Releases: microsoft/AzureTRE
Releases · microsoft/AzureTRE
0.13.0
BUG FIXES:
- Custom actions fail on resources with a pipeline (#3646)
- Upgrade airlock and unrestricted workspaces to base workspace version 0.12.0 (#3659)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.3 |
| tre-workspace-base | 1.4.4 |
| tre-workspace-unrestricted | 0.10.2 |
| tre-workspace-airlock-import-review | 0.11.2 |
| tre-service-mlflow | 0.7.2 |
| tre-workspace-service-health | 0.2.1 |
| tre-service-databricks | 1.0.0 |
| tre-service-innereye | 0.6.1 |
| tre-workspace-service-gitea | 0.8.2 |
| tre-workspace-service-mysql | 0.4.1 |
| tre-workspace-service-ohdsi | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.6.5 |
| tre-service-guacamole-export-reviewvm | 0.1.4 |
| tre-service-guacamole-windowsvm | 0.7.5 |
| tre-service-guacamole-import-reviewvm | 0.2.4 |
| tre-service-guacamole | 0.9.4 |
| tre-user-resource-aml-compute-instance | 0.5.4 |
| tre-service-azureml | 0.8.7 |
| tre-shared-service-cyclecloud | 0.5.1 |
| tre-shared-service-databricks-private-auth | 0.1.2 |
| tre-shared-service-gitea | 0.6.2 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.0 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.5.3 |
| tre-shared-service-firewall | 1.1.1 |
Full Changelog: v0.12.0...v0.13.0
0.12.0
FEATURES:
- OHDSI workspace service (#3562)
ENHANCEMENTS:
- Workspace networking peering sync is handled natively by Terraform (#3534)
- Use SMTP built in connector vs API connector in Airlock Notifier (#3572)
- Update Guacamole dependencies (#3602)
BUG FIXES:
- Nexus might fail to deploy due to wrong identity used in key-vault extension (#3492)
- Airlock notifier needs SCM basic-auth enabled to install (#3509)
- Databricks fails to deploy in East US (#3515)
load_env.shis able to use an equal=sign in values (#3535)- Make AML route names unique (#3546)
- Azure ML connection URI is an object, not string (#3486)
- Update key in Linux VM deploy script (#3434)
- Add missing
azure_environmentporter parameters (#3549) - Fix airlock_notifier not getting the right smtp password (#3561)
- Fix issue when deleting failed resources gives no steps (#3567)
- Fix airlock_notifier not getting the right smtp password (#3565)
- Fix issues with networking dependencies and AMPLS deployment (#3433)
- Update CLI install method to fix dependency issue (#3601)
- Update Databricks UDRs for west europe and switch to DFS private endpoint. ([#3582)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.2 |
| tre-workspace-base | 1.4.4 |
| tre-workspace-airlock-import-review | 0.10.1 |
| tre-workspace-unrestricted | 0.9.0 |
| tre-workspace-service-gitea | 0.8.1 |
| tre-service-guacamole | 0.9.3 |
| tre-service-guacamole-windowsvm | 0.7.5 |
| tre-service-guacamole-import-reviewvm | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.5 |
| tre-service-guacamole-export-reviewvm | 0.1.4 |
| tre-workspace-service-health | 0.2.1 |
| tre-workspace-service-ohdsi | 0.2.0 |
| tre-service-azureml | 0.8.7 |
| tre-user-resource-aml-compute-instance | 0.5.4 |
| tre-service-mlflow | 0.7.1 |
| tre-service-databricks | 1.0.0 |
| tre-workspace-service-mysql | 0.4.1 |
| tre-service-innereye | 0.6.1 |
| tre-shared-service-cyclecloud | 0.5.1 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-gitea | 0.6.1 |
| tre-shared-service-certs | 0.5.0 |
| tre-shared-service-databricks-private-auth | 0.1.1 |
| tre-shared-service-admin-vm | 0.4.0 |
| tre-shared-service-sonatype-nexus | 2.5.2 |
| tre-shared-service-firewall | 1.1.1 |
Full Changelog: v0.11.0...v0.12.0
0.11.0
ENHANCEMENTS:
BUG FIXES:
- AML workspace service fails to install and puts firewall into failed state (#3448)
- Nexus fails to install due to
az loginand firewall rules (#3453)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.1 |
| tre-workspace-base | 1.2.3 |
| tre-workspace-unrestricted | 0.9.0 |
| tre-workspace-airlock-import-review | 0.10.1 |
| tre-service-mlflow | 0.7.1 |
| tre-workspace-service-health | 0.2.1 |
| tre-service-databricks | 0.2.1 |
| tre-service-innereye | 0.6.1 |
| tre-workspace-service-gitea | 0.8.1 |
| tre-workspace-service-mysql | 0.4.1 |
| tre-service-guacamole-linuxvm | 0.6.5 |
| tre-service-guacamole-export-reviewvm | 0.1.4 |
| tre-service-guacamole-windowsvm | 0.7.4 |
| tre-service-guacamole-import-reviewvm | 0.2.4 |
| tre-service-guacamole | 0.9.0 |
| tre-user-resource-aml-compute-instance | 0.5.4 |
| tre-service-azureml | 0.8.2 |
| tre-shared-service-cyclecloud | 0.5.1 |
| tre-shared-service-databricks-private-auth | 0.1.1 |
| tre-shared-service-gitea | 0.6.1 |
| tre-shared-service-airlock-notifier | 0.5.0 |
| tre-shared-service-admin-vm | 0.4.0 |
| tre-shared-service-certs | 0.5.0 |
| tre-shared-service-sonatype-nexus | 2.5.0 |
| tre-shared-service-firewall | 1.1.1 |
Full Changelog: v0.10.0...v0.11.0
0.10.0
BREAKING CHANGES & MIGRATIONS:
- A migration for OperationSteps in Operation objects was added (#3358)
- Some Github secrets have moved to be environment variables -
LOCATIONand a few optional others will need to be redefined as listed here (#3084)
FEATURES:
- (UI) Added upgrade button to resources that have pending template upgrades (#3387)
- Enable deployment to Azure US Government Cloud (#3128)
ENHANCEMENTS:
- Added 'availableUpgrades' field to Resources in GET/GET all Resources endpoints. The field indicates whether there are template versions that a resource can be upgraded to #3234
- Update Porter (1.0.11), Docker (23.0.3), Terraform (1.4.5) (#3430)
- Build, publish and register Databricks bundles in workflow (#3447)
BUG FIXES:
- Fix ENABLE_SWAGGER configuration being ignored in CI (#3355)
- Set yq output format when reading a json file (#3441)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.1 |
| tre-shared-service-admin-vm | 0.4.0 |
| tre-shared-service-airlock-notifier | 0.5.0 |
| tre-shared-service-certs | 0.5.0 |
| tre-shared-service-cyclecloud | 0.5.1 |
| tre-shared-service-databricks-private-auth | 0.1.1 |
| tre-shared-service-firewall | 1.1.0 |
| tre-shared-service-gitea | 0.6.1 |
| tre-shared-service-sonatype-nexus | 2.4.0 |
| tre-service-azureml | 0.8.1 |
| tre-user-resource-aml-compute-instance | 0.5.4 |
| tre-service-databricks | 0.2.1 |
| tre-workspace-service-gitea | 0.8.1 |
| tre-service-guacamole | 0.8.4 |
| tre-service-guacamole-export-reviewvm | 0.1.4 |
| tre-service-guacamole-import-reviewvm | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.5 |
| tre-service-guacamole-windowsvm | 0.7.4 |
| tre-workspace-service-health | 0.2.1 |
| tre-service-innereye | 0.6.1 |
| tre-service-mlflow | 0.7.1 |
| tre-workspace-service-mysql | 0.4.1 |
| tre-workspace-airlock-import-review | 0.10.1 |
| tre-workspace-base | 1.2.3 |
| tre-workspace-unrestricted | 0.9.0 |
Full Changelog: v0.9.0...v0.10.0
0.9.0
BREAKING CHANGES & MIGRATIONS:
-
Move to Azure Firewall Policy #3107. This is a major version for the firewall shared service and will fail to automatically upgrade. You should follow these steps to complete it:
-
Let the system try to do the upgrade (via CI or
make all). It will fail but it's fine since now we have the new version published and registered. -
Make a temporary network change with either of the following options:
- Azure Portal: find your TRE resource group and select the route table resource (named
rt-YOUR_TRE_ID).
In the overview screen, find theResourceProcessorSubnet(should be last in the subnet list), click on the...and selectDissociate. - Azure CLI:
az network vnet subnet update --resource-group rg-YOUR_TRE_ID --vnet-name vnet-YOUR_TRE_ID --name ResourceProcessorSubnet --remove routeTable
- Azure Portal: find your TRE resource group and select the route table resource (named
-
Issue a patch API request to
force-updatethe firewall to its new version.One way to accomplish this is with the Swagger endpoint (/api/docs).
If this endpoint is not working in your deployment - include
enable_swaggerin yourconfig.yaml(see the sample file), or temporarly activate it via the API resource on azure (namedapi-YOUR_TRE-ID) -> Configuration ->ENABLE_SWAGGERitem.
⚠️ Any custom rules you have added manually will be lost and you'll need to add them back after the upgrade has been completed. -
FEATURES:
- Add Azure Databricks as workspace service #1857
- (UI) Added the option to upload/download files to airlock requests via Azure CLI (#3196)
ENHANCEMENTS:
- Add support for referencing IP Groups from the Core Resource Group in firewall rules created via the pipeline #3089
- Support for Azure Firewall Basic SKU #3107. This SKU doesn't support deallocation and for most non 24/7 scenarios will be more expensive than the Standard SKU.
- Update Azure Machine Learning Workspace Service to support "no public IP" compute. This is a full rework so upgrades of existing Azure ML Workspace Service deployments are not supported. Requires
v0.8.0or later of the TRE project. #3052 - Move non-core DNS zones out of the network module to reduce dependencies #3119
- Review VMs are being cleaned up when an Airlock request is canceled (#3130)
- Sample queries to investigate logs of the core TRE applications (#3151)
- Remove support of docker-in-docker for templates/bundles (#3180)
- API runs with gunicorn and uvicorn workers (as recommended) #3178
- Upgrade core components and key templates to Terraform AzurmRM #3185
BUG FIXES:
- Reauth CLI if TRE endpoint has changed #3137
- Added Migration for Airlock requests that were created prior to version 0.5.0 (#3152)
- Temporarily use the remote bundle for
check-paramstarget #3149 - Workspace module dependency to resolve AnotherOperationInProgress errors #3194
- Skip Certs shared service E2E on Friday & Saturday due to LetsEncrypt limits #3203
- Create Workspace AppInsights via AzAPI provider due to an issue with AzureRM #3207
- 'Workspace Owner' is now able to access Airlock request's SAS URL even if the request is not in review #3208
- Ignore changes in log_analytics_destination_type to prevent redundant updates #3217
- Fix DNS conflict in airlock-review workspace that could make the entire airlock module inoperable #3215
COMPONENTS:
| name | version |
|---|---|
| devops | 0.4.5 |
| core | 0.7.4 |
| tre-shared-service-admin-vm | 0.3.0 |
| tre-shared-service-airlock-notifier | 0.4.0 |
| tre-shared-service-certs | 0.4.0 |
| tre-shared-service-cyclecloud | 0.4.0 |
| tre-shared-service-firewall | 1.0.0 |
| tre-shared-service-gitea | 0.5.0 |
| tre-shared-service-sonatype-nexus | 2.3.0 |
| tre-service-azureml | 0.7.26 |
| tre-user-resource-aml-compute-instance | 0.5.3 |
| tre-service-databricks | 0.1.72 |
| tre-workspace-service-gitea | 0.7.0 |
| tre-service-guacamole | 0.7.1 |
| tre-service-guacamole-export-reviewvm | 0.1.2 |
| tre-service-guacamole-import-reviewvm | 0.2.2 |
| tre-service-guacamole-linuxvm | 0.6.2 |
| tre-service-guacamole-windowsvm | 0.7.2 |
| tre-workspace-service-health | 0.1.1 |
| tre-service-innereye | 0.5.0 |
| tre-service-mlflow | 0.6.4 |
| tre-workspace-service-mysql | 0.3.3 |
| tre-workspace-airlock-import-review | 0.8.1 |
| tre-workspace-base | 1.1.0 |
| tre-workspace-unrestricted | 0.8.1 |
Full Changelog: v0.8.0...v0.9.0
0.8.0
BREAKING CHANGES & MIGRATIONS:
- The model for
reviewUserResourcesin airlock requests has changed from being a list to a dictionary. A migration has been added to update your existing requests automatically; please make sure you run the migrations as part of updating your API and UI.- Note that any in-flight requests that have review resources deployed will show
UNKNOWN[i]for the user key of that resource and in the UI users will be prompted to deploy a new resource. #2883
- Note that any in-flight requests that have review resources deployed will show
- Env files consolidation (#2944) - The files /templates/core/.env, /devops/.env, /devops/auth.env are no longer used. The settings and configuration that they contain has been consolidated into a single file config.yaml that lives in the root folder of the project.
Use the script devops/scripts/env_to_yaml_config.sh to migrate /templates/core/.env, /devops/.env, and /devops/auth.env to the new config.yaml file. - Upgrade to Porter v1 (#3014). You should upgrade all custom template definitions and rebuild them.
FEATURES:
- Support review VMs for multiple reviewers for each airlock request #2883
- Add Azure Health Data Services as workspace services #3051
ENHANCEMENTS:
- Remove Porter's Docker mixin as it's not in use (#2889)
- Enable properties defined within the API to be overridden by the bundle template - enables default values to be set. (#2576)
- Support template version update (#2908)
- Update docker base images to bullseye (#2946
- Support updating the firewall when installing via makefile/CICD (#2942)
- Add the ability for workspace services to request addional address spaces from a workspace (#2902)
- Airlock processor function and api app service work with http2
- Added the option to disable Swagger (#2981)
- Serverless CosmosDB for new deployments to reduce cost (#3029)
- Adding disable_download and disable_upload properties for guacamole (#2967)
- Upgrade Guacamole dependencies (#3053)
- Lint TRE cost tags per entity type (workspace, shared service, etc.) (#3061)
- Validate required secrets have value (#3073)
BUG FIXES:
- Private endpoints for AppInsights are now provisioning successfully and consistently (#2841)
- Enable upgrade step of base workspace (#2899)
- Fix get shared service by template name to filter by active service only (#2947)
- Fix untagged cost reporting reader role assignment (#2951)
- Remove Guacamole's firewall rule on uninstall (#2958)
- Fix KeyVault purge error on MLFlow uninstall (#3082)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.4.4 |
| core | 0.5.2 |
| tre-shared-service-admin-vm | 0.3.0 |
| tre-shared-service-airlock-notifier | 0.3.0 |
| tre-shared-service-certs | 0.3.1 |
| tre-shared-service-cyclecloud | 0.4.0 |
| tre-shared-service-firewall | 0.7.0 |
| tre-shared-service-gitea | 0.5.0 |
| tre-shared-service-sonatype-nexus | 2.3.0 |
| tre-service-azureml | 0.6.0 |
| tre-user-resource-aml-compute-instance | 0.5.0 |
| tre-workspace-service-gitea | 0.7.0 |
| tre-service-guacamole | 0.7.0 |
| tre-service-guacamole-export-reviewvm | 0.1.0 |
| tre-service-guacamole-import-reviewvm | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.6.1 |
| tre-service-guacamole-windowsvm | 0.6.0 |
| tre-workspace-service-health | 0.1.0 |
| tre-service-innereye | 0.5.0 |
| tre-service-mlflow | 0.6.0 |
| tre-workspace-service-mysql | 0.3.1 |
| tre-workspace-airlock-import-review | 0.6.0 |
| tre-workspace-base | 0.8.1 |
| tre-workspace-unrestricted | 0.6.0 |
Full Changelog: v0.7.0...v0.8.0
0.7.0
BREAKING CHANGES & MIGRATIONS:
- The airlock request object has changed. Make sure you have ran the db migration step after deploying the new API image and UI (which runs automatically in
make all/make tre-deploybut can be manually invoked withmake db-migrate) so that existing requests in your DB are migrated to the new model. - Also the model for creating new airlock requests with the API has changed slightly; this is updated in the UI and CLI but if you have written custom tools ensure you are POSTing to
/requestswith the following model:
{
"type": "'import' or 'export'",
"title": "a request title",
"businessJustification": "some business justification"
}- Fields in AirlockNotification event have changed without backward compatibility. If Airlock Notifier shared service is deployed, it needs to be re-deployed. Any other consumers of AirlockNotification event need to be updated. For more details, see #2798
FEATURES:
- Display workspace and shared services total costs for admin role in UI (#2772)
- Automatically validate all resources have tre_id tag via TFLint (#2774)
- Add metadata endpoint and simplify
treCLI login (also adds API version to UI) (#2794) - Updated resource card in UI with visual improvements, disabled state badge and resource ID in info popout (#2846)
- Add health information for backend services to UI info popout in footer (#2846)
ENHANCEMENTS:
- Renamed several airlock fields to make them more descriptive and added a createdBy field. Included migration for backwards compatibility #2779
- Show error message when Review VMs are not configured in the current workspace
- CLI: Add missing endpoints and minor bug fixes (#2784)
- Airlock Notifier: Provide a link to request in the UI in the email (#2754)
- Add additional fields for Airlock Notification event (#2798)
- Fail firewall database migration if there's no firewall deployed (#2792)
- Added optional parameter to allow a client to retrieve a template by name and version (#2802)
- Added support for
allOfusage in Resource Templates - both across the API and the UI. This allows a template author to specify certain fields as being conditionally present / conditionally required, and means we can tidy up some of the resource creation forms substantially (#2795). - As part of the above change, the
auto_createstring passed to theclient_idfield in each Workspace template has now moved to anauth_typeenum field, where the user can select the authentication type from a dropdown. - Adds extra dns zones and links into core network (#2828).
- Add UI version to its footer card (#2849).
- Use
log_category_typesinazurerm_monitor_diagnostic_categoriesto remove deprecation warning (#2855). - Gitea workspace bundle has a number of updates as detailed in PR (#2862).
BUG FIXES:
- Show the correct createdBy value for airlock requests in UI and in API queries (#2779)
- Fix deployment of Airlock Notifier (#2745)
- Fix Nexus bootstrapping firewall race condition (#2811)
- Handle unsupported azure subscriptions in cost reporting (#2823)
- Redact secrets in conditional or nested properties (#2854)
- Fix missing ID parameter in Certs bundle (#2841)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.4.2 |
| core | 0.4.43 |
| tre-workspace-base | 0.5.1 |
| tre-workspace-unrestricted | 0.5.0 |
| tre-workspace-airlock-import-review | 0.5.0 |
| tre-service-mlflow | 0.4.0 |
| tre-service-innereye | 0.4.0 |
| tre-workspace-service-gitea | 0.6.0 |
| tre-workspace-service-mysql | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.5.2 |
| tre-service-guacamole-export-reviewvm | 0.0.6 |
| tre-service-guacamole-windowsvm | 0.5.2 |
| tre-service-guacamole-import-reviewvm | 0.1.3 |
| tre-service-guacamole | 0.5.0 |
| tre-user-resource-aml-compute-instance | 0.4.1 |
| tre-service-azureml | 0.5.6 |
| tre-shared-service-cyclecloud | 0.3.0 |
| tre-shared-service-gitea | 0.4.0 |
| tre-shared-service-airlock-notifier | 0.2.3 |
| tre-shared-service-admin-vm | 0.2.0 |
| tre-shared-service-certs | 0.2.2 |
| tre-shared-service-sonatype-nexus | 2.2.3 |
| tre-shared-service-firewall | 0.6.2 |
Full Changelog: v0.6.0...v0.7.0
0.6.0
FEATURES:
- Added filtering and sorting to Airlock UI (#2511)
- Added title field to Airlock requests (#2503)
- New Create Review VM functionality for Airlock Reviews (#2738 & #2737)
ENHANCEMENTS:
- Add cran support to nexus, open port 80 for the workspace nsg and update the firewall config to allow let's encrypt CRLs (#2694)
- Upgrade Github Actions versions (#2731)
- Install TRE CLI inside the devcontainer image (rather than via a post-create step) (#2757)
- Upgrade Terraform to 1.3.2 (#2758)
treCLI: addedrawoutput option, improvedairlock-requestshandling, more consistent exit codes on error, added examples to CLI README.md
BUG FIXES:
- Pin Porter's plugin/mixin versions used (#2762)
- Fix issues with AML workspace service deployment (#2768)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.4.2 |
| core | 0.4.37 |
| tre-workspace-base | 0.4.2 |
| tre-workspace-unrestricted | 0.2.0 |
| tre-workspace-airlock-import-review | 0.4.0 |
| tre-service-mlflow | 0.4.0 |
| tre-service-innereye | 0.4.0 |
| tre-workspace-service-gitea | 0.5.0 |
| tre-workspace-service-mysql | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.5.2 |
| tre-service-guacamole-export-reviewvm | 0.0.6 |
| tre-service-guacamole-windowsvm | 0.5.2 |
| tre-service-guacamole-import-reviewvm | 0.1.3 |
| tre-service-guacamole | 0.5.0 |
| tre-user-resource-aml-compute-instance | 0.4.1 |
| tre-service-azureml | 0.5.6 |
| tre-shared-service-cyclecloud | 0.3.0 |
| tre-shared-service-gitea | 0.4.0 |
| tre-shared-service-airlock-notifier | 0.2.2 |
| tre-shared-service-admin-vm | 0.2.0 |
| tre-shared-service-certs | 0.2.0 |
| tre-shared-service-sonatype-nexus | 2.2.2 |
| tre-shared-service-firewall | 0.6.1 |
Full Changelog: v0.5.1...v0.6.0
v0.5.1
0.5.1 (October 12, 2022)
BUG FIXES:
- Fix shared service 409 installation issue when in status other than deployed (#2725)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.4.2 |
| core | 0.4.36 |
| tre-workspace-base | 0.4.0 |
| tre-workspace-unrestricted | 0.2.0 |
| tre-workspace-airlock-import-review | 0.4.0 |
| tre-service-mlflow | 0.4.0 |
| tre-service-innereye | 0.4.0 |
| tre-workspace-service-gitea | 0.5.0 |
| tre-workspace-service-mysql | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.5.1 |
| tre-service-guacamole-export-reviewvm | 0.0.4 |
| tre-service-guacamole-windowsvm | 0.5.1 |
| tre-service-guacamole-import-reviewvm | 0.1.1 |
| tre-service-guacamole | 0.5.0 |
| tre-user-resource-aml-compute-instance | 0.4.1 |
| tre-service-azureml | 0.5.1 |
| tre-shared-service-cyclecloud | 0.3.0 |
| tre-shared-service-gitea | 0.4.0 |
| tre-shared-service-airlock-notifier | 0.2.0 |
| tre-shared-service-admin-vm | 0.2.0 |
| tre-shared-service-certs | 0.2.0 |
| tre-shared-service-sonatype-nexus | 2.2.0 |
| tre-shared-service-firewall | 0.6.1 |
Changelog: v0.5.0...v0.5.1
0.5.0
0.5.0 (October 10, 2022)
BREAKING CHANGES & MIGRATIONS:
- Github Actions deployments use a single ACR instead of two. Github secrets might need updating, see PR for details. (#2654)
- Align Github Action secret names. Existing Github environments must be updated, see PR for details. (#2655)
- Add workspace creator as an owner of the workspace enterprise application (#2627). Migration if the
AUTO_WORKSPACE_APP_REGISTRATIONis set, theDirectory.Read.AllMS Graph API permission permission needs granting to the Application Registration identified byAPPLICATION_ADMIN_CLIENT_ID. - Add support for setting AppService plan SKU in GitHub Actions. Previous environment variable names of
API_APP_SERVICE_PLAN_SKU_SIZEandAPP_SERVICE_PLAN_SKUhave been renamed toCORE_APP_SERVICE_PLAN_SKUandWORKSPACE_APP_SERVICE_PLAN_SKU(#2684) - Reworked how status update messages are handled by the API, to enforce ordering and run the queue subscription in a dedicated thread. Since sessions are now enabled for the status update queue, a
tre-deployis required, which will re-create the queue. (#2700) - Guacamole user-resource templates have been updated. VM SKU and image details are now specified in
porter.yaml. SeeREADME.mdin the guacamoleuser-resourcesfolder for details. deploy_shared_services.shnow uses thetreCLI. Ensure that your CI/CD environment installs the CLI ((cd cli && make install-cli))
FEATURES:
- Add Import Review Workspace (#2498)
- Restrict resource templates to specific roles (#2600)
- Import review user resource template (#2601)
- Export review user resource template (#2602)
- Airlock Manager can use user resources (#2499)
- Users only see templates they are authorized to use (#2640)
- Guacamole user-resource templates now have support for custom VM images from image galleries (#2634)
- Add initial
treCLI (2537)
ENHANCEMENTS:
- Cancelling an Airlock request triggers deletion of the request container and files (#2584)
- Airlock requests with status "blocked_by_scan" have the reason for being blocked by the malware scanner in the status_message field (#2666)
- Move admin-vm from core to a shared service (#2624)
- Remove obsolete docker environment variables (#2675)
- Using Porter's Terrform mixin 1.0.0-rc.1 where mirror in done internally (#2677)
- Airlock function internal storage is accessed with private endpoints (#2679)
BUG FIXES:
- Resource processor error on deploying user-resource: TypeError: 'NoneType' object is not iterable (#2569)
- Update Porter and Terraform mixin versions (#2639)
- Airlock Manager should have permissions to get SAS token (#2502)
- Terraform unmarshal errors in
migrate.sh(#2673)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.4.2 |
| core | 0.4.36 |
| porter-hello | 0.1.0 |
| tre-workspace-base-sl-test | 0.3.19 |
| tre-workspace-base | 0.4.0 |
| tre-workspace-unrestricted | 0.2.0 |
| tre-workspace-airlock-import-review | 0.4.0 |
| tre-service-mlflow | 0.4.0 |
| tre-service-innereye | 0.4.0 |
| tre-workspace-service-gitea | 0.5.0 |
| tre-workspace-service-mysql | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.5.1 |
| tre-service-guacamole-export-reviewvm | 0.0.4 |
| tre-service-guacamole-windowsvm | 0.5.1 |
| tre-service-guacamole-import-reviewvm | 0.1.1 |
| tre-service-guacamole | 0.5.0 |
| tre-user-resource-aml-compute-instance | 0.4.1 |
| tre-service-azureml | 0.5.1 |
| tre-shared-service-cyclecloud | 0.3.0 |
| tre-shared-service-gitea | 0.4.0 |
| tre-shared-service-airlock-notifier | 0.2.0 |
| tre-shared-service-admin-vm | 0.2.0 |
| tre-shared-service-certs | 0.2.0 |
| tre-shared-service-sonatype-nexus | 2.2.0 |
| tre-shared-service-firewall | 0.6.1 |
Full Changelog: v0.4.3...v0.5.0