microsoft
/
AzureTRE
зеркало из https://github.com/microsoft/AzureTRE.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge branch 'main' into snyk-upgrade-815bf1f8452c9bc9e57b898e23202350

This commit is contained in:
Tim Allen 2024-11-04 16:53:44 +00:00 коммит произвёл GitHub
Родитель 6acb8f37b3 501ee92fb7
Коммит d75c2f01e9
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
167 изменённых файлов: 2283 добавлений и 936 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
.github/workflows/deploy_tre_reusable.yml поставляемый
Просмотреть файл

@ -401,6 +401,8 @@ jobs:
BUNDLE_DIR: "./templates/workspace_services/ohdsi"}
- {BUNDLE_TYPE: "workspace_service",
BUNDLE_DIR: "./templates/workspace_services/azuresql"}
- {BUNDLE_TYPE: "workspace_service",
BUNDLE_DIR: "./templates/workspace_services/openai"}
- {BUNDLE_TYPE: "user_resource",
BUNDLE_DIR: "./templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm"}
- {BUNDLE_TYPE: "user_resource",

93
CHANGELOG.md
Просмотреть файл

@ -1,10 +1,69 @@
<!-- markdownlint-disable MD041 -->
## 0.19.0 (Unreleased)
## 0.20.0 (Unreleased)
**BREAKING CHANGES & MIGRATIONS**:
FEATURES:
ENHANCEMENTS:
BUG FIXES:
COMPONENTS:
## 0.19.1
**BREAKING CHANGES & MIGRATIONS**:
* Workspace creation blocked due to Azure API depreciation ([#4095](https://github.com/microsoft/AzureTRE/issues/4095))
ENHANCEMENTS:
* Update Unrestricted and Airlock Import Review workspaces to be built off the Base workspace 0.19.0 ([#4087](https://github.com/microsoft/AzureTRE/pull/4087))
* Update Release Docs (part of [#2727](https://github.com/microsoft/AzureTRE/issues/2727))
* Add info regarding workspace limit into docs ([#3920](https://github.com/microsoft/AzureTRE/issues/3920))
BUG FIXES:
* Add Snyk Security updates for September
* Workspace creation blocked due to Azure API depreciation ([#4095](https://github.com/microsoft/AzureTRE/issues/4095))
COMPONENTS:
| name | version |
| ----- | ----- |
| devops | 0.5.2 |
| core | 0.10.8 |
| ui | 0.5.28 |
| tre-service-guacamole-linuxvm | 1.0.3 |
| tre-service-guacamole-import-reviewvm | 0.2.9 |
| tre-service-guacamole-export-reviewvm | 0.1.9 |
| tre-service-guacamole-windowsvm | 1.0.1 |
| tre-service-guacamole | 0.10.9 |
| tre-service-databricks | 1.0.4 |
| tre-service-mlflow | 0.7.9 |
| tre-service-innereye | 0.6.5 |
| tre-workspace-service-ohdsi | 0.2.5 |
| tre-workspace-service-gitea | 1.0.5 |
| tre-workspace-service-mysql | 1.0.4 |
| tre-workspace-service-azuresql | 1.0.10 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.11 |
| tre-workspace-service-health | 0.2.6 |
| tre-workspace-service-openai | 1.0.1 |
| tre-workspace-airlock-import-review | 0.13.1 |
| tre-workspace-unrestricted | 0.12.1 |
| tre-workspace-base | 1.5.7 |
| tre-shared-service-cyclecloud | 0.6.3 |
| tre-shared-service-databricks-private-auth | 0.1.6 |
| tre-shared-service-sonatype-nexus | 3.0.1 |
| tre-shared-service-admin-vm | 0.4.4 |
| tre-shared-service-firewall | 1.2.1 |
| tre-shared-service-gitea | 1.0.3 |
| tre-shared-service-certs | 0.5.2 |
| tre-shared-service-airlock-notifier | 1.0.2 |
## 0.19.0
FEATURES:
* Azure SQL Workspace Service ([#3969](https://github.com/microsoft/AzureTRE/issues/3969))
* OpenAI Workspace Service ([#3810](https://github.com/microsoft/AzureTRE/issues/3810))
ENHANCEMENTS:
* Add Case Study Docs ([#1366](https://github.com/microsoft/AzureTRE/issues/1366))
@ -22,8 +81,40 @@ BUG FIXES:
* Update API and Resource Processor opentelemetry versions ([#4052](https://github.com/microsoft/AzureTRE/issues/4052))
* Fix broken links in new Case Study Docs
* Update Linux VM to stop screensaver locking out the user ([#4065](https://github.com/microsoft/AzureTRE/issues/4065))
* Update .NET version on Linux VMs ([#4067](https://github.com/microsoft/AzureTRE/issues/4067))
COMPONENTS:
| name | version |
| ----- | ----- |
| devops | 0.5.1 |
| core | 0.10.6 |
| ui | 0.5.28 |
| tre-service-guacamole-linuxvm | 1.0.2 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 1.0.0 |
| tre-service-guacamole | 0.10.8 |
| tre-service-databricks | 1.0.3 |
| tre-service-mlflow | 0.7.8 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-workspace-service-gitea | 1.0.3 |
| tre-workspace-service-mysql | 1.0.2 |
| tre-workspace-service-azuresql | 1.0.9 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-workspace-service-health | 0.2.5 |
| tre-workspace-airlock-import-review | 0.12.16 |
| tre-workspace-unrestricted | 0.11.4 |
| tre-workspace-base | 1.5.4 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-sonatype-nexus | 3.0.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-firewall | 1.2.0 |
| tre-shared-service-gitea | 1.0.2 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-airlock-notifier | 1.0.1 |
## 0.18.0

2
api_app/_version.py
Просмотреть файл

@ -1 +1 @@
__version__ = "0.18.11"
__version__ = "0.19.3"

2
api_app/api/routes/api.py
Просмотреть файл

@ -24,7 +24,7 @@ workspace_tags_metadata = [
{"name": "workspaces", "description": " **Workspace Owners and Researchers** can view their own workspaces"},
{"name": "workspace services", "description": "**Workspace Owners** administer workspace services, **Workspace Owners and Researchers** can view services in the workspaces they belong to"},
{"name": "user resources", "description": "**Researchers** administer and can view their own researchers, **Workspace Owners** can view/update/delete all user resources in their workspaces"},
{"name": "shared services", "description": "**TRE administratiors** administer shared services"},
{"name": "shared services", "description": "**TRE administratiors** administer shared services"}
]
# Root

8
api_app/api/routes/workspaces.py
Просмотреть файл

@ -21,6 +21,7 @@ from models.schemas.workspace import WorkspaceAuthInResponse, WorkspaceInCreate,
from models.schemas.workspace_service import WorkspaceServiceInCreate, WorkspaceServicesInList, WorkspaceServiceInResponse
from models.schemas.resource import ResourceHistoryInList, ResourcePatch
from models.schemas.resource_template import ResourceTemplateInformationInList
from models.schemas.users import UsersInResponse
from resources import strings
from services.access_service import AuthConfigValidationError
from services.authentication import get_current_admin_user, \
@ -187,6 +188,13 @@ async def invoke_action_on_workspace(response: Response, action: str, user=Depen
return OperationInResponse(operation=operation)
@workspaces_shared_router.get("/workspaces/{workspace_id}/users", response_model=UsersInResponse, name=strings.API_GET_WORKSPACE_USERS)
async def get_workspace_users(workspace=Depends(get_workspace_by_id_from_path)) -> UsersInResponse:
access_service = get_access_service()
users = access_service.get_workspace_users(workspace)
return UsersInResponse(users=users)
# workspace operations
# This method only returns templates that the authenticated user is authorized to use
@workspaces_shared_router.get("/workspaces/{workspace_id}/workspace-service-templates", response_model=ResourceTemplateInformationInList, name=strings.API_GET_WORKSPACE_SERVICE_TEMPLATES_IN_WORKSPACE)

2
api_app/models/domain/authentication.py
Просмотреть файл

@ -10,6 +10,6 @@ RoleAssignment = namedtuple("RoleAssignment", "resource_id, role_id")
class User(BaseModel):
id: str
name: str
email: str
email: str = Field(None)
roles: List[str] = Field([])
roleAssignments: List[RoleAssignment] = Field([])

28
api_app/models/schemas/users.py Normal file
Просмотреть файл

@ -0,0 +1,28 @@
from pydantic import BaseModel, Field
from typing import List
from models.domain.authentication import User
class UsersInResponse(BaseModel):
users: List[User] = Field(..., title="Users", description="List of users assigned to the workspace")
class Config:
schema_extra = {
"example": {
"users": [
{
"id": 1,
"name": "John Doe",
"email": "john.doe@example.com",
"roles": ["WorkspaceOwner", "WorkspaceResearcher"]
},
{
"id": 2,
"name": "Jane Smith",
"email": "jane.smith@example.com",
"roles": ["WorkspaceResearcher"]
}
]
}
}

2
api_app/resources/strings.py
Просмотреть файл

@ -15,6 +15,8 @@ API_DELETE_WORKSPACE = "Delete workspace"
API_UPDATE_WORKSPACE = "Update an existing workspace"
API_INVOKE_ACTION_ON_WORKSPACE = "Invoke action on a workspace"
API_GET_WORKSPACE_USERS = "Get all users for a workspace"
API_GET_ALL_WORKSPACE_SERVICES = "Get all workspace services for workspace"
API_GET_WORKSPACE_SERVICE_BY_ID = "Get workspace service by Id"
API_CREATE_WORKSPACE_SERVICE = "Create a workspace service"

90
api_app/services/aad_authentication.py
Просмотреть файл

@ -219,7 +219,7 @@ class AzureADAuthorization(AccessService):
@staticmethod
def _get_service_principal_assigned_roles_endpoint(client_id) -> str:
return f"{MICROSOFT_GRAPH_URL}/v1.0/serviceprincipals/{client_id}/appRoleAssignedTo?$select=appRoleId,principalId,principalType"
return f"{MICROSOFT_GRAPH_URL}/v1.0/serviceprincipals/{client_id}/appRoleAssignedTo?$select=appRoleId,principalId,principalType,principalDisplayName"
@staticmethod
def _get_batch_endpoint() -> str:
@ -227,11 +227,11 @@ class AzureADAuthorization(AccessService):
@staticmethod
def _get_users_endpoint(user_object_id) -> str:
return "/users/" + user_object_id + "?$select=mail,id"
return "/users/" + user_object_id + "?$select=displayName,mail,id"
@staticmethod
def _get_group_members_endpoint(group_object_id) -> str:
return "/groups/" + group_object_id + "/transitiveMembers?$select=mail,id"
return "/groups/" + group_object_id + "/transitiveMembers?$select=displayName,mail,id"
def _get_app_sp_graph_data(self, client_id: str) -> dict:
msgraph_token = self._get_msgraph_token()
@ -243,7 +243,7 @@ class AzureADAuthorization(AccessService):
sp_roles_endpoint = self._get_service_principal_assigned_roles_endpoint(client_id)
return requests.get(sp_roles_endpoint, headers=self._get_auth_header(msgraph_token)).json()
def _get_user_emails(self, roles_graph_data, msgraph_token):
def _get_user_details(self, roles_graph_data, msgraph_token):
batch_endpoint = self._get_batch_endpoint()
batch_request_body = self._get_batch_users_by_role_assignments_body(roles_graph_data)
headers = self._get_auth_header(msgraph_token)
@ -262,43 +262,59 @@ class AzureADAuthorization(AccessService):
return users_graph_data
def _get_user_emails_from_response(self, users_graph_data):
user_emails = {}
for user_data in users_graph_data["responses"]:
# Handle user endpoint response
if "users" in user_data["body"]["@odata.context"] and user_data["body"]["mail"] is not None:
user_emails[user_data["body"]["id"]] = [user_data["body"]["mail"]]
# Handle group endpoint response
if "directoryObjects" in user_data["body"]["@odata.context"]:
group_members_emails = []
for group_member in user_data["body"]["value"]:
if group_member["mail"] is not None and group_member["mail"] not in group_members_emails:
group_members_emails.append(group_member["mail"])
user_emails[user_data["id"]] = group_members_emails
return user_emails
def get_workspace_role_assignment_details(self, workspace: Workspace):
msgraph_token = self._get_msgraph_token()
app_role_ids = {role_name: workspace.properties[role_id] for role_name, role_id in self.WORKSPACE_ROLES_DICT.items()}
inverted_app_role_ids = {role_id: role_name for role_name, role_id in app_role_ids.items()}
sp_id = workspace.properties["sp_id"]
roles_graph_data = self._get_user_role_assignments(sp_id, msgraph_token)
users_graph_data = self._get_user_emails(roles_graph_data, msgraph_token)
user_emails = self._get_user_emails_from_response(users_graph_data)
workspace_role_assignments_details = defaultdict(list)
def _get_roles_for_principal(self, user_id, roles_graph_data, app_id_to_role_name):
roles = []
for role_assignment in roles_graph_data["value"]:
principal_id = role_assignment["principalId"]
principal_type = role_assignment["principalType"]
if role_assignment["principalId"] == user_id:
roles.append(app_id_to_role_name[role_assignment["appRoleId"]])
return roles
if principal_type != "ServicePrincipal" and principal_id in user_emails:
app_role_id = role_assignment["appRoleId"]
app_role_name = inverted_app_role_ids.get(app_role_id)
def _get_users_inc_groups_from_response(self, users_graph_data, roles_graph_data, app_id_to_role_name) -> List[User]:
users = []
for user_data in users_graph_data["responses"]:
if "users" in user_data["body"]["@odata.context"]:
# Handle user endpoint response
user_id = user_data["body"]["id"]
user_name = user_data["body"]["displayName"]
if app_role_name:
workspace_role_assignments_details[app_role_name].extend(user_emails[principal_id])
if "users" in user_data["body"]["@odata.context"]:
user_email = user_data["body"]["mail"]
# if user with id does not already exist in users
if not any(user.id == user_id for user in users):
users.append(User(id=user_id, name=user_name, email=user_email, roles=self._get_roles_for_principal(user_id, roles_graph_data, app_id_to_role_name)))
# Handle group endpoint response
elif "directoryObjects" in user_data["body"]["@odata.context"]:
group_id = user_data["id"]
for group_member in user_data["body"]["value"]:
user_id = group_member["id"]
user_name = group_member["displayName"]
user_email = group_member["mail"]
if not any(user.id == user_id for user in users):
users.append(User(id=user_id, name=user_name, email=user_email, roles=self._get_roles_for_principal(group_id, roles_graph_data, app_id_to_role_name)))
return users
def get_workspace_users(self, workspace: Workspace) -> List[User]:
msgraph_token = self._get_msgraph_token()
sp_graph_data = self._get_app_sp_graph_data(workspace.properties["client_id"])
app_id_to_role_name = {app_role["id"]: app_role["value"] for app_role in sp_graph_data["value"][0]["appRoles"]}
roles_graph_data = self._get_user_role_assignments(workspace.properties["sp_id"], msgraph_token)
users_graph_data = self._get_user_details(roles_graph_data, msgraph_token)
users_inc_groups = self._get_users_inc_groups_from_response(users_graph_data, roles_graph_data, app_id_to_role_name)
return users_inc_groups
def get_workspace_user_emails_by_role_assignment(self, workspace: Workspace):
users = self.get_workspace_users(workspace)
workspace_role_assignments_details = {}
for user in users:
if user.email:
for role in user.roles:
if role not in workspace_role_assignments_details:
workspace_role_assignments_details[role] = []
workspace_role_assignments_details[role].append(user.email)
return workspace_role_assignments_details
def _get_batch_users_by_role_assignments_body(self, roles_graph_data):

6
api_app/services/access_service.py
Просмотреть файл

@ -20,7 +20,11 @@ class AccessService(OAuth2AuthorizationCodeBearer):
pass
@abstractmethod
def get_workspace_role_assignment_details(self, workspace: Workspace) -> dict:
def get_workspace_users(self, workspace: Workspace) -> List[User]:
pass
@abstractmethod
def get_workspace_user_emails_by_role_assignment(self, workspace: Workspace) -> dict:
pass
@staticmethod

4
api_app/services/airlock.py
Просмотреть файл

@ -273,7 +273,7 @@ async def _handle_existing_review_resource(existing_resource: AirlockReviewUserR
async def save_and_publish_event_airlock_request(airlock_request: AirlockRequest, airlock_request_repo: AirlockRequestRepository, user: User, workspace: Workspace):
access_service = get_access_service()
role_assignment_details = access_service.get_workspace_role_assignment_details(workspace)
role_assignment_details = access_service.get_workspace_user_emails_by_role_assignment(workspace)
if config.ENABLE_AIRLOCK_EMAIL_CHECK:
check_email_exists(role_assignment_details)
@ -332,7 +332,7 @@ async def update_and_publish_event_airlock_request(
logger.debug(f"Sending status changed event for airlock request item: {airlock_request.id}")
await send_status_changed_event(airlock_request=updated_airlock_request, previous_status=airlock_request.status)
access_service = get_access_service()
role_assignment_details = access_service.get_workspace_role_assignment_details(workspace)
role_assignment_details = access_service.get_workspace_user_emails_by_role_assignment(workspace)
await send_airlock_notification_event(updated_airlock_request, workspace, role_assignment_details)
return updated_airlock_request
except Exception:

2
api_app/tests_ma/test_api/test_routes/test_airlock.py
Просмотреть файл

@ -135,7 +135,7 @@ class TestAirlockRoutesThatRequireOwnerOrResearcherRights():
patch("api.routes.workspaces.OperationRepository.resource_has_deployed_operation"), \
patch("api.routes.airlock.AirlockRequestRepository.save_item"), \
patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id"), \
patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]}):
patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]}):
yield
app.dependency_overrides = {}

58
api_app/tests_ma/test_api/test_routes/test_workspaces.py
Просмотреть файл

@ -1028,7 +1028,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
# [PATCH] /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.send_resource_request_message", return_value=sample_resource_operation(resource_id=USER_RESOURCE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.routes.workspaces.validate_user_has_valid_role_for_user_resource")
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id", return_value=sample_workspace())
@ -1054,7 +1054,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
# [PATCH] /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.resource_helpers.send_resource_request_message", return_value=sample_resource_operation(resource_id=USER_RESOURCE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.routes.workspaces.validate_user_has_valid_role_for_user_resource")
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id", return_value=sample_workspace())
@ -1080,9 +1080,10 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
assert response.status_code == status.HTTP_202_ACCEPTED
# [PATCH] /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}
@ patch("api.routes.workspaces.OperationRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.send_resource_request_message", return_value=sample_resource_operation(resource_id=USER_RESOURCE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.routes.workspaces.validate_user_has_valid_role_for_user_resource")
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id", return_value=sample_workspace())
@ -1090,8 +1091,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
@ patch("api.routes.workspaces.UserResourceRepository.update_item_with_etag", return_value=sample_user_resource_object())
@ patch("api.routes.workspaces.UserResourceRepository.get_timestamp", return_value=FAKE_UPDATE_TIMESTAMP)
@ patch("db.repositories.resources.ResourceRepository.create", return_value=AsyncMock())
@ patch("db.repositories.resources.ResourceRepository.get_resource_by_id", return_value=AsyncMock())
async def test_patch_user_resource_with_downgrade_version_returns_bad_request(self, _, __, ___, update_item_mock, ____, _____, ______, _______, ________, _________, __________, app, client):
async def test_patch_user_resource_with_downgrade_version_returns_bad_request(self, _, __, ___, ____, _____, ______, _______, ________, _________, __________, ___________, app, client):
user_resource_service_patch = {"templateVersion": "0.0.1"}
etag = "some-etag-value"
@ -1109,7 +1109,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
# [PATCH] /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.resource_helpers.send_resource_request_message", return_value=sample_resource_operation(resource_id=USER_RESOURCE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.routes.workspaces.validate_user_has_valid_role_for_user_resource")
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id", return_value=sample_workspace())
@ -1117,7 +1117,8 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
@ patch("api.routes.workspaces.UserResourceRepository.update_item_with_etag", return_value=sample_user_resource_object())
@ patch("api.routes.workspaces.UserResourceRepository.get_timestamp", return_value=FAKE_UPDATE_TIMESTAMP)
@ patch("db.repositories.resources.ResourceRepository.create", return_value=AsyncMock())
async def test_patch_user_resource_with_upgrade_minor_version_patches_user_resource(self, resource_repo_create_mock, ___, update_item_mock, ____, _____, ______, _______, ________, _________, __________, app, client):
@ patch("db.repositories.resources.ResourceRepository.get_resource_by_id", return_value=AsyncMock())
async def test_patch_user_resource_with_upgrade_minor_version_patches_user_resource(self, __, ___, ____, update_item_mock, _____, ______, _______, ________, _________, __________, ___________, app, client):
user_resource_service_patch = {"templateVersion": "0.2.0"}
etag = "some-etag-value"
@ -1135,13 +1136,16 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
# [PATCH] /workspaces/{workspace_id}/workspace-services/{service_id}/user-resources/{resource_id}
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.resource_helpers.send_resource_request_message", return_value=sample_resource_operation(resource_id=USER_RESOURCE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.UserResourceRepository.update_item_with_etag", return_value=sample_user_resource_object())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.routes.workspaces.validate_user_has_valid_role_for_user_resource")
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id", return_value=sample_workspace())
@ patch("api.dependencies.workspaces.UserResourceRepository.get_user_resource_by_id", return_value=sample_user_resource_object())
@ patch("api.routes.workspaces.UserResourceRepository.update_item_with_etag", return_value=sample_user_resource_object())
@ patch("api.routes.workspaces.UserResourceRepository.get_timestamp", return_value=FAKE_UPDATE_TIMESTAMP)
async def test_patch_user_resource_validates_against_template(self, _, __, ___, ____, _____, update_item_mock, ______, _______, app, client):
@ patch("db.repositories.resources.ResourceRepository.create", return_value=AsyncMock())
@ patch("db.repositories.resources.ResourceRepository.get_resource_by_id", return_value=AsyncMock())
async def test_patch_user_resource_validates_against_template(self, _, __, ___, update_item_mock, ____, _____, ______, _______, ________, _________, __________, app, client):
user_resource_service_patch = {'isEnabled': False, 'properties': {'vm_size': 'large'}}
etag = "some-etag-value"
@ -1240,7 +1244,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
@ patch("api.routes.resource_helpers.ResourceRepository.get_resource_dependency_list", return_value=[sample_workspace_service().__dict__])
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.send_resource_request_message", return_value=sample_resource_operation(resource_id=WORKSPACE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id")
@ patch("api.routes.workspaces.WorkspaceServiceRepository.update_item_with_etag", return_value=sample_workspace_service())
@ -1266,7 +1270,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
@ patch("api.routes.resource_helpers.ResourceRepository.get_resource_dependency_list", return_value=[sample_workspace_service().__dict__])
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.send_resource_request_message", return_value=sample_resource_operation(resource_id=WORKSPACE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id")
@ patch("api.routes.workspaces.WorkspaceServiceRepository.update_item_with_etag", return_value=sample_workspace_service())
@ -1294,7 +1298,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
@ patch("api.routes.resource_helpers.ResourceRepository.get_resource_dependency_list", return_value=[sample_workspace_service().__dict__])
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.send_resource_request_message", return_value=sample_resource_operation(resource_id=WORKSPACE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id")
@ patch("api.routes.workspaces.WorkspaceServiceRepository.update_item_with_etag", return_value=sample_workspace_service())
@ -1321,7 +1325,7 @@ class TestWorkspaceServiceRoutesThatRequireOwnerRights:
@ patch("api.routes.resource_helpers.ResourceRepository.get_resource_dependency_list", return_value=[sample_workspace_service().__dict__])
@ patch("api.routes.workspaces.ResourceHistoryRepository.save_item", return_value=AsyncMock())
@ patch("api.routes.workspaces.send_resource_request_message", return_value=sample_resource_operation(resource_id=WORKSPACE_ID, operation_id=OPERATION_ID))
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_workspace_service())
@ patch("api.routes.workspaces.ResourceTemplateRepository.get_template_by_name_and_version", return_value=sample_resource_template())
@ patch("api.dependencies.workspaces.WorkspaceServiceRepository.get_workspace_service_by_id", return_value=sample_workspace_service())
@ patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id")
@ patch("api.routes.workspaces.WorkspaceServiceRepository.update_item_with_etag", return_value=sample_workspace_service())
@ -1645,3 +1649,31 @@ class TestWorkspaceServiceRoutesThatRequireOwnerOrResearcherRights:
assert response.status_code == status.HTTP_200_OK
assert response.json()["operation"]["resourceId"] == user_resource.id
@pytest.mark.parametrize("auth_class", ["aad_authentication.AzureADAuthorization"])
@patch("api.dependencies.workspaces.WorkspaceRepository.get_workspace_by_id", return_value=sample_workspace())
async def test_get_workspace_users_returns_users(self, _, auth_class, app, client):
with patch(f"services.{auth_class}.get_workspace_users") as get_workspace_users_mock:
users = [
{
"id": "123",
"name": "John Doe",
"email": "john.doe@example.com",
"roles": ["WorkspaceOwner", "WorkspaceResearcher"],
'roleAssignments': []
},
{
"id": "456",
"name": "Jane Smith",
"email": "jane.smith@example.com",
"roles": ["WorkspaceResearcher"],
'roleAssignments': []
}
]
get_workspace_users_mock.return_value = users
response = await client.get(app.url_path_for(strings.API_GET_WORKSPACE_USERS, workspace_id=WORKSPACE_ID))
assert response.status_code == status.HTTP_200_OK
assert response.json()["users"] == users

2
api_app/tests_ma/test_service_bus/test_airlock_request_status_update.py
Просмотреть файл

@ -108,7 +108,7 @@ class ServiceBusReceivedMessageMock:
@patch('service_bus.airlock_request_status_update.AirlockRequestRepository.create')
@patch('service_bus.airlock_request_status_update.WorkspaceRepository.create')
@patch('logging.exception')
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"researcher_emails": ["researcher@outlook.com"], "owner_emails": ["owner@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"researcher_emails": ["researcher@outlook.com"], "owner_emails": ["owner@outlook.com"]})
async def test_receiving_good_message(_, logging_mock, workspace_repo, airlock_request_repo, eg_client):
eg_client().send = AsyncMock()

263
api_app/tests_ma/test_services/test_aad_access_service.py
Просмотреть файл

@ -17,9 +17,10 @@ class PrincipalRole:
class UserPrincipal:
def __init__(self, principal_id, mail):
def __init__(self, principal_id, mail, name):
self.principal_id = principal_id
self.mail = mail
self.display_name = name
class GroupPrincipal:
@ -28,6 +29,63 @@ class GroupPrincipal:
self.members = members
user_principal_1 = UserPrincipal("user_principal_id1", "test_user1@email.com", "test_user1")
user_principal_2 = UserPrincipal("user_principal_id2", "test_user2@email.com", "test_user2")
user_principal_3 = UserPrincipal("user_principal_id3", "test_user3@email.com", "test_user3")
user_principal_4 = UserPrincipal("user_principal_id4", "test_user4@email.com", "test_user4")
group_principal = GroupPrincipal("group_principal_id", [user_principal_3, user_principal_4])
@pytest.fixture
def roles_response():
workspace_owner_role_id = "1abc4"
return get_mock_role_response(
[
PrincipalRole(user_principal_1.principal_id, workspace_owner_role_id, "User"),
PrincipalRole(group_principal.principal_id, workspace_owner_role_id, "Group")
]
)
@pytest.fixture
def user_response():
return get_mock_batch_response(
[user_principal_1], []
)
@pytest.fixture
def group_response():
return get_mock_batch_response(
[], [group_principal]
)
@pytest.fixture
def users_and_group_response():
return get_mock_batch_response(
[user_principal_1, user_principal_2], [group_principal]
)
@pytest.fixture
def get_app_sp_graph_data_mock():
return {
"value": [
{
"id": "12345",
"appRoles": [
{"id": "1abc3", "value": "WorkspaceResearcher"},
{"id": "1abc4", "value": "WorkspaceOwner"},
{"id": "1abc5", "value": "AirlockManager"},
],
"servicePrincipalNames": ["api://tre_ws_1234"],
}
]
}
def test_extract_workspace__raises_error_if_client_id_not_available():
access_service = AzureADAuthorization()
with pytest.raises(AuthConfigValidationError):
@ -296,34 +354,25 @@ def test_raises_auth_config_error_if_auth_info_has_incorrect_roles(_):
)
@patch("services.aad_authentication.AzureADAuthorization._get_app_sp_graph_data")
@patch("services.aad_authentication.AzureADAuthorization._get_user_role_assignments")
@patch("services.aad_authentication.AzureADAuthorization._get_user_emails")
@patch("services.aad_authentication.AzureADAuthorization._get_user_details")
@patch(
"services.aad_authentication.AzureADAuthorization._get_msgraph_token",
return_value="token",
)
def test_get_workspace_role_assignment_details_with_single_user_returns_user_mail_and_role_assignment(
_, users, roles
def test_get_workspace_user_emails_by_role_assignment_with_single_user_returns_user_mail_and_role_assignment(
_, users, roles, app_sp_graph_data_mock, user_response, roles_response, get_app_sp_graph_data_mock
):
access_service = AzureADAuthorization()
# Build user response
user_principal_id = "user_principal_id"
user_email = "test_user@email.com"
user_response = get_mock_batch_response(
[UserPrincipal(user_principal_id, user_email)], []
)
# Use fixtures
users.return_value = user_response
# Build user role assignment response
workspace_owner_role_id = "1234"
roles_response = get_mock_role_response(
[PrincipalRole(user_principal_id, workspace_owner_role_id, "User")]
)
roles.return_value = roles_response
app_sp_graph_data_mock.return_value = get_app_sp_graph_data_mock
# Act
role_assignment_details = access_service.get_workspace_role_assignment_details(
role_assignment_details = access_service.get_workspace_user_emails_by_role_assignment(
Workspace(
id="id",
templateName="tre-workspace-base",
@ -331,43 +380,39 @@ def test_get_workspace_role_assignment_details_with_single_user_returns_user_mai
etag="",
properties={
"sp_id": "ab123",
"app_role_id_workspace_owner": workspace_owner_role_id,
"client_id": "ab124",
"app_role_id_workspace_owner": "1abc4",
"app_role_id_workspace_researcher": "ab125",
"app_role_id_workspace_airlock_manager": "ab130",
},
)
)
assert role_assignment_details["WorkspaceOwner"] == [user_email]
assert role_assignment_details["WorkspaceOwner"] == ["test_user1@email.com"]
@patch("services.aad_authentication.AzureADAuthorization._get_app_sp_graph_data")
@patch("services.aad_authentication.AzureADAuthorization._get_user_role_assignments")
@patch("services.aad_authentication.AzureADAuthorization._get_user_emails")
@patch("services.aad_authentication.AzureADAuthorization._get_user_details")
@patch(
"services.aad_authentication.AzureADAuthorization._get_msgraph_token",
return_value="token",
)
def test_get_workspace_role_assignment_details_with_single_user_with_no_mail_is_not_returned(
_, users, roles
def test_get_workspace_user_emails_by_role_assignment_with_single_user_with_no_mail_is_not_returned(
_, users, roles, app_sp_graph_data_mock, user_response, roles_response, get_app_sp_graph_data_mock
):
access_service = AzureADAuthorization()
# Build user response
user_principal_id = "user_principal_id"
user_response = get_mock_batch_response(
[UserPrincipal(user_principal_id, None)], []
)
users.return_value = user_response
user_response_no_mail = user_response.copy()
user_response_no_mail["responses"][0]["body"]["mail"] = None
users.return_value = user_response_no_mail
# Build user role assignment response
workspace_owner_role_id = "1234"
roles_response = get_mock_role_response(
[PrincipalRole(user_principal_id, workspace_owner_role_id, "User")]
)
roles.return_value = roles_response
app_sp_graph_data_mock.return_value = get_app_sp_graph_data_mock
# Act
role_assignment_details = access_service.get_workspace_role_assignment_details(
role_assignment_details = access_service.get_workspace_user_emails_by_role_assignment(
Workspace(
id="id",
templateName="tre-workspace-base",
@ -375,7 +420,8 @@ def test_get_workspace_role_assignment_details_with_single_user_with_no_mail_is_
etag="",
properties={
"sp_id": "ab123",
"app_role_id_workspace_owner": workspace_owner_role_id,
"client_id": "ab124",
"app_role_id_workspace_owner": "1abc4",
"app_role_id_workspace_researcher": "ab125",
"app_role_id_workspace_airlock_manager": "ab130",
},
@ -385,34 +431,24 @@ def test_get_workspace_role_assignment_details_with_single_user_with_no_mail_is_
assert len(role_assignment_details) == 0
@patch("services.aad_authentication.AzureADAuthorization._get_app_sp_graph_data")
@patch("services.aad_authentication.AzureADAuthorization._get_user_role_assignments")
@patch("services.aad_authentication.AzureADAuthorization._get_user_emails")
@patch("services.aad_authentication.AzureADAuthorization._get_user_details")
@patch(
"services.aad_authentication.AzureADAuthorization._get_msgraph_token",
return_value="token",
)
def test_get_workspace_role_assignment_details_with_only_groups_assigned_returns_group_members(
_, users_and_groups, roles
def test_get_workspace_user_emails_by_role_assignment_with_only_groups_assigned_returns_group_members(
_, users_and_groups, roles, app_sp_graph_data_mock, group_response, roles_response, get_app_sp_graph_data_mock
):
access_service = AzureADAuthorization()
# Build group response
user_in_group = UserPrincipal("user_principal_id1", "test_user1@email.com")
group_principal_id = "group_principal_id"
group_response = get_mock_batch_response(
[], [GroupPrincipal(group_principal_id, members=[user_in_group])]
)
users_and_groups.return_value = group_response
# Build user role assignment response
workspace_owner_role_id = "1234"
roles_response = get_mock_role_response(
[PrincipalRole(group_principal_id, workspace_owner_role_id, "Group")]
)
roles.return_value = roles_response
app_sp_graph_data_mock.return_value = get_app_sp_graph_data_mock
# Act
role_assignment_details = access_service.get_workspace_role_assignment_details(
role_assignment_details = access_service.get_workspace_user_emails_by_role_assignment(
Workspace(
id="id",
templateName="tre-workspace-base",
@ -420,7 +456,8 @@ def test_get_workspace_role_assignment_details_with_only_groups_assigned_returns
etag="",
properties={
"sp_id": "ab123",
"app_role_id_workspace_owner": workspace_owner_role_id,
"client_id": "ab124",
"app_role_id_workspace_owner": "1abc4",
"app_role_id_workspace_researcher": "ab125",
"app_role_id_workspace_airlock_manager": "ab130",
},
@ -428,49 +465,29 @@ def test_get_workspace_role_assignment_details_with_only_groups_assigned_returns
)
assert len(role_assignment_details) == 1
assert "test_user1@email.com" in role_assignment_details["WorkspaceOwner"]
assert "test_user3@email.com" in role_assignment_details["WorkspaceOwner"]
assert "test_user4@email.com" in role_assignment_details["WorkspaceOwner"]
@patch("services.aad_authentication.AzureADAuthorization._get_app_sp_graph_data")
@patch("services.aad_authentication.AzureADAuthorization._get_user_role_assignments")
@patch("services.aad_authentication.AzureADAuthorization._get_user_emails")
@patch("services.aad_authentication.AzureADAuthorization._get_user_details")
@patch(
"services.aad_authentication.AzureADAuthorization._get_msgraph_token",
return_value="token",
)
def test_get_workspace_role_assignment_details_with_group_with_multiple_users_returned_as_expected(
_, users_and_groups, roles
def test_get_workspace_user_emails_by_role_assignment_with_groups_and_users_assigned_returned_as_expected(
_, users_and_groups, roles, app_sp_graph_data_mock, roles_response, get_app_sp_graph_data_mock, users_and_group_response
):
access_service = AzureADAuthorization()
# Build group response
user_principal_id1 = "user_principal_id1"
user_email1 = "test_user1@email.com"
user_principal_id2 = "user_principal_id2"
user_email2 = "test_user2@email.com"
group_principal = GroupPrincipal(
"group_principal_id",
members=[
UserPrincipal(user_principal_id1, user_email1),
UserPrincipal(user_principal_id2, user_email2),
],
)
# Get batch response
users_groups_response = get_mock_batch_response([], [group_principal])
users_and_groups.return_value = users_groups_response
# Build user role assignment response
workspace_owner_role_id = "1234"
roles_response = get_mock_role_response(
[PrincipalRole(group_principal.principal_id, workspace_owner_role_id, "Group")]
)
roles.return_value = roles_response
app_sp_graph_data_mock.return_value = get_app_sp_graph_data_mock
users_and_groups.return_value = users_and_group_response
# Act
role_assignment_details = access_service.get_workspace_role_assignment_details(
role_assignment_details = access_service.get_workspace_user_emails_by_role_assignment(
Workspace(
id="id",
templateName="tre-workspace-base",
@ -478,7 +495,8 @@ def test_get_workspace_role_assignment_details_with_group_with_multiple_users_re
etag="",
properties={
"sp_id": "ab123",
"app_role_id_workspace_owner": workspace_owner_role_id,
"client_id": "ab123",
"app_role_id_workspace_owner": "ab124",
"app_role_id_workspace_researcher": "ab125",
"app_role_id_workspace_airlock_manager": "ab130",
},
@ -486,78 +504,15 @@ def test_get_workspace_role_assignment_details_with_group_with_multiple_users_re
)
assert len(role_assignment_details) == 1
assert "test_user2@email.com" in role_assignment_details["WorkspaceOwner"]
assert "test_user1@email.com" in role_assignment_details["WorkspaceOwner"]
@patch("services.aad_authentication.AzureADAuthorization._get_user_role_assignments")
@patch("services.aad_authentication.AzureADAuthorization._get_user_emails")
@patch(
"services.aad_authentication.AzureADAuthorization._get_msgraph_token",
return_value="token",
)
def test_get_workspace_role_assignment_details_with_groups_and_users_assigned_returned_as_expected(
_, users_and_groups, roles
):
access_service = AzureADAuthorization()
# Build group response
user_principal_id1 = "user_principal_id1"
user_email1 = "test_user1@email.com"
group_principal = GroupPrincipal(
"group_principal_id", members=[UserPrincipal(user_principal_id1, user_email1)]
)
# User assigned to the role, not in any group
user_principal_id2 = "user_principal_id2"
user_email2 = "test_user2@email.com"
# Get batch response
users_groups_response = get_mock_batch_response(
[UserPrincipal(user_principal_id2, user_email2)], [group_principal]
)
users_and_groups.return_value = users_groups_response
# Build user role assignment response
workspace_owner_role_id = "1234"
roles_response = get_mock_role_response(
[
PrincipalRole(user_principal_id1, workspace_owner_role_id, "User"),
PrincipalRole(user_principal_id2, workspace_owner_role_id, "User"),
PrincipalRole(
group_principal.principal_id, workspace_owner_role_id, "Group"
),
]
)
roles.return_value = roles_response
# Act
role_assignment_details = access_service.get_workspace_role_assignment_details(
Workspace(
id="id",
templateName="tre-workspace-base",
templateVersion="0.1.0",
etag="",
properties={
"sp_id": "ab123",
"app_role_id_workspace_owner": workspace_owner_role_id,
"app_role_id_workspace_researcher": "ab125",
"app_role_id_workspace_airlock_manager": "ab130",
},
)
)
assert len(role_assignment_details) == 1
assert "test_user2@email.com" in role_assignment_details["WorkspaceOwner"]
assert "test_user1@email.com" in role_assignment_details["WorkspaceOwner"]
assert "test_user3@email.com" in role_assignment_details["WorkspaceOwner"]
assert "test_user4@email.com" in role_assignment_details["WorkspaceOwner"]
@patch("services.aad_authentication.AzureADAuthorization._get_auth_header")
@patch("services.aad_authentication.AzureADAuthorization._get_batch_users_by_role_assignments_body")
@patch("requests.post")
def test_get_user_emails_with_batch_of_more_than_20_requests(mock_graph_post, mock_get_batch_users_by_role_assignments_body, mock_headers):
def test_get_user_details_with_batch_of_more_than_20_requests(mock_graph_post, mock_get_batch_users_by_role_assignments_body, mock_headers):
# Arrange
access_service = AzureADAuthorization()
roles_graph_data = [{"id": "role1"}, {"id": "role2"}]
@ -591,11 +546,11 @@ def test_get_user_emails_with_batch_of_more_than_20_requests(mock_graph_post, mo
mock_get_batch_users_by_role_assignments_body.return_value = batch_request_body
# Mock the response of the post request
mock_graph_post_response = {"responses": [{"id": "user1"}, {"id": "user2"}]}
mock_graph_post_response = {"responses": [{"id": "user1", "request": {"id": "user1"}}, {"id": "user2", "request": {"id": "user2"}}]}
mock_graph_post.return_value.json.return_value = mock_graph_post_response
# Act
users_graph_data = access_service._get_user_emails(roles_graph_data, msgraph_token)
users_graph_data = access_service._get_user_details(roles_graph_data, msgraph_token)
# Assert
assert len(users_graph_data["responses"]) == 4
@ -618,21 +573,21 @@ def get_mock_batch_response(user_principals, group_principals):
response_body = {"responses": []}
for user_principal in user_principals:
response_body["responses"].append(
get_mock_user_response(user_principal.principal_id, user_principal.mail)
get_mock_user_response(user_principal.principal_id, user_principal.mail, user_principal.display_name)
)
for group_principal in group_principals:
response_body["responses"].append(get_mock_group_response(group_principal))
return response_body
def get_mock_user_response(principal_id, mail):
def get_mock_user_response(principal_id, mail, name):
headers = '{"Cache-Control":"no-cache","x-ms-resource-unit":"1","OData-Version":"4.0","Content-Type":"application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8"}'
user_odata = f'@odata.context":"{MOCK_MICROSOFT_GRAPH_URL}/v1.0/$metadata#users(mail,id)/$entity'
user_response_body = {
"id": "1",
"status": 200,
"headers": headers,
"body": {"@odata.context": user_odata, "mail": mail, "id": principal_id},
"body": {"@odata.context": user_odata, "mail": mail, "id": principal_id, "displayName": name},
}
return user_response_body
@ -647,6 +602,7 @@ def get_mock_group_response(group):
"@odata.type": "#microsoft.graph.user",
"mail": member.mail,
"id": member.principal_id,
"displayName": member.display_name,
}
)
group_response_body = {
@ -654,6 +610,7 @@ def get_mock_group_response(group):
"status": 200,
"headers": headers,
"body": {"@odata.context": group_odata, "value": group_members_body},
"request": {"id": "group_principal_id"}
}
return group_response_body

28
api_app/tests_ma/test_services/test_airlock.py
Просмотреть файл

@ -242,7 +242,7 @@ def test_get_required_permission_return_read_and_write_permissions_for_draft_req
@pytest.mark.asyncio
@patch("event_grid.helpers.EventGridPublisherClient", return_value=AsyncMock())
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch('services.airlock.get_timestamp', return_value=CURRENT_TIME)
async def test_save_and_publish_event_airlock_request_saves_item(_, __, event_grid_publisher_client_mock, airlock_request_repo_mock):
airlock_request_mock = sample_airlock_request()
@ -269,7 +269,7 @@ async def test_save_and_publish_event_airlock_request_saves_item(_, __, event_gr
@pytest.mark.asyncio
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
async def test_save_and_publish_event_airlock_request_raises_503_if_save_to_db_fails(_, airlock_request_repo_mock):
airlock_request_mock = sample_airlock_request()
airlock_request_repo_mock.save_item = AsyncMock(side_effect=Exception)
@ -285,7 +285,7 @@ async def test_save_and_publish_event_airlock_request_raises_503_if_save_to_db_f
@pytest.mark.asyncio
@patch("event_grid.helpers.EventGridPublisherClient", return_value=AsyncMock())
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
async def test_save_and_publish_event_airlock_request_raises_503_if_publish_event_fails(_, event_grid_publisher_client_mock,
airlock_request_repo_mock):
airlock_request_mock = sample_airlock_request()
@ -334,11 +334,11 @@ async def test_check_email_exists_passes_if_researcher_or_owner_and_airlock_mana
{"WorkspaceResearcher": [], "AirlockManager": ["owner@outlook.com"]},
{"WorkspaceResearcher": ["researcher@outlook.com"], "owner_emails": []},
{"WorkspaceResearcher": ["researcher@outlook.com"]}])
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details")
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment")
@patch('core.config.ENABLE_AIRLOCK_EMAIL_CHECK', "True")
async def test_save_and_publish_event_airlock_request_raises_417_if_email_not_present(get_workspace_role_assignment_details_patched, email_mock_return):
async def test_save_and_publish_event_airlock_request_raises_417_if_email_not_present(get_workspace_user_emails_by_role_assignment_patched, email_mock_return):
get_workspace_role_assignment_details_patched.return_value = email_mock_return
get_workspace_user_emails_by_role_assignment_patched.return_value = email_mock_return
airlock_request_mock = sample_airlock_request()
with pytest.raises(HTTPException) as ex:
@ -353,11 +353,11 @@ async def test_save_and_publish_event_airlock_request_raises_417_if_email_not_pr
@pytest.mark.asyncio
@pytest.mark.parametrize('email_mock_return', [{},
{"WorkspaceResearcher": [], "AirlockManager": []}])
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details")
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment")
@patch("event_grid.event_sender.publish_event", return_value=AsyncMock())
async def test_save_and_publish_event_airlock_notification_if_email_not_present(publish_event_mock, get_workspace_role_assignment_details_patched, email_mock_return, airlock_request_repo_mock):
async def test_save_and_publish_event_airlock_notification_if_email_not_present(publish_event_mock, get_workspace_user_emails_by_role_assignment_patched, email_mock_return, airlock_request_repo_mock):
get_workspace_role_assignment_details_patched.return_value = email_mock_return
get_workspace_user_emails_by_role_assignment_patched.return_value = email_mock_return
airlock_request_mock = sample_airlock_request()
airlock_request_repo_mock.save_item = AsyncMock()
@ -372,7 +372,7 @@ async def test_save_and_publish_event_airlock_notification_if_email_not_present(
@pytest.mark.asyncio
@patch("event_grid.helpers.EventGridPublisherClient", return_value=AsyncMock())
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
async def test_update_and_publish_event_airlock_request_updates_item(_, event_grid_publisher_client_mock,
airlock_request_repo_mock):
airlock_request_mock = sample_airlock_request()
@ -404,7 +404,7 @@ async def test_update_and_publish_event_airlock_request_updates_item(_, event_gr
@pytest.mark.asyncio
@patch("services.airlock.send_status_changed_event")
@patch("services.airlock.send_airlock_notification_event")
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details")
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment")
async def test_update_and_publish_event_airlock_request_sends_status_changed_event(_, send_airlock_notification_event_mock, send_status_changed_event_mock, airlock_request_repo_mock):
new_status = AirlockRequestStatus.Submitted
airlock_request_repo_mock.update_airlock_request = AsyncMock()
@ -421,7 +421,7 @@ async def test_update_and_publish_event_airlock_request_sends_status_changed_eve
@pytest.mark.asyncio
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
async def test_update_and_publish_event_airlock_request_raises_400_if_status_update_invalid(_, airlock_request_repo_mock):
airlock_request_mock = sample_airlock_request()
@ -438,7 +438,7 @@ async def test_update_and_publish_event_airlock_request_raises_400_if_status_upd
@pytest.mark.asyncio
@patch("event_grid.helpers.EventGridPublisherClient", return_value=AsyncMock())
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment", return_value={"WorkspaceResearcher": ["researcher@outlook.com"], "WorkspaceOwner": ["owner@outlook.com"], "AirlockManager": ["manager@outlook.com"]})
async def test_update_and_publish_event_airlock_request_raises_503_if_publish_event_fails(_, event_grid_publisher_client_mock,
airlock_request_repo_mock):
airlock_request_mock = sample_airlock_request()
@ -460,7 +460,7 @@ async def test_update_and_publish_event_airlock_request_raises_503_if_publish_ev
@pytest.mark.asyncio
@patch("services.airlock.send_status_changed_event")
@patch("services.airlock.send_airlock_notification_event")
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_role_assignment_details")
@patch("services.aad_authentication.AzureADAuthorization.get_workspace_user_emails_by_role_assignment")
async def test_update_and_publish_event_airlock_request_without_status_change_should_not_send_status_changed_event(_, send_airlock_notification_event_mock, send_status_changed_event_mock, airlock_request_repo_mock):
new_status = None
airlock_request_repo_mock.update_airlock_request = AsyncMock()

136
core/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,102 +2,102 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/azure/azapi" {
version = "1.13.1"
constraints = ">= 1.9.0, ~> 1.13.0"
version = "1.15.0"
constraints = "1.15.0"
hashes = [
"h1:xDZG4lbtQJeyJa3Gzo8qecYxyw+AIXYcdDRlkaSLNz8=",
"zh:1f2aceddd67ceeb82a75c2f15dc01e54781e9aed5968507dbc29590c165b2e2b",
"zh:397f0bfbac899d48e23cecf38d362c27562150aa20b19157b5bd370b8e6801ee",
"zh:652263b7d00623684e29ef7b8ff285a17c5bd7cc8ba7d22967c66d0b3a3c568a",
"zh:652c53320a41434942877515780296a1509be03f32d54e60178f39200f960a67",
"zh:666426faf686401e54ec09fe06e9d7c06a6455ec398764f70558440c73aeb7f9",
"zh:6aa91ae8ba78f2494f99b4c99e66d15ed0b14d735cd1f77adc12ff9dfa075807",
"zh:a529e5a13c37d1805c469227f08cdbe7527d04dd64d18709d26627c6a0b588b1",
"zh:a589c049205e8e5bf94a13d56b28f400d908ad27e13e16df64408ee82eb8a0ff",
"zh:a9a50defdee230f315f74be6c77ff104fe2610a1b3ad6b87326f555e80d13b18",
"zh:ba49ef70d96e13795e2dbffd6cb2ff976dfe84e0373a5971ebe3b4c9c9b7af60",
"zh:d3ed50efe5f8c80d3d7d464ab9a13ccf82440d871c9ce3032ce476845364c6b9",
"zh:e3eb48ee8c36ee4f81850d8a21fc59b81886c729d7c3b7adece4a25f355bed2f",
"h1:gIOgxVmFSxHrR+XOzgUEA+ybOmp8kxZlZH3eYeB/eFI=",
"zh:0627a8bc77254debc25dc0c7b62e055138217c97b03221e593c3c56dc7550671",
"zh:2fe045f07070ef75d0bec4b0595a74c14394daa838ddb964e2fd23cc98c40c34",
"zh:343009f39c957883b2c06145a5954e524c70f93585f943f1ea3d28ef6995d0d0",
"zh:53fe9ab54485aaebc9b91e27a10bce2729a1c95b1399079e631dc6bb9e3f27dc",
"zh:63c407e7dc04d178d4798c17ad489d9cc92f7d1941d7f4a3f560b95908b6107b",
"zh:7d6fc2b432b264f036bb80ab2b2ba67f80a5d98da8a8c322aa097833dad598c9",
"zh:7ec49c0a8799d469eb6e2a1f856693f9862f1b73f5ed70adc1b346e5a4c6458d",
"zh:889704f10319d301d677539d788fc82a7c73608ab78cb93e1280ac2be39e6e00",
"zh:90b4b07405b7cde9ebae3b034cb5bb5dd18484d1b95bd250f905451f1e86ac3f",
"zh:92aa9c241a8cb2a6d81ad47bc007c119f8b818464a960ebaf39008766c361e6b",
"zh:f28fbd0a2c59e239b53067bc1adc691be444876bcb2d4f78d310f549724da6e0",
"zh:ffb15e0ddfa505d0e9b75341570199076ae574887124f398162b1ead9376b25f",
]
}
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.108.0"
constraints = ">= 3.8.0, >= 3.16.0, 3.108.0"
version = "3.112.0"
constraints = ">= 3.112.0, 3.112.0"
hashes = [
"h1:RIFBFTXz4X48JDHjbQHX4y400ax1/uEzMVFZgX3/z3w=",
"zh:2afecf948fd702bc08c87d9114595809d011f99a70a12dbf6bc67a12d0bee5fc",
"zh:395b6d1384a579867064e62d49b0b91e15919c33b03ea8b5031c2779bfa16b3d",
"zh:3e5594c59b6b02bc6e0f4c3de71aa2ab992494c53725fb3c64d36745f3814ef3",
"zh:4613e190609377309f6a4ac44f631c9469efab3ae148dbb09e73718201dc4f42",
"zh:624f01cb7604d58100068401bd07ab09a141e7bd318f8214127838cf202e4868",
"zh:65709950c9933e38704e2075a2339951e1259a6e882f35d390be36e1844ebc72",
"zh:af82657fad4e3a177f2ebb8035b45bda40f8856eb999288533321028794d03e5",
"zh:c40b331eba08830d16c0e6795fa7cbf08231073df2cfdb0f34e9d908a915981a",
"zh:d6ccd533a0bd984ca7ed1ae860e057e9e2f88468745be9712236d2d240353de4",
"zh:f361fd398e8772f8554a010331d161d6f7284a43238fd28bfa7b41795a5538b8",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:f8c2132c77d35930203ec66f1bf9bbf633a2406e9f7b572ff425d65b8aa8c492",
]
}
provider "registry.terraform.io/hashicorp/http" {
version = "3.4.3"
version = "3.4.5"
constraints = "~> 3.4"
hashes = [
"h1:WUwrzNfcBamA4mm3Stzt6+GcwTosQv2T0CEmZefPBAo=",
"zh:001e12b8079955a9fa7f8fcd515ae665b2e1087107fd337c4b872e88a86d540b",
"zh:0874fb3f870b2ac24c967a9685f2da641079589024109340389694696301a85b",
"zh:3b5e533c3d2859575945568aad0aac66b71bfc709706231fc2de94e01ca76d7f",
"zh:622ee28d42ed9d4b1399dde377db515e62cac08bd65bb2455068621f7a42d90d",
"zh:6dea688d78840a3f678e06ee602d37c766ce2ee625dcdce0c6658116ebcbde8e",
"h1:ceAVZEuaQd7jQX13qf5w7hy3ioiXpuwUaaDRsnAiMLM=",
"zh:2072006c177efc101471f3d5eb8e1d8e6c68778cbfd6db3d3f22f59cfe6ce6ae",
"zh:3ac4cc0efe11ee054300769cfcc37491433937a8824621d1f8f7a18e7401da87",
"zh:63997e5457c9ddf9cfff17bd7bf9f083cbeff3105452045662109dd6be499ef9",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:7f57a1436a464bc2e1698457b402ff0fd98ef9e7dcf6707d6bd0debc67fad164",
"zh:829d89d82e6fc3c89714950dc8afa51d622bb8e4f4bd5c73037505fb55a67834",
"zh:e453202d09b62531ed3278926307d315276e05784e7c6448a2c21c6a2da6e48f",
"zh:e76edc035240b4ad9334b4a0282b44a086e001df3007a2fc51f6262c4db032d1",
"zh:eeb0379da9093e155a193f666079de6baf8ed02855bf2a443448903f7cfef378",
"zh:fcb00eeb665ccae383645173d8e10c3071946396629a7797db39c798997f21b0",
"zh:826819bb8ab7d6e3095f597083d5b1ab93d1854312b9e1b6c18288fff9664f34",
"zh:8ad74e7d8ec2e226a73d49c7c317108f61a4cb803972fb3f945d1709d5115fcd",
"zh:a609ca9e0c91d250ac80295e39d5f524e8c0872d33ba8fde3c3e41893b4b015d",
"zh:ae07d19babc452f63f6a6511b944990e819dc20687b6c8f01d1676812f5ada53",
"zh:b7c827dc32a1a5d77185a78cd391b01217894b384f58169f98a96d683730d8ce",
"zh:d045e3db9f5e39ce78860d3fd94e04604fcbe246f6fe346ee50a971f936e9ccd",
"zh:ec28f9b52c74edd47eebbb5c254a6df5706360cde5ccd65097976efca23a2977",
"zh:f24982eaa7d34fd66554c3cf94873713a0dff14da9ea4c4be0cc76f1a6146d59",
]
}
provider "registry.terraform.io/hashicorp/local" {
version = "2.5.1"
version = "2.5.2"
constraints = ">= 2.2.0, ~> 2.5"
hashes = [
"h1:8oTPe2VUL6E2d3OcrvqyjI4Nn/Y/UEQN26WLk5O/B0g=",
"zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561",
"zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561",
"zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5",
"zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24",
"zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667",
"zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8",
"zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635",
"h1:JlMZD6nYqJ8sSrFfEAH0Vk/SL8WLZRmFaMUF9PJK5wM=",
"zh:136299545178ce281c56f36965bf91c35407c11897f7082b3b983d86cb79b511",
"zh:3b4486858aa9cb8163378722b642c57c529b6c64bfbfc9461d940a84cd66ebea",
"zh:4855ee628ead847741aa4f4fc9bed50cfdbf197f2912775dd9fe7bc43fa077c0",
"zh:4b8cd2583d1edcac4011caafe8afb7a95e8110a607a1d5fb87d921178074a69b",
"zh:52084ddaff8c8cd3f9e7bcb7ce4dc1eab00602912c96da43c29b4762dc376038",
"zh:71562d330d3f92d79b2952ffdda0dad167e952e46200c767dd30c6af8d7c0ed3",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0",
"zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867",
"zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4",
"zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520",
"zh:805f81ade06ff68fa8b908d31892eaed5c180ae031c77ad35f82cb7a74b97cf4",
"zh:8b6b3ebeaaa8e38dd04e56996abe80db9be6f4c1df75ac3cccc77642899bd464",
"zh:ad07750576b99248037b897de71113cc19b1a8d0bc235eb99173cc83d0de3b1b",
"zh:b9f1c3bfadb74068f5c205292badb0661e17ac05eb23bfe8bd809691e4583d0e",
"zh:cc4cbcd67414fefb111c1bf7ab0bc4beb8c0b553d01719ad17de9a047adff4d1",
]
}
provider "registry.terraform.io/hashicorp/random" {
version = "3.6.2"
version = "3.6.3"
constraints = ">= 3.0.0, ~> 3.6"
hashes = [
"h1:wmG0QFjQ2OfyPy6BB7mQ57WtoZZGGV07uAPQeDmIrAE=",
"zh:0ef01a4f81147b32c1bea3429974d4d104bbc4be2ba3cfa667031a8183ef88ec",
"zh:1bcd2d8161e89e39886119965ef0f37fcce2da9c1aca34263dd3002ba05fcb53",
"zh:37c75d15e9514556a5f4ed02e1548aaa95c0ecd6ff9af1119ac905144c70c114",
"zh:4210550a767226976bc7e57d988b9ce48f4411fa8a60cd74a6b246baf7589dad",
"zh:562007382520cd4baa7320f35e1370ffe84e46ed4e2071fdc7e4b1a9b1f8ae9b",
"zh:5efb9da90f665e43f22c2e13e0ce48e86cae2d960aaf1abf721b497f32025916",
"zh:6f71257a6b1218d02a573fc9bff0657410404fb2ef23bc66ae8cd968f98d5ff6",
"h1:Fnaec9vA8sZ8BXVlN3Xn9Jz3zghSETIKg7ch8oXhxno=",
"zh:04ceb65210251339f07cd4611885d242cd4d0c7306e86dda9785396807c00451",
"zh:448f56199f3e99ff75d5c0afacae867ee795e4dfda6cb5f8e3b2a72ec3583dd8",
"zh:4b4c11ccfba7319e901df2dac836b1ae8f12185e37249e8d870ee10bb87a13fe",
"zh:4fa45c44c0de582c2edb8a2e054f55124520c16a39b2dfc0355929063b6395b1",
"zh:588508280501a06259e023b0695f6a18149a3816d259655c424d068982cbdd36",
"zh:737c4d99a87d2a4d1ac0a54a73d2cb62974ccb2edbd234f333abd079a32ebc9e",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:9647e18f221380a85f2f0ab387c68fdafd58af6193a932417299cdcae4710150",
"zh:bb6297ce412c3c2fa9fec726114e5e0508dd2638cad6a0cb433194930c97a544",
"zh:f83e925ed73ff8a5ef6e3608ad9225baa5376446349572c2449c0c0b3cf184b7",
"zh:fbef0781cb64de76b1df1ca11078aecba7800d82fd4a956302734999cfd9a4af",
"zh:a357ab512e5ebc6d1fda1382503109766e21bbfdfaa9ccda43d313c122069b30",
"zh:c51bfb15e7d52cc1a2eaec2a903ac2aff15d162c172b1b4c17675190e8147615",
"zh:e0951ee6fa9df90433728b96381fb867e3db98f66f735e0c3e24f8f16903f0ad",
"zh:e3cdcb4e73740621dabd82ee6a37d6cfce7fee2a03d8074df65086760f5cf556",
"zh:eff58323099f1bd9a0bec7cb04f717e7f1b2774c7d612bf7581797e1622613a0",
]
}

4
core/terraform/airlock/main.tf
Просмотреть файл

@ -3,11 +3,11 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.16"
version = ">= 3.112"
}
azapi = {
source = "Azure/azapi"
version = ">= 1.9.0"
version = ">= 1.15.0"
}
local = {
source = "hashicorp/local"

2
core/terraform/appgateway/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.8"
version = ">= 3.112"
}
}
}

2
core/terraform/azure-monitor/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.8"
version = ">= 3.112"
}
}
}

20
core/terraform/dns_zones_non_core.tf
Просмотреть файл

@ -32,6 +32,26 @@ resource "azurerm_private_dns_zone_virtual_network_link" "azuresql" {
lifecycle { ignore_changes = [tags] }
}
resource "azurerm_private_dns_zone_virtual_network_link" "openai" {
resource_group_name = azurerm_resource_group.core.name
virtual_network_id = module.network.core_vnet_id
private_dns_zone_name = azurerm_private_dns_zone.non_core["privatelink.openai.azure.com"].name
name = azurerm_private_dns_zone.non_core["privatelink.openai.azure.com"].name
registration_enabled = false
tags = local.tre_core_tags
lifecycle { ignore_changes = [tags] }
}
resource "azurerm_private_dns_zone_virtual_network_link" "cognitivesearch" {
resource_group_name = azurerm_resource_group.core.name
virtual_network_id = module.network.core_vnet_id
private_dns_zone_name = azurerm_private_dns_zone.non_core["privatelink.cognitiveservices.azure.com"].name
name = azurerm_private_dns_zone.non_core["privatelink.cognitiveservices.azure.com"].name
registration_enabled = false
tags = local.tre_core_tags
lifecycle { ignore_changes = [tags] }
}
# Once the deployment of the app gateway is complete, we can proceed to include the required DNS zone for Nexus, which is dependent on the FQDN of the app gateway.
resource "azurerm_private_dns_zone" "nexus" {
name = "nexus-${module.appgateway.app_gateway_fqdn}"

4
core/terraform/locals.tf
Просмотреть файл

@ -33,7 +33,9 @@ locals {
"privatelink.postgres.database.azure.com",
"privatelink.mysql.database.azure.com",
"privatelink.database.windows.net",
"privatelink.azuredatabricks.net"
"privatelink.azuredatabricks.net",
"privatelink.openai.azure.com",
"privatelink.cognitiveservices.azure.com"
])
# The followig regex extracts different parts of the service bus endpoint: scheme, fqdn, port, path, query and fragment. This allows us to extract the needed fqdn part.

6
core/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.108.0"
version = "=3.112.0"
}
random = {
source = "hashicorp/random"
@ -19,7 +19,7 @@ terraform {
}
azapi = {
source = "Azure/azapi"
version = "~> 1.13.0"
version = "~> 1.15.0"
}
}
@ -179,6 +179,6 @@ module "resource_processor_vmss_porter" {
}
module "terraform_azurerm_environment_configuration" {
source = "git::https://github.com/microsoft/terraform-azurerm-environment-configuration.git?ref=0.5.0"
source = "git::https://github.com/microsoft/terraform-azurerm-environment-configuration.git?ref=0.6.0"
arm_environment = var.arm_environment
}

2
core/terraform/network/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.8"
version = ">= 3.112"
}
}
}

2
core/terraform/resource_processor/vmss_porter/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.8"
version = ">= 3.112"
}
random = {
source = "hashicorp/random"

13
core/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TF_VAR_tre_resource_id}-core"

2
core/version.txt
Просмотреть файл

@ -1 +1 @@
__version__ = "0.10.6"
__version__ = "0.10.9"

28
devops/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.51.0"
constraints = "3.51.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:X13zyweEi+honSpCdijEJBawbG6m1NmGyWDccICIKXs=",
"zh:045a56f984882b8cf111301550e14a51346c817ec0b3d6dc752f7533585ed99b",
"zh:102fa2fb9213f20c2834b7abb51d44f1c766bb28ad4f14c98d2c149faba0a911",
"zh:173e38d128bf559b4a3e4bf5511974ab87951ffad9460f769067f62edc66acc7",
"zh:22b7f74a6bf86fa4f735783331335b9c4783d5437c672a7d2579cedea8463e3b",
"zh:3e37e83a5f39f73fa3b310162ef9fc58449445aaeb2ddad66404251ceb6908a5",
"zh:6609b1c63ea9466bea599f6e1e32573a13889db6be89dd068c0eb114f7de50d5",
"zh:6a2cc4ab06a467369f03c4e1fb1eeb23f0ea8a98fb1c0651284fe45ca3d5b02f",
"zh:91885a417d4fd1cdc81b64d26330dacf608ef2f9d272b8f7073d93e71d6bccef",
"zh:96d1879e52f399f3c813bcf36c7ceee72273a3e020077d09b03f6b7fdef4430c",
"zh:dcdae19688d83dbf5dbc4c75d4c5f2d6d8abeb4fddc404c20880f9f3fa22c3ed",
"zh:e2e11ffae353f43f4bf4bb88fa386fb214b8dd4aebfe7665b3142484652f9651",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
devops/terraform/terraform.tf
Просмотреть файл

@ -4,7 +4,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.51.0"
version = "3.112.0"
}
}
}

13
devops/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TF_VAR_tre_resource_id}-devops"

2
devops/version.txt
Просмотреть файл

@ -1 +1 @@
__version__ = "0.5.1"
__version__ = "0.5.2"

15
docs/tre-developers/release.md
Просмотреть файл

@ -5,13 +5,14 @@ A release is created when enough changes have been made and the main branch is s
The process follows these steps:
1. Create a `Prep for Release v0...` issue to track.
2. Create PR linked to the `Prep...` issue and open in Dev Container.
2. Create a new branch for the release prep and open in Dev Container.
3. Update `CHANGELOG.md` in a PR with the following:
1. Rename the top-most version noted as unreleased with the version number that makes sense. Note that you don't have to keep the one that is currently in the file as the version number chosen should reflect the changes made (major, minor, etc.)
1. Rename the top-most version noted as unreleased with the version number that makes sense. Note that you don't have to keep the one that is currently in the file as the version number chosen should reflect the changes made (major, minor, etc.).
2. Create a new section for the next-unreleased version so that future changes will be placed there.
3. Run `devops/scripts/list_versions.sh` and include the output in the change log for the version you're about the release
4. Merge the PR
5. Create GitHub Release in `Pre Release` state.
3. Run `devops/scripts/list_versions.sh` and include the output in the change log for the version you're about the release.
4. Create PR and link to the `Prep...` issue.
5. Merge the PR.
6. Create GitHub Release in `Pre Release` state.
<!-- markdownlint-disable-next-line MD034 -->
1. Go to https://github.com/microsoft/AzureTRE/releases/new
2. Click on `Choose a tag` and type a new one for you version. It should be in the form of `v0.9.2` - note the "v" in the beginning.
@ -20,10 +21,10 @@ The process follows these steps:
5. Include a final line with a link to the full changelog similar to this:
<!-- markdownlint-disable-next-line MD034 -->
**Full Changelog**: https://github.com/microsoft/AzureTRE/compare/v0.9.1...v0.9.2
6. Update [AzureTRE-Deployment](https://github.com/microsoft/AzureTRE-Deployment). The procedure may vary depending on the level of changes introduced in the new version but should include the following steps:
7. Update [AzureTRE-Deployment](https://github.com/microsoft/AzureTRE-Deployment). The procedure may vary depending on the level of changes introduced in the new version but should include the following steps:
1. Update the tag used in [devcontainer.json](https://github.com/microsoft/AzureTRE-Deployment/blob/main/.devcontainer/devcontainer.json).
2. Rebuild the container.
3. Compare both `.devcontainer` and `.github` folders of the new release with the ones in the repo and make required updates so that only required difference exist.
The compare can be done with VSCode [Compare Folders extension](https://marketplace.visualstudio.com/items?itemName=moshfeu.compare-folders) as you have both the old version (under to root folder) and the "new" one inside the _AzureTRE_ symlink.
4. With all changes made, rebuild the container to verify it's working and that AzureTRE folder has been populated correctly.
7. Once tests have been complete edit GitHub Release to `Set as the latest release`.
8. Once tests have been complete edit GitHub Release by disabling `Set as a pre-release` and enabling `Set as the latest release`.

4
docs/tre-templates/shared-services/cyclecloud.md
Просмотреть файл

@ -64,7 +64,7 @@ ls /etc/yum.repos.d/*.repo | xargs sed -i "s,# baseurl=https://repo.almalinux.or
yum -y install epel-release
ls /etc/yum.repos.d/*.repo | xargs sed -i 's/metalink/# metalink/g'
ls /etc/yum.repos.d/*.repo | xargs sed -i "s,#baseurl=https://download.fedoraproject.org/,baseurl=https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/fedoraproject/,g"
ls /etc/yum.repos.d/*.repo | xargs sed -i "s,#baseurl=https://download.example/pub/epel/,baseurl=https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/fedoraproject/pub/epel/,g"
yum -y install python3 python3-pip
@ -83,6 +83,8 @@ gpgcheck=1
gpgkey=https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/microsoft-keys/microsoft.asc
EOF
rpm --import https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/almalinux/almalinux/RPM-GPG-KEY-AlmaLinux
```
- Click Save.

22
docs/tre-templates/workspace-services/openai.md Normal file
Просмотреть файл

@ -0,0 +1,22 @@
# OpenAI Workspace Service
See: [Azure OpenAI Service](https://learn.microsoft.com/en-us/azure/ai-services/openai/overview)
## Prerequisites
- [A base workspace deployed](../workspaces/base.md)
- The OpenAI workspace service container image needs building and pushing:
`make workspace_service_bundle BUNDLE=openai`
## Authenticating
1. The open AI domain and deployment id can be found from the details tab.
2. When communicating with the API, an "api_key" is required. This can be found in the Key Vault.
## Properties
- `is_exposed_externally` - If `True`, the OpenAI workspace is accessible from outside of the workspace virtual network.
- `openai_model` - The model to use for the OpenAI deployment `<model name> | <model version>`. The default is `gpt-35-turbo | 0301`.
- Important note: Models are subject to different quota and region availability and the deployment may fail if you don't have the correct quota.
Please review this link on current limits and how to request increases: [Open AI Quotas](https://learn.microsoft.com/en-us/azure/ai-services/openai/quotas-limits)

4
docs/using-tre/terms-definitions.md
Просмотреть файл

@ -46,6 +46,10 @@ Multiple workspaces can be created within a single Trusted Research Environment
Each workspace has [workspace users](../azure-tre-overview/user-roles.md): a **workspace owner** (normally only one), and one or more **workspace researchers** that can access the data and workspace services in the workspace. The workspace owner is also considered a workspace researcher.
!!! important
The TRE has a soft limit of 32 projects, it can be increased to 70 by updating the storage account limit in your subscription to 500.
See issue [#3920](https://github.com/microsoft/AzureTRE/issues/3920) for more info.
## Workspace Service
A workspace service is a service, created as a building block, with pre-configured set of resources that can be applied to a workspace.

1
e2e_tests/resources/strings.py
Просмотреть файл

@ -20,6 +20,7 @@ MLFLOW_SERVICE = "tre-service-mlflow"
MYSQL_SERVICE = "tre-workspace-service-mysql"
HEALTH_SERVICE = "tre-workspace-service-health"
AZURESQL_SERVICE = "tre-workspace-service-azuresql"
OPENAI_SERVICE = "tre-workspace-service-openai"
FIREWALL_SHARED_SERVICE = "tre-shared-service-firewall"
GITEA_SHARED_SERVICE = "tre-shared-service-gitea"

3
e2e_tests/test_workspace_services.py
Просмотреть файл

@ -13,7 +13,8 @@ workspace_services = [
strings.MLFLOW_SERVICE,
strings.MYSQL_SERVICE,
strings.HEALTH_SERVICE,
strings.AZURESQL_SERVICE
strings.AZURESQL_SERVICE,
strings.OPENAI_SERVICE
]

1
mkdocs.yml
Просмотреть файл

@ -104,6 +104,7 @@ nav:
- OHDSI: tre-templates/workspace-services/ohdsi.md
- MySQL: tre-templates/workspace-services/mysql.md
- Azure SQL: tre-templates/workspace-services/azuresql.md
- Open AI: tre-templates/workspace-services/openai.md
- Shared Services:
- Gitea (Source Mirror): tre-templates/shared-services/gitea.md
- Nexus (Package Mirror): tre-templates/shared-services/nexus.md

2
templates/shared_services/admin-vm/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-admin-vm
version: 0.4.3
version: 0.4.4
description: "An admin vm shared service"
dockerfile: Dockerfile.tmpl
registry: azuretre

28
templates/shared_services/admin-vm/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.23.0"
constraints = "3.23.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:gL/GB7M9xFNr8SxyalWCkTUaYach2k1/0voy6hAqA0A=",
"zh:5856ee393eea2c5807d71794020ec16492b6a219c50fec816376c9c4c50d964a",
"zh:58883757371208106ae56b591759a7c308d9a3fd74fb38aefaebe00fee4e380f",
"zh:69aca3a6929e629d6fe1dc0c0ff105ee943e5d0f95fe0d8abb89965d5dbc07ce",
"zh:6cf146b28a5b82da39ee9b5def88e649ed831824b4e669aa60884743d4b08200",
"zh:756dfe6d54e54879bed340f0e05e72a3882a7e8f8f2e783b2064d8c27c9fa1c1",
"zh:76ed418c25160fe0be9158c82c425375d79e2427f4a8adbac061d4540c56de79",
"zh:8c4f42f67157619fdd21525049f5daf9eb4eb3681b43603570a65bd5d52939ff",
"zh:ae15665e0ebe6cb40894cd6b7b7345fe4a7d46ca024fc209e03caee3dff6b51d",
"zh:ba21ef2d27e6f96fccfa234201151e0ad195ec798cb5486fa70664e0f707b48a",
"zh:d0d9b21b65c7b110e599b78abfdc90cec0bafe2d1b1e0bb36c3a3d5d12ad63b4",
"zh:ea02b2e6de9ea4184db300903d75871b16b7e240f6b38c46f8b149878f47c739",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/shared_services/admin-vm/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.23.0"
version = "=3.112.0"
}
random = {
source = "hashicorp/random"

13
templates/shared_services/admin-vm/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TF_VAR_tre_resource_id}-shared-adminvm"

2
templates/shared_services/airlock_notifier/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-airlock-notifier
version: 1.0.1
version: 1.0.2
description: "A shared service notifying on Airlock Operations"
registry: azuretre
dockerfile: Dockerfile.tmpl

48
templates/shared_services/airlock_notifier/terraform/.terraform.lock.hcl
Просмотреть файл

@ -1,42 +1,22 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/azure/azapi" {
version = "1.14.0"
constraints = "1.14.0"
hashes = [
"h1:D8AhiIgpSH6pG05WuslOg3XS0O9I5VxOoD3W3i8N+Xo=",
"zh:083709be750b878dfb33747ba1d326d23619a0ed654f95bce9c808e424923c90",
"zh:261b5060297b732d97b4363ad753355bfee00e93d773fd329023a5619b964c39",
"zh:51adfdaeb1b2c3d9e7aeba97c9c73d469712223dd125b14d90377d445d1cd3df",
"zh:5bcbedc9eeefa5e6267042604af20f93cadceba41d8d90a91040f60f6c5e38a9",
"zh:6da127f306083e740767f53dd0cc8787166a8af4f44519873dd8775ca981ddef",
"zh:7604cf377b8ea31a5a44db5b8566f5eea4d73acdfaaeb8ba10fcac46cbf4a738",
"zh:77789ef8906acabbf7eb55378e1f9c407499bb765811f193d256897d2925d66d",
"zh:8a333c53279b3b0b65519191dbba8ef7dc390f5d96216e4e6f165cac8b3e5dc2",
"zh:8c0dfe57dc2c29f8953db3037144d2254ce28bfa55dae537707ae4bdb4460f64",
"zh:debdeabcbcb6b421c2cdf2093d520c67e75a11d28d357b0ba32dd748105a5460",
"zh:e252ee062513904836fcc5e6548243429819e68aa7cfaeac7da8d816c4c4d1e8",
"zh:f48d1fd67b463d2121516911b5d20f8a72217e43e7740bb74929a17dbd43bb59",
]
}
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.113.0"
constraints = "3.113.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:eEUtt0lrLdpVaF6FiDq8BGQPgEcykmhj0aNIL7hTOGw=",
"zh:12479f5664288943400447b55e50df675c28ae82ad8d373cc2e5682f3a3411f0",
"zh:1b42a14e80e568429d3b55fed753ca3ef0df9dcdfa107890d7264599c020940f",
"zh:381be6ca617f848de3baa3985a6e1788e91a803afe04a3c5c727453528b6310d",
"zh:3e70e2e07b6db1c363de3e5d0ca47f27fc956473df03329c7d2e54d3ac29176b",
"zh:87c7633aeaa828098c6055da9e67d4acaf4b46748b6b3f0267e105e55f05de25",
"zh:8d0d98226901f874770dd5220d4701a12ae8bd586994615aa7dcba12b9736bec",
"zh:9fd913acd42a60c3a90a18ce803567ef861db8779a59aacced91f2cbd86de9d9",
"zh:b6f3f7ae0a055437fb36c139af9bb3135e7f4dad172157ae1eb0177dc74d703f",
"zh:b927027ba2bf40d34e03d742fd2b6c5299023b5ab8e6f05e50aac76a46ad1094",
"zh:ceb5187b9d2a439f4e48944f3ffeeeaf47a03dbe6f3325ea1775bf659ce0aa88",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:fb9d78dfeca7489bffca9b1a1f3abee7f16dbbcba31388aea1102062c1d6dce8",
]
}

2
templates/shared_services/airlock_notifier/terraform/providers.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.113.0"
version = "=3.112.0"
}
}
backend "azurerm" {}

2
templates/shared_services/certs/.gitignore поставляемый
Просмотреть файл

@ -1,2 +1,2 @@
.cnab/
.terraform*
.terraform/

2
templates/shared_services/certs/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-certs
version: 0.5.1
version: 0.5.2
description: "An Azure TRE shared service to generate certificates for a specified internal domain using Letsencrypt"
registry: azuretre
dockerfile: Dockerfile.tmpl

22
templates/shared_services/certs/terraform/.terraform.lock.hcl Normal file
Просмотреть файл

@ -0,0 +1,22 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/shared_services/certs/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.22.0"
version = "=3.112.0"
}
}

13
templates/shared_services/certs/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TRE_ID}-certs"

21
templates/shared_services/cyclecloud/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-cyclecloud
version: 0.5.5
version: 0.6.3
description: "An Azure TRE Shared Service Template for Azure Cyclecloud"
registry: azuretre
dockerfile: Dockerfile.tmpl
@ -53,6 +53,11 @@ outputs:
applyTo:
- install
- upgrade
- name: shared_subnet_address_prefixes
type: string
applyTo:
- install
- upgrade
mixins:
@ -67,10 +72,6 @@ install:
description: "Deploy Cyclecloud shared service"
vars:
tre_id: ${ bundle.parameters.tre_id }
arm_client_id: ${ bundle.credentials.azure_client_id }
arm_client_secret: ${ bundle.credentials.azure_client_secret }
arm_tenant_id: ${ bundle.credentials.azure_tenant_id }
arm_use_msi: ${ bundle.parameters.arm_use_msi }
tre_resource_id: ${ bundle.parameters.id }
arm_environment: ${ bundle.parameters.arm_environment }
backendConfig:
@ -80,16 +81,13 @@ install:
key: ${ bundle.parameters.id }
outputs:
- name: connection_uri
- name: shared_subnet_address_prefixes
upgrade:
- terraform:
description: "Update Cyclecloud shared service"
vars:
tre_id: ${ bundle.parameters.tre_id }
arm_client_id: ${ bundle.credentials.azure_client_id }
arm_client_secret: ${ bundle.credentials.azure_client_secret }
arm_tenant_id: ${ bundle.credentials.azure_tenant_id }
arm_use_msi: ${ bundle.parameters.arm_use_msi }
tre_resource_id: ${ bundle.parameters.id }
arm_environment: ${ bundle.parameters.arm_environment }
backendConfig:
@ -99,16 +97,13 @@ upgrade:
key: ${ bundle.parameters.id }
outputs:
- name: connection_uri
- name: shared_subnet_address_prefixes
uninstall:
- terraform:
description: "Delete the Cyclecloud shared service"
vars:
tre_id: ${ bundle.parameters.tre_id }
arm_client_id: ${ bundle.credentials.azure_client_id }
arm_client_secret: ${ bundle.credentials.azure_client_secret }
arm_tenant_id: ${ bundle.credentials.azure_tenant_id }
arm_use_msi: ${ bundle.parameters.arm_use_msi }
tre_resource_id: ${ bundle.parameters.id }
arm_environment: ${ bundle.parameters.arm_environment }
backendConfig:

196
templates/shared_services/cyclecloud/template_schema.json
Просмотреть файл

@ -4,8 +4,200 @@
"type": "object",
"title": "Azure CycleCloud",
"description": "Azure CycleCloud is an enterprise-friendly tool for orchestrating and managing High Performance Computing (HPC) environments on Azure.",
"required": [
],
"required": [],
"properties": {
"display_name": {
"type": "string",
"title": "Name for the shared service",
"description": "The name of the shared service to be displayed to users",
"default": "CycleCloud",
"updateable": true
},
"description": {
"type": "string",
"title": "Description of the shared service",
"description": "Description of the shared service",
"default": "Manage HPC environments on Azure",
"updateable": true
},
"overview": {
"type": "string",
"title": "Workspace Service Overview",
"description": "Long form description of the shared service, in markdown syntax",
"default": "Azure CycleCloud is an enterprise-friendly tool for orchestrating and managing High Performance Computing (HPC) environments on Azure.",
"updateable": true
}
},
"pipeline": {
"install": [
{
"stepId": "main"
},
{
"stepId": "42024559-3a88-4518-b1ea-713aebc91cfd",
"stepTitle": "Add CycleCloud rule collection to firewall",
"resourceTemplateName": "tre-shared-service-firewall",
"resourceType": "shared-service",
"resourceAction": "upgrade",
"properties": [
{
"name": "network_rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "nrc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "Cyclecloud_Dependancies",
"description": "Cyclecloud Dependancies",
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}",
"destination_addresses": [
"AzureResourceManager"
],
"destination_ports": [
"443"
],
"protocols": [
"TCP"
]
}
]
}
},
{
"name": "rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "arc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "cyclecloud",
"description": "CycleCloud",
"protocols": [
{
"port": "443",
"type": "Https"
}
],
"target_fqdns": [
"github.com",
"api.github.com",
"codeload.github.com",
"objects.githubusercontent.com"
],
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}"
}
]
}
}
]
}
],
"upgrade": [
{
"stepId": "main"
},
{
"stepId": "c3f95f9f-d125-4937-9403-84e4957a26b8",
"stepTitle": "Add CycleCloud rule collection from firewall",
"resourceTemplateName": "tre-shared-service-firewall",
"resourceType": "shared-service",
"resourceAction": "upgrade",
"properties": [
{
"name": "network_rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "nrc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "Cyclecloud_Dependancies",
"description": "Cyclecloud Dependancies",
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}",
"destination_addresses": [
"AzureResourceManager"
],
"destination_ports": [
"443"
],
"protocols": [
"TCP"
]
}
]
}
},
{
"name": "rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "arc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "cyclecloud",
"description": "CycleCloud",
"protocols": [
{
"port": "443",
"type": "Https"
}
],
"target_fqdns": [
"github.com",
"api.github.com",
"codeload.github.com",
"objects.githubusercontent.com"
],
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}"
}
]
}
}
]
}
],
"uninstall": [
{
"stepId": "c3f95f9f-d125-4937-9403-84e4957a26a8",
"stepTitle": "Remove CycleCloud rule collection from firewall",
"resourceTemplateName": "tre-shared-service-firewall",
"resourceType": "shared-service",
"resourceAction": "upgrade",
"properties": [
{
"name": "network_rule_collections",
"type": "array",
"arraySubstitutionAction": "remove",
"arrayMatchField": "name",
"value": {
"name": "nrc_svc_{{ resource.id }}_cyclecloud"
}
},
{
"name": "rule_collections",
"type": "array",
"arraySubstitutionAction": "remove",
"arrayMatchField": "name",
"value": {
"name": "arc_svc_{{ resource.id }}_cyclecloud"
}
}
]
},
{
"stepId": "main"
}
]
}
}

28
templates/shared_services/cyclecloud/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.5.0"
constraints = "3.5.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:T4XsCHDT839VehWKdxbVsLn0ECjcQaUTzbSGW055pgM=",
"zh:0d8ae6d6e87f44ed4a178be03d6466339b0bb578ab54c2677e365a8281b0bb7d",
"zh:29d250d1a18d49652b28f234ecd17687b36c875dc47877a678e587d5d136b054",
"zh:2e69ba373cf009e8a60b36d04f3dbc4638708d1bf88be9f96b3e52cbf8f47f31",
"zh:53d525dd84ac63b5f749bfbc6b70a202dacf29597664d2ab1165efea6f24f630",
"zh:a25024d574ccd5ae6c2962f3bb71d510f62899f493b1ed096f2f7f0e2b18f975",
"zh:aabc64fe64319b95aaba1d1866f87abc7b10adae37d2eafa2f85f37317fdd49f",
"zh:acc6a977814897cb23d3b3753213281334238f8bce6d2b21e9f04fc4087ee980",
"zh:b24987e9416c39cd59c0fa41c139a97406b9955f0607fcafbf3315014456338a",
"zh:c550eae45fd32acdbe32b4e5c450ae95df6cb18903ac7216b1b07b23a16ce045",
"zh:c8f83b763b643893dcb6933a6bcee824cb514e06e7e5c5f5ac4ba187e66d7e22",
"zh:dcdac07e7ea18464dea729717870c275de9453775243c231e1fb305cad0ee597",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/shared_services/cyclecloud/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.5.0"
version = "=3.112.0"
}
random = {
source = "hashicorp/random"

4
templates/shared_services/cyclecloud/terraform/outputs.tf
Просмотреть файл

@ -1,3 +1,7 @@
output "connection_uri" {
value = "https://${azurerm_private_dns_zone.cyclecloud.name}"
}
output "shared_subnet_address_prefixes" {
value = data.azurerm_subnet.shared.address_prefixes
}

13
templates/shared_services/cyclecloud/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TF_VAR_tre_resource_id}-${ID}"

2
templates/shared_services/databricks-auth/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-databricks-private-auth
version: 0.1.5
version: 0.1.6
description: "An Azure TRE shared service for Azure Databricks authentication."
registry: azuretre
dockerfile: Dockerfile.tmpl

28
templates/shared_services/databricks-auth/terraform/.terraform.lock.hcl
Просмотреть файл

@ -20,21 +20,21 @@ provider "registry.terraform.io/databricks/databricks" {
}
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.40.0"
constraints = "3.40.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:/Jbhw/zNAsDYDoASaG6w+0KZyay9BkUVOpR8b7m0CsA=",
"zh:00fa6dc05bf2643c6a3c741edb7d88263698086835a8a613f1d7bd76d1b918fd",
"zh:0da9b788e773272a7aa9d59bd9e3d5842edd4acc8c3895bea469e66dc14205a0",
"zh:25a8c39d1f042fc7c83ba9dd745c3569ea9e577fadb57563a575fb115ac2b9f1",
"zh:4423666dbeae8bc22c6e8898ffbb88745681dc27668ca9104b665dd7f3d7292c",
"zh:78c07308e7407b558d15737a98fb5eaf15529d297fc3798de6a7d61e0466e2e3",
"zh:894aca7e6f4f331ee8eb51957a180dc03d399d2b1727e0d7842e9b3f022a8c6a",
"zh:bb0e620c2161b4c4892a6f50b1c4c69ed70f66bb5e92543a03d79d0e4b1d9441",
"zh:c7d8e6a791159ca63b30908c9efe72ab65f60d64b30f0c1eb5a64972f4994844",
"zh:d04c11bfd346c1ac34d16bbdca70b23b006e822f6beb236b85375e8343888eb4",
"zh:f4edea9660327c7c70a823d786fd1b1c1b186c8759770447f63da72f23e1a73c",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:f986e268949cf445ff53a66af48a87c6f6dba5964e8a5b1dc0ea02afabdd71f7",
]
}

2
templates/shared_services/databricks-auth/terraform/providers.tf
Просмотреть файл

@ -2,7 +2,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.40.0"
version = "=3.112.0"
}
databricks = {
source = "databricks/databricks"

13
templates/shared_services/databricks-auth/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=tre-workspace-service-gitea-${TF_VAR_id}"

2
templates/shared_services/firewall/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-firewall
version: 1.2.0
version: 1.2.1
description: "An Azure TRE Firewall shared service"
dockerfile: Dockerfile.tmpl
registry: azuretre

28
templates/shared_services/firewall/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.53.0"
constraints = "3.53.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:bK70LV1NldhodSm58cUpawKwdUL1A5AKKglAV2wZ/QY=",
"zh:078ece8318ad7d6c1cd2e5f2044188e74af63921b93223c7f8d477539fa91888",
"zh:1bdc98ff8c2d3f3e81a746762e03d39794b2f5c90dc478cdb23dcc3d3f9947b6",
"zh:20b51cfc0ffc4ff368e6eb2eaece0b6bb99ade09e4b91b3444b50e94fc54c119",
"zh:233eed91279a9473825ba02d66487388d66dfc719b7249112d085dece0c2b594",
"zh:397ac8194ecc2f8d34d42600d6bf9e20399b222170dc1443b5800db3135ebc99",
"zh:3af3a2d8485d6c1ffcd26848af9ab087dfcb6cb045cc624e51f4db5144b53a9c",
"zh:5d0b9a346b57cccc369e2076556274225ec7f1c9044a2503dcfd8c117cdc2f79",
"zh:6e762dcef4ba14985f93af5f3fd195c9ee7d27de8de3bebdeefe761e53e79bb9",
"zh:73f9be719aa867985b1744c1f4fab834d01eb2069ec7a78b3a1bfa87c8256a40",
"zh:756deed30c20ffc9b4756c239e1675d3693f7175851e5ef946948a8bfb0b7935",
"zh:c279f99902a45a5b88d25d609a73709d101af3ce71222efbab9d4706c8a538b4",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/shared_services/firewall/terraform/providers.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.53.0"
version = "=3.112.0"
}
}

13
templates/shared_services/firewall/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TRE_ID}-shared-service-firewall"

2
templates/shared_services/gitea/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-gitea
version: 1.0.2
version: 1.0.3
description: "A Gitea shared service"
dockerfile: Dockerfile.tmpl
registry: azuretre

28
templates/shared_services/gitea/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,22 +2,22 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.33.0"
constraints = "3.33.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:pXB6SKE4NKdf+LepsQjrLcBnVTL5ejeKvx/kyojai6c=",
"zh:136d9c642746d8d84e62ecd8ab0c7dc015eac504c1f068e06fad438ae222d934",
"zh:266e64b8e32a94ddcc20954ebad1d8ff3921d318addf576e981b1390e5d5ba79",
"zh:3bd84a1e5b3bbe34a5870f271d6a5bf9b35a4c924db32b450a1fb53bc910c37a",
"zh:3c6604041472bb4691b502877cf9d886ed9f973fbadf11389ec9499fdc66045e",
"zh:680c00a73c8054c36a58115a44d02d1ebb675c2ad3afaaab2d74a01f978f16ce",
"zh:6dab47ef64f90e43b75ed240a974c4119f5268be4433f3c1c3e97559e7ef2f38",
"zh:9f73f19fdc340c443693dc03f1a145c6bd0ee5fd425eab7473d06abbe39b99d7",
"zh:9ff008b6737e880f191b4be6dfcef95ff019969dd787c44a58c2d7d6aaf6623b",
"zh:be297f1515e9ac63886e3e092a0bcd10aa8aa2b69c2b0995ce4e069176b07a95",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:fb29a566e7698cfae477f3efa3bba38526ec8343355763178c6e9c96e51399f3",
"zh:fbc3b625733ce5f0970fa8d9743f6db51064c168d6be5fc7a5e3d1a54af28bb7",
]
}

2
templates/shared_services/gitea/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.33.0"
version = "=3.112.0"
}
local = {
source = "hashicorp/local"

13
templates/shared_services/gitea/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TRE_ID}-gitea"

2
templates/shared_services/sonatype-nexus-vm/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-sonatype-nexus
version: 3.0.0
version: 3.0.1
description: "A Sonatype Nexus shared service"
dockerfile: Dockerfile.tmpl
registry: azuretre

28
templates/shared_services/sonatype-nexus-vm/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.53.0"
constraints = "3.53.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:bK70LV1NldhodSm58cUpawKwdUL1A5AKKglAV2wZ/QY=",
"zh:078ece8318ad7d6c1cd2e5f2044188e74af63921b93223c7f8d477539fa91888",
"zh:1bdc98ff8c2d3f3e81a746762e03d39794b2f5c90dc478cdb23dcc3d3f9947b6",
"zh:20b51cfc0ffc4ff368e6eb2eaece0b6bb99ade09e4b91b3444b50e94fc54c119",
"zh:233eed91279a9473825ba02d66487388d66dfc719b7249112d085dece0c2b594",
"zh:397ac8194ecc2f8d34d42600d6bf9e20399b222170dc1443b5800db3135ebc99",
"zh:3af3a2d8485d6c1ffcd26848af9ab087dfcb6cb045cc624e51f4db5144b53a9c",
"zh:5d0b9a346b57cccc369e2076556274225ec7f1c9044a2503dcfd8c117cdc2f79",
"zh:6e762dcef4ba14985f93af5f3fd195c9ee7d27de8de3bebdeefe761e53e79bb9",
"zh:73f9be719aa867985b1744c1f4fab834d01eb2069ec7a78b3a1bfa87c8256a40",
"zh:756deed30c20ffc9b4756c239e1675d3693f7175851e5ef946948a8bfb0b7935",
"zh:c279f99902a45a5b88d25d609a73709d101af3ce71222efbab9d4706c8a538b4",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/shared_services/sonatype-nexus-vm/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.53.0"
version = "=3.112.0"
}
random = {
source = "hashicorp/random"

13
templates/shared_services/sonatype-nexus-vm/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TRE_ID:?}-shared-service-sonatype-nexus"

2
templates/workspace_services/azureml/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-service-azureml
version: 0.8.10
version: 0.8.12
description: "An Azure TRE service for Azure Machine Learning"
registry: azuretre
dockerfile: Dockerfile.tmpl

61
templates/workspace_services/azureml/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,41 +2,41 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/azure/azapi" {
version = "1.1.0"
constraints = "1.1.0"
version = "1.15.0"
constraints = "1.15.0"
hashes = [
"h1:IR+AHCwfjl1c0baWwfOwZ6QZtHj41H2syTgHkJtAr/M=",
"zh:2a25df6325a49f9e821f0b02c7da86167fc19a3bac647cd1edf231300f29d077",
"zh:2b443a836a39724663fe455d4deee408ff3a2d9a8b86f8408aa7db2e8aa743f8",
"zh:364ed09ddfc50d9bed8d930f7de489cb654a9908feb139413a097823a50075fd",
"zh:523bc005f56ae785867d230d55c29f59db4b599dbc6c38b4d03ea55a79458916",
"zh:60ded375fdb305b60bcb4d9e596dbb222cab166bad1b4958199b05a72aaeacfd",
"zh:61e69c58642fead6814e511c872b7c0a6478ec6af4ab758b4512607d910ac078",
"zh:823b2154ae2262dabcbd11aac992e3cc29eae0f7baa96bee1e3e2fe1ece8730b",
"zh:870ea9cc24807ef5142e4cad0281dac7173f7b6bf818a79762b6c690d12d4c4b",
"zh:9094ae76ed66cb328a4f35bd18b9140fb6fc6859c2e46431ec73c018bcb58d96",
"zh:d89149cfd01cb70012459536b4d36490b58e43312440562e5910bd5160537858",
"zh:dba7ec06171ca062fc423ba5b4776a5600444e45e57f4d1cb043bdc3eee538b7",
"zh:ff5bd6883d9ac8334e043434246357a55107411e9a962856c1d17e47ee15ac37",
"h1:gIOgxVmFSxHrR+XOzgUEA+ybOmp8kxZlZH3eYeB/eFI=",
"zh:0627a8bc77254debc25dc0c7b62e055138217c97b03221e593c3c56dc7550671",
"zh:2fe045f07070ef75d0bec4b0595a74c14394daa838ddb964e2fd23cc98c40c34",
"zh:343009f39c957883b2c06145a5954e524c70f93585f943f1ea3d28ef6995d0d0",
"zh:53fe9ab54485aaebc9b91e27a10bce2729a1c95b1399079e631dc6bb9e3f27dc",
"zh:63c407e7dc04d178d4798c17ad489d9cc92f7d1941d7f4a3f560b95908b6107b",
"zh:7d6fc2b432b264f036bb80ab2b2ba67f80a5d98da8a8c322aa097833dad598c9",
"zh:7ec49c0a8799d469eb6e2a1f856693f9862f1b73f5ed70adc1b346e5a4c6458d",
"zh:889704f10319d301d677539d788fc82a7c73608ab78cb93e1280ac2be39e6e00",
"zh:90b4b07405b7cde9ebae3b034cb5bb5dd18484d1b95bd250f905451f1e86ac3f",
"zh:92aa9c241a8cb2a6d81ad47bc007c119f8b818464a960ebaf39008766c361e6b",
"zh:f28fbd0a2c59e239b53067bc1adc691be444876bcb2d4f78d310f549724da6e0",
"zh:ffb15e0ddfa505d0e9b75341570199076ae574887124f398162b1ead9376b25f",
]
}
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.37.0"
constraints = "3.37.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:83XTgyPKUKt706IjTLHo9HL0KN5m+DwmSKuVQv6dNb4=",
"zh:2a7bda0b7679d1c791c762103a22f333b544b6e6776c4177f33bafc9cc28c919",
"zh:49ff49670c349f918017315838a43ece09bf6f1bf7721b992f1cadbceb273c62",
"zh:55c9346d03380585e17616b79c4233b726d6fb9efa1921848834fc881e5d7d54",
"zh:5ab117b56a4236ea29926e9d95c27d7bf8ae6706d0fffb76c0b1bfe67bf3a78e",
"zh:5cfc086d5d56308edb3e68aac5f8a448ddc6e56541be7b152ae886399e9b2c69",
"zh:7a8929ed38152aac6652711f32193c8582bc996f8fa73879a3ac7a9bf88d2460",
"zh:895294e90a37f719975fcd2269b95e973147e48ec0ebb9c2fe472bc93531b49c",
"zh:8baa5e2b6e5b02df5b45d253a3aea93f22619920cf9577290d682b59a6d5664b",
"zh:b146a732c7909238c10d216b92a35092be4f72a0509a4c6742cc3245bf3b3bf3",
"zh:cedef898ccd512a6519eae3dff7eb0d581d2c3dad8e0001992da16ad1d7fded8",
"zh:f016d9ba94ea88476883b4d63cff88a0225974e0a8b8c3e8555f73c5de6f7119",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}
@ -62,7 +62,8 @@ provider "registry.terraform.io/hashicorp/external" {
}
provider "registry.terraform.io/hashicorp/random" {
version = "3.4.3"
version = "3.4.3"
constraints = "3.4.3"
hashes = [
"h1:xZGZf18JjMS06pFa4NErzANI98qi59SEcBsOcS2P2yQ=",
"zh:41c53ba47085d8261590990f8633c8906696fa0a3c4b384ff6a7ecbf84339752",

4
templates/workspace_services/azureml/terraform/providers.tf
Просмотреть файл

@ -2,11 +2,11 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.37.0"
version = "=3.112.0"
}
azapi = {
source = "Azure/azapi"
version = "=1.1.0"
version = "=1.15.0"
}
external = {
source = "hashicorp/external"

13
templates/workspace_services/azureml/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TRE_ID?}_azureml"

58
templates/workspace_services/azureml/user_resources/aml_compute/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,41 +2,41 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/azure/azapi" {
version = "1.1.0"
constraints = "1.1.0"
version = "1.15.0"
constraints = "1.15.0"
hashes = [
"h1:IR+AHCwfjl1c0baWwfOwZ6QZtHj41H2syTgHkJtAr/M=",
"zh:2a25df6325a49f9e821f0b02c7da86167fc19a3bac647cd1edf231300f29d077",
"zh:2b443a836a39724663fe455d4deee408ff3a2d9a8b86f8408aa7db2e8aa743f8",
"zh:364ed09ddfc50d9bed8d930f7de489cb654a9908feb139413a097823a50075fd",
"zh:523bc005f56ae785867d230d55c29f59db4b599dbc6c38b4d03ea55a79458916",
"zh:60ded375fdb305b60bcb4d9e596dbb222cab166bad1b4958199b05a72aaeacfd",
"zh:61e69c58642fead6814e511c872b7c0a6478ec6af4ab758b4512607d910ac078",
"zh:823b2154ae2262dabcbd11aac992e3cc29eae0f7baa96bee1e3e2fe1ece8730b",
"zh:870ea9cc24807ef5142e4cad0281dac7173f7b6bf818a79762b6c690d12d4c4b",
"zh:9094ae76ed66cb328a4f35bd18b9140fb6fc6859c2e46431ec73c018bcb58d96",
"zh:d89149cfd01cb70012459536b4d36490b58e43312440562e5910bd5160537858",
"zh:dba7ec06171ca062fc423ba5b4776a5600444e45e57f4d1cb043bdc3eee538b7",
"zh:ff5bd6883d9ac8334e043434246357a55107411e9a962856c1d17e47ee15ac37",
"h1:gIOgxVmFSxHrR+XOzgUEA+ybOmp8kxZlZH3eYeB/eFI=",
"zh:0627a8bc77254debc25dc0c7b62e055138217c97b03221e593c3c56dc7550671",
"zh:2fe045f07070ef75d0bec4b0595a74c14394daa838ddb964e2fd23cc98c40c34",
"zh:343009f39c957883b2c06145a5954e524c70f93585f943f1ea3d28ef6995d0d0",
"zh:53fe9ab54485aaebc9b91e27a10bce2729a1c95b1399079e631dc6bb9e3f27dc",
"zh:63c407e7dc04d178d4798c17ad489d9cc92f7d1941d7f4a3f560b95908b6107b",
"zh:7d6fc2b432b264f036bb80ab2b2ba67f80a5d98da8a8c322aa097833dad598c9",
"zh:7ec49c0a8799d469eb6e2a1f856693f9862f1b73f5ed70adc1b346e5a4c6458d",
"zh:889704f10319d301d677539d788fc82a7c73608ab78cb93e1280ac2be39e6e00",
"zh:90b4b07405b7cde9ebae3b034cb5bb5dd18484d1b95bd250f905451f1e86ac3f",
"zh:92aa9c241a8cb2a6d81ad47bc007c119f8b818464a960ebaf39008766c361e6b",
"zh:f28fbd0a2c59e239b53067bc1adc691be444876bcb2d4f78d310f549724da6e0",
"zh:ffb15e0ddfa505d0e9b75341570199076ae574887124f398162b1ead9376b25f",
]
}
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.37.0"
constraints = "3.37.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:83XTgyPKUKt706IjTLHo9HL0KN5m+DwmSKuVQv6dNb4=",
"zh:2a7bda0b7679d1c791c762103a22f333b544b6e6776c4177f33bafc9cc28c919",
"zh:49ff49670c349f918017315838a43ece09bf6f1bf7721b992f1cadbceb273c62",
"zh:55c9346d03380585e17616b79c4233b726d6fb9efa1921848834fc881e5d7d54",
"zh:5ab117b56a4236ea29926e9d95c27d7bf8ae6706d0fffb76c0b1bfe67bf3a78e",
"zh:5cfc086d5d56308edb3e68aac5f8a448ddc6e56541be7b152ae886399e9b2c69",
"zh:7a8929ed38152aac6652711f32193c8582bc996f8fa73879a3ac7a9bf88d2460",
"zh:895294e90a37f719975fcd2269b95e973147e48ec0ebb9c2fe472bc93531b49c",
"zh:8baa5e2b6e5b02df5b45d253a3aea93f22619920cf9577290d682b59a6d5664b",
"zh:b146a732c7909238c10d216b92a35092be4f72a0509a4c6742cc3245bf3b3bf3",
"zh:cedef898ccd512a6519eae3dff7eb0d581d2c3dad8e0001992da16ad1d7fded8",
"zh:f016d9ba94ea88476883b4d63cff88a0225974e0a8b8c3e8555f73c5de6f7119",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

4
templates/workspace_services/azureml/user_resources/aml_compute/terraform/providers.tf
Просмотреть файл

@ -2,11 +2,11 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.37.0"
version = "=3.112.0"
}
azapi = {
source = "Azure/azapi"
version = "=1.1.0"
version = "=1.15.0"
}
}

13
templates/workspace_services/azureml/user_resources/aml_compute/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=tre-user-resource-aml-compute-instance"

2
templates/workspace_services/azuresql/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-workspace-service-azuresql
version: 1.0.9
version: 1.0.10
description: "An Azure SQL workspace service"
registry: azuretre
dockerfile: Dockerfile.tmpl

28
templates/workspace_services/azuresql/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.111.0"
constraints = "3.111.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:vgrdy5JWGAK5N44/V75etoHIAMvXKNlMrIHTaWApehA=",
"zh:0db8afb9278993df7e74796bdd125153b07a7045e5ca1756783a8b8cfec564f4",
"zh:22c424fcfda13dc720caa289248c1b71b2ad20e329fd4a52cc6be7e45f795a4a",
"zh:471a2c1d7353bc21ef28963f006d2cf5276e7885b423fc0b73f2d8ce6cde72dd",
"zh:68bf81cb353c755d48792e881b6405919daa041e35de1d510209237d90d6c21f",
"zh:841d8664955bbc77f12095c9b1a4b3923362564a790fd945337759e9bc95d07e",
"zh:86e92f959056c573bf4b2be1d6cfa838dab06d3e5a944f371a1131e4c6477d88",
"zh:95a096ced57616659687970b5d618c2ce3cd54fa0311b7a7569435cacf39f26f",
"zh:c5656a11253ffdaee973e7292dd3c10a1db81f1fc9ee2d3041ae1182f7d25379",
"zh:cd6a1049de69280f339d6f83f30a9006bbe003a840a39eb7b5900990c5aadbb0",
"zh:e7b3d96f0c9ea47261dbd015f1f64fdb43c8ccb196afda862c0865e30d88245c",
"zh:f1ec7da6ab5526845274bff77e023b9faec71c2cf38bd18587274932b2aa2e89",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/workspace_services/azuresql/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.111.0"
version = "3.112.0"
}
random = {
source = "hashicorp/random"

13
templates/workspace_services/azuresql/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TF_VAR_tre_resource_id}-shared-azuresql"

2
templates/workspace_services/databricks/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-service-databricks
version: 1.0.3
version: 1.0.5
description: "An Azure TRE service for Azure Databricks."
registry: azuretre
dockerfile: Dockerfile.tmpl

58
templates/workspace_services/databricks/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,22 +2,22 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/azure/azapi" {
version = "1.13.1"
constraints = "1.13.1"
version = "1.15.0"
constraints = "1.15.0"
hashes = [
"h1:xDZG4lbtQJeyJa3Gzo8qecYxyw+AIXYcdDRlkaSLNz8=",
"zh:1f2aceddd67ceeb82a75c2f15dc01e54781e9aed5968507dbc29590c165b2e2b",
"zh:397f0bfbac899d48e23cecf38d362c27562150aa20b19157b5bd370b8e6801ee",
"zh:652263b7d00623684e29ef7b8ff285a17c5bd7cc8ba7d22967c66d0b3a3c568a",
"zh:652c53320a41434942877515780296a1509be03f32d54e60178f39200f960a67",
"zh:666426faf686401e54ec09fe06e9d7c06a6455ec398764f70558440c73aeb7f9",
"zh:6aa91ae8ba78f2494f99b4c99e66d15ed0b14d735cd1f77adc12ff9dfa075807",
"zh:a529e5a13c37d1805c469227f08cdbe7527d04dd64d18709d26627c6a0b588b1",
"zh:a589c049205e8e5bf94a13d56b28f400d908ad27e13e16df64408ee82eb8a0ff",
"zh:a9a50defdee230f315f74be6c77ff104fe2610a1b3ad6b87326f555e80d13b18",
"zh:ba49ef70d96e13795e2dbffd6cb2ff976dfe84e0373a5971ebe3b4c9c9b7af60",
"zh:d3ed50efe5f8c80d3d7d464ab9a13ccf82440d871c9ce3032ce476845364c6b9",
"zh:e3eb48ee8c36ee4f81850d8a21fc59b81886c729d7c3b7adece4a25f355bed2f",
"h1:gIOgxVmFSxHrR+XOzgUEA+ybOmp8kxZlZH3eYeB/eFI=",
"zh:0627a8bc77254debc25dc0c7b62e055138217c97b03221e593c3c56dc7550671",
"zh:2fe045f07070ef75d0bec4b0595a74c14394daa838ddb964e2fd23cc98c40c34",
"zh:343009f39c957883b2c06145a5954e524c70f93585f943f1ea3d28ef6995d0d0",
"zh:53fe9ab54485aaebc9b91e27a10bce2729a1c95b1399079e631dc6bb9e3f27dc",
"zh:63c407e7dc04d178d4798c17ad489d9cc92f7d1941d7f4a3f560b95908b6107b",
"zh:7d6fc2b432b264f036bb80ab2b2ba67f80a5d98da8a8c322aa097833dad598c9",
"zh:7ec49c0a8799d469eb6e2a1f856693f9862f1b73f5ed70adc1b346e5a4c6458d",
"zh:889704f10319d301d677539d788fc82a7c73608ab78cb93e1280ac2be39e6e00",
"zh:90b4b07405b7cde9ebae3b034cb5bb5dd18484d1b95bd250f905451f1e86ac3f",
"zh:92aa9c241a8cb2a6d81ad47bc007c119f8b818464a960ebaf39008766c361e6b",
"zh:f28fbd0a2c59e239b53067bc1adc691be444876bcb2d4f78d310f549724da6e0",
"zh:ffb15e0ddfa505d0e9b75341570199076ae574887124f398162b1ead9376b25f",
]
}
@ -36,22 +36,22 @@ provider "registry.terraform.io/databricks/databricks" {
}
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.108.0"
constraints = "3.108.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:RIFBFTXz4X48JDHjbQHX4y400ax1/uEzMVFZgX3/z3w=",
"zh:2afecf948fd702bc08c87d9114595809d011f99a70a12dbf6bc67a12d0bee5fc",
"zh:395b6d1384a579867064e62d49b0b91e15919c33b03ea8b5031c2779bfa16b3d",
"zh:3e5594c59b6b02bc6e0f4c3de71aa2ab992494c53725fb3c64d36745f3814ef3",
"zh:4613e190609377309f6a4ac44f631c9469efab3ae148dbb09e73718201dc4f42",
"zh:624f01cb7604d58100068401bd07ab09a141e7bd318f8214127838cf202e4868",
"zh:65709950c9933e38704e2075a2339951e1259a6e882f35d390be36e1844ebc72",
"zh:af82657fad4e3a177f2ebb8035b45bda40f8856eb999288533321028794d03e5",
"zh:c40b331eba08830d16c0e6795fa7cbf08231073df2cfdb0f34e9d908a915981a",
"zh:d6ccd533a0bd984ca7ed1ae860e057e9e2f88468745be9712236d2d240353de4",
"zh:f361fd398e8772f8554a010331d161d6f7284a43238fd28bfa7b41795a5538b8",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:f8c2132c77d35930203ec66f1bf9bbf633a2406e9f7b572ff425d65b8aa8c492",
]
}

4
templates/workspace_services/databricks/terraform/providers.tf
Просмотреть файл

@ -2,11 +2,11 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.108.0"
version = "=3.112.0"
}
azapi = {
source = "Azure/azapi"
version = "=1.13.1"
version = "=1.15.0"
}
databricks = {
source = "databricks/databricks"

13
templates/workspace_services/databricks/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=tre-workspace-service-gitea-${TF_VAR_id}"

2
templates/workspace_services/gitea/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-workspace-service-gitea
version: 1.0.3
version: 1.0.5
description: "A Gitea workspace service"
dockerfile: Dockerfile.tmpl
registry: azuretre

31
templates/workspace_services/gitea/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,27 +2,28 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.22.0"
constraints = "3.22.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:bxkMviG7vvNV2aPZQPall0mdIGOojsYeJvKbscPCZeM=",
"zh:03441438f73965fef3a60582573dc9137baf3142d157f16a8c187f7995bf968e",
"zh:1a45946e3ad479745e01eb28283beba4b7c63a94d29ccd3afa3adb8aac41ffa7",
"zh:457352525d3744a9f5d809a68e61ba51ad022fa012d0f092f04e31730700977d",
"zh:48c4ac83fbf5c7295ffe9b8f6a2f3e25d40361b53a8c77f1516973c714862805",
"zh:48c503892d780977405b4ef23db55d1216bbe96a592de63769f827cf3d5e092a",
"zh:5d5935681f91af8a44772262d7f6f1ed0a4b4e113236cc166559ff57b2c936c4",
"zh:61377b5edefdfe96b160a10b1b86b6faef02b813ea7d3d9cbcd8bc664c3293ed",
"zh:73b0696146afd6ff360138425973b3349cb2a45f13094a861d9c162c23e0d796",
"zh:8b2178ca3e1618107a7d5d68f57ca239c68b70a60cdae1c0a3e3ba867282ba25",
"zh:a4021c34ee777863f032425774485adab1d4aba10ce38eb415b5c3a3179423a4",
"zh:c66daaf59d5750b1e49706ffa052cb4467280b0cb481fdd4f7618bb8b9d1edb1",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}
provider "registry.terraform.io/hashicorp/local" {
version = "2.2.3"
version = "2.2.3"
constraints = "2.2.3"
hashes = [
"h1:aWp5iSUxBGgPv1UnV5yag9Pb0N+U1I0sZb38AXBFO8A=",
"zh:04f0978bb3e052707b8e82e46780c371ac1c66b689b4a23bbc2f58865ab7d5c0",

2
templates/workspace_services/gitea/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.22.0"
version = "=3.112.0"
}
random = {
source = "hashicorp/random"

13
templates/workspace_services/gitea/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=tre-workspace-service-gitea-${TF_VAR_id}"

2
templates/workspace_services/guacamole/guacamole-server/docker/version.txt
Просмотреть файл

@ -1 +1 @@
__version__ = "0.8.5"
__version__ = "0.8.6"

2
templates/workspace_services/guacamole/guacamole-server/guacamole-auth-azure/pom.xml
Просмотреть файл

@ -48,7 +48,7 @@
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-security-keyvault-secrets</artifactId>
<version>4.8.2</version>
<version>4.8.4</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>

2
templates/workspace_services/guacamole/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-service-guacamole
version: 0.10.8
version: 0.10.9
description: "An Azure TRE service for Guacamole"
dockerfile: Dockerfile.tmpl
registry: azuretre

28
templates/workspace_services/guacamole/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,21 +2,21 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.57.0"
constraints = "3.57.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:SOBKU/ioGnpuQpAx6dgaD0EzfAM2W+uS9e6p59viSxs=",
"zh:028202b0ae01f1262dac076b383cb68b5dd624977669b6db833418c215eb8401",
"zh:26fcf9e9b73cb3bbf87a048361a89050d2e52bdc91190a305e624a62be26a3f4",
"zh:2f381103953e4513068eee62089a0ec8c60a18ecef2235138b6c29a45920d6a2",
"zh:376f016f4b449b2cf38f75e27e7a9157fdcfc925f28198124a30e316abb54f3d",
"zh:7d491bab94d5aba91cd9c307dbd4b655dcdc0a6212541e7800b9a902be98befe",
"zh:85fa7d8339efd15494f947cda02e9ed127eafa32652e568f54261b2e97d2b3ee",
"zh:950e079e55a7e321adbd2f6a0639a4b3b0fac47d2e4bb3a12791e0817b694238",
"zh:975260e09379c5c97cad3171327db2f0b4914909861d4c24ab784b0ecd79c54a",
"zh:a26bb67ab2d2f20e5fee4d41110584af17357f4b4266d80f9debfad61fa0a4fd",
"zh:da0e5d1ec301c69b6fae684e55059fc5e1b91699ed3696229f599d558401556b",
"zh:ea11e62ce53caec240cb3a1da25d248805387fa246314001ed3e07e9105f6e12",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}

2
templates/workspace_services/guacamole/terraform/providers.tf
Просмотреть файл

@ -2,7 +2,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.57.0"
version = "=3.112.0"
}
local = {
source = "hashicorp/local"

13
templates/workspace_services/guacamole/terraform/upgrade.sh Normal file
Просмотреть файл

@ -0,0 +1,13 @@
#!/bin/bash
set -e
# This script is used to install the bundle directly without having to interact with Porter
# This script assumes you have created an .env from the sample and the variables
# will come from there.
# shellcheck disable=SC2154
terraform init -upgrade -reconfigure -input=false -backend=true \
-backend-config="resource_group_name=${TF_VAR_mgmt_resource_group_name}" \
-backend-config="storage_account_name=${TF_VAR_mgmt_storage_account_name}" \
-backend-config="container_name=${TF_VAR_terraform_state_container_name}" \
-backend-config="key=${TRE_ID}${TF_VAR_workspace_id}guacamole"

2
templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-service-guacamole-export-reviewvm
version: 0.1.8
version: 0.1.9
description: "An Azure TRE User Resource Template for reviewing Airlock export requests"
dockerfile: Dockerfile.tmpl
registry: azuretre

28
templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/.terraform.lock.hcl
Просмотреть файл

@ -2,22 +2,22 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.41.0"
constraints = "3.41.0"
version = "3.112.0"
constraints = "3.112.0"
hashes = [
"h1:Kn7sqPk/YpsvORFEd/zHXa8U7KkVB551DXUMwvqiU0s=",
"zh:123838b581a27499d0a1e3a9804a6f57304969f58c4ea7fbd938ae2a795b2a19",
"zh:761a7bff3872a192202411aa62e3e6aedc3046f0df86967a1f9ed5a74207f451",
"zh:83092681a9e14d5e548edccece5086d822f86de6ff8227bb78706b41f0041697",
"zh:95fd6be4a3b995dc8ad40054646e2261e01365af7e8f8ebe0e62133cee8250cd",
"zh:995c3eb0aa23fc6948f45e68173034facc4bd92f4865abc3bba4bd305596fc86",
"zh:9f7b158d39f3e9fbc01ee27e6a63600838e34b7364715ebeea7d62717e48cb56",
"zh:b23193883592a4889942e82e73782e70dfbb517561a4f24b09f8ab6cbdc46866",
"zh:c4884d654d03a0546ec78f348563e32220ae35a2c76f22cb3c960f989dc6be48",
"zh:dda1c6720c6cef052db2fb4886a9cd46dee849e4367d6d66b45ad9d5bb607b94",
"zh:f0bc878d67785343bfc36a7d14ec58a67fa436f5b8b497221aea3931e3dccefd",
"h1:5KSVV/O2eG6ty/3/qpOLQFQqJd96KEPzsTHItslJaMw=",
"zh:341c22454d24a75792aa99fbbc0c156f368534b7bb04eef4701b85995c7526a4",
"zh:3708656d75061c92f7208cc731b946c991ad343a443f8ff0ef082f077b7580b9",
"zh:38ca06f9f45705c648f04f272bd9483397693ea8da6db788cd7955f49ab79d6b",
"zh:3f305adb5ee0032e0ea68d198a089ecfd0127092930e99fa51377a250292b592",
"zh:4ae2fc6065164a819f576f705e634ebf5059f983149a41dad909719fea96145a",
"zh:5d376ac7dd71898a94038d6b6b8036dfec4c0216d832ec1135c855bf3e58eb5f",
"zh:63d2ff296d3aee5787e12c759a6a3d5aa15a574456aebbe11b833f01adf3faef",
"zh:8ad8746741f7f0ac10da6f1d105f26ebeb6e4d944f58ba749e86d7c9a67da3db",
"zh:abec182594ee8a21d72a5f23d3aa7fa45247488539fce6ed648c9c255d8bf972",
"zh:bf704b400be4181333b38c0306949f26326a9aa5ae68b4167e2fb8ee7fb13618",
"zh:c072938f8695f725fc5fbe986a54890f00d520cce570006390dc5bbc51b2a4ea",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
"zh:f6aa3c25f7106619cc6760e1d34b29b0956c50f285994f009939890a85e7b058",
]
}

2
templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/main.tf
Просмотреть файл

@ -3,7 +3,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.41.0"
version = "=3.112.0"
}
random = {
source = "hashicorp/random"

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше