_vault_secret" "cyclecloud_password" {
|
|||
value = "${random_string.username.result}\n${random_password.password.result}"
|
||||
key_vault_id = data.azurerm_key_vault.core.id
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "azurerm_subscription" "primary" {
|
||||
|
|
@ -102,6 +104,8 @@ resource "azurerm_network_interface" "cyclecloud" {
|
|||
subnet_id = data.azurerm_subnet.shared.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_dns_zone" "cyclecloud" {
|
||||
|
|
@ -118,6 +122,8 @@ resource "azurerm_private_dns_zone_virtual_network_link" "cyclecloud_core_vnet"
|
|||
private_dns_zone_name = azurerm_private_dns_zone.cyclecloud.name
|
||||
virtual_network_id = data.azurerm_virtual_network.core.id
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_dns_a_record" "cyclecloud_vm" {
|
||||
|
|
@ -127,5 +133,7 @@ resource "azurerm_private_dns_a_record" "cyclecloud_vm" {
|
|||
ttl = 300
|
||||
records = [azurerm_network_interface.cyclecloud.private_ip_address]
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,6 +5,8 @@ resource "azurerm_storage_account" "cyclecloud" {
|
|||
account_tier = "Standard"
|
||||
account_replication_type = "GRS"
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "azurerm_private_dns_zone" "blobcore" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-shared-service-databricks-private-auth
|
||||
version: 0.1.3
|
||||
version: 0.1.5
|
||||
description: "An Azure TRE shared service for Azure Databricks authentication."
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-shared-service-firewall
|
||||
version: 1.1.1
|
||||
version: 1.1.3
|
||||
description: "An Azure TRE Firewall shared service"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-shared-service-gitea
|
||||
version: 0.6.3
|
||||
version: 0.6.5
|
||||
description: "A Gitea shared service"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -168,6 +168,8 @@ resource "azurerm_key_vault_secret" "gitea_password" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.gitea_policy
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_storage_share" "gitea" {
|
||||
|
|
|
|||
|
|
@ -71,4 +71,6 @@ resource "azurerm_key_vault_secret" "db_password" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.gitea_policy
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-shared-service-sonatype-nexus
|
||||
version: 2.5.3
|
||||
version: 2.5.6
|
||||
description: "A Sonatype Nexus shared service"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ resource "azurerm_network_interface" "nexus" {
|
|||
subnet_id = data.azurerm_subnet.shared.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_dns_zone_virtual_network_link" "nexus_core_vnet" {
|
||||
|
|
@ -17,6 +19,8 @@ resource "azurerm_private_dns_zone_virtual_network_link" "nexus_core_vnet" {
|
|||
private_dns_zone_name = data.azurerm_private_dns_zone.nexus.name
|
||||
virtual_network_id = data.azurerm_virtual_network.core.id
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_dns_a_record" "nexus_vm" {
|
||||
|
|
@ -26,6 +30,8 @@ resource "azurerm_private_dns_a_record" "nexus_vm" {
|
|||
ttl = 300
|
||||
records = [azurerm_linux_virtual_machine.nexus.private_ip_address]
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "random_password" "nexus_vm_password" {
|
||||
|
|
@ -59,6 +65,8 @@ resource "azurerm_key_vault_secret" "nexus_vm_password" {
|
|||
value = random_password.nexus_vm_password.result
|
||||
key_vault_id = data.azurerm_key_vault.kv.id
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "nexus_admin_password" {
|
||||
|
|
@ -66,6 +74,8 @@ resource "azurerm_key_vault_secret" "nexus_admin_password" {
|
|||
value = random_password.nexus_admin_password.result
|
||||
key_vault_id = data.azurerm_key_vault.kv.id
|
||||
tags = local.tre_shared_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_user_assigned_identity" "nexus_msi" {
|
||||
|
|
@ -222,4 +232,6 @@ resource "azurerm_virtual_machine_extension" "keyvault" {
|
|||
"msiClientId" : azurerm_user_assigned_identity.nexus_msi.client_id
|
||||
}
|
||||
})
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-azureml
|
||||
version: 0.8.8
|
||||
version: 0.8.10
|
||||
description: "An Azure TRE service for Azure Machine Learning"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -16,6 +16,8 @@ resource "azurerm_key_vault_secret" "aml_password" {
|
|||
value = random_password.password.result
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -56,6 +56,8 @@ resource "azapi_resource" "aml_service_endpoint_policy" {
|
|||
]
|
||||
}
|
||||
})
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_subnet" "aml" {
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ resource "azurerm_storage_account" "aml" {
|
|||
default_action = "Deny"
|
||||
}
|
||||
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "azurerm_private_dns_zone" "blobcore" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-user-resource-aml-compute-instance
|
||||
version: 0.5.5
|
||||
version: 0.5.7
|
||||
description: "Azure Machine Learning Compute Instance"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -26,4 +26,6 @@ resource "azapi_resource" "compute_instance" {
|
|||
}
|
||||
}
|
||||
})
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-databricks
|
||||
version: 1.0.1
|
||||
version: 1.0.3
|
||||
description: "An Azure TRE service for Azure Databricks."
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-service-gitea
|
||||
version: 0.8.3
|
||||
version: 0.8.5
|
||||
description: "A Gitea workspace service"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -176,6 +176,8 @@ resource "azurerm_key_vault_secret" "gitea_password" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.gitea_policy
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_role_assignment" "gitea_acrpull_role" {
|
||||
|
|
|
|||
|
|
@ -71,4 +71,6 @@ resource "azurerm_key_vault_secret" "db_password" {
|
|||
depends_on = [
|
||||
azurerm_key_vault_access_policy.gitea_policy
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-guacamole
|
||||
version: 0.9.5
|
||||
version: 0.9.7
|
||||
description: "An Azure TRE service for Guacamole"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -148,6 +148,8 @@ resource "azurerm_private_endpoint" "guacamole" {
|
|||
name = module.terraform_azurerm_environment_configuration.private_links["privatelink.azurewebsites.net"]
|
||||
private_dns_zone_ids = [data.azurerm_private_dns_zone.azurewebsites.id]
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_access_policy" "guacamole_policy" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-guacamole-export-reviewvm
|
||||
version: 0.1.5
|
||||
version: 0.1.7
|
||||
description: "An Azure TRE User Resource Template for reviewing Airlock export requests"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ resource "azurerm_network_interface" "internal" {
|
|||
subnet_id = data.azurerm_subnet.services.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_network_security_group" "vm_nsg" {
|
||||
|
|
@ -16,6 +18,8 @@ resource "azurerm_network_security_group" "vm_nsg" {
|
|||
location = data.azurerm_resource_group.ws.location
|
||||
resource_group_name = data.azurerm_resource_group.ws.name
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_network_security_rule" "allow_outbound_airlock_exip_storage_pe" {
|
||||
|
|
@ -146,6 +150,8 @@ resource "azurerm_windows_virtual_machine" "windowsvm" {
|
|||
}
|
||||
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_machine_extension" "config_script" {
|
||||
|
|
@ -161,6 +167,8 @@ resource "azurerm_virtual_machine_extension" "config_script" {
|
|||
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -NoProfile -NonInteractive -command \"cp c:/azuredata/customdata.bin c:/azuredata/configure.ps1; c:/azuredata/configure.ps1 \""
|
||||
}
|
||||
PROT
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "windowsvm_password" {
|
||||
|
|
@ -168,6 +176,8 @@ resource "azurerm_key_vault_secret" "windowsvm_password" {
|
|||
value = "${random_string.username.result}\n${random_password.password.result}"
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "template_file" "download_review_data_script" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-guacamole-import-reviewvm
|
||||
version: 0.2.5
|
||||
version: 0.2.7
|
||||
description: "An Azure TRE User Resource Template for reviewing Airlock import requests"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ resource "azurerm_network_interface" "internal" {
|
|||
subnet_id = data.azurerm_subnet.services.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "random_string" "username" {
|
||||
|
|
@ -69,6 +71,8 @@ resource "azurerm_windows_virtual_machine" "windowsvm" {
|
|||
}
|
||||
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_machine_extension" "config_script" {
|
||||
|
|
@ -84,6 +88,8 @@ resource "azurerm_virtual_machine_extension" "config_script" {
|
|||
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -NoProfile -NonInteractive -command \"cp c:/azuredata/customdata.bin c:/azuredata/configure.ps1; c:/azuredata/configure.ps1 \""
|
||||
}
|
||||
PROT
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "windowsvm_password" {
|
||||
|
|
@ -91,6 +97,8 @@ resource "azurerm_key_vault_secret" "windowsvm_password" {
|
|||
value = "${random_string.username.result}\n${random_password.password.result}"
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "template_file" "download_review_data_script" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-guacamole-linuxvm
|
||||
version: 0.6.6
|
||||
version: 0.6.8
|
||||
description: "An Azure TRE User Resource Template for Guacamole (Linux)"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ resource "azurerm_network_interface" "internal" {
|
|||
subnet_id = data.azurerm_subnet.services.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "random_string" "username" {
|
||||
|
|
@ -68,6 +70,8 @@ resource "azurerm_linux_virtual_machine" "linuxvm" {
|
|||
}
|
||||
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "template_cloudinit_config" "config" {
|
||||
|
|
@ -135,6 +139,8 @@ resource "azurerm_key_vault_secret" "linuxvm_password" {
|
|||
value = "${random_string.username.result}\n${random_password.password.result}"
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "azurerm_storage_account" "stg" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-guacamole-windowsvm
|
||||
version: 0.7.6
|
||||
version: 0.7.8
|
||||
description: "An Azure TRE User Resource Template for Guacamole (Windows 10)"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ resource "azurerm_network_interface" "internal" {
|
|||
subnet_id = data.azurerm_subnet.services.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "random_string" "username" {
|
||||
|
|
@ -79,6 +81,8 @@ resource "azurerm_windows_virtual_machine" "windowsvm" {
|
|||
}
|
||||
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_machine_extension" "config_script" {
|
||||
|
|
@ -94,6 +98,8 @@ resource "azurerm_virtual_machine_extension" "config_script" {
|
|||
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -NoProfile -NonInteractive -command \"cp c:/azuredata/customdata.bin c:/azuredata/configure.ps1; c:/azuredata/configure.ps1 \""
|
||||
}
|
||||
PROT
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "windowsvm_password" {
|
||||
|
|
@ -101,4 +107,6 @@ resource "azurerm_key_vault_secret" "windowsvm_password" {
|
|||
value = "${random_string.username.result}\n${random_password.password.result}"
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_user_resources_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-service-health
|
||||
version: 0.2.2
|
||||
version: 0.2.4
|
||||
description: "An Azure Data Health Services workspace service"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ resource "azurerm_healthcare_fhir_service" "fhir" {
|
|||
type = "SystemAssigned"
|
||||
}
|
||||
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_healthcare_dicom_service" "dicom" {
|
||||
|
|
@ -37,6 +39,8 @@ resource "azurerm_healthcare_dicom_service" "dicom" {
|
|||
identity {
|
||||
type = "SystemAssigned"
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_endpoint" "health_services_private_endpoint" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-innereye
|
||||
version: 0.6.2
|
||||
version: 0.6.4
|
||||
description: "An Azure TRE service for InnerEye Deep Learning"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -46,6 +46,8 @@ resource "azurerm_resource_group_template_deployment" "deploy_compute_cluster" {
|
|||
})
|
||||
|
||||
deployment_mode = "Incremental"
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "azurerm_container_registry" "aml" {
|
||||
|
|
|
|||
|
|
@ -47,6 +47,8 @@ resource "azurerm_app_service" "inference" {
|
|||
type = "Custom"
|
||||
value = random_uuid.inference_auth_key.result
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_app_service_virtual_network_swift_connection" "inference" {
|
||||
|
|
@ -77,4 +79,6 @@ resource "azurerm_private_endpoint" "inference" {
|
|||
name = module.terraform_azurerm_environment_configuration.private_links["privatelink.azurewebsites.net"]
|
||||
private_dns_zone_ids = [data.azurerm_private_dns_zone.azurewebsites.id]
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-service-mlflow
|
||||
version: 0.7.3
|
||||
version: 0.7.5
|
||||
description: "An Azure TRE service for MLflow machine learning lifecycle"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ resource "azurerm_key_vault_secret" "postgresql_admin_username" {
|
|||
value = random_string.username.result
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "postgresql_admin_password" {
|
||||
|
|
@ -32,6 +34,8 @@ resource "azurerm_key_vault_secret" "postgresql_admin_password" {
|
|||
value = random_password.password.result
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_postgresql_server" "mlflow" {
|
||||
|
|
@ -54,6 +58,8 @@ resource "azurerm_postgresql_server" "mlflow" {
|
|||
public_network_access_enabled = false
|
||||
ssl_enforcement_enabled = true
|
||||
ssl_minimal_tls_version_enforced = "TLS1_2"
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_postgresql_database" "mlflow" {
|
||||
|
|
|
|||
|
|
@ -132,6 +132,8 @@ resource "azurerm_private_endpoint" "mlflow" {
|
|||
name = module.terraform_azurerm_environment_configuration.private_links["privatelink.azurewebsites.net"]
|
||||
private_dns_zone_ids = [data.azurerm_private_dns_zone.azurewebsites.id]
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_access_policy" "mlflow" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-service-mysql
|
||||
version: 0.4.2
|
||||
version: 0.4.4
|
||||
description: "A MySQL workspace service"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -62,4 +62,6 @@ resource "azurerm_key_vault_secret" "db_password" {
|
|||
value = random_password.password.result
|
||||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
tags = local.workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-service-ohdsi
|
||||
version: 0.2.1
|
||||
version: 0.2.3
|
||||
description: "An OHDSI workspace service"
|
||||
registry: azuretre
|
||||
dockerfile: Dockerfile.tmpl
|
||||
|
|
|
|||
|
|
@ -18,6 +18,8 @@ resource "azurerm_key_vault_secret" "postgres_admin_password" {
|
|||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
value = random_password.postgres_admin_password.result
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "postgres_webapi_admin_password" {
|
||||
|
|
@ -25,6 +27,8 @@ resource "azurerm_key_vault_secret" "postgres_webapi_admin_password" {
|
|||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
value = random_password.postgres_webapi_admin_password.result
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "postgres_webapi_app_password" {
|
||||
|
|
@ -32,6 +36,8 @@ resource "azurerm_key_vault_secret" "postgres_webapi_app_password" {
|
|||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
value = random_password.postgres_webapi_app_password.result
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_network_security_group" "postgres" {
|
||||
|
|
@ -161,6 +167,8 @@ resource "azurerm_postgresql_flexible_server" "postgres" {
|
|||
depends_on = [
|
||||
terraform_data.postgres_subnet_wait,
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_postgresql_flexible_server_database" "db" {
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ resource "azurerm_key_vault_secret" "atlas_security_admin_password" {
|
|||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
value = random_password.atlas_security_admin_password.result
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "terraform_data" "deployment_atlas_security" {
|
||||
|
|
|
|||
|
|
@ -71,6 +71,8 @@ resource "azurerm_linux_web_app" "atlas_ui" {
|
|||
]
|
||||
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_endpoint" "atlas_ui_private_endpoint" {
|
||||
|
|
@ -91,6 +93,8 @@ resource "azurerm_private_endpoint" "atlas_ui_private_endpoint" {
|
|||
name = module.terraform_azurerm_environment_configuration.private_links["privatelink.azurewebsites.net"]
|
||||
private_dns_zone_ids = [data.azurerm_private_dns_zone.azurewebsites.id]
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_monitor_diagnostic_setting" "atlas_ui" {
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@ resource "azurerm_key_vault_secret" "jdbc_connection_string_webapi_admin" {
|
|||
key_vault_id = data.azurerm_key_vault.ws.id
|
||||
value = "jdbc:postgresql://${azurerm_postgresql_flexible_server.postgres.fqdn}:5432/${local.postgres_webapi_database_name}?user=${local.postgres_webapi_admin_username}&password=${azurerm_key_vault_secret.postgres_webapi_admin_password.value}&sslmode=require"
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_user_assigned_identity" "ohdsi_webapi_id" {
|
||||
|
|
@ -10,6 +12,8 @@ resource "azurerm_user_assigned_identity" "ohdsi_webapi_id" {
|
|||
location = data.azurerm_resource_group.ws.location
|
||||
resource_group_name = data.azurerm_resource_group.ws.name
|
||||
tags = local.tre_workspace_service_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_access_policy" "ohdsi_webapi" {
|
||||
|
|
@ -112,6 +116,8 @@ resource "azurerm_linux_web_app" "ohdsi_webapi" {
|
|||
depends_on = [
|
||||
terraform_data.deployment_ohdsi_webapi_init
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_private_endpoint" "webapi_private_endpoint" {
|
||||
|
|
@ -132,6 +138,8 @@ resource "azurerm_private_endpoint" "webapi_private_endpoint" {
|
|||
name = module.terraform_azurerm_environment_configuration.private_links["privatelink.azurewebsites.net"]
|
||||
private_dns_zone_ids = [data.azurerm_private_dns_zone.azurewebsites.id]
|
||||
}
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_monitor_diagnostic_setting" "ohdsi_webapi" {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-airlock-import-review
|
||||
version: 0.11.4
|
||||
version: 0.11.6
|
||||
description: "A workspace to do Airlock Data Import Reviews for Azure TRE"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-base
|
||||
version: 1.4.5
|
||||
version: 1.4.7
|
||||
description: "A base Azure TRE workspace"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
|
|
@ -110,6 +110,8 @@ resource "azurerm_key_vault_secret" "client_id" {
|
|||
value = azuread_application.workspace.application_id
|
||||
key_vault_id = var.key_vault_id
|
||||
tags = var.tre_workspace_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_key_vault_secret" "client_secret" {
|
||||
|
|
@ -117,6 +119,8 @@ resource "azurerm_key_vault_secret" "client_secret" {
|
|||
value = azuread_service_principal_password.workspace.value
|
||||
key_vault_id = var.key_vault_id
|
||||
tags = var.tre_workspace_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azuread_app_role_assignment" "workspace_owner" {
|
||||
|
|
|
|||
|
|
@ -7,4 +7,6 @@ resource "azurerm_service_plan" "workspace" {
|
|||
os_type = "Linux"
|
||||
sku_name = var.app_service_plan_sku
|
||||
tags = local.tre_workspace_tags
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -73,6 +73,8 @@ resource "azapi_resource" "ampls_workspace" {
|
|||
"id"
|
||||
]
|
||||
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_monitor_private_link_scoped_service" "ampls_log_anaytics" {
|
||||
|
|
@ -124,6 +126,8 @@ resource "azapi_resource" "appinsights" {
|
|||
"id",
|
||||
"properties.ConnectionString",
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
resource "azurerm_monitor_private_link_scoped_service" "ampls_app_insights" {
|
||||
|
|
|
|||
|
|
@ -118,6 +118,8 @@ resource "azurerm_key_vault_secret" "aad_tenant_id" {
|
|||
azurerm_key_vault_access_policy.resource_processor,
|
||||
terraform_data.wait_for_dns_vault
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
# This secret only gets written if Terraform is not responsible for
|
||||
|
|
@ -133,6 +135,8 @@ resource "azurerm_key_vault_secret" "client_id" {
|
|||
azurerm_key_vault_access_policy.resource_processor,
|
||||
terraform_data.wait_for_dns_vault
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
||||
data "azurerm_key_vault_secret" "client_secret" {
|
||||
|
|
@ -154,4 +158,6 @@ resource "azurerm_key_vault_secret" "client_secret" {
|
|||
azurerm_key_vault_access_policy.resource_processor,
|
||||
terraform_data.wait_for_dns_vault
|
||||
]
|
||||
|
||||
lifecycle { ignore_changes = [tags] }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
schemaVersion: 1.0.0
|
||||
name: tre-workspace-unrestricted
|
||||
version: 0.10.3
|
||||
version: 0.10.4
|
||||
description: "A base Azure TRE workspace"
|
||||
dockerfile: Dockerfile.tmpl
|
||||
registry: azuretre
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче