From 9b4f0cd1c521eafee14b01a4e62bd5df07a4a720 Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Wed, 19 Jul 2023 17:00:05 +0200 Subject: [PATCH 01/14] [DRAFT] Added support to specify tags in the config.yaml that will be applied to all resources deployed by TRE --- .../actions/devcontainer_run_command/action.yml | 7 +++++++ .github/workflows/deploy_tre_reusable.yml | 10 ++++++++++ config.sample.yaml | 4 ++++ core/terraform/appgateway/locals.tf | 10 ++++++---- core/terraform/appgateway/variables.tf | 5 +++++ core/terraform/locals.tf | 10 ++++++---- core/terraform/main.tf | 15 +++++++++------ core/terraform/network/locals.tf | 10 ++++++---- core/terraform/network/variables.tf | 5 +++++ .../resource_processor/vmss_porter/locals.tf | 10 ++++++---- .../resource_processor/vmss_porter/variables.tf | 6 ++++++ core/terraform/variables.tf | 6 ++++++ devops/terraform/bootstrap.sh | 8 ++++++-- devops/terraform/main.tf | 10 ++++++++-- devops/terraform/variables.tf | 7 +++++++ .../shared_services/admin-vm/parameters.json | 6 ++++++ templates/shared_services/admin-vm/porter.yaml | 8 ++++++++ .../shared_services/admin-vm/terraform/locals.tf | 11 +++++++---- .../admin-vm/terraform/variables.tf | 6 ++++++ .../airlock_notifier/parameters.json | 6 ++++++ .../shared_services/airlock_notifier/porter.yaml | 7 +++++++ .../airlock_notifier/terraform/locals.tf | 10 ++++++---- .../airlock_notifier/terraform/variables.tf | 6 ++++++ templates/shared_services/certs/parameters.json | 6 ++++++ templates/shared_services/certs/porter.yaml | 7 +++++++ .../shared_services/certs/terraform/locals.tf | 10 ++++++---- .../shared_services/certs/terraform/variables.tf | 6 ++++++ .../shared_services/cyclecloud/parameters.json | 6 ++++++ templates/shared_services/cyclecloud/porter.yaml | 8 ++++++++ .../cyclecloud/terraform/locals.tf | 10 ++++++---- .../cyclecloud/terraform/variables.tf | 6 ++++++ .../databricks-auth/parameters.json | 6 ++++++ .../shared_services/databricks-auth/porter.yaml | 8 ++++++++ .../databricks-auth/terraform/locals.tf | 10 ++++++---- .../databricks-auth/terraform/variables.tf | 6 ++++++ .../shared_services/firewall/parameters.json | 6 ++++++ templates/shared_services/firewall/porter.yaml | 8 ++++++++ .../shared_services/firewall/terraform/locals.tf | 10 ++++++---- .../firewall/terraform/variables.tf | 6 ++++++ templates/shared_services/gitea/parameters.json | 6 ++++++ templates/shared_services/gitea/porter.yaml | 8 ++++++++ .../shared_services/gitea/terraform/locals.tf | 10 ++++++---- .../shared_services/gitea/terraform/variables.tf | 6 ++++++ .../sonatype-nexus-vm/parameters.json | 6 ++++++ .../shared_services/sonatype-nexus-vm/porter.yaml | 8 ++++++++ .../sonatype-nexus-vm/terraform/locals.tf | 10 ++++++---- .../sonatype-nexus-vm/terraform/variables.tf | 6 ++++++ .../workspace_services/azureml/parameters.json | 6 ++++++ templates/workspace_services/azureml/porter.yaml | 8 ++++++++ .../azureml/terraform/locals.tf | 13 ++++++++----- .../azureml/terraform/variables.tf | 6 ++++++ .../user_resources/aml_compute/parameters.json | 6 ++++++ .../user_resources/aml_compute/porter.yaml | 8 ++++++++ .../aml_compute/terraform/locals.tf | 15 +++++++++------ .../aml_compute/terraform/variables.tf | 6 ++++++ .../workspace_services/databricks/parameters.json | 6 ++++++ .../workspace_services/databricks/porter.yaml | 8 ++++++++ .../databricks/terraform/locals.tf | 12 +++++++----- .../databricks/terraform/variables.tf | 6 ++++++ .../workspace_services/gitea/parameters.json | 6 ++++++ templates/workspace_services/gitea/porter.yaml | 8 ++++++++ .../workspace_services/gitea/terraform/locals.tf | 12 +++++++----- .../gitea/terraform/variables.tf | 6 ++++++ .../workspace_services/guacamole/parameters.json | 6 ++++++ .../workspace_services/guacamole/porter.yaml | 8 ++++++++ .../guacamole/terraform/locals.tf | 12 +++++++----- .../guacamole/terraform/variables.tf | 6 ++++++ .../parameters.json | 6 ++++++ .../guacamole-azure-export-reviewvm/porter.yaml | 8 ++++++++ .../terraform/locals.tf | 14 ++++++++------ .../terraform/variables.tf | 6 ++++++ .../parameters.json | 6 ++++++ .../guacamole-azure-import-reviewvm/porter.yaml | 8 ++++++++ .../terraform/locals.tf | 14 ++++++++------ .../terraform/variables.tf | 6 ++++++ .../guacamole-azure-linuxvm/parameters.json | 6 ++++++ .../guacamole-azure-linuxvm/porter.yaml | 8 ++++++++ .../guacamole-azure-linuxvm/terraform/locals.tf | 14 ++++++++------ .../terraform/variables.tf | 6 ++++++ .../guacamole-azure-windowsvm/parameters.json | 6 ++++++ .../guacamole-azure-windowsvm/porter.yaml | 8 ++++++++ .../guacamole-azure-windowsvm/terraform/locals.tf | 14 ++++++++------ .../terraform/variables.tf | 6 ++++++ .../health-services/parameters.json | 6 ++++++ .../health-services/porter.yaml | 8 ++++++++ .../health-services/terraform/locals.tf | 12 +++++++----- .../health-services/terraform/variables.tf | 6 ++++++ .../workspace_services/innereye/parameters.json | 6 ++++++ templates/workspace_services/innereye/porter.yaml | 7 +++++++ .../innereye/terraform/locals.tf | 12 +++++++----- .../innereye/terraform/variables.tf | 6 ++++++ .../workspace_services/mlflow/parameters.json | 6 ++++++ templates/workspace_services/mlflow/porter.yaml | 8 ++++++++ .../workspace_services/mlflow/terraform/locals.tf | 12 +++++++----- .../mlflow/terraform/variables.tf | 6 ++++++ .../workspace_services/mysql/parameters.json | 6 ++++++ templates/workspace_services/mysql/porter.yaml | 7 +++++++ .../workspace_services/mysql/terraform/locals.tf | 12 +++++++----- .../mysql/terraform/variables.tf | 6 ++++++ .../workspace_services/ohdsi/parameters.json | 6 ++++++ templates/workspace_services/ohdsi/porter.yaml | 8 ++++++++ .../workspace_services/ohdsi/terraform/locals.tf | 12 +++++++----- .../ohdsi/terraform/variables.tf | 6 ++++++ .../airlock-import-review/parameters.json | 6 ++++++ .../workspaces/airlock-import-review/porter.yaml | 8 ++++++++ templates/workspaces/base/parameters.json | 6 ++++++ templates/workspaces/base/porter.yaml | 8 ++++++++ templates/workspaces/base/terraform/locals.tf | 10 ++++++---- templates/workspaces/base/terraform/variables.tf | 6 ++++++ templates/workspaces/unrestricted/parameters.json | 6 ++++++ templates/workspaces/unrestricted/porter.yaml | 8 ++++++++ 111 files changed, 741 insertions(+), 137 deletions(-) diff --git a/.github/actions/devcontainer_run_command/action.yml b/.github/actions/devcontainer_run_command/action.yml index f403c60083..5d5cbc73c1 100644 --- a/.github/actions/devcontainer_run_command/action.yml +++ b/.github/actions/devcontainer_run_command/action.yml @@ -121,6 +121,9 @@ inputs: description: "JSON string containing key/value pairs to injet into the Resource Processor as ENV vars" required: false default: "" + TAGS: + description: "Tags to apply to all Azure resources" + required: false runs: using: composite @@ -231,4 +234,8 @@ runs: && inputs.RESOURCE_PROCESSOR_NUMBER_PROCESSES_PER_INSTANCE) || 5 }}" \ -e E2E_TESTS_NUMBER_PROCESSES="${{ inputs.E2E_TESTS_NUMBER_PROCESSES }}" \ '${{ inputs.CI_CACHE_ACR_NAME }}${{ env.ACR_DOMAIN_SUFFIX }}/tredev:${{ inputs.DEVCONTAINER_TAG }}' \ + -e TAGS='${{ (toJson(inputs.TAGS) != '""' + && inputs.TAGS) || '{}' }}' \ + -e TF_VAR_tags='${{ (toJson(inputs.TAGS) != '""' + && inputs.TAGS) || '{}' }}' \ bash -c "${{ inputs.COMMAND }}" diff --git a/.github/workflows/deploy_tre_reusable.yml b/.github/workflows/deploy_tre_reusable.yml index c51f57d039..88a50a3cf0 100644 --- a/.github/workflows/deploy_tre_reusable.yml +++ b/.github/workflows/deploy_tre_reusable.yml @@ -243,6 +243,7 @@ jobs: TERRAFORM_STATE_CONTAINER_NAME: ${{ vars.TERRAFORM_STATE_CONTAINER_NAME }} MGMT_RESOURCE_GROUP_NAME: ${{ secrets.MGMT_RESOURCE_GROUP_NAME }} MGMT_STORAGE_ACCOUNT_NAME: ${{ secrets.MGMT_STORAGE_ACCOUNT_NAME }} + TAGS: ${{ vars.TAGS }} - name: ACR Login # failure in the first attempt indicates a new ACR, so we need to try again after it's been created @@ -353,6 +354,7 @@ jobs: CORE_APP_SERVICE_PLAN_SKU: ${{ vars.CORE_APP_SERVICE_PLAN_SKU }} RESOURCE_PROCESSOR_NUMBER_PROCESSES_PER_INSTANCE: ${{ vars.RESOURCE_PROCESSOR_NUMBER_PROCESSES_PER_INSTANCE }} RP_BUNDLE_VALUES: ${{ vars.RP_BUNDLE_VALUES }} + TAGS: ${{ vars.TAGS }} - name: API Healthcheck uses: ./.github/actions/devcontainer_run_command @@ -522,6 +524,7 @@ jobs: TRE_ID: ${{ secrets.TRE_ID }} LOCATION: ${{ vars.LOCATION }} BUNDLE_TYPE: ${{ matrix.BUNDLE_TYPE }} + TAGS: ${{ vars.TAGS }} register_bundles: name: Register Bundles @@ -582,6 +585,7 @@ jobs: TRE_ID: ${{ secrets.TRE_ID }} LOCATION: ${{ vars.LOCATION }} BUNDLE_TYPE: ${{ matrix.BUNDLE_TYPE }} + TAGS: ${{ vars.TAGS }} register_user_resource_bundles: name: Register User Resource Bundles @@ -632,6 +636,7 @@ jobs: LOCATION: ${{ vars.LOCATION }} BUNDLE_TYPE: ${{ matrix.BUNDLE_TYPE }} WORKSPACE_SERVICE_NAME: ${{ matrix.WORKSPACE_SERVICE_NAME }} + TAGS: ${{ vars.TAGS }} deploy_shared_services: name: Deploy shared services @@ -662,6 +667,7 @@ jobs: TEST_ACCOUNT_CLIENT_SECRET: "${{ secrets.TEST_ACCOUNT_CLIENT_SECRET }}" TRE_ID: ${{ secrets.TRE_ID }} LOCATION: ${{ vars.LOCATION }} + TAGS: ${{ vars.TAGS }} - name: State Store Migrations uses: ./.github/actions/devcontainer_run_command @@ -681,6 +687,7 @@ jobs: TERRAFORM_STATE_CONTAINER_NAME: ${{ vars.TERRAFORM_STATE_CONTAINER_NAME }} MGMT_RESOURCE_GROUP_NAME: ${{ secrets.MGMT_RESOURCE_GROUP_NAME }} MGMT_STORAGE_ACCOUNT_NAME: ${{ secrets.MGMT_STORAGE_ACCOUNT_NAME }} + TAGS: ${{ vars.TAGS }} deploy_ui: name: Deploy UI @@ -711,6 +718,7 @@ jobs: MGMT_RESOURCE_GROUP_NAME: ${{ secrets.MGMT_RESOURCE_GROUP_NAME }} MGMT_STORAGE_ACCOUNT_NAME: ${{ secrets.MGMT_STORAGE_ACCOUNT_NAME }} SWAGGER_UI_CLIENT_ID: "${{ secrets.SWAGGER_UI_CLIENT_ID }}" + TAGS: ${{ vars.TAGS }} e2e_tests_smoke: name: "Run E2E Tests (Smoke)" @@ -746,6 +754,7 @@ jobs: TRE_ID: ${{ secrets.TRE_ID }} IS_API_SECURED: false WORKSPACE_APP_SERVICE_PLAN_SKU: ${{ vars.WORKSPACE_APP_SERVICE_PLAN_SKU }} + TAGS: ${{ vars.TAGS }} - name: Upload Test Results if: always() @@ -790,6 +799,7 @@ jobs: IS_API_SECURED: false WORKSPACE_APP_SERVICE_PLAN_SKU: ${{ vars.WORKSPACE_APP_SERVICE_PLAN_SKU }} E2E_TESTS_NUMBER_PROCESSES: ${{ inputs.E2E_TESTS_NUMBER_PROCESSES }} + TAGS: ${{ vars.TAGS }} - name: Upload Test Results if: always() diff --git a/config.sample.yaml b/config.sample.yaml index af790054a8..58bacb1cd2 100644 --- a/config.sample.yaml +++ b/config.sample.yaml @@ -76,3 +76,7 @@ developer_settings: # Used by the API and Resource processor application to change log level # debug: true + +# Specify here tags that should be applied to all resources deployed by the TRE +# tag_name: "tag_value" +# tags: '{"tag_key": "tag_value"}' diff --git a/core/terraform/appgateway/locals.tf b/core/terraform/appgateway/locals.tf index 4962ad86fc..4e5c7b2179 100644 --- a/core/terraform/appgateway/locals.tf +++ b/core/terraform/appgateway/locals.tf @@ -24,10 +24,12 @@ locals { redirect_configuration_name = "rdrcfg-tosecure" certificate_name = "cert-primary" - tre_core_tags = { - tre_id = var.tre_id - tre_core_service_id = var.tre_id - } + tre_core_tags = merge( + var.tre_core_tags, { + tre_id = var.tre_id + tre_core_service_id = var.tre_id + } + ) appgateway_diagnostic_categories_enabled = ["ApplicationGatewayAccessLog", "ApplicationGatewayPerformanceLog", "ApplicationGatewayFirewallLog"] } diff --git a/core/terraform/appgateway/variables.tf b/core/terraform/appgateway/variables.tf index 0338daf200..10a968f567 100644 --- a/core/terraform/appgateway/variables.tf +++ b/core/terraform/appgateway/variables.tf @@ -8,3 +8,8 @@ variable "api_fqdn" {} variable "keyvault_id" {} variable "static_web_dns_zone_id" {} variable "log_analytics_workspace_id" {} +variable "tre_core_tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/core/terraform/locals.tf b/core/terraform/locals.tf index 97608ad1e1..6c72b0af89 100644 --- a/core/terraform/locals.tf +++ b/core/terraform/locals.tf @@ -1,9 +1,11 @@ locals { myip = var.public_deployment_ip_address != "" ? var.public_deployment_ip_address : chomp(data.http.myip[0].response_body) - tre_core_tags = { - tre_id = var.tre_id - tre_core_service_id = var.tre_id - } + tre_core_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_core_service_id = var.tre_id + } + ) api_diagnostic_categories_enabled = [ "AppServiceHTTPLogs", "AppServiceConsoleLogs", "AppServiceAppLogs", "AppServiceFileAuditLogs", diff --git a/core/terraform/main.tf b/core/terraform/main.tf index 79ba9fe11c..9bf305202e 100644 --- a/core/terraform/main.tf +++ b/core/terraform/main.tf @@ -42,12 +42,13 @@ provider "azurerm" { resource "azurerm_resource_group" "core" { location = var.location name = "rg-${var.tre_id}" - tags = { - project = "Azure Trusted Research Environment" - tre_id = var.tre_id - source = "https://github.com/microsoft/AzureTRE/" - ci_git_ref = var.ci_git_ref # TODO: not include if empty - } + tags = merge( + local.tre_core_tags, { + project = "Azure Trusted Research Environment" + tre_id = var.tre_id + source = "https://github.com/microsoft/AzureTRE/" + ci_git_ref = var.ci_git_ref # TODO: not include if empty + }) lifecycle { ignore_changes = [tags] } } @@ -91,6 +92,7 @@ module "appgateway" { keyvault_id = azurerm_key_vault.kv.id static_web_dns_zone_id = module.network.static_web_dns_zone_id log_analytics_workspace_id = module.azure_monitor.log_analytics_workspace_id + tre_core_tags = local.tre_core_tags depends_on = [ module.network, @@ -159,6 +161,7 @@ module "resource_processor_vmss_porter" { resource_processor_vmss_sku = var.resource_processor_vmss_sku arm_environment = var.arm_environment rp_bundle_values = var.rp_bundle_values + tre_core_tags = local.tre_core_tags depends_on = [ module.network, diff --git a/core/terraform/network/locals.tf b/core/terraform/network/locals.tf index aaa2aea7d1..1e3676e1cf 100644 --- a/core/terraform/network/locals.tf +++ b/core/terraform/network/locals.tf @@ -22,10 +22,12 @@ locals { # FREE = local.core_services_vnet_subnets[11] # .128 - .191 # FREE = local.core_services_vnet_subnets[12] # .192 - .254 - tre_core_tags = { - tre_id = var.tre_id - tre_core_service_id = var.tre_id - } + tre_core_tags = merge( + var.tre_core_tags, { + tre_id = var.tre_id + tre_core_service_id = var.tre_id + } + ) private_dns_zone_names = toset([ diff --git a/core/terraform/network/variables.tf b/core/terraform/network/variables.tf index 0f0d8c4067..341b5f5b37 100644 --- a/core/terraform/network/variables.tf +++ b/core/terraform/network/variables.tf @@ -3,3 +3,8 @@ variable "location" {} variable "resource_group_name" {} variable "core_address_space" {} variable "arm_environment" {} +variable "tre_core_tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/core/terraform/resource_processor/vmss_porter/locals.tf b/core/terraform/resource_processor/vmss_porter/locals.tf index c64d9d2c7f..2d0d12f28f 100644 --- a/core/terraform/resource_processor/vmss_porter/locals.tf +++ b/core/terraform/resource_processor/vmss_porter/locals.tf @@ -1,9 +1,11 @@ locals { version = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "") - tre_core_tags = { - tre_id = var.tre_id - tre_core_service_id = var.tre_id - } + tre_core_tags = merge( + var.tre_core_tags, { + tre_id = var.tre_id + tre_core_service_id = var.tre_id + } + ) azure_environment = lookup({ "public" = "AzureCloud" diff --git a/core/terraform/resource_processor/vmss_porter/variables.tf b/core/terraform/resource_processor/vmss_porter/variables.tf index 37a0d22bdc..93982e0fe7 100644 --- a/core/terraform/resource_processor/vmss_porter/variables.tf +++ b/core/terraform/resource_processor/vmss_porter/variables.tf @@ -32,3 +32,9 @@ variable "rp_bundle_values" { locals { rp_bundle_values_formatted = join("\n ", [for key in keys(var.rp_bundle_values) : "RP_BUNDLE_${key}=${var.rp_bundle_values[key]}"]) } + +variable "tre_core_tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/core/terraform/variables.tf b/core/terraform/variables.tf index 5766776051..bed77e5973 100644 --- a/core/terraform/variables.tf +++ b/core/terraform/variables.tf @@ -180,3 +180,9 @@ variable "is_cosmos_defined_throughput" { type = bool default = false } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/devops/terraform/bootstrap.sh b/devops/terraform/bootstrap.sh index 23e02e4c07..937dc15723 100755 --- a/devops/terraform/bootstrap.sh +++ b/devops/terraform/bootstrap.sh @@ -6,12 +6,16 @@ set -o nounset # Baseline Azure resources echo -e "\n\e[34m»»» 🤖 \e[96mCreating resource group and storage account\e[0m..." # shellcheck disable=SC2154 -az group create --resource-group "$TF_VAR_mgmt_resource_group_name" --location "$LOCATION" -o table +az group create --resource-group "$TF_VAR_mgmt_resource_group_name" \ + --location "$LOCATION" \ + -o table \ + --tags $(echo "$TAGS" | jq -r 'to_entries | map("\(.key)=\(.value)")| join(" ")') # shellcheck disable=SC2154 az storage account create --resource-group "$TF_VAR_mgmt_resource_group_name" \ --name "$TF_VAR_mgmt_storage_account_name" --location "$LOCATION" \ --allow-blob-public-access false \ - --kind StorageV2 --sku Standard_LRS -o table + --kind StorageV2 --sku Standard_LRS -o table \ + --tags $(echo "$TAGS" | jq -r 'to_entries | map("\(.key)=\(.value)")| join(" ")') # Blob container # shellcheck disable=SC2154 diff --git a/devops/terraform/main.tf b/devops/terraform/main.tf index 2504e790ca..a953ab60f5 100644 --- a/devops/terraform/main.tf +++ b/devops/terraform/main.tf @@ -7,10 +7,10 @@ resource "azurerm_resource_group" "mgmt" { name = var.mgmt_resource_group_name location = var.location - tags = { + tags = merge(var.tags, { project = "Azure Trusted Research Environment" source = "https://github.com/microsoft/AzureTRE/" - } + }) lifecycle { ignore_changes = [tags] } } @@ -25,6 +25,8 @@ resource "azurerm_storage_account" "state_storage" { account_replication_type = "LRS" allow_nested_items_to_be_public = false + tags = var.tags + lifecycle { ignore_changes = [tags] } } @@ -36,6 +38,8 @@ resource "azurerm_container_registry" "shared_acr" { sku = var.acr_sku admin_enabled = true + tags = var.tags + lifecycle { ignore_changes = [tags] } } @@ -44,6 +48,8 @@ resource "azurerm_container_registry" "shared_acr" { resource "azurerm_container_registry_task" "tredev_purge" { name = "tredev_purge" container_registry_id = azurerm_container_registry.shared_acr.id + tags = var.tags + platform { os = "Linux" architecture = "amd64" diff --git a/devops/terraform/variables.tf b/devops/terraform/variables.tf index 155193098c..aa53badf7b 100644 --- a/devops/terraform/variables.tf +++ b/devops/terraform/variables.tf @@ -23,3 +23,10 @@ variable "acr_name" { type = string description = "Name of ACR" } + + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/admin-vm/parameters.json b/templates/shared_services/admin-vm/parameters.json index ac546acffc..c4c5bb8f52 100755 --- a/templates/shared_services/admin-vm/parameters.json +++ b/templates/shared_services/admin-vm/parameters.json @@ -45,6 +45,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/admin-vm/porter.yaml b/templates/shared_services/admin-vm/porter.yaml index 4ee499acf7..c14706063e 100644 --- a/templates/shared_services/admin-vm/porter.yaml +++ b/templates/shared_services/admin-vm/porter.yaml @@ -40,6 +40,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: admin_jumpbox_vm_sku env: ADMIN_JUMPBOX_VM_SKU type: string @@ -56,6 +61,7 @@ install: tre_id: ${ bundle.parameters.tre_id } tre_resource_id: ${ bundle.parameters.id } admin_jumpbox_vm_sku: ${ bundle.parameters.admin_jumpbox_vm_sku } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -69,6 +75,7 @@ upgrade: tre_id: ${ bundle.parameters.tre_id } tre_resource_id: ${ bundle.parameters.id } admin_jumpbox_vm_sku: ${ bundle.parameters.admin_jumpbox_vm_sku } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -82,6 +89,7 @@ uninstall: tre_id: ${ bundle.parameters.tre_id } tre_resource_id: ${ bundle.parameters.id } admin_jumpbox_vm_sku: ${ bundle.parameters.admin_jumpbox_vm_sku } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/admin-vm/terraform/locals.tf b/templates/shared_services/admin-vm/terraform/locals.tf index f9ad84b852..e33e88c7bc 100644 --- a/templates/shared_services/admin-vm/terraform/locals.tf +++ b/templates/shared_services/admin-vm/terraform/locals.tf @@ -2,8 +2,11 @@ locals { core_vnet = "vnet-${var.tre_id}" core_resource_group_name = "rg-${var.tre_id}" keyvault_name = "kv-${var.tre_id}" - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) } diff --git a/templates/shared_services/admin-vm/terraform/variables.tf b/templates/shared_services/admin-vm/terraform/variables.tf index b52d21ea1e..5e2e2d15e1 100644 --- a/templates/shared_services/admin-vm/terraform/variables.tf +++ b/templates/shared_services/admin-vm/terraform/variables.tf @@ -11,3 +11,9 @@ variable "tre_resource_id" { variable "admin_jumpbox_vm_sku" { type = string } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/airlock_notifier/parameters.json b/templates/shared_services/airlock_notifier/parameters.json index 70d6a9b50e..c010045522 100755 --- a/templates/shared_services/airlock_notifier/parameters.json +++ b/templates/shared_services/airlock_notifier/parameters.json @@ -87,6 +87,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/airlock_notifier/porter.yaml b/templates/shared_services/airlock_notifier/porter.yaml index c287b8677c..9d059fc733 100644 --- a/templates/shared_services/airlock_notifier/porter.yaml +++ b/templates/shared_services/airlock_notifier/porter.yaml @@ -70,6 +70,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" mixins: - exec @@ -91,6 +96,7 @@ install: smtp_password: ${ bundle.parameters.smtpPassword } smtp_server_enable_ssl: ${ bundle.parameters.smtp_server_enable_ssl } smtp_from_email: ${ bundle.parameters.smtp_from_email } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -169,6 +175,7 @@ uninstall: smtp_password: ${ bundle.parameters.smtpPassword } smtp_server_enable_ssl: ${ bundle.parameters.smtp_server_enable_ssl } smtp_from_email: ${ bundle.parameters.smtp_from_email } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/airlock_notifier/terraform/locals.tf b/templates/shared_services/airlock_notifier/terraform/locals.tf index e95ed953b8..611c4c478e 100644 --- a/templates/shared_services/airlock_notifier/terraform/locals.tf +++ b/templates/shared_services/airlock_notifier/terraform/locals.tf @@ -5,9 +5,11 @@ locals { topic_name_suffix = "v2-${var.tre_id}" notification_topic_name = "evgt-airlock-notification-${local.topic_name_suffix}" airlock_notification_eventgrid_subscription_name = "evgs-airlock-notification" - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) default_tre_url = "https://${data.azurerm_public_ip.app_gateway_ip.fqdn}" } diff --git a/templates/shared_services/airlock_notifier/terraform/variables.tf b/templates/shared_services/airlock_notifier/terraform/variables.tf index 158e72e0fc..dc8a79837f 100644 --- a/templates/shared_services/airlock_notifier/terraform/variables.tf +++ b/templates/shared_services/airlock_notifier/terraform/variables.tf @@ -39,3 +39,9 @@ variable "smtp_server_enable_ssl" { type = bool default = false } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/certs/parameters.json b/templates/shared_services/certs/parameters.json index 53dd18791e..99f4f14d09 100755 --- a/templates/shared_services/certs/parameters.json +++ b/templates/shared_services/certs/parameters.json @@ -57,6 +57,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/certs/porter.yaml b/templates/shared_services/certs/porter.yaml index 5f62b4f384..5dfd5ed416 100755 --- a/templates/shared_services/certs/porter.yaml +++ b/templates/shared_services/certs/porter.yaml @@ -42,6 +42,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: domain_prefix type: string description: "The FQDN prefix (prepended to {TRE_ID}.{LOCATION}.cloudapp.azure.com) to generate certificate for" @@ -67,6 +72,7 @@ install: domain_prefix: ${ bundle.parameters.domain_prefix } cert_name: ${ bundle.parameters.cert_name } tre_resource_id: ${ bundle.parameters.id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -130,6 +136,7 @@ uninstall: domain_prefix: ${ bundle.parameters.domain_prefix } cert_name: ${ bundle.parameters.cert_name } tre_resource_id: ${ bundle.parameters.id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/certs/terraform/locals.tf b/templates/shared_services/certs/terraform/locals.tf index 47cb8f6843..4c2af7da90 100644 --- a/templates/shared_services/certs/terraform/locals.tf +++ b/templates/shared_services/certs/terraform/locals.tf @@ -19,8 +19,10 @@ locals { request_routing_rule_name = "rqrt-certs-application" redirect_configuration_name = "rdrcfg-certs-tosecure" - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) } diff --git a/templates/shared_services/certs/terraform/variables.tf b/templates/shared_services/certs/terraform/variables.tf index 4aff0698f5..2ea7e74292 100644 --- a/templates/shared_services/certs/terraform/variables.tf +++ b/templates/shared_services/certs/terraform/variables.tf @@ -14,3 +14,9 @@ variable "tre_resource_id" { type = string description = "Resource ID" } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/cyclecloud/parameters.json b/templates/shared_services/cyclecloud/parameters.json index fe722bc241..d97f56bb49 100755 --- a/templates/shared_services/cyclecloud/parameters.json +++ b/templates/shared_services/cyclecloud/parameters.json @@ -45,6 +45,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/cyclecloud/porter.yaml b/templates/shared_services/cyclecloud/porter.yaml index 4c9ab9b3e1..8eb119e78a 100644 --- a/templates/shared_services/cyclecloud/porter.yaml +++ b/templates/shared_services/cyclecloud/porter.yaml @@ -46,6 +46,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: connection_uri @@ -72,6 +77,7 @@ install: arm_use_msi: ${ bundle.parameters.arm_use_msi } tre_resource_id: ${ bundle.parameters.id } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -91,6 +97,7 @@ upgrade: arm_use_msi: ${ bundle.parameters.arm_use_msi } tre_resource_id: ${ bundle.parameters.id } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -110,6 +117,7 @@ uninstall: arm_use_msi: ${ bundle.parameters.arm_use_msi } tre_resource_id: ${ bundle.parameters.id } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/cyclecloud/terraform/locals.tf b/templates/shared_services/cyclecloud/terraform/locals.tf index 5c3777bc06..8efbd515c7 100644 --- a/templates/shared_services/cyclecloud/terraform/locals.tf +++ b/templates/shared_services/cyclecloud/terraform/locals.tf @@ -4,8 +4,10 @@ locals { short_service_id = substr(var.tre_resource_id, -4, -1) vm_name = "cyclecloud-${local.short_service_id}" storage_name = lower(replace("stgcc${var.tre_id}${local.short_service_id}", "-", "")) - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) } diff --git a/templates/shared_services/cyclecloud/terraform/variables.tf b/templates/shared_services/cyclecloud/terraform/variables.tf index 330dea61e0..cf9ae723fe 100644 --- a/templates/shared_services/cyclecloud/terraform/variables.tf +++ b/templates/shared_services/cyclecloud/terraform/variables.tf @@ -1,3 +1,9 @@ variable "tre_id" {} variable "tre_resource_id" {} variable "arm_environment" {} +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} + diff --git a/templates/shared_services/databricks-auth/parameters.json b/templates/shared_services/databricks-auth/parameters.json index 523dee6c93..33084dc5b8 100644 --- a/templates/shared_services/databricks-auth/parameters.json +++ b/templates/shared_services/databricks-auth/parameters.json @@ -39,6 +39,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/databricks-auth/porter.yaml b/templates/shared_services/databricks-auth/porter.yaml index 92908e8c9d..f51cab0dd6 100644 --- a/templates/shared_services/databricks-auth/porter.yaml +++ b/templates/shared_services/databricks-auth/porter.yaml @@ -42,6 +42,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: databricks_workspace_name @@ -61,6 +66,7 @@ install: tre_resource_id: ${ bundle.parameters.id } tre_id: ${ bundle.parameters.tre_id } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -76,6 +82,7 @@ upgrade: tre_resource_id: ${ bundle.parameters.id } tre_id: ${ bundle.parameters.tre_id } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -91,6 +98,7 @@ uninstall: tre_resource_id: ${ bundle.parameters.id } tre_id: ${ bundle.parameters.tre_id } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/databricks-auth/terraform/locals.tf b/templates/shared_services/databricks-auth/terraform/locals.tf index c92e056672..1bd1f347c4 100644 --- a/templates/shared_services/databricks-auth/terraform/locals.tf +++ b/templates/shared_services/databricks-auth/terraform/locals.tf @@ -14,8 +14,10 @@ locals { container_subnet_name = "adb-container-subnet-${local.service_resource_name_suffix}" network_security_group_name = "nsg-${local.service_resource_name_suffix}" - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) } diff --git a/templates/shared_services/databricks-auth/terraform/variables.tf b/templates/shared_services/databricks-auth/terraform/variables.tf index 8e0b626a1b..8c8553c9be 100644 --- a/templates/shared_services/databricks-auth/terraform/variables.tf +++ b/templates/shared_services/databricks-auth/terraform/variables.tf @@ -9,3 +9,9 @@ variable "tre_resource_id" { } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/firewall/parameters.json b/templates/shared_services/firewall/parameters.json index 0923966196..ec43146d40 100755 --- a/templates/shared_services/firewall/parameters.json +++ b/templates/shared_services/firewall/parameters.json @@ -63,6 +63,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/firewall/porter.yaml b/templates/shared_services/firewall/porter.yaml index c39c5b1297..0704af0398 100644 --- a/templates/shared_services/firewall/porter.yaml +++ b/templates/shared_services/firewall/porter.yaml @@ -54,6 +54,11 @@ parameters: default: "graph.microsoft.com" - name: arm_environment type: string + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" mixins: - terraform: @@ -69,6 +74,7 @@ install: api_driven_network_rule_collections_b64: ${ bundle.parameters.network_rule_collections } sku_tier: ${ bundle.parameters.sku_tier } microsoft_graph_fqdn: ${ bundle.parameters.microsoft_graph_fqdn } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -85,6 +91,7 @@ upgrade: api_driven_network_rule_collections_b64: ${ bundle.parameters.network_rule_collections } sku_tier: ${ bundle.parameters.sku_tier } microsoft_graph_fqdn: ${ bundle.parameters.microsoft_graph_fqdn } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -101,6 +108,7 @@ uninstall: api_driven_network_rule_collections_b64: ${ bundle.parameters.network_rule_collections } sku_tier: ${ bundle.parameters.sku_tier } microsoft_graph_fqdn: ${ bundle.parameters.microsoft_graph_fqdn } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/firewall/terraform/locals.tf b/templates/shared_services/firewall/terraform/locals.tf index 80880c41f7..732b8753ab 100644 --- a/templates/shared_services/firewall/terraform/locals.tf +++ b/templates/shared_services/firewall/terraform/locals.tf @@ -10,10 +10,12 @@ locals { # "AZFWNetworkRule", # "AZFWDnsProxy", ] - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) api_driven_application_rule_collection = jsondecode(base64decode(var.api_driven_rule_collections_b64)) api_driven_network_rule_collection = jsondecode(base64decode(var.api_driven_network_rule_collections_b64)) diff --git a/templates/shared_services/firewall/terraform/variables.tf b/templates/shared_services/firewall/terraform/variables.tf index 974ac891e6..cf46f31015 100644 --- a/templates/shared_services/firewall/terraform/variables.tf +++ b/templates/shared_services/firewall/terraform/variables.tf @@ -27,3 +27,9 @@ variable "sku_tier" { type = string default = "Standard" } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/gitea/parameters.json b/templates/shared_services/gitea/parameters.json index 71aebc5306..54709f7b86 100755 --- a/templates/shared_services/gitea/parameters.json +++ b/templates/shared_services/gitea/parameters.json @@ -45,6 +45,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/gitea/porter.yaml b/templates/shared_services/gitea/porter.yaml index 56af530ec4..a3d38260bb 100644 --- a/templates/shared_services/gitea/porter.yaml +++ b/templates/shared_services/gitea/porter.yaml @@ -51,6 +51,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" mixins: - terraform: @@ -79,6 +84,7 @@ install: mgmt_resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } acr_name: ${ bundle.parameters.mgmt_acr_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -97,6 +103,7 @@ upgrade: mgmt_resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } acr_name: ${ bundle.parameters.mgmt_acr_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -115,6 +122,7 @@ uninstall: mgmt_resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } acr_name: ${ bundle.parameters.mgmt_acr_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/gitea/terraform/locals.tf b/templates/shared_services/gitea/terraform/locals.tf index d5cc148fcf..342efdd82d 100644 --- a/templates/shared_services/gitea/terraform/locals.tf +++ b/templates/shared_services/gitea/terraform/locals.tf @@ -6,10 +6,12 @@ locals { keyvault_name = "kv-${var.tre_id}" version = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "") gitea_allowed_fqdns_list = distinct(compact(split(",", replace(var.gitea_allowed_fqdns, " ", "")))) - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) webapp_diagnostic_categories_enabled = [ "AppServiceHTTPLogs", "AppServiceConsoleLogs", "AppServiceAppLogs", "AppServiceFileAuditLogs", "AppServiceAuditLogs", "AppServiceIPSecAuditLogs", "AppServicePlatformLogs", "AppServiceAntivirusScanAuditLogs" diff --git a/templates/shared_services/gitea/terraform/variables.tf b/templates/shared_services/gitea/terraform/variables.tf index 848a209c69..008536d610 100644 --- a/templates/shared_services/gitea/terraform/variables.tf +++ b/templates/shared_services/gitea/terraform/variables.tf @@ -31,3 +31,9 @@ variable "acr_name" { } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/shared_services/sonatype-nexus-vm/parameters.json b/templates/shared_services/sonatype-nexus-vm/parameters.json index 0e7c0c4e58..af1fcf8791 100755 --- a/templates/shared_services/sonatype-nexus-vm/parameters.json +++ b/templates/shared_services/sonatype-nexus-vm/parameters.json @@ -51,6 +51,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/shared_services/sonatype-nexus-vm/porter.yaml b/templates/shared_services/sonatype-nexus-vm/porter.yaml index 296584bfef..169c54002a 100644 --- a/templates/shared_services/sonatype-nexus-vm/porter.yaml +++ b/templates/shared_services/sonatype-nexus-vm/porter.yaml @@ -43,6 +43,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: ssl_cert_name type: string default: "nexus-ssl" @@ -75,6 +80,7 @@ install: tre_id: ${ bundle.parameters.tre_id } tre_resource_id: ${ bundle.parameters.id } ssl_cert_name: ${ bundle.parameters.ssl_cert_name } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -92,6 +98,7 @@ upgrade: tre_id: ${ bundle.parameters.tre_id } tre_resource_id: ${ bundle.parameters.id } ssl_cert_name: ${ bundle.parameters.ssl_cert_name } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -108,6 +115,7 @@ uninstall: tre_id: ${ bundle.parameters.tre_id } tre_resource_id: ${ bundle.parameters.id } ssl_cert_name: ${ bundle.parameters.ssl_cert_name } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/shared_services/sonatype-nexus-vm/terraform/locals.tf b/templates/shared_services/sonatype-nexus-vm/terraform/locals.tf index 5163ede544..82e55010bd 100644 --- a/templates/shared_services/sonatype-nexus-vm/terraform/locals.tf +++ b/templates/shared_services/sonatype-nexus-vm/terraform/locals.tf @@ -6,8 +6,10 @@ locals { workspace_vm_allowed_fqdns = "r3.o.lencr.org,x1.c.lencr.org" workspace_vm_allowed_fqdns_list = distinct(compact(split(",", replace(local.workspace_vm_allowed_fqdns, " ", "")))) storage_account_name = lower(replace("stg-${var.tre_id}", "-", "")) - tre_shared_service_tags = { - tre_id = var.tre_id - tre_shared_service_id = var.tre_resource_id - } + tre_shared_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_shared_service_id = var.tre_resource_id + } + ) } diff --git a/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf b/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf index 23c2fa3826..d500b84552 100644 --- a/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf +++ b/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf @@ -10,3 +10,9 @@ variable "tre_resource_id" { variable "ssl_cert_name" { type = string } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/azureml/parameters.json b/templates/workspace_services/azureml/parameters.json index e538071afc..a916410c21 100755 --- a/templates/workspace_services/azureml/parameters.json +++ b/templates/workspace_services/azureml/parameters.json @@ -69,6 +69,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/azureml/porter.yaml b/templates/workspace_services/azureml/porter.yaml index 98521a4b96..677be00ffd 100644 --- a/templates/workspace_services/azureml/porter.yaml +++ b/templates/workspace_services/azureml/porter.yaml @@ -61,6 +61,11 @@ parameters: default: false - name: arm_environment env: ARM_ENVIRONMENT + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: azure_environment env: AZURE_ENVIRONMENT @@ -139,6 +144,7 @@ install: auth_tenant_id: ${ bundle.credentials.auth_tenant_id } arm_environment: ${ bundle.parameters.arm_environment } azure_environment: ${ bundle.parameters.azure_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -173,6 +179,7 @@ upgrade: auth_tenant_id: ${ bundle.credentials.auth_tenant_id } arm_environment: ${ bundle.parameters.arm_environment } azure_environment: ${ bundle.parameters.azure_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -207,6 +214,7 @@ uninstall: auth_tenant_id: ${ bundle.credentials.auth_tenant_id } arm_environment: ${ bundle.parameters.arm_environment } azure_environment: ${ bundle.parameters.azure_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/azureml/terraform/locals.tf b/templates/workspace_services/azureml/terraform/locals.tf index ac11d6c921..3ddb1c7f8d 100644 --- a/templates/workspace_services/azureml/terraform/locals.tf +++ b/templates/workspace_services/azureml/terraform/locals.tf @@ -9,9 +9,12 @@ locals { acr_name = lower(replace("acr${substr(local.service_resource_name_suffix, -8, -1)}", "-", "")) keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") storage_name = lower(replace("stg${substr(local.service_resource_name_suffix, -8, -1)}", "-", "")) - tre_workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + + tre_workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) } diff --git a/templates/workspace_services/azureml/terraform/variables.tf b/templates/workspace_services/azureml/terraform/variables.tf index 2ff78807fe..857c4be073 100644 --- a/templates/workspace_services/azureml/terraform/variables.tf +++ b/templates/workspace_services/azureml/terraform/variables.tf @@ -39,3 +39,9 @@ variable "auth_client_secret" { variable "arm_environment" {} variable "azure_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/azureml/user_resources/aml_compute/parameters.json b/templates/workspace_services/azureml/user_resources/aml_compute/parameters.json index cb8d2dd93a..818ccb6f02 100644 --- a/templates/workspace_services/azureml/user_resources/aml_compute/parameters.json +++ b/templates/workspace_services/azureml/user_resources/aml_compute/parameters.json @@ -63,6 +63,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml b/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml index 54851ec4ca..df0913a384 100644 --- a/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml +++ b/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml @@ -53,6 +53,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" mixins: - exec @@ -72,6 +77,7 @@ install: vm_size_sku: ${ bundle.parameters.vm_size } auth_tenant_id: ${ bundle.credentials.auth_tenant_id } user_object_id: ${ bundle.parameters.user_object_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -89,6 +95,7 @@ upgrade: vm_size_sku: ${ bundle.parameters.vm_size } auth_tenant_id: ${ bundle.credentials.auth_tenant_id } user_object_id: ${ bundle.parameters.user_object_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -106,6 +113,7 @@ uninstall: vm_size_sku: ${ bundle.parameters.vm_size } auth_tenant_id: ${ bundle.credentials.auth_tenant_id } user_object_id: ${ bundle.parameters.user_object_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/azureml/user_resources/aml_compute/terraform/locals.tf b/templates/workspace_services/azureml/user_resources/aml_compute/terraform/locals.tf index 805588a862..06555766cc 100644 --- a/templates/workspace_services/azureml/user_resources/aml_compute/terraform/locals.tf +++ b/templates/workspace_services/azureml/user_resources/aml_compute/terraform/locals.tf @@ -7,10 +7,13 @@ locals { aml_workspace_name = lower("ml-${substr(local.service_resource_name_suffix, -30, -1)}") aml_compute_id = "${local.short_service_id}${local.short_user_resource_id}" aml_compute_instance_name = "ci-${local.aml_compute_id}" - tre_user_resources_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.parent_service_id - tre_user_resource_id = var.tre_resource_id - } + + tre_user_resources_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.parent_service_id + tre_user_resource_id = var.tre_resource_id + } + ) } diff --git a/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf b/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf index 8ac575859d..1d60d471fc 100644 --- a/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf +++ b/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf @@ -7,3 +7,9 @@ variable "tre_resource_id" {} variable "parent_service_id" {} variable "auth_tenant_id" {} variable "user_object_id" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/databricks/parameters.json b/templates/workspace_services/databricks/parameters.json index 6b25c34f83..b25967a867 100644 --- a/templates/workspace_services/databricks/parameters.json +++ b/templates/workspace_services/databricks/parameters.json @@ -57,6 +57,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/databricks/porter.yaml b/templates/workspace_services/databricks/porter.yaml index 3fdc4b46f6..b2706f36e4 100644 --- a/templates/workspace_services/databricks/porter.yaml +++ b/templates/workspace_services/databricks/porter.yaml @@ -48,6 +48,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: databricks_workspace_name @@ -115,6 +120,7 @@ install: address_space: ${ bundle.parameters.address_space } is_exposed_externally: ${ bundle.parameters.is_exposed_externally } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -142,6 +148,7 @@ upgrade: address_space: ${ bundle.parameters.address_space } is_exposed_externally: ${ bundle.parameters.is_exposed_externally } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -169,6 +176,7 @@ uninstall: address_space: ${ bundle.parameters.address_space } is_exposed_externally: ${ bundle.parameters.is_exposed_externally } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/databricks/terraform/locals.tf b/templates/workspace_services/databricks/terraform/locals.tf index c78b9898e9..7f94ed34f4 100644 --- a/templates/workspace_services/databricks/terraform/locals.tf +++ b/templates/workspace_services/databricks/terraform/locals.tf @@ -20,9 +20,11 @@ locals { map_location_url_config = jsondecode(file("${path.module}/databricks-udr.json")) storage_name = lower(replace("stgdbfs${substr(local.service_resource_name_suffix, -8, -1)}", "-", "")) - tre_workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + tre_workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) } diff --git a/templates/workspace_services/databricks/terraform/variables.tf b/templates/workspace_services/databricks/terraform/variables.tf index 9dde4b6094..7a49680e9a 100644 --- a/templates/workspace_services/databricks/terraform/variables.tf +++ b/templates/workspace_services/databricks/terraform/variables.tf @@ -24,3 +24,9 @@ variable "is_exposed_externally" { } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/gitea/parameters.json b/templates/workspace_services/gitea/parameters.json index 446a3685f4..0fa00a7608 100755 --- a/templates/workspace_services/gitea/parameters.json +++ b/templates/workspace_services/gitea/parameters.json @@ -63,6 +63,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/gitea/porter.yaml b/templates/workspace_services/gitea/porter.yaml index 5a94f17c31..4a799ded3d 100644 --- a/templates/workspace_services/gitea/porter.yaml +++ b/templates/workspace_services/gitea/porter.yaml @@ -60,6 +60,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: aad_authority_url type: string default: "https://login.microsoftonline.com" @@ -97,6 +102,7 @@ install: mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -118,6 +124,7 @@ upgrade: mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -139,6 +146,7 @@ uninstall: mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/gitea/terraform/locals.tf b/templates/workspace_services/gitea/terraform/locals.tf index 57122a09d3..a12d071463 100644 --- a/templates/workspace_services/gitea/terraform/locals.tf +++ b/templates/workspace_services/gitea/terraform/locals.tf @@ -8,11 +8,13 @@ locals { core_resource_group_name = "rg-${var.tre_id}" keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") version = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "") - workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.id - } + workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.id + } + ) web_app_diagnostic_categories_enabled = [ "AppServiceHTTPLogs", "AppServiceConsoleLogs", "AppServiceAppLogs", "AppServiceFileAuditLogs", "AppServiceAuditLogs", "AppServiceIPSecAuditLogs", "AppServicePlatformLogs", "AppServiceAntivirusScanAuditLogs" diff --git a/templates/workspace_services/gitea/terraform/variables.tf b/templates/workspace_services/gitea/terraform/variables.tf index 8e7e1e01d1..868e170211 100644 --- a/templates/workspace_services/gitea/terraform/variables.tf +++ b/templates/workspace_services/gitea/terraform/variables.tf @@ -10,3 +10,9 @@ variable "gitea_storage_limit" { default = 100 } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/guacamole/parameters.json b/templates/workspace_services/guacamole/parameters.json index 253f44127d..4337a52025 100755 --- a/templates/workspace_services/guacamole/parameters.json +++ b/templates/workspace_services/guacamole/parameters.json @@ -117,6 +117,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/guacamole/porter.yaml b/templates/workspace_services/guacamole/porter.yaml index 3ba34ac9e2..5689862cc1 100644 --- a/templates/workspace_services/guacamole/porter.yaml +++ b/templates/workspace_services/guacamole/porter.yaml @@ -105,6 +105,11 @@ parameters: default: false - name: arm_environment type: string + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: connection_uri @@ -145,6 +150,7 @@ install: tre_resource_id: ${ bundle.parameters.id } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -176,6 +182,7 @@ upgrade: tre_resource_id: ${ bundle.parameters.id } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -207,6 +214,7 @@ uninstall: tre_resource_id: ${ bundle.parameters.id } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/guacamole/terraform/locals.tf b/templates/workspace_services/guacamole/terraform/locals.tf index 59b77e8a00..bccdcbfe3c 100644 --- a/templates/workspace_services/guacamole/terraform/locals.tf +++ b/templates/workspace_services/guacamole/terraform/locals.tf @@ -14,11 +14,13 @@ locals { image_tag_from_file = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "") image_tag = var.image_tag == "" ? local.image_tag_from_file : var.image_tag identity_name = "id-${local.webapp_name}" - workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) guacamole_diagnostic_categories_enabled = [ "AppServiceHTTPLogs", "AppServiceConsoleLogs", "AppServiceAppLogs", "AppServiceFileAuditLogs", "AppServiceAuditLogs", "AppServiceIPSecAuditLogs", "AppServicePlatformLogs", "AppServiceAntivirusScanAuditLogs" diff --git a/templates/workspace_services/guacamole/terraform/variables.tf b/templates/workspace_services/guacamole/terraform/variables.tf index d67d05c3da..1844ec578b 100644 --- a/templates/workspace_services/guacamole/terraform/variables.tf +++ b/templates/workspace_services/guacamole/terraform/variables.tf @@ -15,3 +15,9 @@ variable "guac_disable_upload" {} variable "is_exposed_externally" {} variable "tre_resource_id" {} variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/parameters.json index 9c6ec9b9f3..aa4f9322bc 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/parameters.json @@ -75,6 +75,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml index 54d3858e9f..f0f735b8a0 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml @@ -65,6 +65,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: os_image type: string default: "Server 2019 Data Science VM" @@ -115,6 +120,7 @@ install: image: ${ bundle.parameters.os_image } vm_size: ${ bundle.parameters.vm_size } airlock_request_sas_url: ${ bundle.parameters.airlock_request_sas_url } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -137,6 +143,7 @@ upgrade: image: ${ bundle.parameters.os_image } vm_size: ${ bundle.parameters.vm_size } airlock_request_sas_url: "unused" + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -168,6 +175,7 @@ uninstall: image: ${ bundle.parameters.os_image } vm_size: ${ bundle.parameters.vm_size } airlock_request_sas_url: "unused" + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/locals.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/locals.tf index 508f1083c2..71e03e3c85 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/locals.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/locals.tf @@ -7,12 +7,14 @@ locals { vm_name = "windowsvm${local.short_service_id}" keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") vm_password_secret_name = "${local.vm_name}-admin-credentials" - tre_user_resources_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.parent_service_id - tre_user_resource_id = var.tre_resource_id - } + tre_user_resources_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.parent_service_id + tre_user_resource_id = var.tre_resource_id + } + ) # Load VM SKU/image details from porter.yaml porter_yaml = yamldecode(file("${path.module}/../porter.yaml")) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf index baa4d18db1..089ca589e3 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf @@ -8,3 +8,9 @@ variable "image_gallery_id" { default = "" } variable "airlock_request_sas_url" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/parameters.json index 5e12488c7e..8a15925806 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/parameters.json @@ -81,6 +81,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml index 02e189e084..c58101773f 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml @@ -74,6 +74,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: os_image type: string default: "Server 2019 Data Science VM" @@ -125,6 +130,7 @@ install: vm_size: ${ bundle.parameters.vm_size } image_gallery_id: ${ bundle.parameters.image_gallery_id } airlock_request_sas_url: ${ bundle.parameters.airlock_request_sas_url } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -148,6 +154,7 @@ upgrade: vm_size: ${ bundle.parameters.vm_size } image_gallery_id: ${ bundle.parameters.image_gallery_id } airlock_request_sas_url: "unused" + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -180,6 +187,7 @@ uninstall: vm_size: ${ bundle.parameters.vm_size } image_gallery_id: ${ bundle.parameters.image_gallery_id } airlock_request_sas_url: "unused" + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/locals.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/locals.tf index 508f1083c2..71e03e3c85 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/locals.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/locals.tf @@ -7,12 +7,14 @@ locals { vm_name = "windowsvm${local.short_service_id}" keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") vm_password_secret_name = "${local.vm_name}-admin-credentials" - tre_user_resources_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.parent_service_id - tre_user_resource_id = var.tre_resource_id - } + tre_user_resources_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.parent_service_id + tre_user_resource_id = var.tre_resource_id + } + ) # Load VM SKU/image details from porter.yaml porter_yaml = yamldecode(file("${path.module}/../porter.yaml")) diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf index baa4d18db1..089ca589e3 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf @@ -8,3 +8,9 @@ variable "image_gallery_id" { default = "" } variable "airlock_request_sas_url" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/parameters.json index 0c4dc1a484..f95a454842 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/parameters.json @@ -87,6 +87,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml index 5330af99b4..995c5a058c 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml @@ -89,6 +89,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: os_image type: string default: "Ubuntu 18.04 Data Science VM" @@ -143,6 +148,7 @@ install: shared_storage_access: ${ bundle.parameters.shared_storage_access } shared_storage_name: ${ bundle.parameters.shared_storage_name } image_gallery_id: ${ bundle.parameters.image_gallery_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -167,6 +173,7 @@ upgrade: shared_storage_access: ${ bundle.parameters.shared_storage_access } shared_storage_name: ${ bundle.parameters.shared_storage_name } image_gallery_id: ${ bundle.parameters.image_gallery_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -200,6 +207,7 @@ uninstall: shared_storage_access: ${ bundle.parameters.shared_storage_access } shared_storage_name: ${ bundle.parameters.shared_storage_name } image_gallery_id: ${ bundle.parameters.image_gallery_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/locals.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/locals.tf index 43a6d5982b..abbf11e50c 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/locals.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/locals.tf @@ -8,12 +8,14 @@ locals { keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") storage_name = lower(replace("stg${substr(local.workspace_resource_name_suffix, -8, -1)}", "-", "")) vm_password_secret_name = "${local.vm_name}-admin-credentials" - tre_user_resources_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.parent_service_id - tre_user_resource_id = var.tre_resource_id - } + tre_user_resources_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.parent_service_id + tre_user_resource_id = var.tre_resource_id + } + ) nexus_proxy_url = "https://nexus-${data.azurerm_public_ip.app_gateway_ip.fqdn}" # Load VM SKU/image details from porter.yaml diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf index 039498e60f..51ece4f9cb 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf @@ -11,3 +11,9 @@ variable "shared_storage_name" {} variable "image_gallery_id" { default = "" } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/parameters.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/parameters.json index 23e54b669b..9802b14f20 100755 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/parameters.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/parameters.json @@ -87,6 +87,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml index db889ca8bb..b0b1b609ce 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml @@ -100,6 +100,11 @@ parameters: default: "vm-shared-storage" - name: arm_environment type: string + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: ip @@ -142,6 +147,7 @@ install: shared_storage_access: ${ bundle.parameters.shared_storage_access } shared_storage_name: ${ bundle.parameters.shared_storage_name } image_gallery_id: ${ bundle.parameters.image_gallery_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -166,6 +172,7 @@ upgrade: shared_storage_access: ${ bundle.parameters.shared_storage_access } shared_storage_name: ${ bundle.parameters.shared_storage_name } image_gallery_id: ${ bundle.parameters.image_gallery_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -199,6 +206,7 @@ uninstall: shared_storage_access: ${ bundle.parameters.shared_storage_access } shared_storage_name: ${ bundle.parameters.shared_storage_name } image_gallery_id: ${ bundle.parameters.image_gallery_id } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/locals.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/locals.tf index e5137d1967..560496345f 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/locals.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/locals.tf @@ -8,12 +8,14 @@ locals { keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") storage_name = lower(replace("stg${substr(local.workspace_resource_name_suffix, -8, -1)}", "-", "")) vm_password_secret_name = "${local.vm_name}-admin-credentials" - tre_user_resources_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.parent_service_id - tre_user_resource_id = var.tre_resource_id - } + tre_user_resources_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.parent_service_id + tre_user_resource_id = var.tre_resource_id + } + ) nexus_proxy_url = "https://nexus-${data.azurerm_public_ip.app_gateway_ip.fqdn}" # Load VM SKU/image details from porter.yaml diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf index 039498e60f..51ece4f9cb 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf @@ -11,3 +11,9 @@ variable "shared_storage_name" {} variable "image_gallery_id" { default = "" } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/health-services/parameters.json b/templates/workspace_services/health-services/parameters.json index b1cc804737..74704dcfa3 100644 --- a/templates/workspace_services/health-services/parameters.json +++ b/templates/workspace_services/health-services/parameters.json @@ -69,6 +69,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/health-services/porter.yaml b/templates/workspace_services/health-services/porter.yaml index 6a04c11720..37f2a65e08 100644 --- a/templates/workspace_services/health-services/porter.yaml +++ b/templates/workspace_services/health-services/porter.yaml @@ -57,6 +57,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: deploy_fhir type: boolean default: false @@ -103,6 +108,7 @@ install: auth_tenant_id: ${ bundle.credentials.auth_tenant_id } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -128,6 +134,7 @@ upgrade: auth_tenant_id: ${ bundle.credentials.auth_tenant_id } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -153,6 +160,7 @@ uninstall: auth_tenant_id: ${ bundle.credentials.auth_tenant_id } aad_authority_url: ${ bundle.parameters.aad_authority_url } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/health-services/terraform/locals.tf b/templates/workspace_services/health-services/terraform/locals.tf index e0b3f54f34..3217026b66 100644 --- a/templates/workspace_services/health-services/terraform/locals.tf +++ b/templates/workspace_services/health-services/terraform/locals.tf @@ -7,9 +7,11 @@ locals { service_resource_name_suffix = "${local.short_workspace_id}svc${local.short_service_id}" authority = "${var.aad_authority_url}/${local.aad_tenant_id}" core_resource_group_name = "rg-${var.tre_id}" - workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) } diff --git a/templates/workspace_services/health-services/terraform/variables.tf b/templates/workspace_services/health-services/terraform/variables.tf index 974eb07c47..9b7a20bfb1 100644 --- a/templates/workspace_services/health-services/terraform/variables.tf +++ b/templates/workspace_services/health-services/terraform/variables.tf @@ -49,3 +49,9 @@ variable "auth_client_secret" { } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/innereye/parameters.json b/templates/workspace_services/innereye/parameters.json index 54d98bba87..938ddd9333 100755 --- a/templates/workspace_services/innereye/parameters.json +++ b/templates/workspace_services/innereye/parameters.json @@ -69,6 +69,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/innereye/porter.yaml b/templates/workspace_services/innereye/porter.yaml index 03b72d9b2d..338691656a 100644 --- a/templates/workspace_services/innereye/porter.yaml +++ b/templates/workspace_services/innereye/porter.yaml @@ -55,6 +55,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" mixins: - exec @@ -103,6 +108,7 @@ install: arm_client_secret: ${ bundle.credentials.azure_client_secret } arm_use_msi: ${ bundle.parameters.arm_use_msi } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -132,6 +138,7 @@ uninstall: arm_client_secret: ${ bundle.credentials.azure_client_secret } arm_use_msi: ${ bundle.parameters.arm_use_msi } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/innereye/terraform/locals.tf b/templates/workspace_services/innereye/terraform/locals.tf index 76382b64df..6c3dad59f5 100644 --- a/templates/workspace_services/innereye/terraform/locals.tf +++ b/templates/workspace_services/innereye/terraform/locals.tf @@ -10,9 +10,11 @@ locals { aml_compute_id = substr("${var.tre_id}${var.workspace_id}${local.short_service_id}", -12, -1) aml_compute_cluster_name = "cp-${local.aml_compute_id}" azureml_acr_name = lower(replace("acr${substr(local.service_resource_name_suffix, -8, -1)}", "-", "")) - tre_workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + tre_workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) } diff --git a/templates/workspace_services/innereye/terraform/variables.tf b/templates/workspace_services/innereye/terraform/variables.tf index 5ecfa1cf4c..5803c2a33c 100644 --- a/templates/workspace_services/innereye/terraform/variables.tf +++ b/templates/workspace_services/innereye/terraform/variables.tf @@ -10,3 +10,9 @@ variable "arm_use_msi" { variable "inference_sp_client_id" {} variable "inference_sp_client_secret" {} variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/mlflow/parameters.json b/templates/workspace_services/mlflow/parameters.json index 28fe205798..43606c3364 100644 --- a/templates/workspace_services/mlflow/parameters.json +++ b/templates/workspace_services/mlflow/parameters.json @@ -57,6 +57,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/mlflow/porter.yaml b/templates/workspace_services/mlflow/porter.yaml index 2700fcd0cc..0f2f4a230e 100644 --- a/templates/workspace_services/mlflow/porter.yaml +++ b/templates/workspace_services/mlflow/porter.yaml @@ -59,6 +59,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: internal_connection_uri @@ -82,6 +87,7 @@ install: mgmt_acr_name: ${ bundle.parameters.mgmt_acr_name } mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -100,6 +106,7 @@ upgrade: mgmt_acr_name: ${ bundle.parameters.mgmt_acr_name } mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -118,6 +125,7 @@ uninstall: mgmt_acr_name: ${ bundle.parameters.mgmt_acr_name } mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/mlflow/terraform/locals.tf b/templates/workspace_services/mlflow/terraform/locals.tf index 460981cb35..2717f4c381 100644 --- a/templates/workspace_services/mlflow/terraform/locals.tf +++ b/templates/workspace_services/mlflow/terraform/locals.tf @@ -12,11 +12,13 @@ locals { mlflow_artefacts_container_name = "mlartefacts" image_name = "mlflow-server" image_tag = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "") - tre_workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + tre_workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) web_app_diagnostic_categories_enabled = [ "AppServiceHTTPLogs", "AppServiceConsoleLogs", "AppServiceAppLogs", "AppServiceFileAuditLogs", "AppServiceAuditLogs", "AppServiceIPSecAuditLogs", "AppServicePlatformLogs", "AppServiceAntivirusScanAuditLogs" diff --git a/templates/workspace_services/mlflow/terraform/variables.tf b/templates/workspace_services/mlflow/terraform/variables.tf index f2c9d40151..677fbaf4e2 100644 --- a/templates/workspace_services/mlflow/terraform/variables.tf +++ b/templates/workspace_services/mlflow/terraform/variables.tf @@ -11,3 +11,9 @@ variable "is_exposed_externally" { default = false } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/mysql/parameters.json b/templates/workspace_services/mysql/parameters.json index 547e5f9785..5860144c00 100644 --- a/templates/workspace_services/mysql/parameters.json +++ b/templates/workspace_services/mysql/parameters.json @@ -63,6 +63,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/mysql/porter.yaml b/templates/workspace_services/mysql/porter.yaml index d87e0c3fe0..465016ca97 100644 --- a/templates/workspace_services/mysql/porter.yaml +++ b/templates/workspace_services/mysql/porter.yaml @@ -45,6 +45,11 @@ parameters: env: ARM_ENVIRONMENT type: string default: "public" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" - name: sql_sku type: string default: "GP | 5GB 2vCores" @@ -77,6 +82,7 @@ install: storage_mb: ${ bundle.parameters.storage_mb } db_name: ${ bundle.parameters.db_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -101,6 +107,7 @@ uninstall: storage_mb: ${ bundle.parameters.storage_mb } db_name: ${ bundle.parameters.db_name } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/mysql/terraform/locals.tf b/templates/workspace_services/mysql/terraform/locals.tf index d666bfa202..e09c838b2f 100644 --- a/templates/workspace_services/mysql/terraform/locals.tf +++ b/templates/workspace_services/mysql/terraform/locals.tf @@ -11,9 +11,11 @@ locals { "GP | 5GB 6vCores" = { value = "GP_Gen5_6" }, "GP | 5GB 8vCores" = { value = "GP_Gen5_8" } } - workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) } diff --git a/templates/workspace_services/mysql/terraform/variables.tf b/templates/workspace_services/mysql/terraform/variables.tf index 20fbbd5589..36d8b97f8a 100644 --- a/templates/workspace_services/mysql/terraform/variables.tf +++ b/templates/workspace_services/mysql/terraform/variables.tf @@ -11,3 +11,9 @@ variable "storage_mb" { } } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspace_services/ohdsi/parameters.json b/templates/workspace_services/ohdsi/parameters.json index e316c1fa1b..bef2a1ed80 100644 --- a/templates/workspace_services/ohdsi/parameters.json +++ b/templates/workspace_services/ohdsi/parameters.json @@ -75,6 +75,12 @@ "source": { "env": "DATA_SOURCE_DAIMONS" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspace_services/ohdsi/porter.yaml b/templates/workspace_services/ohdsi/porter.yaml index 4140ca2b05..7b49eaac4e 100644 --- a/templates/workspace_services/ohdsi/porter.yaml +++ b/templates/workspace_services/ohdsi/porter.yaml @@ -53,6 +53,11 @@ parameters: - name: azure_environment type: string description: "Used by Azure CLI to set the Azure environment" + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" # parameters for configuring the data source - name: configure_data_source @@ -121,6 +126,7 @@ install: configure_data_source: ${ bundle.parameters.configure_data_source } data_source_config: ${ bundle.parameters.data_source_config } data_source_daimons: ${ bundle.parameters.data_source_daimons } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -165,6 +171,7 @@ upgrade: configure_data_source: ${ bundle.parameters.configure_data_source } data_source_config: ${ bundle.parameters.data_source_config } data_source_daimons: ${ bundle.parameters.data_source_daimons } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -187,6 +194,7 @@ uninstall: configure_data_source: ${ bundle.parameters.configure_data_source } data_source_config: ${ bundle.parameters.data_source_config } data_source_daimons: ${ bundle.parameters.data_source_daimons } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspace_services/ohdsi/terraform/locals.tf b/templates/workspace_services/ohdsi/terraform/locals.tf index 0d13412ee3..1140af0ae0 100644 --- a/templates/workspace_services/ohdsi/terraform/locals.tf +++ b/templates/workspace_services/ohdsi/terraform/locals.tf @@ -51,11 +51,13 @@ locals { "AppServiceHTTPLogs" ] - tre_workspace_service_tags = { - tre_id = var.tre_id - tre_workspace_id = var.workspace_id - tre_workspace_service_id = var.tre_resource_id - } + tre_workspace_service_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.workspace_id + tre_workspace_service_id = var.tre_resource_id + } + ) # Data Source configuration dialects = local.porter_yaml["custom"]["dialects"] diff --git a/templates/workspace_services/ohdsi/terraform/variables.tf b/templates/workspace_services/ohdsi/terraform/variables.tf index 26c9f8d505..e779e23ee1 100644 --- a/templates/workspace_services/ohdsi/terraform/variables.tf +++ b/templates/workspace_services/ohdsi/terraform/variables.tf @@ -34,3 +34,9 @@ variable "data_source_daimons" { type = string default = null } + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspaces/airlock-import-review/parameters.json b/templates/workspaces/airlock-import-review/parameters.json index 3af43908f2..5e60ab5532 100755 --- a/templates/workspaces/airlock-import-review/parameters.json +++ b/templates/workspaces/airlock-import-review/parameters.json @@ -135,6 +135,12 @@ "source": { "env": "AZURE_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspaces/airlock-import-review/porter.yaml b/templates/workspaces/airlock-import-review/porter.yaml index 39d1b9567f..3dcc0cd794 100644 --- a/templates/workspaces/airlock-import-review/porter.yaml +++ b/templates/workspaces/airlock-import-review/porter.yaml @@ -114,6 +114,11 @@ parameters: default: "P1v3" - name: arm_environment type: string + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: app_role_id_workspace_owner @@ -178,6 +183,7 @@ install: app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: false arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -221,6 +227,7 @@ upgrade: app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: false arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -287,6 +294,7 @@ uninstall: app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: false arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspaces/base/parameters.json b/templates/workspaces/base/parameters.json index 0e9e74165a..7663f4bf68 100755 --- a/templates/workspaces/base/parameters.json +++ b/templates/workspaces/base/parameters.json @@ -147,6 +147,12 @@ "source": { "env": "AZURE_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspaces/base/porter.yaml b/templates/workspaces/base/porter.yaml index 70080380d0..331bef744d 100644 --- a/templates/workspaces/base/porter.yaml +++ b/templates/workspaces/base/porter.yaml @@ -116,6 +116,11 @@ parameters: default: true - name: arm_environment type: string + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: app_role_id_workspace_owner @@ -177,6 +182,7 @@ install: app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: ${ bundle.parameters.enable_airlock } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -217,6 +223,7 @@ upgrade: app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: ${ bundle.parameters.enable_airlock } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -280,6 +287,7 @@ uninstall: app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: ${ bundle.parameters.enable_airlock } arm_environment: ${ bundle.parameters.arm_environment } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } diff --git a/templates/workspaces/base/terraform/locals.tf b/templates/workspaces/base/terraform/locals.tf index 9de7b57b56..5dffc1c756 100644 --- a/templates/workspaces/base/terraform/locals.tf +++ b/templates/workspaces/base/terraform/locals.tf @@ -4,8 +4,10 @@ locals { storage_name = lower(replace("stg${substr(local.workspace_resource_name_suffix, -8, -1)}", "-", "")) keyvault_name = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}") redacted_senstive_value = "REDACTED" - tre_workspace_tags = { - tre_id = var.tre_id - tre_workspace_id = var.tre_resource_id - } + tre_workspace_tags = merge( + var.tags, { + tre_id = var.tre_id + tre_workspace_id = var.tre_resource_id + } + ) } diff --git a/templates/workspaces/base/terraform/variables.tf b/templates/workspaces/base/terraform/variables.tf index 3977257b2b..557321d62d 100644 --- a/templates/workspaces/base/terraform/variables.tf +++ b/templates/workspaces/base/terraform/variables.tf @@ -120,3 +120,9 @@ variable "workspace_owner_object_id" { } variable "arm_environment" {} + +variable "tags" { + type = map(string) + description = "Tags to be applied to all resources" + default = {} +} diff --git a/templates/workspaces/unrestricted/parameters.json b/templates/workspaces/unrestricted/parameters.json index 77e5faf93c..f990a1f120 100755 --- a/templates/workspaces/unrestricted/parameters.json +++ b/templates/workspaces/unrestricted/parameters.json @@ -147,6 +147,12 @@ "source": { "env": "ARM_ENVIRONMENT" } + }, + { + "name": "tags", + "source": { + "env": "TAGS" + } } ] } diff --git a/templates/workspaces/unrestricted/porter.yaml b/templates/workspaces/unrestricted/porter.yaml index 6d19b52954..9b58a561b1 100644 --- a/templates/workspaces/unrestricted/porter.yaml +++ b/templates/workspaces/unrestricted/porter.yaml @@ -118,6 +118,11 @@ parameters: - name: enable_airlock type: boolean default: false + - name: tags + env: TAGS + type: string + description: "Tags to be applied to all resources" + default: "{}" outputs: - name: app_role_id_workspace_owner @@ -182,6 +187,7 @@ install: aad_redirect_uris_b64: ${ bundle.parameters.aad_redirect_uris } app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: ${ bundle.parameters.enable_airlock } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -225,6 +231,7 @@ upgrade: aad_redirect_uris_b64: ${ bundle.parameters.aad_redirect_uris } app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: ${ bundle.parameters.enable_airlock } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } @@ -291,6 +298,7 @@ uninstall: aad_redirect_uris_b64: ${ bundle.parameters.aad_redirect_uris } app_service_plan_sku: ${ bundle.parameters.app_service_plan_sku } enable_airlock: ${ bundle.parameters.enable_airlock } + tags: ${ bundle.parameters.tags } backendConfig: resource_group_name: ${ bundle.parameters.tfstate_resource_group_name } storage_account_name: ${ bundle.parameters.tfstate_storage_account_name } From 33b2b328df8accbdb39f06a1d715bce64247a30e Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Wed, 26 Jul 2023 17:20:06 +0200 Subject: [PATCH 02/14] Fixes to incorporate tags in network module and resource processor --- core/terraform/main.tf | 1 + core/terraform/resource_processor/vmss_porter/cloud-config.yaml | 1 + core/terraform/resource_processor/vmss_porter/data.tf | 1 + 3 files changed, 3 insertions(+) diff --git a/core/terraform/main.tf b/core/terraform/main.tf index 9bf305202e..d2286b60b5 100644 --- a/core/terraform/main.tf +++ b/core/terraform/main.tf @@ -79,6 +79,7 @@ module "network" { resource_group_name = azurerm_resource_group.core.name core_address_space = var.core_address_space arm_environment = var.arm_environment + tre_core_tags = local.tre_core_tags } module "appgateway" { diff --git a/core/terraform/resource_processor/vmss_porter/cloud-config.yaml b/core/terraform/resource_processor/vmss_porter/cloud-config.yaml index b1d1223543..7bf5443ca1 100644 --- a/core/terraform/resource_processor/vmss_porter/cloud-config.yaml +++ b/core/terraform/resource_processor/vmss_porter/cloud-config.yaml @@ -57,6 +57,7 @@ write_files: AZURE_ENVIRONMENT=${azure_environment} AAD_AUTHORITY_URL=${aad_authority_url} MICROSOFT_GRAPH_FQDN=${microsoft_graph_fqdn} + RP_BUNDLE_tags=${tags} ${rp_bundle_values} - path: /etc/cron.hourly/docker-prune # An hourly cron job to have docker free disk space. Running this frquently diff --git a/core/terraform/resource_processor/vmss_porter/data.tf b/core/terraform/resource_processor/vmss_porter/data.tf index e3fba4dbe9..cea40a43ec 100644 --- a/core/terraform/resource_processor/vmss_porter/data.tf +++ b/core/terraform/resource_processor/vmss_porter/data.tf @@ -30,6 +30,7 @@ data "template_file" "cloudconfig" { aad_authority_url = module.terraform_azurerm_environment_configuration.active_directory_endpoint microsoft_graph_fqdn = regex("(?:(?P[^:/?#]+):)?(?://(?P[^/?#:]*))?", module.terraform_azurerm_environment_configuration.microsoft_graph_endpoint).fqdn rp_bundle_values = local.rp_bundle_values_formatted + tags = replace(jsonencode(local.tre_core_tags), "\"", "'") } } From 0612121f2d1f40e8919b1697e46a9668315dfa91 Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Wed, 2 Aug 2023 09:41:14 +0200 Subject: [PATCH 03/14] Minor version increment for each template that now support TAGS parameters to be applied to all azure resources deployed --- templates/shared_services/admin-vm/porter.yaml | 2 +- templates/shared_services/airlock_notifier/porter.yaml | 2 +- templates/shared_services/certs/porter.yaml | 2 +- templates/shared_services/cyclecloud/porter.yaml | 2 +- templates/shared_services/databricks-auth/porter.yaml | 2 +- templates/shared_services/firewall/porter.yaml | 2 +- templates/shared_services/gitea/porter.yaml | 2 +- templates/shared_services/sonatype-nexus-vm/porter.yaml | 2 +- templates/workspace_services/azureml/porter.yaml | 2 +- .../azureml/user_resources/aml_compute/porter.yaml | 2 +- templates/workspace_services/databricks/porter.yaml | 2 +- templates/workspace_services/gitea/porter.yaml | 2 +- templates/workspace_services/guacamole/porter.yaml | 2 +- .../user_resources/guacamole-azure-export-reviewvm/porter.yaml | 2 +- .../user_resources/guacamole-azure-import-reviewvm/porter.yaml | 2 +- .../user_resources/guacamole-azure-linuxvm/porter.yaml | 2 +- .../user_resources/guacamole-azure-windowsvm/porter.yaml | 2 +- templates/workspace_services/health-services/porter.yaml | 2 +- templates/workspace_services/innereye/porter.yaml | 2 +- templates/workspace_services/mlflow/porter.yaml | 2 +- templates/workspace_services/mysql/porter.yaml | 2 +- templates/workspace_services/ohdsi/porter.yaml | 2 +- templates/workspaces/airlock-import-review/porter.yaml | 2 +- templates/workspaces/base/porter.yaml | 2 +- templates/workspaces/unrestricted/porter.yaml | 2 +- 25 files changed, 25 insertions(+), 25 deletions(-) diff --git a/templates/shared_services/admin-vm/porter.yaml b/templates/shared_services/admin-vm/porter.yaml index c14706063e..9042ee76fd 100644 --- a/templates/shared_services/admin-vm/porter.yaml +++ b/templates/shared_services/admin-vm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-admin-vm -version: 0.4.0 +version: 0.5.0 description: "An admin vm shared service" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/shared_services/airlock_notifier/porter.yaml b/templates/shared_services/airlock_notifier/porter.yaml index 9d059fc733..b337c02c99 100644 --- a/templates/shared_services/airlock_notifier/porter.yaml +++ b/templates/shared_services/airlock_notifier/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-airlock-notifier -version: 0.9.0 +version: 0.10.0 description: "A shared service notifying on Airlock Operations" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/shared_services/certs/porter.yaml b/templates/shared_services/certs/porter.yaml index 5dfd5ed416..c10ddc953e 100755 --- a/templates/shared_services/certs/porter.yaml +++ b/templates/shared_services/certs/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-certs -version: 0.5.0 +version: 0.6.0 description: "An Azure TRE shared service to generate certificates for a specified internal domain using Letsencrypt" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/shared_services/cyclecloud/porter.yaml b/templates/shared_services/cyclecloud/porter.yaml index 8eb119e78a..da649dbd74 100644 --- a/templates/shared_services/cyclecloud/porter.yaml +++ b/templates/shared_services/cyclecloud/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-cyclecloud -version: 0.5.1 +version: 0.6.0 description: "An Azure TRE Shared Service Template for Azure Cyclecloud" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/shared_services/databricks-auth/porter.yaml b/templates/shared_services/databricks-auth/porter.yaml index f51cab0dd6..3e7d95f8dd 100644 --- a/templates/shared_services/databricks-auth/porter.yaml +++ b/templates/shared_services/databricks-auth/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-databricks-private-auth -version: 0.1.1 +version: 0.2.0 description: "An Azure TRE shared service for Azure Databricks autnetication." registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/shared_services/firewall/porter.yaml b/templates/shared_services/firewall/porter.yaml index 0704af0398..b857e204b6 100644 --- a/templates/shared_services/firewall/porter.yaml +++ b/templates/shared_services/firewall/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-firewall -version: 1.1.1 +version: 1.2.0 description: "An Azure TRE Firewall shared service" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/shared_services/gitea/porter.yaml b/templates/shared_services/gitea/porter.yaml index a3d38260bb..0b24250950 100644 --- a/templates/shared_services/gitea/porter.yaml +++ b/templates/shared_services/gitea/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-gitea -version: 0.6.1 +version: 0.7.0 description: "A Gitea shared service" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/shared_services/sonatype-nexus-vm/porter.yaml b/templates/shared_services/sonatype-nexus-vm/porter.yaml index 169c54002a..a8acaaee51 100644 --- a/templates/shared_services/sonatype-nexus-vm/porter.yaml +++ b/templates/shared_services/sonatype-nexus-vm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-shared-service-sonatype-nexus -version: 2.5.2 +version: 2.6.0 description: "A Sonatype Nexus shared service" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/azureml/porter.yaml b/templates/workspace_services/azureml/porter.yaml index 677be00ffd..9c5cff904e 100644 --- a/templates/workspace_services/azureml/porter.yaml +++ b/templates/workspace_services/azureml/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-azureml -version: 0.8.7 +version: 0.9.0 description: "An Azure TRE service for Azure Machine Learning" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml b/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml index df0913a384..91b43e24d7 100644 --- a/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml +++ b/templates/workspace_services/azureml/user_resources/aml_compute/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-user-resource-aml-compute-instance -version: 0.5.4 +version: 0.6.0 description: "Azure Machine Learning Compute Instance" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspace_services/databricks/porter.yaml b/templates/workspace_services/databricks/porter.yaml index b2706f36e4..88419a6526 100644 --- a/templates/workspace_services/databricks/porter.yaml +++ b/templates/workspace_services/databricks/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-databricks -version: 1.0.0 +version: 1.1.0 description: "An Azure TRE service for Azure Databricks." registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspace_services/gitea/porter.yaml b/templates/workspace_services/gitea/porter.yaml index 4a799ded3d..9a65756a13 100644 --- a/templates/workspace_services/gitea/porter.yaml +++ b/templates/workspace_services/gitea/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-service-gitea -version: 0.8.1 +version: 0.9.0 description: "A Gitea workspace service" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/porter.yaml b/templates/workspace_services/guacamole/porter.yaml index 5689862cc1..df869c13bf 100644 --- a/templates/workspace_services/guacamole/porter.yaml +++ b/templates/workspace_services/guacamole/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole -version: 0.9.3 +version: 0.10.0 description: "An Azure TRE service for Guacamole" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml index f0f735b8a0..d05851aa9e 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-export-reviewvm -version: 0.1.4 +version: 0.2.0 description: "An Azure TRE User Resource Template for reviewing Airlock export requests" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml index c58101773f..0305cb031e 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-import-reviewvm -version: 0.2.4 +version: 0.3.0 description: "An Azure TRE User Resource Template for reviewing Airlock import requests" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml index 995c5a058c..6c2d53c0e7 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-linuxvm -version: 0.6.5 +version: 0.7.0 description: "An Azure TRE User Resource Template for Guacamole (Linux)" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml index b0b1b609ce..74219a07cc 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-windowsvm -version: 0.7.5 +version: 0.8.0 description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/health-services/porter.yaml b/templates/workspace_services/health-services/porter.yaml index 37f2a65e08..8474d94b1d 100644 --- a/templates/workspace_services/health-services/porter.yaml +++ b/templates/workspace_services/health-services/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-service-health -version: 0.2.1 +version: 0.3.0 description: "An Azure Data Health Services workspace service" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspace_services/innereye/porter.yaml b/templates/workspace_services/innereye/porter.yaml index 338691656a..1a0f1b61ae 100644 --- a/templates/workspace_services/innereye/porter.yaml +++ b/templates/workspace_services/innereye/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-innereye -version: 0.6.1 +version: 0.7.0 description: "An Azure TRE service for InnerEye Deep Learning" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspace_services/mlflow/porter.yaml b/templates/workspace_services/mlflow/porter.yaml index 0f2f4a230e..063dbedae6 100644 --- a/templates/workspace_services/mlflow/porter.yaml +++ b/templates/workspace_services/mlflow/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-mlflow -version: 0.7.1 +version: 0.8.0 description: "An Azure TRE service for MLflow machine learning lifecycle" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspace_services/mysql/porter.yaml b/templates/workspace_services/mysql/porter.yaml index 465016ca97..668adb3d7d 100644 --- a/templates/workspace_services/mysql/porter.yaml +++ b/templates/workspace_services/mysql/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-service-mysql -version: 0.4.1 +version: 0.5.0 description: "A MySQL workspace service" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspace_services/ohdsi/porter.yaml b/templates/workspace_services/ohdsi/porter.yaml index 7b49eaac4e..1982395bec 100644 --- a/templates/workspace_services/ohdsi/porter.yaml +++ b/templates/workspace_services/ohdsi/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-service-ohdsi -version: 0.2.0 +version: 0.3.0 description: "An OHDSI workspace service" registry: azuretre dockerfile: Dockerfile.tmpl diff --git a/templates/workspaces/airlock-import-review/porter.yaml b/templates/workspaces/airlock-import-review/porter.yaml index 3dcc0cd794..48d5812cc4 100644 --- a/templates/workspaces/airlock-import-review/porter.yaml +++ b/templates/workspaces/airlock-import-review/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-airlock-import-review -version: 0.10.1 +version: 0.11.0 description: "A workspace to do Airlock Data Import Reviews for Azure TRE" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspaces/base/porter.yaml b/templates/workspaces/base/porter.yaml index a89bf748c3..677d2ce5a3 100644 --- a/templates/workspaces/base/porter.yaml +++ b/templates/workspaces/base/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-base -version: 1.4.4 +version: 1.5.0 description: "A base Azure TRE workspace" dockerfile: Dockerfile.tmpl registry: azuretre diff --git a/templates/workspaces/unrestricted/porter.yaml b/templates/workspaces/unrestricted/porter.yaml index 9b58a561b1..0844932777 100644 --- a/templates/workspaces/unrestricted/porter.yaml +++ b/templates/workspaces/unrestricted/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-workspace-unrestricted -version: 0.9.0 +version: 0.10.0 description: "A base Azure TRE workspace" dockerfile: Dockerfile.tmpl registry: azuretre From ef9850a6f2cdb909add089d1fabeb92405d31ee2 Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Wed, 2 Aug 2023 09:50:08 +0200 Subject: [PATCH 04/14] Tags format correction in config.sample.yaml --- config.sample.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/config.sample.yaml b/config.sample.yaml index 58bacb1cd2..5e4fed30da 100644 --- a/config.sample.yaml +++ b/config.sample.yaml @@ -77,6 +77,5 @@ developer_settings: # Used by the API and Resource processor application to change log level # debug: true -# Specify here tags that should be applied to all resources deployed by the TRE -# tag_name: "tag_value" -# tags: '{"tag_key": "tag_value"}' +# Specify here tags that should be applied to all resources deployed by the TRE in JSON string format +# tags: '{"tag_key":"tag_value"}' From f281d00f1fdcf8c28ab4f4b4728172930313b6ba Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Wed, 2 Aug 2023 14:33:30 +0200 Subject: [PATCH 05/14] Lint terraform files --- core/terraform/appgateway/variables.tf | 2 +- core/terraform/network/variables.tf | 2 +- core/terraform/resource_processor/vmss_porter/variables.tf | 2 +- core/terraform/variables.tf | 2 +- devops/terraform/main.tf | 2 +- devops/terraform/variables.tf | 2 +- templates/shared_services/admin-vm/terraform/variables.tf | 2 +- .../shared_services/airlock_notifier/terraform/variables.tf | 2 +- templates/shared_services/certs/terraform/variables.tf | 2 +- templates/shared_services/cyclecloud/terraform/variables.tf | 2 +- .../shared_services/databricks-auth/terraform/variables.tf | 2 +- templates/shared_services/firewall/terraform/variables.tf | 2 +- templates/shared_services/gitea/terraform/locals.tf | 2 +- templates/shared_services/gitea/terraform/variables.tf | 2 +- .../shared_services/sonatype-nexus-vm/terraform/variables.tf | 2 +- templates/workspace_services/azureml/terraform/variables.tf | 2 +- .../azureml/user_resources/aml_compute/terraform/variables.tf | 2 +- templates/workspace_services/databricks/terraform/variables.tf | 2 +- templates/workspace_services/gitea/terraform/variables.tf | 2 +- templates/workspace_services/guacamole/terraform/variables.tf | 2 +- .../guacamole-azure-export-reviewvm/terraform/variables.tf | 2 +- .../guacamole-azure-import-reviewvm/terraform/variables.tf | 2 +- .../guacamole-azure-linuxvm/terraform/variables.tf | 2 +- .../guacamole-azure-windowsvm/terraform/variables.tf | 2 +- .../workspace_services/health-services/terraform/variables.tf | 2 +- templates/workspace_services/innereye/terraform/variables.tf | 2 +- templates/workspace_services/mlflow/terraform/variables.tf | 2 +- templates/workspace_services/mysql/terraform/variables.tf | 2 +- templates/workspace_services/ohdsi/terraform/variables.tf | 2 +- templates/workspaces/base/terraform/variables.tf | 2 +- 30 files changed, 30 insertions(+), 30 deletions(-) diff --git a/core/terraform/appgateway/variables.tf b/core/terraform/appgateway/variables.tf index 10a968f567..05c2f960ed 100644 --- a/core/terraform/appgateway/variables.tf +++ b/core/terraform/appgateway/variables.tf @@ -11,5 +11,5 @@ variable "log_analytics_workspace_id" {} variable "tre_core_tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/core/terraform/network/variables.tf b/core/terraform/network/variables.tf index 341b5f5b37..82a8456808 100644 --- a/core/terraform/network/variables.tf +++ b/core/terraform/network/variables.tf @@ -6,5 +6,5 @@ variable "arm_environment" {} variable "tre_core_tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/core/terraform/resource_processor/vmss_porter/variables.tf b/core/terraform/resource_processor/vmss_porter/variables.tf index 93982e0fe7..8389546921 100644 --- a/core/terraform/resource_processor/vmss_porter/variables.tf +++ b/core/terraform/resource_processor/vmss_porter/variables.tf @@ -36,5 +36,5 @@ locals { variable "tre_core_tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/core/terraform/variables.tf b/core/terraform/variables.tf index bed77e5973..7f1fa7a252 100644 --- a/core/terraform/variables.tf +++ b/core/terraform/variables.tf @@ -184,5 +184,5 @@ variable "is_cosmos_defined_throughput" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/devops/terraform/main.tf b/devops/terraform/main.tf index a953ab60f5..050bbba260 100644 --- a/devops/terraform/main.tf +++ b/devops/terraform/main.tf @@ -49,7 +49,7 @@ resource "azurerm_container_registry_task" "tredev_purge" { name = "tredev_purge" container_registry_id = azurerm_container_registry.shared_acr.id tags = var.tags - + platform { os = "Linux" architecture = "amd64" diff --git a/devops/terraform/variables.tf b/devops/terraform/variables.tf index aa53badf7b..94db48620d 100644 --- a/devops/terraform/variables.tf +++ b/devops/terraform/variables.tf @@ -28,5 +28,5 @@ variable "acr_name" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/admin-vm/terraform/variables.tf b/templates/shared_services/admin-vm/terraform/variables.tf index 5e2e2d15e1..e6d9eeb8d4 100644 --- a/templates/shared_services/admin-vm/terraform/variables.tf +++ b/templates/shared_services/admin-vm/terraform/variables.tf @@ -15,5 +15,5 @@ variable "admin_jumpbox_vm_sku" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/airlock_notifier/terraform/variables.tf b/templates/shared_services/airlock_notifier/terraform/variables.tf index dc8a79837f..235712593d 100644 --- a/templates/shared_services/airlock_notifier/terraform/variables.tf +++ b/templates/shared_services/airlock_notifier/terraform/variables.tf @@ -43,5 +43,5 @@ variable "smtp_server_enable_ssl" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/certs/terraform/variables.tf b/templates/shared_services/certs/terraform/variables.tf index 2ea7e74292..fab6f310a1 100644 --- a/templates/shared_services/certs/terraform/variables.tf +++ b/templates/shared_services/certs/terraform/variables.tf @@ -18,5 +18,5 @@ variable "tre_resource_id" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/cyclecloud/terraform/variables.tf b/templates/shared_services/cyclecloud/terraform/variables.tf index cf9ae723fe..7c3231c00d 100644 --- a/templates/shared_services/cyclecloud/terraform/variables.tf +++ b/templates/shared_services/cyclecloud/terraform/variables.tf @@ -4,6 +4,6 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/databricks-auth/terraform/variables.tf b/templates/shared_services/databricks-auth/terraform/variables.tf index 8c8553c9be..c5f3bb201e 100644 --- a/templates/shared_services/databricks-auth/terraform/variables.tf +++ b/templates/shared_services/databricks-auth/terraform/variables.tf @@ -13,5 +13,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/firewall/terraform/variables.tf b/templates/shared_services/firewall/terraform/variables.tf index cf46f31015..384b5c9ff3 100644 --- a/templates/shared_services/firewall/terraform/variables.tf +++ b/templates/shared_services/firewall/terraform/variables.tf @@ -31,5 +31,5 @@ variable "sku_tier" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/gitea/terraform/locals.tf b/templates/shared_services/gitea/terraform/locals.tf index 342efdd82d..45c298c06b 100644 --- a/templates/shared_services/gitea/terraform/locals.tf +++ b/templates/shared_services/gitea/terraform/locals.tf @@ -6,7 +6,7 @@ locals { keyvault_name = "kv-${var.tre_id}" version = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "") gitea_allowed_fqdns_list = distinct(compact(split(",", replace(var.gitea_allowed_fqdns, " ", "")))) - tre_shared_service_tags = merge( + tre_shared_service_tags = merge( var.tags, { tre_id = var.tre_id tre_shared_service_id = var.tre_resource_id diff --git a/templates/shared_services/gitea/terraform/variables.tf b/templates/shared_services/gitea/terraform/variables.tf index 008536d610..f3f9f45de2 100644 --- a/templates/shared_services/gitea/terraform/variables.tf +++ b/templates/shared_services/gitea/terraform/variables.tf @@ -35,5 +35,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf b/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf index d500b84552..c31b7479a1 100644 --- a/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf +++ b/templates/shared_services/sonatype-nexus-vm/terraform/variables.tf @@ -14,5 +14,5 @@ variable "ssl_cert_name" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/azureml/terraform/variables.tf b/templates/workspace_services/azureml/terraform/variables.tf index 857c4be073..b9cd59c9d7 100644 --- a/templates/workspace_services/azureml/terraform/variables.tf +++ b/templates/workspace_services/azureml/terraform/variables.tf @@ -43,5 +43,5 @@ variable "azure_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf b/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf index 1d60d471fc..e96f71944d 100644 --- a/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf +++ b/templates/workspace_services/azureml/user_resources/aml_compute/terraform/variables.tf @@ -11,5 +11,5 @@ variable "user_object_id" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/databricks/terraform/variables.tf b/templates/workspace_services/databricks/terraform/variables.tf index 7a49680e9a..1e29c97e3b 100644 --- a/templates/workspace_services/databricks/terraform/variables.tf +++ b/templates/workspace_services/databricks/terraform/variables.tf @@ -28,5 +28,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/gitea/terraform/variables.tf b/templates/workspace_services/gitea/terraform/variables.tf index 868e170211..36ab3ae374 100644 --- a/templates/workspace_services/gitea/terraform/variables.tf +++ b/templates/workspace_services/gitea/terraform/variables.tf @@ -14,5 +14,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/guacamole/terraform/variables.tf b/templates/workspace_services/guacamole/terraform/variables.tf index 1844ec578b..b2a8350028 100644 --- a/templates/workspace_services/guacamole/terraform/variables.tf +++ b/templates/workspace_services/guacamole/terraform/variables.tf @@ -19,5 +19,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf index 089ca589e3..a7a6e26fc1 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/variables.tf @@ -12,5 +12,5 @@ variable "airlock_request_sas_url" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf index 089ca589e3..a7a6e26fc1 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/variables.tf @@ -12,5 +12,5 @@ variable "airlock_request_sas_url" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf index 51ece4f9cb..67d254b574 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf @@ -15,5 +15,5 @@ variable "image_gallery_id" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf index 51ece4f9cb..67d254b574 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf @@ -15,5 +15,5 @@ variable "image_gallery_id" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/health-services/terraform/variables.tf b/templates/workspace_services/health-services/terraform/variables.tf index 9b7a20bfb1..93e0f85960 100644 --- a/templates/workspace_services/health-services/terraform/variables.tf +++ b/templates/workspace_services/health-services/terraform/variables.tf @@ -53,5 +53,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/innereye/terraform/variables.tf b/templates/workspace_services/innereye/terraform/variables.tf index 5803c2a33c..be7699aba1 100644 --- a/templates/workspace_services/innereye/terraform/variables.tf +++ b/templates/workspace_services/innereye/terraform/variables.tf @@ -14,5 +14,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/mlflow/terraform/variables.tf b/templates/workspace_services/mlflow/terraform/variables.tf index 677fbaf4e2..3cd11d5490 100644 --- a/templates/workspace_services/mlflow/terraform/variables.tf +++ b/templates/workspace_services/mlflow/terraform/variables.tf @@ -15,5 +15,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/mysql/terraform/variables.tf b/templates/workspace_services/mysql/terraform/variables.tf index 36d8b97f8a..4a09f2c35a 100644 --- a/templates/workspace_services/mysql/terraform/variables.tf +++ b/templates/workspace_services/mysql/terraform/variables.tf @@ -15,5 +15,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspace_services/ohdsi/terraform/variables.tf b/templates/workspace_services/ohdsi/terraform/variables.tf index e779e23ee1..9561baa118 100644 --- a/templates/workspace_services/ohdsi/terraform/variables.tf +++ b/templates/workspace_services/ohdsi/terraform/variables.tf @@ -38,5 +38,5 @@ variable "data_source_daimons" { variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } diff --git a/templates/workspaces/base/terraform/variables.tf b/templates/workspaces/base/terraform/variables.tf index 557321d62d..a29430f7de 100644 --- a/templates/workspaces/base/terraform/variables.tf +++ b/templates/workspaces/base/terraform/variables.tf @@ -124,5 +124,5 @@ variable "arm_environment" {} variable "tags" { type = map(string) description = "Tags to be applied to all resources" - default = {} + default = {} } From 36095e4d49dc78227ab49c2d1e9684425a387392 Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Thu, 3 Aug 2023 13:40:42 +0200 Subject: [PATCH 06/14] Updated core version supporting tags to all azure resources --- core/version.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/version.txt b/core/version.txt index deded3247f..732155f8df 100644 --- a/core/version.txt +++ b/core/version.txt @@ -1 +1 @@ -__version__ = "0.8.2" +__version__ = "0.8.3" From 675c3c2b0274284453c778e4831597c9fce5e21d Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Thu, 3 Aug 2023 13:46:54 +0200 Subject: [PATCH 07/14] Fixed tags environment variable in Run command in DevContainer --- .github/actions/devcontainer_run_command/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/devcontainer_run_command/action.yml b/.github/actions/devcontainer_run_command/action.yml index 5d5cbc73c1..41a73de71a 100644 --- a/.github/actions/devcontainer_run_command/action.yml +++ b/.github/actions/devcontainer_run_command/action.yml @@ -232,10 +232,10 @@ runs: && inputs.RP_BUNDLE_VALUES) || '{}' }}' \ -e TF_VAR_resource_processor_number_processes_per_instance="${{ (inputs.RESOURCE_PROCESSOR_NUMBER_PROCESSES_PER_INSTANCE != '' && inputs.RESOURCE_PROCESSOR_NUMBER_PROCESSES_PER_INSTANCE) || 5 }}" \ - -e E2E_TESTS_NUMBER_PROCESSES="${{ inputs.E2E_TESTS_NUMBER_PROCESSES }}" \ - '${{ inputs.CI_CACHE_ACR_NAME }}${{ env.ACR_DOMAIN_SUFFIX }}/tredev:${{ inputs.DEVCONTAINER_TAG }}' \ -e TAGS='${{ (toJson(inputs.TAGS) != '""' && inputs.TAGS) || '{}' }}' \ -e TF_VAR_tags='${{ (toJson(inputs.TAGS) != '""' && inputs.TAGS) || '{}' }}' \ + -e E2E_TESTS_NUMBER_PROCESSES="${{ inputs.E2E_TESTS_NUMBER_PROCESSES }}" \ + '${{ inputs.CI_CACHE_ACR_NAME }}${{ env.ACR_DOMAIN_SUFFIX }}/tredev:${{ inputs.DEVCONTAINER_TAG }}' \ bash -c "${{ inputs.COMMAND }}" From afd79f6d385e1337a8717de071a034cf41b2f7ce Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Thu, 3 Aug 2023 17:03:20 +0200 Subject: [PATCH 08/14] Added spellcheck disable to storage account creation on bootstrap, necessary for word splitting --- devops/terraform/bootstrap.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devops/terraform/bootstrap.sh b/devops/terraform/bootstrap.sh index 937dc15723..1af8df6b68 100755 --- a/devops/terraform/bootstrap.sh +++ b/devops/terraform/bootstrap.sh @@ -10,7 +10,7 @@ az group create --resource-group "$TF_VAR_mgmt_resource_group_name" \ --location "$LOCATION" \ -o table \ --tags $(echo "$TAGS" | jq -r 'to_entries | map("\(.key)=\(.value)")| join(" ")') -# shellcheck disable=SC2154 +# shellcheck disable=SC2154,SC2046 az storage account create --resource-group "$TF_VAR_mgmt_resource_group_name" \ --name "$TF_VAR_mgmt_storage_account_name" --location "$LOCATION" \ --allow-blob-public-access false \ @@ -18,7 +18,7 @@ az storage account create --resource-group "$TF_VAR_mgmt_resource_group_name" \ --tags $(echo "$TAGS" | jq -r 'to_entries | map("\(.key)=\(.value)")| join(" ")') # Blob container -# shellcheck disable=SC2154 +# shellcheck disable=SC2154,SC2046 az storage container create --account-name "$TF_VAR_mgmt_storage_account_name" --name "$TF_VAR_terraform_state_container_name" --auth-mode login -o table # logs container From 9c74f8832e6d3a6b25f5ccf2bad9d40fa60fa64e Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Fri, 4 Aug 2023 15:22:26 +0200 Subject: [PATCH 09/14] Added linter tag rule exception for management resources --- devops/terraform/main.tf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/devops/terraform/main.tf b/devops/terraform/main.tf index 050bbba260..863a957f44 100644 --- a/devops/terraform/main.tf +++ b/devops/terraform/main.tf @@ -7,6 +7,7 @@ resource "azurerm_resource_group" "mgmt" { name = var.mgmt_resource_group_name location = var.location + # tflint-ignore: azurerm_resource_missing_tags tags = merge(var.tags, { project = "Azure Trusted Research Environment" source = "https://github.com/microsoft/AzureTRE/" @@ -25,6 +26,7 @@ resource "azurerm_storage_account" "state_storage" { account_replication_type = "LRS" allow_nested_items_to_be_public = false + # tflint-ignore: azurerm_resource_missing_tags tags = var.tags lifecycle { ignore_changes = [tags] } @@ -38,6 +40,7 @@ resource "azurerm_container_registry" "shared_acr" { sku = var.acr_sku admin_enabled = true + # tflint-ignore: azurerm_resource_missing_tags tags = var.tags lifecycle { ignore_changes = [tags] } @@ -48,6 +51,8 @@ resource "azurerm_container_registry" "shared_acr" { resource "azurerm_container_registry_task" "tredev_purge" { name = "tredev_purge" container_registry_id = azurerm_container_registry.shared_acr.id + + # tflint-ignore: azurerm_resource_missing_tags tags = var.tags platform { From 12fa3c3380d57c8adfc0d957fc656fc2027838da Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Fri, 4 Aug 2023 15:31:52 +0200 Subject: [PATCH 10/14] Fixed terraform format --- devops/terraform/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devops/terraform/main.tf b/devops/terraform/main.tf index 863a957f44..95bdeadf69 100644 --- a/devops/terraform/main.tf +++ b/devops/terraform/main.tf @@ -53,7 +53,7 @@ resource "azurerm_container_registry_task" "tredev_purge" { container_registry_id = azurerm_container_registry.shared_acr.id # tflint-ignore: azurerm_resource_missing_tags - tags = var.tags + tags = var.tags platform { os = "Linux" From 31ca5c540b043f539b5201b69510525d0da14de6 Mon Sep 17 00:00:00 2001 From: Labhard Jonathan Date: Fri, 4 Aug 2023 16:49:45 +0200 Subject: [PATCH 11/14] Fixed shellcheck disable in bootstrap.sh --- devops/terraform/bootstrap.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devops/terraform/bootstrap.sh b/devops/terraform/bootstrap.sh index 1af8df6b68..c722821961 100755 --- a/devops/terraform/bootstrap.sh +++ b/devops/terraform/bootstrap.sh @@ -5,7 +5,7 @@ set -o nounset # Baseline Azure resources echo -e "\n\e[34m»»» 🤖 \e[96mCreating resource group and storage account\e[0m..." -# shellcheck disable=SC2154 +# shellcheck disable=SC2154,SC2046 az group create --resource-group "$TF_VAR_mgmt_resource_group_name" \ --location "$LOCATION" \ -o table \ @@ -18,7 +18,7 @@ az storage account create --resource-group "$TF_VAR_mgmt_resource_group_name" \ --tags $(echo "$TAGS" | jq -r 'to_entries | map("\(.key)=\(.value)")| join(" ")') # Blob container -# shellcheck disable=SC2154,SC2046 +# shellcheck disable=SC2154 az storage container create --account-name "$TF_VAR_mgmt_storage_account_name" --name "$TF_VAR_terraform_state_container_name" --auth-mode login -o table # logs container From 9fd17d60a158f9408a387d8271efad890dc370e2 Mon Sep 17 00:00:00 2001 From: marrobi Date: Wed, 9 Aug 2023 21:15:22 +0000 Subject: [PATCH 12/14] Add JSON schema validation and move to tags under tre in config --- config.sample.yaml | 5 ++--- config_schema.json | 5 +++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/config.sample.yaml b/config.sample.yaml index 5e4fed30da..d18ebe9ca4 100644 --- a/config.sample.yaml +++ b/config.sample.yaml @@ -41,6 +41,8 @@ tre: # If you want to use TRE_URL to point to your local TRE API instance or be configured to another cloud provider # uncomment and set this variable # tre_url: __CHANGE_ME__ + # Specify here tags that should be applied to all resources deployed by the TRE in JSON string format + # tags: '{"tag_key":"tag_value"}' authentication: aad_tenant_id: __CHANGE_ME__ @@ -76,6 +78,3 @@ developer_settings: # Used by the API and Resource processor application to change log level # debug: true - -# Specify here tags that should be applied to all resources deployed by the TRE in JSON string format -# tags: '{"tag_key":"tag_value"}' diff --git a/config_schema.json b/config_schema.json index 0d2a781578..5164eb50d9 100644 --- a/config_schema.json +++ b/config_schema.json @@ -85,6 +85,11 @@ "description": "Url for the TRE environment.", "type": "string", "pattern": "^https?://" + }, + "tags": { + "description": "Tags that should be applied to all resources deployed by the TRE in JSON string format", + "type": "string", + "pattern": "^{([\"'][a-zA-Z0-9_-]*[\"']:[\"'][a-zA-Z0-9_-]*[\"'],?)+}$" } } }, From b0202b343f8b8b6caca75ce29cfbb01b6e2574af Mon Sep 17 00:00:00 2001 From: marrobi Date: Wed, 9 Aug 2023 21:22:09 +0000 Subject: [PATCH 13/14] Update docs --- docs/tre-admins/environment-variables.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/tre-admins/environment-variables.md b/docs/tre-admins/environment-variables.md index a998198d81..0ff8286eaf 100644 --- a/docs/tre-admins/environment-variables.md +++ b/docs/tre-admins/environment-variables.md @@ -38,6 +38,7 @@ | `CORE_APP_SERVICE_PLAN_SKU` | The SKU of AppService plans created for the core infrastructure. | | `WORKSPACE_APP_SERVICE_PLAN_SKU` | Optional. The SKU used for AppService plan used in E2E tests unless otherwise specified. Default value is `P1v2`. | | `RESOURCE_PROCESSOR_NUMBER_PROCESSES_PER_INSTANCE` | Optional. The number of processes to instantiate when the Resource Processor starts. Equates to the number of parallel deployment operations possible in your TRE. Defaults to `5`. | +| `TAGS` | Tags that should be applied to all resources deployed by the TRE in JSON string format `'{"tag_key":"tag_value"}'` | ## For authentication in `/config.yaml` From 5dd77846b09f7816807327ae479b0b7a7ad6bba3 Mon Sep 17 00:00:00 2001 From: marrobi Date: Thu, 10 Aug 2023 08:06:04 +0000 Subject: [PATCH 14/14] Add script to check if tags missing --- .../check_terraform_variables_exist.sh | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100755 devops/scripts/check_terraform_variables_exist.sh diff --git a/devops/scripts/check_terraform_variables_exist.sh b/devops/scripts/check_terraform_variables_exist.sh new file mode 100755 index 0000000000..8bad87a35c --- /dev/null +++ b/devops/scripts/check_terraform_variables_exist.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# Find all directories in the repository that contain a file named "variables.tf", excluding any directories named ".terraform" +directories=$(find . -type d -not -path '*/.terraform/*' -exec test -e "{}/variables.tf" ';' -print | sort) + +for dir in $directories; do + # Check if the directory is nested in a directory that contains a "variables.tf" file + if ! (echo "$dir" | grep -q "/.*/.terraform/.*" && echo "$dir" | grep -q "/.terraform/.*"); then + # Check if the "variables.tf" file contains a variable named "tags" + if grep -q "variable \"tags\"" "$dir/variables.tf"; then + continue + fi + + # Check if the parent directory contains a "variables.tf" file + parent_dir=$(dirname "$dir") + if [ -e "$parent_dir/variables.tf" ]; then + continue + fi + + # Check if the parent's parent directory contains a "variables.tf" file + grandparent_dir=$(dirname "$parent_dir") + if [ -e "$grandparent_dir/variables.tf" ]; then + continue + fi + + # If the script has not continued, print an error message + echo "Error: $dir does not contain a \"tags\" variable in variables.tf" + fi + +done