From 618f5fe1efcfad3bfdc6b8245f30e8b30a8e5e81 Mon Sep 17 00:00:00 2001 From: JaimieWi <92854957+JaimieWi@users.noreply.github.com> Date: Wed, 21 Sep 2022 14:53:32 +0000 Subject: [PATCH 01/11] import reviewer vm --- .../guacamole-azure-reviewervm/.dockerignore | 11 + .../guacamole-azure-reviewervm/.env.sample | 5 + .../Dockerfile.tmpl | 38 +++ .../delete_vm_extensions.sh | 34 +++ .../parameters.json | 74 ++++++ .../guacamole-azure-reviewervm/porter.yaml | 243 ++++++++++++++++++ .../reset_password.sh | 22 ++ .../template_schema.json | 38 +++ .../terraform/empty.txt | 1 + 9 files changed, 466 insertions(+) create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl create mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh create mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml create mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/template_schema.json create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/terraform/empty.txt diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore new file mode 100644 index 0000000000..28756cfe84 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore @@ -0,0 +1,11 @@ +# Local .terraform directories +**/.terraform/* + +# TF backend files +**/*_backend.tf + +Dockerfile.tmpl + +.env* +terraform/deploy.sh +terraform/destroy.sh diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample new file mode 100644 index 0000000000..c9ef2af4c2 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample @@ -0,0 +1,5 @@ +# GUID to identify the workspace +WORKSPACE_ID=__CHANGE_ME__ + +# Unique identifier of the parent Guacamole service +PARENT_SERVICE_ID=__CHANGE_ME__ diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl new file mode 100644 index 0000000000..84b99183b2 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl @@ -0,0 +1,38 @@ +FROM debian:buster-slim + +ARG BUNDLE_DIR + +ARG AZURE_TRE_VERSION="0.4.3" + +RUN apt-get update \ + && apt-get install --no-install-recommends jq ca-certificates curl -y \ + && apt-get clean -y && rm -rf /var/lib/apt/lists/* + +WORKDIR $BUNDLE_DIR + +RUN curl -o azuretre.tar.gz -L "https://github.com/microsoft/AzureTRE/archive/refs/tags/v${AZURE_TRE_VERSION}.tar.gz" \ + && tar -xzf azuretre.tar.gz "AzureTRE-${AZURE_TRE_VERSION}/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm" --strip-components=4 --skip-old-files \ + && rm -rf azuretre.tar.gz + +# This is a template Dockerfile for the bundle's invocation image +# You can customize it to use different base images, install tools and copy configuration files. +# +# Porter will use it as a template and append lines to it for the mixins +# and to set the CMD appropriately for the CNAB specification. +# +# Add the following line to porter.yaml to instruct Porter to use this template +# dockerfile: Dockerfile.tmpl + +# You can control where the mixin's Dockerfile lines are inserted into this file by moving "# PORTER_MIXINS" line +# another location in this file. If you remove that line, the mixins generated content is appended to this file. +# PORTER_MIXINS + +# Use the BUNDLE_DIR build argument to copy files into the bundle +COPY . $BUNDLE_DIR + +# Mirror plugins to prevent network access at runtime +# Remove when available from https://github.com/getporter/terraform-mixin/issues/90 +WORKDIR $BUNDLE_DIR/terraform +RUN terraform init -backend=false \ + && rm -fr $BUNDLE_DIR/terraform/.terraform/providers \ + && terraform providers mirror /usr/local/share/terraform/plugins diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh new file mode 100755 index 0000000000..7f8405d588 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -o errexit +set -o pipefail +set -o nounset +# Uncomment this line to see each command for debugging +# set -o xtrace + + +# Delete any existing VM Extensions befroe a VM gets deleted. +# This is needed to work around bug https://github.com/hashicorp/terraform-provider-azurerm/issues/6098 + +MGMT_RESOURCE_GROUP_NAME=$1 +MGMT_STORAGE_ACCOUNT_NAME=$2 +TF_STATE_CONTAINER_NAME=$3 +ID=$4 + +pushd terraform + +terraform init -input=false -backend=true \ + -backend-config="resource_group_name=${MGMT_RESOURCE_GROUP_NAME}" \ + -backend-config="storage_account_name=${MGMT_STORAGE_ACCOUNT_NAME}" \ + -backend-config="container_name=${TF_STATE_CONTAINER_NAME}" \ + -backend-config="key=${ID}" + +echo "Running terraform state list" +tf_state_list="$(terraform state list)" +echo "State list result: ${tf_state_list}" + +# The [[ $? == 1 ]] part is here because grep will exit with code 1 if there are no matches, +# which will fail the script because of set -o errexit setting. +echo "${tf_state_list}" | { grep "azurerm_virtual_machine_extension." || [[ $? == 1 ]]; } | xargs -r terraform state rm +echo "Script finished" +popd diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json new file mode 100755 index 0000000000..7ce714f4f1 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json @@ -0,0 +1,74 @@ +{ + "schemaVersion": "1.0.0-DRAFT+TODO", + "name": "guacamole-win-reviewervm", + "created": "2021-06-03T11:54:54.0225968Z", + "modified": "2021-06-03T11:54:54.0225968Z", + "parameters": [ + { + "name": "workspace_id", + "source": { + "env": "WORKSPACE_ID" + } + }, + { + "name": "parent_service_id", + "source": { + "env": "PARENT_SERVICE_ID" + } + }, + { + "name": "tre_id", + "source": { + "env": "TRE_ID" + } + }, + { + "name": "tfstate_container_name", + "source": { + "env": "TERRAFORM_STATE_CONTAINER_NAME" + } + }, + { + "name": "tfstate_resource_group_name", + "source": { + "env": "MGMT_RESOURCE_GROUP_NAME" + } + }, + { + "name": "tfstate_storage_account_name", + "source": { + "env": "MGMT_STORAGE_ACCOUNT_NAME" + } + }, + { + "name": "id", + "source": { + "env": "ID" + } + }, + { + "name": "os_image", + "source": { + "env": "OS_IMAGE" + } + }, + { + "name": "shared_storage_access", + "source": { + "env": "SHARED_STORAGE_ACCESS" + } + }, + { + "name": "shared_storage_name", + "source": { + "env": "SHARED_STORAGE_NAME" + } + }, + { + "name": "vm_size", + "source": { + "env": "VM_SIZE" + } + } + ] +} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml new file mode 100644 index 0000000000..b506dd263d --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml @@ -0,0 +1,243 @@ +--- +name: tre-service-guacamole-reviewervm +version: 0.0.1 +description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" +dockerfile: Dockerfile.tmpl +registry: azuretre + +credentials: + - name: azure_tenant_id + env: ARM_TENANT_ID + - name: azure_subscription_id + env: ARM_SUBSCRIPTION_ID + - name: azure_client_id + env: ARM_CLIENT_ID + - name: azure_client_secret + env: ARM_CLIENT_SECRET + +parameters: + - name: workspace_id + type: string + - name: tre_id + type: string + - name: parent_service_id + type: string + description: "Resource group containing the shared ACR" + env: PARENT_SERVICE_ID + - name: id + type: string + description: "An Id for this installation" + env: id + - name: tfstate_resource_group_name + type: string + description: "Resource group containing the Terraform state storage account" + - name: tfstate_storage_account_name + type: string + description: "The name of the Terraform state storage account" + - name: tfstate_container_name + env: tfstate_container_name + type: string + default: "tfstate" + description: "The name of the Terraform state storage container" + - name: arm_use_msi + env: ARM_USE_MSI + type: boolean + default: false + - name: os_image + type: string + default: "Windows 10" + - name: vm_size + type: string + default: "2 CPU | 8GB RAM" + - name: shared_storage_access + type: boolean + default: true + - name: shared_storage_name + type: string + default: "vm-shared-storage" + +outputs: + - name: ip + type: string + applyTo: + - install + - name: hostname + type: string + applyTo: + - install + - name: connection_uri + type: string + applyTo: + - install + - name: azure_resource_id + type: string + applyTo: + - install + - start + - stop + - reset_password + +mixins: + - exec + - terraform: + clientVersion: 1.2.8 + - az + +install: + - terraform: + description: "Deploy Guacamole User Resource Service (Reviewer VM)" + vars: + workspace_id: "{{ bundle.parameters.workspace_id }}" + tre_id: "{{ bundle.parameters.tre_id }}" + parent_service_id: "{{ bundle.parameters.parent_service_id }}" + tre_resource_id: "{{ bundle.parameters.id }}" + image: "{{ bundle.parameters.os_image }}" + vm_size: "{{ bundle.parameters.vm_size }}" + shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: ip + - name: hostname + - name: connection_uri + - name: azure_resource_id + +upgrade: + - terraform: + description: "Update Guacamole User Resource Service (Reviewer VM)" + vars: + workspace_id: "{{ bundle.parameters.workspace_id }}" + tre_id: "{{ bundle.parameters.tre_id }}" + parent_service_id: "{{ bundle.parameters.parent_service_id }}" + tre_resource_id: "{{ bundle.parameters.id }}" + image: "{{ bundle.parameters.os_image }}" + vm_size: "{{ bundle.parameters.vm_size }}" + shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: ip + - name: hostname + - name: connection_uri + - name: azure_resource_id + +uninstall: + - exec: + description: "Delete the Extensions from the Terraform state manually" + command: ./delete_vm_extensions.sh + arguments: + - "{{ bundle.parameters.tfstate_resource_group_name }}" + - "{{ bundle.parameters.tfstate_storage_account_name }}" + - "{{ bundle.parameters.tfstate_container_name }}" + - "{{ bundle.parameters.id }}" + + - terraform: + description: "Delete the Guacamole User Resource Service" + vars: + workspace_id: "{{ bundle.parameters.workspace_id }}" + tre_id: "{{ bundle.parameters.tre_id }}" + parent_service_id: "{{ bundle.parameters.parent_service_id }}" + tre_resource_id: "{{ bundle.parameters.id }}" + image: "{{ bundle.parameters.os_image }}" + vm_size: "{{ bundle.parameters.vm_size }}" + shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + +start: + - terraform: + arguments: + - "output" + description: "Get resource ID from Terraform outputs" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: azure_resource_id + - az: + description: "Login to Azure" + arguments: + - login + flags: + identity: + username: "{{ bundle.credentials.azure_client_id }}" + - az: + description: "Start the VM" + arguments: + - vm + - start + flags: + ids: "{{ bundle.outputs.azure_resource_id }}" + +stop: + - terraform: + arguments: + - "output" + description: "Get VM hostname and rg from Terraform outputs" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: azure_resource_id + - az: + description: "Login to Azure" + arguments: + - login + flags: + identity: + username: "{{ bundle.credentials.azure_client_id }}" + - az: + description: "Stop the VM" + arguments: + - vm + - deallocate + flags: + ids: "{{ bundle.outputs.azure_resource_id }}" + +reset_password: + - terraform: + arguments: + - "output" + description: "Get VM details from Terraform outputs" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: azure_resource_id + - name: vm_username + - name: vm_password_secret_name + - name: keyvault_name + - az: + description: "Login to Azure" + arguments: + - login + flags: + identity: + username: "{{ bundle.credentials.azure_client_id }}" + - exec: + description: "Reset password and persist to keyvault" + suppress-output: true + command: ./reset_password.sh + arguments: + - "{{ bundle.outputs.vm_password_secret_name }}" + - "{{ bundle.outputs.keyvault_name }}" + - "{{ bundle.outputs.vm_username }}" + - "{{ bundle.outputs.azure_resource_id }}" diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh new file mode 100755 index 0000000000..4c3f0061d5 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +set -o errexit +set -o pipefail +set -o nounset +# Uncomment this line to see each command for debugging (careful: this will show secrets!) +# set -o xtrace + +secret_name=$1 +keyvault_name=$2 +username=$3 +resource_id=$4 +password="$(LC_ALL=C tr -dc 'A-Za-z0-9_%@' Date: Wed, 21 Sep 2022 20:48:51 +0100 Subject: [PATCH 02/11] Fix dockerfile --- .../user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl index 84b99183b2..8f39ad0738 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl @@ -11,7 +11,7 @@ RUN apt-get update \ WORKDIR $BUNDLE_DIR RUN curl -o azuretre.tar.gz -L "https://github.com/microsoft/AzureTRE/archive/refs/tags/v${AZURE_TRE_VERSION}.tar.gz" \ - && tar -xzf azuretre.tar.gz "AzureTRE-${AZURE_TRE_VERSION}/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm" --strip-components=4 --skip-old-files \ + && tar -xzf azuretre.tar.gz "AzureTRE-${AZURE_TRE_VERSION}/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm" --strip-components=6 --skip-old-files \ && rm -rf azuretre.tar.gz # This is a template Dockerfile for the bundle's invocation image From 288f6aaec901d2b0915e1e0fd109b056f0a482e0 Mon Sep 17 00:00:00 2001 From: JaimieWi <92854957+JaimieWi@users.noreply.github.com> Date: Thu, 22 Sep 2022 11:23:32 +0000 Subject: [PATCH 03/11] importreiewer-vm edit to docker file --- .../.dockerignore | 11 + .../.env.sample | 5 + .../Dockerfile.tmpl | 38 +++ .../delete_vm_extensions.sh | 34 +++ .../parameters.json | 74 ++++++ .../porter.yaml | 243 ++++++++++++++++++ .../reset_password.sh | 22 ++ .../template_schema.json | 38 +++ .../terraform/empty.txt | 1 + 9 files changed, 466 insertions(+) create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.dockerignore create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.env.sample create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl create mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh create mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml create mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/terraform/empty.txt diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.dockerignore b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.dockerignore new file mode 100644 index 0000000000..28756cfe84 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.dockerignore @@ -0,0 +1,11 @@ +# Local .terraform directories +**/.terraform/* + +# TF backend files +**/*_backend.tf + +Dockerfile.tmpl + +.env* +terraform/deploy.sh +terraform/destroy.sh diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.env.sample b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.env.sample new file mode 100644 index 0000000000..c9ef2af4c2 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/.env.sample @@ -0,0 +1,5 @@ +# GUID to identify the workspace +WORKSPACE_ID=__CHANGE_ME__ + +# Unique identifier of the parent Guacamole service +PARENT_SERVICE_ID=__CHANGE_ME__ diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl new file mode 100644 index 0000000000..8f39ad0738 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl @@ -0,0 +1,38 @@ +FROM debian:buster-slim + +ARG BUNDLE_DIR + +ARG AZURE_TRE_VERSION="0.4.3" + +RUN apt-get update \ + && apt-get install --no-install-recommends jq ca-certificates curl -y \ + && apt-get clean -y && rm -rf /var/lib/apt/lists/* + +WORKDIR $BUNDLE_DIR + +RUN curl -o azuretre.tar.gz -L "https://github.com/microsoft/AzureTRE/archive/refs/tags/v${AZURE_TRE_VERSION}.tar.gz" \ + && tar -xzf azuretre.tar.gz "AzureTRE-${AZURE_TRE_VERSION}/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm" --strip-components=6 --skip-old-files \ + && rm -rf azuretre.tar.gz + +# This is a template Dockerfile for the bundle's invocation image +# You can customize it to use different base images, install tools and copy configuration files. +# +# Porter will use it as a template and append lines to it for the mixins +# and to set the CMD appropriately for the CNAB specification. +# +# Add the following line to porter.yaml to instruct Porter to use this template +# dockerfile: Dockerfile.tmpl + +# You can control where the mixin's Dockerfile lines are inserted into this file by moving "# PORTER_MIXINS" line +# another location in this file. If you remove that line, the mixins generated content is appended to this file. +# PORTER_MIXINS + +# Use the BUNDLE_DIR build argument to copy files into the bundle +COPY . $BUNDLE_DIR + +# Mirror plugins to prevent network access at runtime +# Remove when available from https://github.com/getporter/terraform-mixin/issues/90 +WORKDIR $BUNDLE_DIR/terraform +RUN terraform init -backend=false \ + && rm -fr $BUNDLE_DIR/terraform/.terraform/providers \ + && terraform providers mirror /usr/local/share/terraform/plugins diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh new file mode 100755 index 0000000000..7f8405d588 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -o errexit +set -o pipefail +set -o nounset +# Uncomment this line to see each command for debugging +# set -o xtrace + + +# Delete any existing VM Extensions befroe a VM gets deleted. +# This is needed to work around bug https://github.com/hashicorp/terraform-provider-azurerm/issues/6098 + +MGMT_RESOURCE_GROUP_NAME=$1 +MGMT_STORAGE_ACCOUNT_NAME=$2 +TF_STATE_CONTAINER_NAME=$3 +ID=$4 + +pushd terraform + +terraform init -input=false -backend=true \ + -backend-config="resource_group_name=${MGMT_RESOURCE_GROUP_NAME}" \ + -backend-config="storage_account_name=${MGMT_STORAGE_ACCOUNT_NAME}" \ + -backend-config="container_name=${TF_STATE_CONTAINER_NAME}" \ + -backend-config="key=${ID}" + +echo "Running terraform state list" +tf_state_list="$(terraform state list)" +echo "State list result: ${tf_state_list}" + +# The [[ $? == 1 ]] part is here because grep will exit with code 1 if there are no matches, +# which will fail the script because of set -o errexit setting. +echo "${tf_state_list}" | { grep "azurerm_virtual_machine_extension." || [[ $? == 1 ]]; } | xargs -r terraform state rm +echo "Script finished" +popd diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json new file mode 100755 index 0000000000..26b6b65e22 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json @@ -0,0 +1,74 @@ +{ + "schemaVersion": "1.0.0-DRAFT+TODO", + "name": "guacamole-win-importreview-vm", + "created": "2021-06-03T11:54:54.0225968Z", + "modified": "2021-06-03T11:54:54.0225968Z", + "parameters": [ + { + "name": "workspace_id", + "source": { + "env": "WORKSPACE_ID" + } + }, + { + "name": "parent_service_id", + "source": { + "env": "PARENT_SERVICE_ID" + } + }, + { + "name": "tre_id", + "source": { + "env": "TRE_ID" + } + }, + { + "name": "tfstate_container_name", + "source": { + "env": "TERRAFORM_STATE_CONTAINER_NAME" + } + }, + { + "name": "tfstate_resource_group_name", + "source": { + "env": "MGMT_RESOURCE_GROUP_NAME" + } + }, + { + "name": "tfstate_storage_account_name", + "source": { + "env": "MGMT_STORAGE_ACCOUNT_NAME" + } + }, + { + "name": "id", + "source": { + "env": "ID" + } + }, + { + "name": "os_image", + "source": { + "env": "OS_IMAGE" + } + }, + { + "name": "shared_storage_access", + "source": { + "env": "SHARED_STORAGE_ACCESS" + } + }, + { + "name": "shared_storage_name", + "source": { + "env": "SHARED_STORAGE_NAME" + } + }, + { + "name": "vm_size", + "source": { + "env": "VM_SIZE" + } + } + ] +} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml new file mode 100644 index 0000000000..12cddf7ead --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -0,0 +1,243 @@ +--- +name: tre-service-guacamole-importreview-vm +version: 0.0.3 +description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" +dockerfile: Dockerfile.tmpl +registry: azuretre + +credentials: + - name: azure_tenant_id + env: ARM_TENANT_ID + - name: azure_subscription_id + env: ARM_SUBSCRIPTION_ID + - name: azure_client_id + env: ARM_CLIENT_ID + - name: azure_client_secret + env: ARM_CLIENT_SECRET + +parameters: + - name: workspace_id + type: string + - name: tre_id + type: string + - name: parent_service_id + type: string + description: "Resource group containing the shared ACR" + env: PARENT_SERVICE_ID + - name: id + type: string + description: "An Id for this installation" + env: id + - name: tfstate_resource_group_name + type: string + description: "Resource group containing the Terraform state storage account" + - name: tfstate_storage_account_name + type: string + description: "The name of the Terraform state storage account" + - name: tfstate_container_name + env: tfstate_container_name + type: string + default: "tfstate" + description: "The name of the Terraform state storage container" + - name: arm_use_msi + env: ARM_USE_MSI + type: boolean + default: false + - name: os_image + type: string + default: "Windows 10" + - name: vm_size + type: string + default: "2 CPU | 8GB RAM" + - name: shared_storage_access + type: boolean + default: true + - name: shared_storage_name + type: string + default: "vm-shared-storage" + +outputs: + - name: ip + type: string + applyTo: + - install + - name: hostname + type: string + applyTo: + - install + - name: connection_uri + type: string + applyTo: + - install + - name: azure_resource_id + type: string + applyTo: + - install + - start + - stop + - reset_password + +mixins: + - exec + - terraform: + clientVersion: 1.2.8 + - az + +install: + - terraform: + description: "Deploy Guacamole User Resource Service (Reviewer VM)" + vars: + workspace_id: "{{ bundle.parameters.workspace_id }}" + tre_id: "{{ bundle.parameters.tre_id }}" + parent_service_id: "{{ bundle.parameters.parent_service_id }}" + tre_resource_id: "{{ bundle.parameters.id }}" + image: "{{ bundle.parameters.os_image }}" + vm_size: "{{ bundle.parameters.vm_size }}" + shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: ip + - name: hostname + - name: connection_uri + - name: azure_resource_id + +upgrade: + - terraform: + description: "Update Guacamole User Resource Service (Reviewer VM)" + vars: + workspace_id: "{{ bundle.parameters.workspace_id }}" + tre_id: "{{ bundle.parameters.tre_id }}" + parent_service_id: "{{ bundle.parameters.parent_service_id }}" + tre_resource_id: "{{ bundle.parameters.id }}" + image: "{{ bundle.parameters.os_image }}" + vm_size: "{{ bundle.parameters.vm_size }}" + shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: ip + - name: hostname + - name: connection_uri + - name: azure_resource_id + +uninstall: + - exec: + description: "Delete the Extensions from the Terraform state manually" + command: ./delete_vm_extensions.sh + arguments: + - "{{ bundle.parameters.tfstate_resource_group_name }}" + - "{{ bundle.parameters.tfstate_storage_account_name }}" + - "{{ bundle.parameters.tfstate_container_name }}" + - "{{ bundle.parameters.id }}" + + - terraform: + description: "Delete the Guacamole User Resource Service" + vars: + workspace_id: "{{ bundle.parameters.workspace_id }}" + tre_id: "{{ bundle.parameters.tre_id }}" + parent_service_id: "{{ bundle.parameters.parent_service_id }}" + tre_resource_id: "{{ bundle.parameters.id }}" + image: "{{ bundle.parameters.os_image }}" + vm_size: "{{ bundle.parameters.vm_size }}" + shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + +start: + - terraform: + arguments: + - "output" + description: "Get resource ID from Terraform outputs" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: azure_resource_id + - az: + description: "Login to Azure" + arguments: + - login + flags: + identity: + username: "{{ bundle.credentials.azure_client_id }}" + - az: + description: "Start the VM" + arguments: + - vm + - start + flags: + ids: "{{ bundle.outputs.azure_resource_id }}" + +stop: + - terraform: + arguments: + - "output" + description: "Get VM hostname and rg from Terraform outputs" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: azure_resource_id + - az: + description: "Login to Azure" + arguments: + - login + flags: + identity: + username: "{{ bundle.credentials.azure_client_id }}" + - az: + description: "Stop the VM" + arguments: + - vm + - deallocate + flags: + ids: "{{ bundle.outputs.azure_resource_id }}" + +reset_password: + - terraform: + arguments: + - "output" + description: "Get VM details from Terraform outputs" + backendConfig: + resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" + storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" + container_name: "{{ bundle.parameters.tfstate_container_name }}" + key: "{{ bundle.parameters.id }}" + outputs: + - name: azure_resource_id + - name: vm_username + - name: vm_password_secret_name + - name: keyvault_name + - az: + description: "Login to Azure" + arguments: + - login + flags: + identity: + username: "{{ bundle.credentials.azure_client_id }}" + - exec: + description: "Reset password and persist to keyvault" + suppress-output: true + command: ./reset_password.sh + arguments: + - "{{ bundle.outputs.vm_password_secret_name }}" + - "{{ bundle.outputs.keyvault_name }}" + - "{{ bundle.outputs.vm_username }}" + - "{{ bundle.outputs.azure_resource_id }}" diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh new file mode 100755 index 0000000000..4c3f0061d5 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +set -o errexit +set -o pipefail +set -o nounset +# Uncomment this line to see each command for debugging (careful: this will show secrets!) +# set -o xtrace + +secret_name=$1 +keyvault_name=$2 +username=$3 +resource_id=$4 +password="$(LC_ALL=C tr -dc 'A-Za-z0-9_%@' Date: Thu, 22 Sep 2022 12:16:28 +0000 Subject: [PATCH 04/11] clean up old files --- .../guacamole-azure-reviewervm/.dockerignore | 11 - .../guacamole-azure-reviewervm/.env.sample | 5 - .../Dockerfile.tmpl | 38 --- .../delete_vm_extensions.sh | 34 --- .../parameters.json | 74 ------ .../guacamole-azure-reviewervm/porter.yaml | 243 ------------------ .../reset_password.sh | 22 -- .../template_schema.json | 38 --- .../terraform/empty.txt | 1 - 9 files changed, 466 deletions(-) delete mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore delete mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample delete mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl delete mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh delete mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json delete mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml delete mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh delete mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/template_schema.json delete mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/terraform/empty.txt diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore deleted file mode 100644 index 28756cfe84..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.dockerignore +++ /dev/null @@ -1,11 +0,0 @@ -# Local .terraform directories -**/.terraform/* - -# TF backend files -**/*_backend.tf - -Dockerfile.tmpl - -.env* -terraform/deploy.sh -terraform/destroy.sh diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample deleted file mode 100644 index c9ef2af4c2..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/.env.sample +++ /dev/null @@ -1,5 +0,0 @@ -# GUID to identify the workspace -WORKSPACE_ID=__CHANGE_ME__ - -# Unique identifier of the parent Guacamole service -PARENT_SERVICE_ID=__CHANGE_ME__ diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl deleted file mode 100644 index 84b99183b2..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/Dockerfile.tmpl +++ /dev/null @@ -1,38 +0,0 @@ -FROM debian:buster-slim - -ARG BUNDLE_DIR - -ARG AZURE_TRE_VERSION="0.4.3" - -RUN apt-get update \ - && apt-get install --no-install-recommends jq ca-certificates curl -y \ - && apt-get clean -y && rm -rf /var/lib/apt/lists/* - -WORKDIR $BUNDLE_DIR - -RUN curl -o azuretre.tar.gz -L "https://github.com/microsoft/AzureTRE/archive/refs/tags/v${AZURE_TRE_VERSION}.tar.gz" \ - && tar -xzf azuretre.tar.gz "AzureTRE-${AZURE_TRE_VERSION}/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm" --strip-components=4 --skip-old-files \ - && rm -rf azuretre.tar.gz - -# This is a template Dockerfile for the bundle's invocation image -# You can customize it to use different base images, install tools and copy configuration files. -# -# Porter will use it as a template and append lines to it for the mixins -# and to set the CMD appropriately for the CNAB specification. -# -# Add the following line to porter.yaml to instruct Porter to use this template -# dockerfile: Dockerfile.tmpl - -# You can control where the mixin's Dockerfile lines are inserted into this file by moving "# PORTER_MIXINS" line -# another location in this file. If you remove that line, the mixins generated content is appended to this file. -# PORTER_MIXINS - -# Use the BUNDLE_DIR build argument to copy files into the bundle -COPY . $BUNDLE_DIR - -# Mirror plugins to prevent network access at runtime -# Remove when available from https://github.com/getporter/terraform-mixin/issues/90 -WORKDIR $BUNDLE_DIR/terraform -RUN terraform init -backend=false \ - && rm -fr $BUNDLE_DIR/terraform/.terraform/providers \ - && terraform providers mirror /usr/local/share/terraform/plugins diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh deleted file mode 100755 index 7f8405d588..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/delete_vm_extensions.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset -# Uncomment this line to see each command for debugging -# set -o xtrace - - -# Delete any existing VM Extensions befroe a VM gets deleted. -# This is needed to work around bug https://github.com/hashicorp/terraform-provider-azurerm/issues/6098 - -MGMT_RESOURCE_GROUP_NAME=$1 -MGMT_STORAGE_ACCOUNT_NAME=$2 -TF_STATE_CONTAINER_NAME=$3 -ID=$4 - -pushd terraform - -terraform init -input=false -backend=true \ - -backend-config="resource_group_name=${MGMT_RESOURCE_GROUP_NAME}" \ - -backend-config="storage_account_name=${MGMT_STORAGE_ACCOUNT_NAME}" \ - -backend-config="container_name=${TF_STATE_CONTAINER_NAME}" \ - -backend-config="key=${ID}" - -echo "Running terraform state list" -tf_state_list="$(terraform state list)" -echo "State list result: ${tf_state_list}" - -# The [[ $? == 1 ]] part is here because grep will exit with code 1 if there are no matches, -# which will fail the script because of set -o errexit setting. -echo "${tf_state_list}" | { grep "azurerm_virtual_machine_extension." || [[ $? == 1 ]]; } | xargs -r terraform state rm -echo "Script finished" -popd diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json deleted file mode 100755 index 7ce714f4f1..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/parameters.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "schemaVersion": "1.0.0-DRAFT+TODO", - "name": "guacamole-win-reviewervm", - "created": "2021-06-03T11:54:54.0225968Z", - "modified": "2021-06-03T11:54:54.0225968Z", - "parameters": [ - { - "name": "workspace_id", - "source": { - "env": "WORKSPACE_ID" - } - }, - { - "name": "parent_service_id", - "source": { - "env": "PARENT_SERVICE_ID" - } - }, - { - "name": "tre_id", - "source": { - "env": "TRE_ID" - } - }, - { - "name": "tfstate_container_name", - "source": { - "env": "TERRAFORM_STATE_CONTAINER_NAME" - } - }, - { - "name": "tfstate_resource_group_name", - "source": { - "env": "MGMT_RESOURCE_GROUP_NAME" - } - }, - { - "name": "tfstate_storage_account_name", - "source": { - "env": "MGMT_STORAGE_ACCOUNT_NAME" - } - }, - { - "name": "id", - "source": { - "env": "ID" - } - }, - { - "name": "os_image", - "source": { - "env": "OS_IMAGE" - } - }, - { - "name": "shared_storage_access", - "source": { - "env": "SHARED_STORAGE_ACCESS" - } - }, - { - "name": "shared_storage_name", - "source": { - "env": "SHARED_STORAGE_NAME" - } - }, - { - "name": "vm_size", - "source": { - "env": "VM_SIZE" - } - } - ] -} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml deleted file mode 100644 index b506dd263d..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/porter.yaml +++ /dev/null @@ -1,243 +0,0 @@ ---- -name: tre-service-guacamole-reviewervm -version: 0.0.1 -description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" -dockerfile: Dockerfile.tmpl -registry: azuretre - -credentials: - - name: azure_tenant_id - env: ARM_TENANT_ID - - name: azure_subscription_id - env: ARM_SUBSCRIPTION_ID - - name: azure_client_id - env: ARM_CLIENT_ID - - name: azure_client_secret - env: ARM_CLIENT_SECRET - -parameters: - - name: workspace_id - type: string - - name: tre_id - type: string - - name: parent_service_id - type: string - description: "Resource group containing the shared ACR" - env: PARENT_SERVICE_ID - - name: id - type: string - description: "An Id for this installation" - env: id - - name: tfstate_resource_group_name - type: string - description: "Resource group containing the Terraform state storage account" - - name: tfstate_storage_account_name - type: string - description: "The name of the Terraform state storage account" - - name: tfstate_container_name - env: tfstate_container_name - type: string - default: "tfstate" - description: "The name of the Terraform state storage container" - - name: arm_use_msi - env: ARM_USE_MSI - type: boolean - default: false - - name: os_image - type: string - default: "Windows 10" - - name: vm_size - type: string - default: "2 CPU | 8GB RAM" - - name: shared_storage_access - type: boolean - default: true - - name: shared_storage_name - type: string - default: "vm-shared-storage" - -outputs: - - name: ip - type: string - applyTo: - - install - - name: hostname - type: string - applyTo: - - install - - name: connection_uri - type: string - applyTo: - - install - - name: azure_resource_id - type: string - applyTo: - - install - - start - - stop - - reset_password - -mixins: - - exec - - terraform: - clientVersion: 1.2.8 - - az - -install: - - terraform: - description: "Deploy Guacamole User Resource Service (Reviewer VM)" - vars: - workspace_id: "{{ bundle.parameters.workspace_id }}" - tre_id: "{{ bundle.parameters.tre_id }}" - parent_service_id: "{{ bundle.parameters.parent_service_id }}" - tre_resource_id: "{{ bundle.parameters.id }}" - image: "{{ bundle.parameters.os_image }}" - vm_size: "{{ bundle.parameters.vm_size }}" - shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" - shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" - backendConfig: - resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" - storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" - container_name: "{{ bundle.parameters.tfstate_container_name }}" - key: "{{ bundle.parameters.id }}" - outputs: - - name: ip - - name: hostname - - name: connection_uri - - name: azure_resource_id - -upgrade: - - terraform: - description: "Update Guacamole User Resource Service (Reviewer VM)" - vars: - workspace_id: "{{ bundle.parameters.workspace_id }}" - tre_id: "{{ bundle.parameters.tre_id }}" - parent_service_id: "{{ bundle.parameters.parent_service_id }}" - tre_resource_id: "{{ bundle.parameters.id }}" - image: "{{ bundle.parameters.os_image }}" - vm_size: "{{ bundle.parameters.vm_size }}" - shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" - shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" - backendConfig: - resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" - storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" - container_name: "{{ bundle.parameters.tfstate_container_name }}" - key: "{{ bundle.parameters.id }}" - outputs: - - name: ip - - name: hostname - - name: connection_uri - - name: azure_resource_id - -uninstall: - - exec: - description: "Delete the Extensions from the Terraform state manually" - command: ./delete_vm_extensions.sh - arguments: - - "{{ bundle.parameters.tfstate_resource_group_name }}" - - "{{ bundle.parameters.tfstate_storage_account_name }}" - - "{{ bundle.parameters.tfstate_container_name }}" - - "{{ bundle.parameters.id }}" - - - terraform: - description: "Delete the Guacamole User Resource Service" - vars: - workspace_id: "{{ bundle.parameters.workspace_id }}" - tre_id: "{{ bundle.parameters.tre_id }}" - parent_service_id: "{{ bundle.parameters.parent_service_id }}" - tre_resource_id: "{{ bundle.parameters.id }}" - image: "{{ bundle.parameters.os_image }}" - vm_size: "{{ bundle.parameters.vm_size }}" - shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" - shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" - backendConfig: - resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" - storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" - container_name: "{{ bundle.parameters.tfstate_container_name }}" - key: "{{ bundle.parameters.id }}" - -start: - - terraform: - arguments: - - "output" - description: "Get resource ID from Terraform outputs" - backendConfig: - resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" - storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" - container_name: "{{ bundle.parameters.tfstate_container_name }}" - key: "{{ bundle.parameters.id }}" - outputs: - - name: azure_resource_id - - az: - description: "Login to Azure" - arguments: - - login - flags: - identity: - username: "{{ bundle.credentials.azure_client_id }}" - - az: - description: "Start the VM" - arguments: - - vm - - start - flags: - ids: "{{ bundle.outputs.azure_resource_id }}" - -stop: - - terraform: - arguments: - - "output" - description: "Get VM hostname and rg from Terraform outputs" - backendConfig: - resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" - storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" - container_name: "{{ bundle.parameters.tfstate_container_name }}" - key: "{{ bundle.parameters.id }}" - outputs: - - name: azure_resource_id - - az: - description: "Login to Azure" - arguments: - - login - flags: - identity: - username: "{{ bundle.credentials.azure_client_id }}" - - az: - description: "Stop the VM" - arguments: - - vm - - deallocate - flags: - ids: "{{ bundle.outputs.azure_resource_id }}" - -reset_password: - - terraform: - arguments: - - "output" - description: "Get VM details from Terraform outputs" - backendConfig: - resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" - storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" - container_name: "{{ bundle.parameters.tfstate_container_name }}" - key: "{{ bundle.parameters.id }}" - outputs: - - name: azure_resource_id - - name: vm_username - - name: vm_password_secret_name - - name: keyvault_name - - az: - description: "Login to Azure" - arguments: - - login - flags: - identity: - username: "{{ bundle.credentials.azure_client_id }}" - - exec: - description: "Reset password and persist to keyvault" - suppress-output: true - command: ./reset_password.sh - arguments: - - "{{ bundle.outputs.vm_password_secret_name }}" - - "{{ bundle.outputs.keyvault_name }}" - - "{{ bundle.outputs.vm_username }}" - - "{{ bundle.outputs.azure_resource_id }}" diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh deleted file mode 100755 index 4c3f0061d5..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-reviewervm/reset_password.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset -# Uncomment this line to see each command for debugging (careful: this will show secrets!) -# set -o xtrace - -secret_name=$1 -keyvault_name=$2 -username=$3 -resource_id=$4 -password="$(LC_ALL=C tr -dc 'A-Za-z0-9_%@' Date: Fri, 23 Sep 2022 07:44:18 +0000 Subject: [PATCH 05/11] Remove unnecessary scripts --- .../delete_vm_extensions.sh | 34 ------------------- .../reset_password.sh | 22 ------------ 2 files changed, 56 deletions(-) delete mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh delete mode 100755 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh deleted file mode 100755 index 7f8405d588..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/delete_vm_extensions.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset -# Uncomment this line to see each command for debugging -# set -o xtrace - - -# Delete any existing VM Extensions befroe a VM gets deleted. -# This is needed to work around bug https://github.com/hashicorp/terraform-provider-azurerm/issues/6098 - -MGMT_RESOURCE_GROUP_NAME=$1 -MGMT_STORAGE_ACCOUNT_NAME=$2 -TF_STATE_CONTAINER_NAME=$3 -ID=$4 - -pushd terraform - -terraform init -input=false -backend=true \ - -backend-config="resource_group_name=${MGMT_RESOURCE_GROUP_NAME}" \ - -backend-config="storage_account_name=${MGMT_STORAGE_ACCOUNT_NAME}" \ - -backend-config="container_name=${TF_STATE_CONTAINER_NAME}" \ - -backend-config="key=${ID}" - -echo "Running terraform state list" -tf_state_list="$(terraform state list)" -echo "State list result: ${tf_state_list}" - -# The [[ $? == 1 ]] part is here because grep will exit with code 1 if there are no matches, -# which will fail the script because of set -o errexit setting. -echo "${tf_state_list}" | { grep "azurerm_virtual_machine_extension." || [[ $? == 1 ]]; } | xargs -r terraform state rm -echo "Script finished" -popd diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh deleted file mode 100755 index 4c3f0061d5..0000000000 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/reset_password.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset -# Uncomment this line to see each command for debugging (careful: this will show secrets!) -# set -o xtrace - -secret_name=$1 -keyvault_name=$2 -username=$3 -resource_id=$4 -password="$(LC_ALL=C tr -dc 'A-Za-z0-9_%@' Date: Fri, 23 Sep 2022 11:03:10 +0000 Subject: [PATCH 06/11] allow airlock manager only --- .../guacamole-azure-importreview-vm/porter.yaml | 2 +- .../guacamole-azure-importreview-vm/template_schema.json | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml index 12cddf7ead..1d44ffcedc 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -1,6 +1,6 @@ --- name: tre-service-guacamole-importreview-vm -version: 0.0.3 +version: 0.0.4 description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json index e44aff6072..e67328884f 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json @@ -1,11 +1,14 @@ { "$schema": "http://json-schema.org/draft-07/schema", - "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json", + "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json", "type": "object", "title": "Import review Virtual Machine", "description": "Windows virtual machine for import review", "required": [ ], + "authorizedRoles": [ + "AirlockManager" + ], "properties": { "os_image": { "$id": "#/properties/os_image", From d8e582297a7103254eebfc264a18e1e1734cbc3b Mon Sep 17 00:00:00 2001 From: Tanya Borisova Date: Mon, 26 Sep 2022 08:32:02 +0100 Subject: [PATCH 07/11] Airlock Import Review VM: Disable shared storage --- .../Dockerfile.tmpl | 5 ++- .../porter.yaml | 4 +- .../template_schema.json | 7 ---- .../windowsvm.diff | 38 +++++++++++++++++++ 4 files changed, 44 insertions(+), 10 deletions(-) create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/windowsvm.diff diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl index 8f39ad0738..34a5df4d66 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/Dockerfile.tmpl @@ -5,7 +5,7 @@ ARG BUNDLE_DIR ARG AZURE_TRE_VERSION="0.4.3" RUN apt-get update \ - && apt-get install --no-install-recommends jq ca-certificates curl -y \ + && apt-get install --no-install-recommends jq ca-certificates curl patch -y \ && apt-get clean -y && rm -rf /var/lib/apt/lists/* WORKDIR $BUNDLE_DIR @@ -30,6 +30,9 @@ RUN curl -o azuretre.tar.gz -L "https://github.com/microsoft/AzureTRE/archive/r # Use the BUNDLE_DIR build argument to copy files into the bundle COPY . $BUNDLE_DIR +# Apply patch with the difference from the base workspace +RUN patch -p0 < $BUNDLE_DIR/windowsvm.diff + # Mirror plugins to prevent network access at runtime # Remove when available from https://github.com/getporter/terraform-mixin/issues/90 WORKDIR $BUNDLE_DIR/terraform diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml index 1d44ffcedc..2d2f31b5f4 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -1,6 +1,6 @@ --- name: tre-service-guacamole-importreview-vm -version: 0.0.4 +version: 0.0.5 description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" dockerfile: Dockerfile.tmpl registry: azuretre @@ -51,7 +51,7 @@ parameters: default: "2 CPU | 8GB RAM" - name: shared_storage_access type: boolean - default: true + default: false - name: shared_storage_name type: string default: "vm-shared-storage" diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json index e67328884f..c6818daf55 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json @@ -29,13 +29,6 @@ "4 CPU | 16GB RAM" ], "updateable": true - }, - "shared_storage_access": { - "$id": "#/properties/shared_storage_access", - "type": "boolean", - "title": "Shared storage", - "default": true, - "description": "Enable access to shared storage" } } } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/windowsvm.diff b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/windowsvm.diff new file mode 100644 index 0000000000..5b05f4c311 --- /dev/null +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/windowsvm.diff @@ -0,0 +1,38 @@ +diff --git terraform/variables.tf ../guacamole-azure-windowsvm/terraform/variables.tf +index a5038c01..2fdb0f77 100644 +--- terraform/variables.tf ++++ ../guacamole-azure-windowsvm/terraform/variables.tf +@@ -4,5 +4,7 @@ variable "parent_service_id" {} + variable "tre_resource_id" {} + variable "image" {} + variable "vm_size" {} +-variable "shared_storage_access" {} ++variable "shared_storage_access" { ++ type = bool ++} + variable "shared_storage_name" {} +diff --git terraform/windowsvm.tf ../guacamole-azure-windowsvm/terraform/windowsvm.tf +index 3a083a71..5b58cc4a 100644 +--- terraform/windowsvm.tf ++++ ../guacamole-azure-windowsvm/terraform/windowsvm.tf +@@ -92,10 +92,10 @@ data "template_file" "vm_config" { + template = file("${path.module}/vm_config.ps1") + vars = { + nexus_proxy_url = local.nexus_proxy_url +- SharedStorageAccess = tobool(var.shared_storage_access) ? 1 : 0 ++ SharedStorageAccess = var.shared_storage_access ? 1 : 0 + StorageAccountName = data.azurerm_storage_account.stg.name + StorageAccountKey = data.azurerm_storage_account.stg.primary_access_key +- FileShareName = data.azurerm_storage_share.shared_storage.name ++ FileShareName = var.shared_storage_access ? data.azurerm_storage_share.shared_storage[0].name : "" + CondaConfig = local.image_ref[var.image].conda_config ? 1 : 0 + } + } +@@ -106,6 +106,7 @@ data "azurerm_storage_account" "stg" { + } + + data "azurerm_storage_share" "shared_storage" { ++ count = var.shared_storage_access ? 1 : 0 + name = var.shared_storage_name + storage_account_name = data.azurerm_storage_account.stg.name + } From eb252738c5ba2d25467c4058a899a92e103fb303 Mon Sep 17 00:00:00 2001 From: Tanya Borisova Date: Mon, 26 Sep 2022 11:27:54 +0100 Subject: [PATCH 08/11] Only leave data science as the VM image as it has storage explorer --- .../guacamole-azure-importreview-vm/parameters.json | 2 +- .../guacamole-azure-importreview-vm/porter.yaml | 4 ++-- .../guacamole-azure-importreview-vm/template_schema.json | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json index 26b6b65e22..9e04473240 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json @@ -1,6 +1,6 @@ { "schemaVersion": "1.0.0-DRAFT+TODO", - "name": "guacamole-win-importreview-vm", + "name": "guacamole-win-import-reviewvm", "created": "2021-06-03T11:54:54.0225968Z", "modified": "2021-06-03T11:54:54.0225968Z", "parameters": [ diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml index 2d2f31b5f4..005403f85b 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -1,6 +1,6 @@ --- -name: tre-service-guacamole-importreview-vm -version: 0.0.5 +name: tre-service-guacamole-import-reviewvm +version: 0.0.7 description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json index c6818daf55..b1b28948ff 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json @@ -1,6 +1,6 @@ { "$schema": "http://json-schema.org/draft-07/schema", - "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/template_schema.json", + "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json", "type": "object", "title": "Import review Virtual Machine", "description": "Windows virtual machine for import review", @@ -16,7 +16,7 @@ "title": "Windows image", "description": "Select Windows image to use for VM", "enum": [ - "Windows 10" + "Server 2019 Data Science VM" ] }, "vm_size": { From a8b6ab9e83ec5123152d43fc43e42aa135120da1 Mon Sep 17 00:00:00 2001 From: Tanya Borisova Date: Mon, 26 Sep 2022 11:33:18 +0100 Subject: [PATCH 09/11] Fix description and version --- .../guacamole-azure-importreview-vm/porter.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml index 005403f85b..27697b6fdc 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -1,7 +1,7 @@ --- name: tre-service-guacamole-import-reviewvm -version: 0.0.7 -description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" +version: 0.0.1 +description: "An Azure TRE User Resource Template for reviewing Airlock import requests" dockerfile: Dockerfile.tmpl registry: azuretre From e24b0884c1fdb8fdd47e5ba21d3857df42d70872 Mon Sep 17 00:00:00 2001 From: Tanya Borisova Date: Mon, 26 Sep 2022 15:19:47 +0100 Subject: [PATCH 10/11] Remove shared storage argument --- .../guacamole-azure-importreview-vm/parameters.json | 6 ------ .../guacamole-azure-importreview-vm/porter.yaml | 9 +++------ 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json index 9e04473240..63e49c3eeb 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json @@ -52,12 +52,6 @@ "env": "OS_IMAGE" } }, - { - "name": "shared_storage_access", - "source": { - "env": "SHARED_STORAGE_ACCESS" - } - }, { "name": "shared_storage_name", "source": { diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml index 27697b6fdc..5d3c638eeb 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -1,6 +1,6 @@ --- name: tre-service-guacamole-import-reviewvm -version: 0.0.1 +version: 0.0.2 description: "An Azure TRE User Resource Template for reviewing Airlock import requests" dockerfile: Dockerfile.tmpl registry: azuretre @@ -49,9 +49,6 @@ parameters: - name: vm_size type: string default: "2 CPU | 8GB RAM" - - name: shared_storage_access - type: boolean - default: false - name: shared_storage_name type: string default: "vm-shared-storage" @@ -93,7 +90,7 @@ install: tre_resource_id: "{{ bundle.parameters.id }}" image: "{{ bundle.parameters.os_image }}" vm_size: "{{ bundle.parameters.vm_size }}" - shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_access: "false" shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" backendConfig: resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" @@ -116,7 +113,7 @@ upgrade: tre_resource_id: "{{ bundle.parameters.id }}" image: "{{ bundle.parameters.os_image }}" vm_size: "{{ bundle.parameters.vm_size }}" - shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" + shared_storage_access: "false" shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" backendConfig: resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" From 875ca3a7d363fb2d8a3b84f4d779cd02c9c5d281 Mon Sep 17 00:00:00 2001 From: Tanya Borisova Date: Mon, 26 Sep 2022 15:40:36 +0100 Subject: [PATCH 11/11] Remove all references to shared storage --- .../guacamole-azure-importreview-vm/parameters.json | 6 ------ .../guacamole-azure-importreview-vm/porter.yaml | 11 ++++------- 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json index 63e49c3eeb..3a3589dab6 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/parameters.json @@ -52,12 +52,6 @@ "env": "OS_IMAGE" } }, - { - "name": "shared_storage_name", - "source": { - "env": "SHARED_STORAGE_NAME" - } - }, { "name": "vm_size", "source": { diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml index 5d3c638eeb..43ee14df32 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-importreview-vm/porter.yaml @@ -49,9 +49,6 @@ parameters: - name: vm_size type: string default: "2 CPU | 8GB RAM" - - name: shared_storage_name - type: string - default: "vm-shared-storage" outputs: - name: ip @@ -91,7 +88,7 @@ install: image: "{{ bundle.parameters.os_image }}" vm_size: "{{ bundle.parameters.vm_size }}" shared_storage_access: "false" - shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + shared_storage_name: "unused" backendConfig: resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" @@ -114,7 +111,7 @@ upgrade: image: "{{ bundle.parameters.os_image }}" vm_size: "{{ bundle.parameters.vm_size }}" shared_storage_access: "false" - shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + shared_storage_name: "unused" backendConfig: resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}" @@ -145,8 +142,8 @@ uninstall: tre_resource_id: "{{ bundle.parameters.id }}" image: "{{ bundle.parameters.os_image }}" vm_size: "{{ bundle.parameters.vm_size }}" - shared_storage_access: "{{ bundle.parameters.shared_storage_access }}" - shared_storage_name: "{{ bundle.parameters.shared_storage_name }}" + shared_storage_access: "false" + shared_storage_name: "unused" backendConfig: resource_group_name: "{{ bundle.parameters.tfstate_resource_group_name }}" storage_account_name: "{{ bundle.parameters.tfstate_storage_account_name }}"