* replace cmk resources with cmk blocks for storage accounts
* remove cmk resources for cosmosdb
* update template versions
* fix terraform format
* remove duplicated data block
* update core version
* update encryption_key_versionless_id assignment to handle null values based on cmk encryption flag
This pull request introduces several changes to the templates/workspaces/base directory to add support for configurable storage account redundancy in Azure TRE workspaces (ZRS / GRS). The changes span multiple files including porter.yaml, template_schema.json, and Terraform configuration files.
* Upgrade azurerm terraform provider from v3.112.0 to v3.117.0 to mitigate storage account deployment issue #4004
* Bump core, devops and template version numbers
* Add VM size configuration for Sonatype Nexus
Fixes#4209
Add VM size configurability for Sonatype Nexus VM.
* Add a new parameter "vm_size" in `templates/shared_services/sonatype-nexus-vm/parameters.json` and `templates/shared_services/sonatype-nexus-vm/porter.yaml`.
* Update `templates/shared_services/sonatype-nexus-vm/template_schema.json` to include an input field for "vm_size" with a dropdown list of recommended sizes.
* Modify `templates/shared_services/sonatype-nexus-vm/terraform/vm.tf` to use the "vm_size" parameter instead of the hardcoded value.
* Add a new variable "vm_size" in `templates/shared_services/sonatype-nexus-vm/terraform/variables.tf` with a default value of "Standard_B2ms".
* Update the bundle version to "3.2.3" in `templates/shared_services/sonatype-nexus-vm/porter.yaml`.
---
For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/AzureTRE/issues/4209?shareId=XXXX-XXXX-XXXX-XXXX).
* Update vm sizes
fix
---------
Co-authored-by: Tamir Kamara <takamara@microsoft.com>
* Change the way "inherited" workspaces retrieve the base workspace code #4162
* Conditionally add the porter --build-context parameter
* Pin Porter version to v1.2.1
* change cmk name to include tre-id + add dependency to one of the stg accounts
* add cmk for ACR and service bus
* add null default for acr_sku
* bump core version to 0.11.8
* set 'Enable support for customer-managed keys' for tables and queues in storage accounts (core/mgmt only)
* add key type encryption to state store
* add support for customer-managed key (CMK) encryption in templates
* fix terraform issues found by linter
* raise minor instead of major version
* fix terraform issues found by linter
* fix terraform issues found by linter
* fix: update identity_client_id reference in azureml
* remove the 'vmss' from disks encryption set names
* move all data resources to a data.tf file
* Attempt to fix Nexus problem of running with too little memory
* Attempt to fix Nexus problem of running with too little memory
* Update CHANGELOG
* Update templates/shared_services/sonatype-nexus-vm/terraform/vm.tf
Co-authored-by: Marcus Robinson <marrobi@microsoft.com>
---------
Co-authored-by: Tony Wildish <TonyWildish@users.noreply.github.com>
Co-authored-by: Marcus Robinson <marrobi@microsoft.com>
* change cmk name to include tre-id + add dependency to one of the stg accounts
* add cmk for ACR and service bus
* add null default for acr_sku
* bump core version to 0.11.8
* set 'Enable support for customer-managed keys' for tables and queues in storage accounts (core/mgmt only)
* add key type encryption to state store
* Bump porter, mixin, azcli & terraform versions in templates
* Bump porter, mixin, azcli & terraform versions in templates
* Revert OHDSI debian version back to bullseye as sqlcmd not available for bookworm
* Update CHANGELOG.md
* Revert MLFlow base image version back to bullseye due to incompatibilities
* Revert MLFlow Server image to bullseye due to incompatibilities
* Update porter mixin versions to canary (until the tagged version numbers are added to their releases feed)
* Update terraform version in Dev Container from 1.4.5 to 1.9.8
* Update porter az-mixin and terraform-mixin versions
* Bump base workspace version
* change cmk name to include tre-id + add dependency to one of the stg accounts
* add cmk for ACR and service bus
* add null default for acr_sku
* bump core version to 0.11.8
* revert mistake
* added management key vault
* added cmk for vmss and storage accounts
* add default value for variables
* add CMK for cosmos accounts
* move tre-encryption key from mgmt to core
* fix order of creation for encryption key
* add cmk for the state store in mgmt
* add support for external KV
* revert CMK for cosmos - not working, need to redo this
* refine comments and files names
* remove redundant space
* add space
* upper case in comment
* revert cosmos tags
* update changelog + core version
* remove unused var
* remove redundant variable
* remove redundant variables
* add check for enable_cmk_encryption for the key_store_id variable in tf
* bugfix: remove redundant data keyword
* add enable_cmk_encryption check in module variables
* remove redundant key_vault_id from ignore_changes for cmk
* remove redundant sign/verify
* add cmk support for cosmos db
* update changelog + add comments
* update core version
* fix linting issue
* add null provider to providers block
* remove duplicates that were created by merge
* update core version
* remove redundant terraform data
* Add support for CMK encryption in workspace configuration
* add cmk for the ws storage accounts
* fix encryption_identity being sent when cmk was disabled
* update changelog
* update changelog
* fix linting issues
* bump rp version
* bump core version
* update docs
* use foreach for airlock cmks
* update the porter upgrade command + minor version
* change the default value for key_store_id variable to an empty string
* set default value of key_store_id variable to null
* Update default value of key_store_id variable to 'TWEAKME'
* Remove default value for key_store_id variable in variables.tf
* Set default value of key_store_id variable to an empty string in locals
* update core version
---------
Co-authored-by: Matthew Fortunka <mafortun@microsoft.com>
Co-authored-by: Tim Allen <tim.allen@cloudkubed.com>
* added management key vault
* added cmk for vmss and storage accounts
* add default value for variables
* add CMK for cosmos accounts
* move tre-encryption key from mgmt to core
* fix order of creation for encryption key
* add cmk for the state store in mgmt
* add support for external KV
* revert CMK for cosmos - not working, need to redo this
* refine comments and files names
* remove redundant space
* add space
* upper case in comment
* revert cosmos tags
* update changelog + core version
* remove unused var
* remove redundant variable
* remove redundant variables
* add check for enable_cmk_encryption for the key_store_id variable in tf
* bugfix: remove redundant data keyword
* add enable_cmk_encryption check in module variables
* remove redundant key_vault_id from ignore_changes for cmk
* remove redundant sign/verify
* add cmk support for cosmos db
* update changelog + add comments
* update core version
* fix linting issue
* add null provider to providers block
* remove duplicates that were created by merge
* update core version
* remove redundant terraform data
* bump core version
---------
Co-authored-by: Matthew Fortunka <mafortun@microsoft.com>
Co-authored-by: Tim Allen <tim.allen@cloudkubed.com>
* added management key vault
* added cmk for vmss and storage accounts
* add default value for variables
* add CMK for cosmos accounts
* move tre-encryption key from mgmt to core
* fix order of creation for encryption key
* add cmk for the state store in mgmt
* add support for external KV
* revert CMK for cosmos - not working, need to redo this
* refine comments and files names
* remove redundant space
* add space
* upper case in comment
* revert cosmos tags
* update changelog + core version
* remove unused var
* remove redundant variable
* remove redundant variables
* add check for enable_cmk_encryption for the key_store_id variable in tf
* bugfix: remove redundant data keyword
* add enable_cmk_encryption check in module variables
---------
Co-authored-by: Matthew Fortunka <mafortun@microsoft.com>
* Disable storage account cross tenant replication
* Update CHANGELOG.md
* Update version numbers after merge (code in merge used them)
* Increment core version number following merge
* Increment core version number following merge
Yuval Yaron
Jonny Rylands
Guy Bertental
Tamir Kamara
Marcus Robinson
Ron Shakutai
Tony Wildish
Tim Allen
dependabot[bot]