Merge Test Branch for [feature/upgrade_to_19] – Pre-Merge Validation

.devcontainer/devcontainer.json

@@ -12,7 +12,7 @@
       "DOCKER_GROUP_ID": "${localEnv:DOCKER_GROUP_ID}",
       "INTERACTIVE": "true",
       "OSS_REPO": "OxBRCInformatics/AzureTRE",
-      "OSS_VERSION": "v0.18.7"
+      "OSS_VERSION": "v0.19.1"
     }
   },
   "runArgs": [

.github/workflows/deploy_tre_reusable.yml

@@ -389,6 +389,10 @@ jobs:
              BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/databricks"}
           - {BUNDLE_TYPE: "workspace_service",
              BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/ohdsi"}
+          - {BUNDLE_TYPE: "workspace_service",
+             BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/azuresql"}
+          - {BUNDLE_TYPE: "workspace_service",
+             BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/openai"}
           - {BUNDLE_TYPE: "user_resource",
              BUNDLE_DIR: "./templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm-ouh2"}
           - {BUNDLE_TYPE: "user_resource",
@@ -549,6 +553,10 @@ jobs:
              BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/databricks"}
           - {BUNDLE_TYPE: "workspace_service",
              BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/ohdsi"}
+          - {BUNDLE_TYPE: "workspace_service",
+             BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/azuresql"}
+          - {BUNDLE_TYPE: "workspace_service",
+             BUNDLE_DIR: "\\${AZURETRE_HOME}/templates/workspace_services/openai"}
         # Add your bundles here
     environment: ${{ inputs.environmentName }}
     steps:

config.sample.yaml

@@ -32,6 +32,7 @@ tre:
   resource_processor_vmss_sku: Standard_B2s
   enable_swagger: true
   enable_airlock_malware_scanning: true
+
   # Set to true if want to ensure users have an email address before airlock request is created
   # Used if rely on email notifications for governance purposes
   # enable_airlock_email_check: true
@@ -41,11 +42,10 @@ tre:
   # The TRE Web UI is deployed by default.
   # Uncomment the following to disable deployment of the Web UI.
   # deploy_ui: false
-  # If you want to use TRE_URL to point to your local TRE API instance or be configured to another cloud provider
-  # uncomment and set this variable
-  # tre_url: __CHANGE_ME__
   firewall_sku: Standard
 
+  # Uncomment to deploy to a custom domain
+  # custom_domain: __CHANGE_ME__
 authentication:
   aad_tenant_id: __CHANGE_ME__
   # Setting AUTO_WORKSPACE_APP_REGISTRATION to false will:
@@ -71,11 +71,9 @@ resource_processor:
 developer_settings:
 # Locks will not be added to stateful resources so they can be easily removed
 # stateful_resources_locked: false
-
 # TRE Core Key Vault purge protection will be disabled so it can be reused upon deletion
 # kv_purge_protection_enabled: false
 
-
 # This setting will enable your local machine to be able to
 # communicate with Service Bus and Cosmos. It will also allow deploying
 # the base workspace.
@@ -84,3 +82,7 @@ developer_settings:
 # Used by the API and Resource processor application to change log level
 # Can be "ERROR", "WARNING", "INFO", "DEBUG"
 #  logging_level: "INFO"
+
+# If you want to use TRE_URL to point to your local TRE API instance or be configured to another cloud provider
+# uncomment and set this variable
+#  tre_url: __CHANGE_ME__

templates/workspace_services/README.md

@@ -4,7 +4,7 @@ Workspace Templates are located in this folder. These Templates are for the Comp
 
 | VM type | Template name | Description |
 | --- | --- | --- |
-| Linux   | tre-service-guacamole-linuxvm-ouh2    | This is a custom Linux image for OUH use   |
+| Linux   | tre-service-guacamole-linuxvm-ouh2    | This is based on Ubuntu 22.04 with certain software pulled in via package manager |
 | Windows | tre-service-guacamole-windowsvm-ouh2  | This is a custom Windows image for OUH use |
 
 ## Available VM sizes
@@ -30,5 +30,4 @@ Workspace Templates are located in this folder. These Templates are for the Comp
 
 ### Linux
 
-- OUH Image
-- Ubuntu 18.04
+- Ubuntu 22.04

templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm-ouh2/porter.yaml

@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-linuxvm-ouh2
-version: 1.0.13
+version: 1.0.16
 description: "An Azure TRE User Resource Template for Guacamole (Linux)"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
@@ -27,17 +27,15 @@ custom:
         apt_sku: 22.04
       install_ui: true
       conda_config: true
-
-    ## Removing custom Linux image as it becomes obsolete with the update to Ubuntu 22.04 and pre-installed software via vm_config.sh
-    # "OUH Ubuntu 18.04 Data Science VM":
+    # "OUH Ubuntu 22.04 Data Science VM":
     #   source_image_name: OUHLinuxImage
-      # source_image_reference:
-      #   publisher: microsoft-dsvm
-      #   offer: ubuntu-1804
-      #   sku: 1804-gen2
-      #   version: latest
-      # install_ui: false
-      # conda_config: true
+    #   # source_image_reference:
+    #   #   publisher: microsoft-dsvm
+    #   #   offer: ubuntu-2204
+    #   #   apt_sku: 2204-gen2
+    #   #   version: latest
+    #   install_ui: true
+    #   conda_config: true
     # For information on using custom images, see README.me in the guacamole/user-resources folder
     # "Custom Image From Gallery":
     #   source_image_name: your-image

templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm-ouh2/terraform/locals.tf

@@ -14,7 +14,7 @@ locals {
     tre_workspace_service_id = var.parent_service_id
     tre_user_resource_id     = var.tre_resource_id
   }
-  nexus_proxy_url = "http://nexus-${data.azurerm_public_ip.app_gateway_ip.fqdn}"
+  nexus_proxy_url = "https://nexus-${data.azurerm_public_ip.app_gateway_ip.fqdn}"
   # Load VM SKU/image details from porter.yaml
   porter_yaml   = yamldecode(file("${path.module}/../porter.yaml"))
   vm_sizes      = local.porter_yaml["custom"]["vm_sizes"]
@@ -25,5 +25,5 @@ locals {
   # selected_image_source_refs is an array to enable easy use of a dynamic block
   selected_image_source_refs = lookup(local.selected_image, "source_image_reference", null) == null ? [] : [local.selected_image.source_image_reference]
   selected_image_source_id   = lookup(local.selected_image, "source_image_name", null) == null ? null : "${var.image_gallery_id}/images/${local.selected_image.source_image_name}"
-  apt_sku                    = local.selected_image_source_refs[0]["apt_sku"]
+  apt_sku                    = length(local.selected_image_source_refs) > 0 ? local.selected_image_source_refs[0]["apt_sku"] : "22.04"
 }

templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm-ouh2/terraform/vm_config.sh

@@ -2,12 +2,13 @@
 
 set -o errexit
 set -o pipefail
-set -o nounset
+# set -o nounset
 # Uncomment this line to see each command for debugging (careful: this will show secrets!)
-set -o xtrace
+# set -o xtrace
 
-# # Remove apt sources not included in sources.list file
-# sudo rm -f /etc/apt/sources.list.d/*
+
+# Remove apt sources not included in sources.list file
+sudo rm -f /etc/apt/sources.list.d/*
 
 # Update apt packages from configured Nexus sources
 echo "init_vm.sh: START"
@@ -35,12 +36,6 @@ sudo -u "${VM_USER}" -i bash -c 'echo xset -dpms >> ~/.xsession'
 sudo systemctl enable xrdp
 sudo service xrdp restart
 
-## Python 3.8 and Jupyter
-sudo apt install -y jupyter-notebook microsoft-edge-dev
-
-# echo "init_vm.sh: azure-cli"
-sudo apt install azure-cli -y
-
 # Azure Storage Explorer
 sudo apt-get remove -y dotnet-host-7.0
 sudo apt-get remove -y dotnet-sdk-7.0
@@ -73,18 +68,9 @@ StartupWMClass=Code
 Categories=Development;
 END
 
-## R
-echo "init_vm.sh: R Setup"
-sudo apt install -y r-base
 
-# RStudio Desktop
-echo "init_vm.sh: RStudio"
-wget "${NEXUS_PROXY_URL}"/repository/r-studio-download/electron/jammy/amd64/rstudio-2023.12.1-402-amd64.deb -P /tmp/2204
-wget "${NEXUS_PROXY_URL}"/repository/r-studio-download/electron/focal/amd64/rstudio-2023.12.1-402-amd64.deb -P /tmp/2004
-sudo gdebi --non-interactive /tmp/"${APT_SKU}"/rstudio-2023.12.1-402-amd64.deb
-
-# Fix for blank screen on DSVM (/sh -> /bash due to conflict with profile.d scripts)
-sudo sed -i 's|!/bin/sh|!/bin/bash|g' /etc/xrdp/startwm.sh
+# Make sure xrdp service starts up with the system
+# sudo systemctl enable xrdp
 
 if [ "${SHARED_STORAGE_ACCESS}" -eq 1 ]; then
   # Install required packages
@@ -129,16 +115,27 @@ if [ "${SHARED_STORAGE_ACCESS}" -eq 1 ]; then
 
   # Autofs mounts when accessed for 60 seconds.  Folder created for constant visible mount
   sudo ln -s "$mntPath" "/$fileShareName"
-
-  sudo chmod 777 "$mntPath"
 fi
 
+## R
+echo "init_vm.sh: R Setup"
+sudo apt install -y r-base
+
+# RStudio Desktop
+echo "init_vm.sh: RStudio"
+wget "${NEXUS_PROXY_URL}"/repository/r-studio-download/electron/jammy/amd64/rstudio-2023.12.1-402-amd64.deb -P /tmp/2204
+wget "${NEXUS_PROXY_URL}"/repository/r-studio-download/electron/focal/amd64/rstudio-2023.12.1-402-amd64.deb -P /tmp/2004
+sudo gdebi --non-interactive /tmp/"${APT_SKU}"/rstudio-2023.12.1-402-amd64.deb
+
+# Fix for blank screen on DSVM (/sh -> /bash due to conflict with profile.d scripts)
+sudo sed -i 's|!/bin/sh|!/bin/bash|g' /etc/xrdp/startwm.sh
+
 ### Anaconda Config
 if [ "${CONDA_CONFIG}" -eq 1 ]; then
-  echo "init_vm.sh: Anaconda"
-  export PATH="/anaconda/condabin":$PATH
-  export PATH="/anaconda/bin":$PATH
-  export PATH="/anaconda/envs/py38_default/bin":$PATH
+  export PATH="/opt/anaconda/condabin":$PATH
+  export PATH="/opt/anaconda/bin":$PATH
+  export PATH="/opt/anaconda/envs/py38_default/bin":$PATH
+  conda config
   conda config --add channels "${NEXUS_PROXY_URL}"/repository/conda-mirror/main/  --system
   conda config --add channels "${NEXUS_PROXY_URL}"/repository/conda-repo/main/  --system
   conda config --remove channels defaults --system
@@ -155,35 +152,16 @@ jq -n --arg proxy "${NEXUS_PROXY_URL}:8083" '{"registry-mirrors": [$proxy]}' > /
 sudo systemctl daemon-reload
 sudo systemctl restart docker
 
-# R config
-sudo echo -e "local({\n    r <- getOption(\"repos\")\n    r[\"Nexus\"] <- \"""${NEXUS_PROXY_URL}\"/repository/r-proxy/\"\n    options(repos = r)\n})" | sudo tee /etc/R/Rprofile.site
-
 # Jupiter Notebook Config
 sudo sed -i -e 's/Terminal=true/Terminal=false/g' /usr/share/applications/jupyter-notebook.desktop
 
-# Default Browser
-sudo update-alternatives --config x-www-browser
+# R config
+sudo echo -e "local({\n    r <- getOption(\"repos\")\n    r[\"Nexus\"] <- \"""${NEXUS_PROXY_URL}/repository/r-proxy/\"\n    options(repos = r)\n})" | sudo tee /etc/R/Rprofile.site
 
 # Prevent screen timeout
 echo "init_vm.sh: Preventing Timeout"
 sudo apt-get remove xfce4-screensaver -y
 
-## VS Code
-echo "init_vm.sh: VS Code"
-sudo DEBIAN_FRONTEND=noninteractive apt install -y code
-sudo apt install -y gvfs-bin || true
-
-echo "init_vm.sh: Folders"
-sudo mkdir -p /opt/vscode/user-data
-sudo mkdir -p /opt/vscode/extensions
-
-# TODO: need to look at proxy extentions
-## VSCode Extensions
-# echo "init_vm.sh: VSCode extensions"
-# code --extensions-dir="/opt/vscode/extensions" --user-data-dir="/opt/vscode/user-data" --install-extension ms-python.python
-# code --extensions-dir="/opt/vscode/extensions" --user-data-dir="/opt/vscode/user-data" --install-extension REditorSupport.r
-# code --extensions-dir="/opt/vscode/extensions" --user-data-dir="/opt/vscode/user-data" --install-extension RDebugger.r-debugger
-
 ## Cleanup
 echo "init_vm.sh: Cleanup"
 sudo shutdown -r now

templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm-ouh2/porter.yaml

@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-windowsvm-ouh2
-version: 1.0.2
+version: 1.0.3
 description: "An Azure TRE User Resource Template for Guacamole (Windows 10)"
 dockerfile: Dockerfile.tmpl
 registry: azuretre

templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm-ouh2/terraform/locals.tf

@@ -14,7 +14,7 @@ locals {
     tre_workspace_service_id = var.parent_service_id
     tre_user_resource_id     = var.tre_resource_id
   }
-  nexus_proxy_url = "http://nexus-${data.azurerm_public_ip.app_gateway_ip.fqdn}"
+  nexus_proxy_url = "https://nexus-${data.azurerm_public_ip.app_gateway_ip.fqdn}"
 
   # Load VM SKU/image details from porter.yaml
   porter_yaml   = yamldecode(file("${path.module}/../porter.yaml"))