microsoft/AzureTRE v0.4

0.4

on GitHub

What's Changed

• Fix Firewall Logging by @martinpeck in #1870
• Change how access properties in get_scope by @marrobi in #1882
• added missing param for invoke-action by @damoodamoo in #1906
• Add Bicep tools to devcontainer by @SvenAelterman in #1848
• E2E tests: Fix shared service and performance tests by @tanya-borisova in #1860
• Add .terraform in .dockerignore files by @sonali-rajput in #1872
• Add resource id var to shared services by @LizaShak in #1914
• Add TFLint config by @tamirkamara in #1919
• Update httpx package by @martinpeck in #1917
• Improve documentation for Resource Processor by @tanya-borisova in #1827
• Re-host Nexus on vm by @jjgriff93 in #1584
• Mandatory client-secret when creating a workspace by @ross-p-smith in #1924
• Disable app service's ftp by @tamirkamara in #1930
• Airlock resources - tf scripts by @eladiw in #1843
• Make etag required in API documentaiton, remove custom check by @SharonHart in #1932
• Reimage Resource Processor Automatically by @tamirkamara in #1929
• Tag tre core services by @guybartal in #1916
• Setting workspace_owner_object_id when creating workspaces by @ross-p-smith in #1928
• Optimize Guacamole docker image by @tamirkamara in #1933
• Upgrade azurerm provider version to 3.5.0 by @tanya-borisova in #1947
• E2E on main run in sequence by @tamirkamara in #1945
• Fix pr-bot e2eTestsCustomSelector param by @tamirkamara in #1959
• Airlock processor - function app based - Base by @eladiw in #1950
• Cost Report - Tag Gitea shared service by @LizaShak in #1941
• Fix Guacamole firewall rule name by @dusan-ilic-mhra in #1957
• azurerm_app_service_plan is deprecated and we should use azurerm_service_plan by @ross-p-smith in #1958
• Don't migrate Terraform state by @ross-p-smith in #1977
• [cost] Tag firewall and nexus shared services. by @LizaShak in #1979
• Create Application Administrator by @ross-p-smith in #1975
• Cleanup bundle dockerfiles by @tamirkamara in #1969
• Register VM Bundle for E2E tests by @ross-p-smith in #1987
• Publish before Register by @ross-p-smith in #1988
• Registering a user_resource needs the Workspace Service Name by @ross-p-smith in #1989
• add missing dockerfile.tmpl references by @tamirkamara in #1990
• Create user_resource in e2e tests by @ross-p-smith in #1952
• Missing TF_VARS passed into devcontainer by @ross-p-smith in #1993
• Missing TF_VAR_application_admin_client_id Inputs by @ross-p-smith in #1994
• Use different identity to create applications by @ross-p-smith in #1976
• [cost] Tag Guacamole Workspace Service in Terraform by @ciprianmaf in #1971
• PR Bot Condition Fix by @tamirkamara in #2002
• Checking Bundle's parameter.json file by @tamirkamara in #1995
• Fix a pytest error when running only smoke tests in CI by @tamirkamara in #2007
• [cost] add billing reader role to api identity by @guybartal in #2004
• Mandatory Identity with Application.ReadWrite.OwnedBy by @ross-p-smith in #2008
• UI MVP by @damoodamoo in #2001
• Change the build to have a new Identity by @ross-p-smith in #2015
• Block WS Airlock storage acccounts from public network by @eladiw in #2017
• Update tomcat url to download a fixed version by @tamirkamara in #2024
• Remove e2e workflow by @tamirkamara in #2027
• Airlock API (Draft + Submit) by @anatbal in #1949
• Fix missing MAKEFILE_DIR by @tamirkamara in #2020
• Enable purge protection by @tanya-borisova in #1973
• Event Grid uses managed identity instead of access key by @anatbal in #2032
• [cost] Create Cost Reporting API stubs by @guybartal in #2003
• [cost] Tag Gitea workspace service in Terraform by @ciprianmaf in #2005
• Add stateful_resources_locked to firewall bundle by @tamirkamara in #2029
• Build airlock_processor image in CI by @tamirkamara in #2022
• Configure docker hub proxy by @jjgriff93 in #2026
• Airlock processor handles request Submission by @eladiw in #1978
• Tests for User Resources by @ross-p-smith in #2035
• [cost] Cost Management ARM REST API call methods by @guybartal in #2030
• Disable API health check of downstream services by @tamirkamara in #2049
• Split user resource registration in CI workflow by @tamirkamara in #2051
• Airlock processor networking (vnet integration and airlock subnet) by @eladiw in #2040
• Airlock - API - approve/reject a request by @anatbal in #2044
• Update create_aad_assets.sh for switch changes in aad-app-reg.sh by @stuartleeks in #2039
• [cost] Tagging Base workspace by @pedro-pelegrin-nttdata in #1970
• Give AML dedicated storage by @marrobi in #2043
• Increase e2e timeouts by @tamirkamara in #2054
• Disable ftp in airlock app by @tamirkamara in #2059
• Pipeline Property Substitution by @damoodamoo in #2052
• Fixing Airlock API bugs when integrating to airlock processor by @anatbal in #2067
• Added auth docs for Application Admin by @ross-p-smith in #2068
• [cost] Tag innereye Workspace Service in Terraform by @pedro-pelegrin-nttdata in #1998
• Redact secrets before saving resources in Cosmos by @tanya-borisova in #2066
• make db-migrate now uses API by @ross-p-smith in #2075
• Database Migrate doesn't work in main by @ross-p-smith in #2088
• TRE costs API endpoint (/api/costs) by @guybartal in #2057
• Update parent workspace in pipeline (and set Guac redirect URI after install) by @damoodamoo in #2083
• Doc Site Updates to Move Docs and Fix Broken Links by @martinpeck in #2090
• make linting easier by @martinpeck in #2094
• Adding networking changes (Eventgrid to SB enablement) by @eladiw in #2055
• Run extended-aad tests only on main by @tamirkamara in #2102
• fix broken airlock upgrades by @eladiw in #2107
• Add curl retry by @tamirkamara in #2046
• Update workspace redirect uris when auto-aad is disabled by @tamirkamara in #2100
• Guacamole user resource templates tagging by @pedro-pelegrin-nttdata in #2061
• Workspace app service SKU as top level parameter by @tamirkamara in #2117
• Rename event grid topics to force recreate by @tamirkamara in #2120
• Fix Guacamole's authentication URI to support auto update in workspace app by @tamirkamara in #2118
• Stop running Terraform in base workspace upgrade (temp fix) by @tamirkamara in #2119
• [airlock] Create containers by @LizaShak in #2091
• Workspace costs API endpoint (/api/workspaces/<tre_workspace_id>/costs) by @guybartal in #2089
• Unit tests for Airlock API by @anatbal in #2105
• Align airlock tags by @tamirkamara in #2123
• Get airlock request endpoint by @anatbal in #2133
• Run airlock's unit-tests in docker by @tamirkamara in #2128
• resourceTemplateName is only required for targeting shared services by @damoodamoo in #2134
• Set Nexus default to V2 by @jjgriff93 in #2103
• Failed deployment of shared service can be attempted again by @tanya-borisova in #2101
• Malware scanning support (no actual scanner) + Refactoring airlock stages by @eladiw in #2127
• Fix redacting secrets when sending messages to Resource Processor by @tanya-borisova in #2136
• Gitea Outputs fix by @damoodamoo in #2141
• UI: Add Power state display to resources by @jjgriff93 in #2095
• Fix pipeline uninstalling a parent instead of upgrading it by @tanya-borisova in #2153
• TRE API consumes and handles the StepResult event by @anatbal in #2142
• Migrations were not running by @ross-p-smith in #2151
• Migrations logging fix by @ross-p-smith in #2160
• UI: Use client_id instead of scope_id by @damoodamoo in #2169
• [temp fix] Delay between system topics creation by @tamirkamara in #2165
• Fix Cost API Bugs by @guybartal in #2145
• Airlock - Adding missing blocked storage by @eladiw in #2163
• Missing diagnostics for airlock processor function by @anatbal in #2170
• Update all statuses by @damoodamoo in #2154
• Fix check-param target by @tamirkamara in #2157
• Support unit tests reports from forks by @tamirkamara in #2162
• Support choosing GitHub deployment environment by @tamirkamara in #2181
• Fix Airlock blocked functionality by @anatbal in #2183
• 1. Workspace App registration Admin Consent by @ross-p-smith in #2092
• Remove Cosmos permission for Airlock id by @tamirkamara in #2188
• Fix make auth for first run by @ross-p-smith in #2190
• Add additional Nexus proxy repos by @marrobi in #2176
• UI describing how to auto_create by @ross-p-smith in #2193
• E2E Test Failures by @damoodamoo in #2192
• Tag resource groups with version info by @tamirkamara in #2182
• Add api to get SAS token by @LizaShak in #2155
• Workspace sample env file fixes by @ross-p-smith in #2194
• UI should not use client Id, but rather ApplicationIdURI by @ross-p-smith in #2196
• Airlock API - instrument the airlock with notifications events by @anatbal in #2195
• Fix certs generate custom action fails in makefile command by @jjgriff93 in #2177
• Use clientId rather than ScopeId in Guacamole Audience by @ross-p-smith in #2198
• Delete VM extensions manually before deleting the whole resource by @tanya-borisova in #2202
• Airlock - cancel api endpoint by @yuvalyaron in #2199
• Trigger the AAD Tests from the PR Bot by @ross-p-smith in #2203
• Reset vm password by @jjgriff93 in #2204
• Delete VM extensions: Fix xargs command by @tanya-borisova in #2223
• Remove innereye workspace & devtestlabs workspace service templates by @tamirkamara in #2205
• Git version tags use parent repo & don't fail when absent by @tamirkamara in #2225
• AML bundle fails due to missing tags by @pedro-pelegrin-nttdata in #2209
• Upgrading AzureRM Provider by @ross-p-smith in #2219
• "Resource does not exist" log errors fix by @damoodamoo in #2228
• Remove Temporary EventGrid Fix by @tamirkamara in #2231
• Pass email lists on notifications by @LizaShak in #2244
• API Swagger fix: switch lstrip with replace by @tamirkamara in #2248
• Fix migration conditions and shared services invariant by @tanya-borisova in #2235
• API Swagger fix: switch lstrip with replace (bug) by @tamirkamara in #2251
• Added actionDisabled states by @jjgriff93 in #2252
• Fix building cert shared service by @tanya-borisova in #2256
• UI Schema by @damoodamoo in #2254
• 1. Devcontainer on Az CLI 2.37 by @ross-p-smith in #2172
• Add closing keywords to PR template by @tanya-borisova in #2258
• Make resource migration more efficient by @tanya-borisova in #2257
• Typo in test selector by @ross-p-smith in #2261
• Create an auth.env when you make auth and load all the .env in automatically. by @ross-p-smith in #2259
• Update guacamole webapp TF resource by @tamirkamara in #2233
• Update API webapp TF resource by @tamirkamara in #2232
• Disable link on card if auto_create aad by @damoodamoo in #2265
• [airlock] - Fix none emails in notification recipients list by @LizaShak in #2264
• Fix conflict in webapps vnet integration by @tamirkamara in #2280
• Lock pytest-asyncio version by @SharonHart in #2284
• Fix Airlock app settings to remove TF recurring changes by @tamirkamara in #2283
• Cost reporting docs by @guybartal in #2288
• Remove escaped quotes from etag by @SharonHart in #1955
• Add new tflint rules and fix raised issues by @tamirkamara in #2287
• Upgrade CodeQL to v2 by @tamirkamara in #2290
• Add missing (cost) tags by @guybartal in #2291
• Fix devcontainer lint errors by @tamirkamara in #2292
• UI Status Badge by @damoodamoo in #2298
• Shared services limited to TRE admin in API and UI by @damoodamoo in #2300
• Add logging to delete_vm_extensions.sh by @tanya-borisova in #2301
• Use the config value for app plan in the tests by @ross-p-smith in #2266
• Fixed substitution for list of strings by @damoodamoo in #2307
• Airlock - optionally support import/export per workspace by @yuvalyaron in #2303
• TRE stop/start controls vmss and vm by @tamirkamara in #2295
• Fix tflint issues in base workspace by @tamirkamara in #2293
• Adding airlock swimlanes + doc by @eladiw in #2305
• Delete vm extensions: Suppress warning exit code in grep by @tanya-borisova in #2309
• Initial Proposal for Restructuring Docs by @martinpeck in #2108
• Restricted Shared Service: API and UI Screens by @damoodamoo in #2308
• Airlock doc by @joalmeid in #2082
• Add Airlock Notifications by @SharonHart in #2289
• Main build: Increase timeout for shared services test by @tanya-borisova in #2314
• Increase timeout for e2e tests in CI by @tanya-borisova in #2318
• Turn on vmss auto-repair by @tamirkamara in #2326
• Core apps use proper cloud_RoleName values by @tamirkamara in #2324
• Bump terser from 5.14.1 to 5.14.2 in /ui/app by @dependabot in #2312
• Recursive display component for complex props by @damoodamoo in #2340
• fixed resource card link by @damoodamoo in #2341
• Add App Insights to base workspace by @stuartleeks in #2131
• Bundles build their own runtime image by @tamirkamara in #2331
• Check status runs after all tests by @tamirkamara in #2336
• Resource processor checks its runner processes by @tamirkamara in #2329
• Remove appinsights key references by @tamirkamara in #2334
• Fix local debugging for Airlock by @anatbal in #2343
• Jumpbox uses a known username by @tamirkamara in #2335
• Airlock E2E import flow test by @guybartal in #2344
• Fix guacamole image name bug by @tamirkamara in #2361
• Fix linux VM deployment issues by @marrobi in #2346
• Temporarily disable airlock e2e test by @guybartal in #2364
• Guacamole app check in E2E by @tamirkamara in #2362
• CI retries bundle build & publish commands by @tamirkamara in #2366

New Contributors

• @sonali-rajput made their first contribution in #1872
• @SharonHart made their first contribution in #1932
• @dusan-ilic-mhra made their first contribution in #1957
• @ciprianmaf made their first contribution in #1971
• @pedro-pelegrin-nttdata made their first contribution in #1970
• @yuvalyaron made their first contribution in #2199

Full Changelog: v0.3...v0.4