From 1143f2ac9f8227c60d5067bf5448cf4dde378bda Mon Sep 17 00:00:00 2001 From: Marcus Robinson Date: Tue, 3 Oct 2023 13:48:13 +0100 Subject: [PATCH] Output is_exposed_externally, for all resources with URI (#3656) --- api_app/_version.py | 2 +- api_app/models/domain/restricted_resource.py | 2 +- templates/shared_services/gitea/porter.yaml | 16 +++++++++++++++- .../shared_services/gitea/template_schema.json | 12 ++++++++++++ .../shared_services/gitea/terraform/outputs.tf | 8 ++++++++ .../sonatype-nexus-vm/porter.yaml | 17 ++++++++++++++++- .../sonatype-nexus-vm/template_schema.json | 15 ++++++++++++++- .../sonatype-nexus-vm/terraform/outputs.tf | 8 ++++++++ templates/workspace_services/gitea/porter.yaml | 15 +++++++++++---- .../gitea/template_schema.json | 12 ++++++++++++ .../gitea/terraform/outputs.tf | 6 +++++- templates/workspace_services/mlflow/porter.yaml | 15 +++++++++++---- .../mlflow/template_schema.json | 12 ++++++++++++ .../mlflow/terraform/outputs.tf | 6 +++++- 14 files changed, 131 insertions(+), 15 deletions(-) diff --git a/api_app/_version.py b/api_app/_version.py index 9c087650bb..bc44bf22fb 100644 --- a/api_app/_version.py +++ b/api_app/_version.py @@ -1 +1 @@ -__version__ = "0.15.15" +__version__ = "0.15.16" diff --git a/api_app/models/domain/restricted_resource.py b/api_app/models/domain/restricted_resource.py index 4f54105946..4f9c993f1e 100644 --- a/api_app/models/domain/restricted_resource.py +++ b/api_app/models/domain/restricted_resource.py @@ -9,7 +9,7 @@ class RestrictedProperties(AzureTREModel): description: str = "" overview: str = "" connection_uri: str = "" - internal_connection_uri: str = "" + is_exposed_externally: bool = True class RestrictedResource(AzureTREModel): diff --git a/templates/shared_services/gitea/porter.yaml b/templates/shared_services/gitea/porter.yaml index 2d6a1bdc1e..0133a6d015 100644 --- a/templates/shared_services/gitea/porter.yaml +++ b/templates/shared_services/gitea/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-gitea -version: 0.6.6 +version: 0.6.10 description: "A Gitea shared service" dockerfile: Dockerfile.tmpl registry: azuretre @@ -69,6 +69,16 @@ outputs: applyTo: - install - upgrade + - name: connection_uri + type: string + applyTo: + - install + - upgrade + - name: is_exposed_externally + type: boolean + applyTo: + - install + - upgrade install: - terraform: @@ -87,6 +97,8 @@ install: outputs: - name: gitea_allowed_fqdns_list - name: address_prefixes + - name: connection_uri + - name: is_exposed_externally upgrade: - terraform: @@ -105,6 +117,8 @@ upgrade: outputs: - name: gitea_allowed_fqdns_list - name: address_prefixes + - name: connection_uri + - name: is_exposed_externally uninstall: - terraform: diff --git a/templates/shared_services/gitea/template_schema.json b/templates/shared_services/gitea/template_schema.json index a043a57f87..145f8fe57e 100644 --- a/templates/shared_services/gitea/template_schema.json +++ b/templates/shared_services/gitea/template_schema.json @@ -26,6 +26,18 @@ "description": "Long form description of the workspace service, in markdown syntax", "default": "The Gitea shared service is used for mirroring external Git repositories. For instructions on how to create Git mirrors see [https://docs.gitea.com/usage/repo-mirror](https://docs.gitea.com/usage/repo-mirror).", "updateable": true + }, + "is_exposed_externally": { + "$id": "#/properties/is_exposed_externally", + "type": "boolean", + "title": "Expose externally", + "description": "Is the Gitea accessible from outside of the TRE network.", + "default": false + } + }, + "uiSchema": { + "is_exposed_externally": { + "classNames": "tre-hidden" } }, "pipeline": { diff --git a/templates/shared_services/gitea/terraform/outputs.tf b/templates/shared_services/gitea/terraform/outputs.tf index 8c5ec57218..f35dcb8eed 100644 --- a/templates/shared_services/gitea/terraform/outputs.tf +++ b/templates/shared_services/gitea/terraform/outputs.tf @@ -9,3 +9,11 @@ output "address_prefixes" { output "gitea_allowed_fqdns_list" { value = jsonencode(local.gitea_allowed_fqdns_list) } + +output "connection_uri" { + value = "https://${azurerm_linux_web_app.gitea.default_hostname}" +} + +output "is_exposed_externally" { + value = false +} diff --git a/templates/shared_services/sonatype-nexus-vm/porter.yaml b/templates/shared_services/sonatype-nexus-vm/porter.yaml index 5a1b7de5dd..2199310c46 100644 --- a/templates/shared_services/sonatype-nexus-vm/porter.yaml +++ b/templates/shared_services/sonatype-nexus-vm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-sonatype-nexus -version: 2.8.11 +version: 2.8.12 description: "A Sonatype Nexus shared service" dockerfile: Dockerfile.tmpl registry: azuretre @@ -62,6 +62,16 @@ outputs: applyTo: - install - upgrade + - name: connection_uri + type: string + applyTo: + - install + - upgrade + - name: is_exposed_externally + type: boolean + applyTo: + - install + - upgrade mixins: - exec @@ -84,6 +94,8 @@ install: - name: workspace_vm_allowed_fqdns_list - name: nexus_allowed_fqdns_list - name: private_ip_addresses + - name: connection_uri + - name: is_exposed_externally upgrade: - terraform: @@ -101,6 +113,9 @@ upgrade: - name: workspace_vm_allowed_fqdns_list - name: nexus_allowed_fqdns_list - name: private_ip_addresses + - name: connection_uri + - name: is_exposed_externally + uninstall: - terraform: description: "Tear down shared service" diff --git a/templates/shared_services/sonatype-nexus-vm/template_schema.json b/templates/shared_services/sonatype-nexus-vm/template_schema.json index 5c0d740f50..a63d7fefcd 100644 --- a/templates/shared_services/sonatype-nexus-vm/template_schema.json +++ b/templates/shared_services/sonatype-nexus-vm/template_schema.json @@ -32,7 +32,20 @@ "ssl_cert_name": { "type": "string", "title": "SSL certificate name", - "description": "The name of the certificate to use (located in the core KeyVault) for configuring Nexus SSL" + "description": "The name of the certificate to use (located in the core KeyVault) for configuring Nexus SSL", + "default": "nexus-ssl" + }, + "is_exposed_externally": { + "$id": "#/properties/is_exposed_externally", + "type": "boolean", + "title": "Expose externally", + "description": "Is the Sonatype Nexus accessible from outside of the TRE network.", + "default": false + } + }, + "uiSchema": { + "is_exposed_externally": { + "classNames": "tre-hidden" } }, "pipeline": { diff --git a/templates/shared_services/sonatype-nexus-vm/terraform/outputs.tf b/templates/shared_services/sonatype-nexus-vm/terraform/outputs.tf index 788e1d2e76..f7017fa8e0 100644 --- a/templates/shared_services/sonatype-nexus-vm/terraform/outputs.tf +++ b/templates/shared_services/sonatype-nexus-vm/terraform/outputs.tf @@ -9,3 +9,11 @@ output "workspace_vm_allowed_fqdns_list" { output "private_ip_addresses" { value = jsonencode(azurerm_network_interface.nexus.private_ip_addresses) } + +output "connection_uri" { + value = "https://${data.azurerm_private_dns_zone.nexus.name}" +} + +output "is_exposed_externally" { + value = false +} diff --git a/templates/workspace_services/gitea/porter.yaml b/templates/workspace_services/gitea/porter.yaml index 88728de27e..a56ed459a3 100644 --- a/templates/workspace_services/gitea/porter.yaml +++ b/templates/workspace_services/gitea/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-service-gitea -version: 0.8.6 +version: 0.8.7 description: "A Gitea workspace service" dockerfile: Dockerfile.tmpl registry: azuretre @@ -70,11 +70,16 @@ mixins: clientVersion: 1.3.6 outputs: - - name: internal_connection_uri + - name: connection_uri type: string applyTo: - install - upgrade + - name: is_exposed_externally + type: boolean + applyTo: + - install + - upgrade - name: authentication_callback_uri type: string applyTo: @@ -103,7 +108,8 @@ install: container_name: ${ bundle.parameters.tfstate_container_name } key: tre-workspace-service-gitea-${ bundle.parameters.id } outputs: - - name: internal_connection_uri + - name: connection_uri + - name: is_exposed_externally - name: authentication_callback_uri - name: workspace_address_space @@ -124,7 +130,8 @@ upgrade: container_name: ${ bundle.parameters.tfstate_container_name } key: tre-workspace-service-gitea-${ bundle.parameters.id } outputs: - - name: internal_connection_uri + - name: connection_uri + - name: is_exposed_externally - name: authentication_callback_uri - name: workspace_address_space diff --git a/templates/workspace_services/gitea/template_schema.json b/templates/workspace_services/gitea/template_schema.json index ac895d5c50..d9f10c1d8d 100644 --- a/templates/workspace_services/gitea/template_schema.json +++ b/templates/workspace_services/gitea/template_schema.json @@ -27,6 +27,18 @@ "description": "Long form description of the workspace service, in markdown syntax", "default": "Gitea is a lightweight DevOps platform. Features include code hosting, code review, CI/CD, project management and package management. Documentation can be found here: [https://docs.gitea.com/](https://docs.gitea.com/).", "updateable": true + }, + "is_exposed_externally": { + "$id": "#/properties/is_exposed_externally", + "type": "boolean", + "title": "Expose externally", + "description": "Is Gitea accessible from outside of the TRE network.", + "default": false + } + }, + "uiSchema": { + "is_exposed_externally": { + "classNames": "tre-hidden" } }, "pipeline": { diff --git a/templates/workspace_services/gitea/terraform/outputs.tf b/templates/workspace_services/gitea/terraform/outputs.tf index 524d23843c..1e29a87600 100644 --- a/templates/workspace_services/gitea/terraform/outputs.tf +++ b/templates/workspace_services/gitea/terraform/outputs.tf @@ -6,10 +6,14 @@ output "authentication_callback_uri" { value = "https://${azurerm_linux_web_app.gitea.default_hostname}/user/oauth2/oidc/callback" } -output "internal_connection_uri" { +output "connection_uri" { value = "https://${azurerm_linux_web_app.gitea.default_hostname}/" } output "workspace_address_space" { value = jsonencode(data.azurerm_virtual_network.ws.address_space) } + +output "is_exposed_externally" { + value = false +} diff --git a/templates/workspace_services/mlflow/porter.yaml b/templates/workspace_services/mlflow/porter.yaml index 7254994a17..322b7f025c 100644 --- a/templates/workspace_services/mlflow/porter.yaml +++ b/templates/workspace_services/mlflow/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-mlflow -version: 0.7.6 +version: 0.7.7 description: "An Azure TRE service for MLflow machine learning lifecycle" dockerfile: Dockerfile.tmpl registry: azuretre @@ -61,11 +61,16 @@ parameters: default: "public" outputs: - - name: internal_connection_uri + - name: connection_uri type: string applyTo: - install - upgrade + - name: is_exposed_externally + type: boolean + applyTo: + - install + - upgrade mixins: - exec @@ -88,7 +93,8 @@ install: container_name: ${ bundle.parameters.tfstate_container_name } key: tre-service-mlflow-${ bundle.parameters.id } outputs: - - name: internal_connection_uri + - name: connection_uri + - name: is_exposed_externally upgrade: - terraform: @@ -106,7 +112,8 @@ upgrade: container_name: ${ bundle.parameters.tfstate_container_name } key: tre-service-mlflow-${ bundle.parameters.id } outputs: - - name: internal_connection_uri + - name: connection_uri + - name: is_exposed_externally uninstall: - terraform: diff --git a/templates/workspace_services/mlflow/template_schema.json b/templates/workspace_services/mlflow/template_schema.json index 6febfbe857..c2eb426291 100644 --- a/templates/workspace_services/mlflow/template_schema.json +++ b/templates/workspace_services/mlflow/template_schema.json @@ -25,6 +25,18 @@ "title": "Workspace Service Overview", "description": "Long form description of the workspace service, in markdown syntax", "default": "MLflow is an open source platform to manage the ML lifecycle, including experimentation, reproducibility, deployment, and a central model registry. Documentation can be found here: [https://mlflow.org/docs/latest/index.html](https://mlflow.org/docs/latest/index.html)" + }, + "is_exposed_externally": { + "$id": "#/properties/is_exposed_externally", + "type": "boolean", + "title": "Expose externally", + "description": "Is MLflow accessible from outside of the workspace network.", + "default": false + } + }, + "uiSchema": { + "is_exposed_externally": { + "classNames": "tre-hidden" } } } diff --git a/templates/workspace_services/mlflow/terraform/outputs.tf b/templates/workspace_services/mlflow/terraform/outputs.tf index 73f572a0cc..b683df702b 100644 --- a/templates/workspace_services/mlflow/terraform/outputs.tf +++ b/templates/workspace_services/mlflow/terraform/outputs.tf @@ -1,3 +1,7 @@ -output "internal_connection_uri" { +output "connection_uri" { value = "https://${azurerm_linux_web_app.mlflow.default_hostname}" } + +output "is_exposed_externally" { + value = false +}