microsoft/AzureTRE v0.27.0

0.27.0

on GitHub

BREAKING CHANGES

• Azure ML workspace service now requires auto group creation for RBAC; legacy service-principal role assignment fallback has been removed. (#4687)
• Fix missing arguments for airlock manager requests - change in API contract (#4544)
• Clarify cost label time period and aggregation scope in UI tooltips (#4607)
• Transition GitHub Actions to use federated credentials. You should replace the AZURE_CREDENTIALS secret as described in the cicd pre steps. (#4822)

ENHANCEMENTS:

• Upgrade Guacamole to v1.6.0 with Java 17 and other security updates (#4754)
• API: Replace HTTP_422_UNPROCESSABLE_ENTITY response with HTTP_422_UNPROCESSABLE_CONTENT as per RFC 9110 (#4742)
• Change Group.ReadWrite.All permission to Group.Create for AUTO_WORKSPACE_GROUP_CREATION (#4772)
• Make workspace shared storage quota updateable (#4314)
• Implement UI testing with vitest (#4794)
• Update Porter, AzureCLI, Terraform and its providers across the solution (#4799)
• Update api_healthcheck.sh script with fixed 10-second check intervals and 7-minute timeout for improved API health monitoring (#4807)
• Update SuperLinter to version 8.3.2 (#4815)
• Add porter build cache in CI (#4827)
• Migrate GitHub Actions workflows to use ubuntu-slim runners for improved efficiency and reduced cost (#4831)

BUG FIXES:

• Replace deprecated --username flag with --client-id in az login --identity commands across all Porter bundles (#4817)
• Fix deleted workspaces still accessible via URL - get_*_by_id methods now filter out deleted resources (#4785)
• Fix circular dependancy in base workspace. (#4756)
• Replaced deprecated datetime.utcnow() with datetime.now(datetime.UTC) in the API and airlock processor. (#4743)
• Updated error messages when publishing a template version that is lower than the existing version. (#4685)
• Disable public access on stweb storage account (#4766)
• Mark auth_client_secret variable as sensitive in terraform templates (#4736)
• Fix Azure Machine Learning workspace deployment failure in unrestricted workspace by aligning missing parameters and outputs with base workspace (#4768)
• Fix firewall application rule validation error when description is empty string (#4691)
• Fix R configuration with incorrect quotes preventing package installation on Linux VMs (#4657)
• Add timeouts to Graph requests in API (#4723)
• Fix missing metastoreDomains for Databricks, which caused metastore outages for some domains (#4779)
• Fix data exfiltration vulnerability in Azure ML workspace service by removing unrestricted AzureMachineLearning service tag access and enforcing RBAC-based storage access (#4660)
• Fix cost display duplication when user resource is deleted - UI incorrectly reused cost data for remaining resources (#4783)
• Fix type mismatch error where {{ resource.parent.my_boolean_property }} was returning string instead of the correct type (#4813)
• Delete npm package lock file (#4810)
• Switch from yarn to npm (#4837)

COMPONENTS:

Full Changelog: v0.26.0...0.27.0