From 076a814eaa848dd0d31459fa18cfc0c66a4b5dcd Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 18 Jun 2024 15:52:55 -0700 Subject: [PATCH 01/72] Replace pet Token with leo token --- .../dsde/workbench/leonardo/util/AzurePubsubHandler.scala | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index 323e410009..1366becfbd 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -136,13 +136,11 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( s"[AzurePubsubHandler/createAndPollRuntime] getting workspace storage container from WSM for runtime ${msg.runtimeId}" ) // Get the optional storage container for the workspace - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(runtime.auditInfo.creator) - workspaceStorageContainerOpt <- tokenOpt.flatTraverse { token => - wsmDao.getWorkspaceStorageContainer( + workspaceStorageContainerOpt <- wsmDao.getWorkspaceStorageContainer( msg.workspaceId, - org.http4s.headers.Authorization(org.http4s.Credentials.Token(AuthScheme.Bearer, token)) + leoAuth ) - } + workspaceStorageContainer <- F.fromOption( workspaceStorageContainerOpt, AzureRuntimeCreationError( From f96846a700318864e70ab107789a29c84d027c11 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Sat, 24 Aug 2024 21:24:12 -0700 Subject: [PATCH 02/72] Replace pet service account tokens with leo service account --- .../leonardo/app/CromwellAppInstall.scala | 13 +++---- .../app/CromwellRunnerAppInstall.scala | 7 +--- .../leonardo/app/WdsAppInstall.scala | 12 +++---- .../leonardo/app/WorkflowsAppInstall.scala | 8 ++--- .../leonardo/monitor/MonitorAtBoot.scala | 36 ++++++++++--------- .../leonardo/util/AKSInterpreter.scala | 16 +++------ .../leonardo/util/AzurePubsubHandler.scala | 7 ++-- 7 files changed, 39 insertions(+), 60 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index d0f6a0cff5..8f16b9af4e 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -7,6 +7,7 @@ import org.broadinstitute.dsde.workbench.azure.{AzureApplicationInsightsService, import org.broadinstitute.dsde.workbench.leonardo.app.AppInstall.getAzureDatabaseName import org.broadinstitute.dsde.workbench.leonardo.{AppContext, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase +import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider import org.broadinstitute.dsde.workbench.leonardo.config.CoaAppConfig import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ @@ -25,7 +26,8 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, cromwellDao: CromwellDAO[F], cbasDao: CbasDAO[F], azureBatchService: AzureBatchService[F], - azureApplicationInsightsService: AzureApplicationInsightsService[F] + azureApplicationInsightsService: AzureApplicationInsightsService[F], + authProvider: SamAuthProvider[F] )(implicit F: Async[F] ) extends AppInstall[F] { @@ -67,12 +69,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, AppCreationException("Postgres server required for Cromwell app", Some(ctx.traceId)) ) - // Get the pet userToken - tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.fromOption( - tokenOpt, - AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) - ) + leoAuth <- authProvider.getLeoAuthToken values = List( // azure resources configs @@ -120,7 +117,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${userToken}", + raw"provenance.userAccessToken=${leoAuth}", // Database configs raw"postgres.podLocalDatabaseEnabled=false", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 792bd363e9..7029899d02 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -80,11 +80,6 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, ) // Get the pet userToken - tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.fromOption( - tokenOpt, - AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) - ) leoAuth <- authProvider.getLeoAuthToken @@ -134,7 +129,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${userToken}", + raw"provenance.userAccessToken=${leoAuth}", // database configs raw"postgres.podLocalDatabaseEnabled=false", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index d8a1c71e3a..0d180973d7 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -7,6 +7,7 @@ import cats.mtl.Ask import cats.syntax.all._ import org.broadinstitute.dsde.workbench.azure.AzureApplicationInsightsService import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase +import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider import org.broadinstitute.dsde.workbench.leonardo.config.WdsAppConfig import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ @@ -23,7 +24,8 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, tdrConfig: TdrConfig, samDao: SamDAO[F], wdsDao: WdsDAO[F], - azureApplicationInsightsService: AzureApplicationInsightsService[F] + azureApplicationInsightsService: AzureApplicationInsightsService[F], + authProvider: SamAuthProvider[F] )(implicit F: Async[F] ) extends AppInstall[F] { @@ -53,12 +55,8 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, AppCreationException("Postgres server required for WDS app", Some(ctx.traceId)) ) + leoAuth <- authProvider.getLeoAuthToken // Get the pet userToken - tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.fromOption( - tokenOpt, - AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) - ) // Get Vpa enabled tag vpaEnabled <- F.pure(params.landingZoneResources.aksCluster.tags.getOrElse("aks-cost-vpa-enabled", false)) @@ -92,7 +90,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${userToken}", + raw"provenance.userAccessToken=${leoAuth}", raw"provenance.sourceWorkspaceId=${params.app.sourceWorkspaceId.map(_.value).getOrElse("")}", // database configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index 634ad37bad..b11a804c28 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -68,11 +68,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, ) // Get the pet userToken - tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.fromOption( - tokenOpt, - AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) - ) + leoAuth <- samDao.getLeoAuthToken values = List( @@ -107,7 +103,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${userToken}", + raw"provenance.userAccessToken=${leoAuth}", // database configs raw"postgres.podLocalDatabaseEnabled=false", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala index 10162ad575..f91ba6ce59 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala @@ -222,10 +222,11 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], appContext.traceId ) ) - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(app.auditInfo.creator) - workspaceDescOpt <- tokenOpt.flatTraverse { token => - wsmClientProvider.getWorkspace(token, workspaceId) - } + leoAuth <- samDAO.getLeoAuthToken + workspaceDescOpt <- wsmClientProvider.getWorkspace( + leoAuth, + workspaceId + ) workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(workspaceId, appContext.traceId) ) @@ -264,10 +265,11 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], appContext.traceId ) ) - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(app.auditInfo.creator) - workspaceDescOpt <- tokenOpt.flatTraverse { token => - wsmClientProvider.getWorkspace(token, workspaceId) - } + leoAuth <- samDAO.getLeoAuthToken + workspaceDescOpt <- wsmClientProvider.getWorkspace( + leoAuth, + workspaceId + ) workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(workspaceId, appContext.traceId) ) @@ -394,10 +396,10 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], MonitorAtBootException(s"no workspaceId found for ${runtime.id.toString}", traceId) ) controlledResourceOpt = WsmControlledResourceId(UUID.fromString(runtime.internalId)) - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(runtime.auditInfo.creator) - workspaceDescOpt <- tokenOpt.flatTraverse { token => - wsmClientProvider.getWorkspace(token, wid) - } + leoAuth <- samDAO.getLeoAuthToken + workspaceDescOpt <- wsmClientProvider.getWorkspace( + leoAuth, + wid workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(wid, traceId)) } yield LeoPubsubMessage.DeleteAzureRuntimeMessage( runtimeId = runtime.id, @@ -422,10 +424,12 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], wid <- F.fromOption(runtime.workspaceId, MonitorAtBootException(s"no workspaceId found for ${runtime.id.toString}", traceId) ) - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(runtime.auditInfo.creator) - workspaceDescOpt <- tokenOpt.flatTraverse { token => - wsmClientProvider.getWorkspace(token, wid) - } + leoAuth <- samDAO.getLeoAuthToken + workspaceDescOpt <- wsmClientProvider.getWorkspace( + leoAuth, + wid + ) + workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(wid, traceId)) } yield LeoPubsubMessage.CreateAzureRuntimeMessage( runtime.id, diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala index e027d1c0ea..848fe066d1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala @@ -110,14 +110,11 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, } // Get the optional storage container for the workspace - tokenOpt <- samDao.getCachedArbitraryPetAccessToken(app.auditInfo.creator) storageContainerOpt <- childSpan("getWorkspaceStorageContainer").use { implicit ev => - tokenOpt.flatTraverse { token => wsmDao.getWorkspaceStorageContainer( params.workspaceId, - org.http4s.headers.Authorization(org.http4s.Credentials.Token(AuthScheme.Bearer, token)) + leoAuth ) - } } wsmResourceApi <- buildWsmResourceApiClient @@ -632,11 +629,9 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, } } - // Delete the Sam resource - userEmail = app.auditInfo.creator - petToken <- samService.getArbitraryPetServiceAccountToken(userEmail) + // Delete the Sam resource getCachedArbitraryPetAccessToken _ <- childSpan("deleteSamResource").use { implicit ev => - samService.deleteResource(petToken, dbApp.app.samResourceId) + samService.deleteResource(leoAuth, dbApp.app.samResourceId) } _ <- logger.info( @@ -652,10 +647,7 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, private[util] def pollApp(userEmail: WorkbenchEmail, relayBaseUri: Uri, appInstall: AppInstall[F])(implicit ev: Ask[F, AppContext] ): F[Boolean] = for { - ctx <- ev.ask - tokenOpt <- samDao.getCachedArbitraryPetAccessToken(userEmail) - token <- F.fromOption(tokenOpt, AppCreationException(s"Pet not found for user ${userEmail}", Some(ctx.traceId))) - authHeader = Authorization(Credentials.Token(AuthScheme.Bearer, token)) + authHeader <- samDao.getLeoAuthToken res <- appInstall.checkStatus(relayBaseUri, authHeader) } yield res diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index 1366becfbd..28b890088e 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -158,14 +158,11 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( // Get optional action managed identity from Sam for the private_azure_storage_account/read action. // Identities must be passed to WSM for application-managed resources. - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(runtime.auditInfo.creator) - actionIdentityOpt <- tokenOpt.flatTraverse { token => - samDAO.getAzureActionManagedIdentity( - org.http4s.headers.Authorization(org.http4s.Credentials.Token(AuthScheme.Bearer, token)), + actionIdentityOpt <- samDAO.getAzureActionManagedIdentity( + leoAuth, PrivateAzureStorageAccountSamResourceId(msg.billingProfileId.value), PrivateAzureStorageAccountAction.Read ) - } _ <- logger.info( s"[AzurePubsubHandler/createAndPollRuntime] beginning to monitor runtime creation for runtime ${msg.runtimeId}" From 480ac444b9693243bea9645220fc08b66446a993 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Sat, 24 Aug 2024 21:47:30 -0700 Subject: [PATCH 03/72] Fix build --- .../dsde/workbench/leonardo/monitor/MonitorAtBoot.scala | 4 +--- .../dsde/workbench/leonardo/util/AKSInterpreter.scala | 3 +-- .../dsde/workbench/leonardo/util/AzurePubsubHandler.scala | 1 - 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala index f91ba6ce59..460bf06b1d 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala @@ -377,9 +377,7 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], case x => F.raiseError(MonitorAtBootException(s"Unexpected status for runtime ${runtime.id}: ${x}", traceId)) } - private def runtimeStatusToMessageAzure(runtime: RuntimeToMonitor, traceId: TraceId)(implicit - ev: Ask[F, TraceId] - ): F[LeoPubsubMessage] = + private def runtimeStatusToMessageAzure(runtime: RuntimeToMonitor, traceId: TraceId): F[LeoPubsubMessage] = runtime.status match { case RuntimeStatus.Stopping => F.pure( diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala index 848fe066d1..172ea35528 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala @@ -28,8 +28,7 @@ import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.http.service.AppNotFoundException import org.broadinstitute.dsde.workbench.model.{IP, WorkbenchEmail} import org.broadinstitute.dsp._ -import org.http4s.headers.Authorization -import org.http4s.{AuthScheme, Credentials, Uri} +import org.http4s.Uri import org.typelevel.log4cats.StructuredLogger import java.net.URL diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index 28b890088e..21dabb2523 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -51,7 +51,6 @@ import org.broadinstitute.dsde.workbench.leonardo.monitor.PubsubHandleMessageErr import org.broadinstitute.dsde.workbench.model.{IP, WorkbenchEmail} import org.broadinstitute.dsde.workbench.util2.InstanceName import org.broadinstitute.dsp.ChartVersion -import org.http4s.AuthScheme import org.typelevel.log4cats.StructuredLogger import reactor.core.publisher.Mono From 7ffc656833837fd4040fa6850c116bdcc4a375a6 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Sat, 24 Aug 2024 22:41:36 -0700 Subject: [PATCH 04/72] Fix --- .../workbench/leonardo/http/AppDependenciesBuilder.scala | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala index e2f908a0a0..e8bbbe6fb6 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala @@ -189,7 +189,8 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu baselineDependencies.cromwellDAO, baselineDependencies.cbasDAO, baselineDependencies.azureBatchService, - baselineDependencies.azureApplicationInsightsService + baselineDependencies.azureApplicationInsightsService, + baselineDependencies.authProvider ) val cromwellRunnerAppInstall = @@ -211,7 +212,8 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu ConfigReader.appConfig.azure.tdr, baselineDependencies.samDAO, baselineDependencies.wdsDAO, - baselineDependencies.azureApplicationInsightsService + baselineDependencies.azureApplicationInsightsService, + baselineDependencies.authProvider ) val workflowsAppInstall = new WorkflowsAppInstall[IO]( From 2a49a1d0185fb612bfed372b48ca93e5da376869 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 11 Sep 2024 12:25:08 -0700 Subject: [PATCH 05/72] Test custom chart --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 29200501ad..db6cb38404 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -398,7 +398,7 @@ azure { environment = "dev" environment-base = "live" instrumentation-enabled = false - chart-name = "terra-helm/wds" + chart-name = "potomacdevap/charts/wds" chart-version = "0.94.0" release-name-suffix = "wds-rls" namespace-name-suffix = "wds-ns" From c9f44e834604ec1fdbf943bffe92cce1d4b27e0c Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 11 Sep 2024 13:50:50 -0700 Subject: [PATCH 06/72] Update wds chart --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index db6cb38404..76d3e836d7 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -398,7 +398,7 @@ azure { environment = "dev" environment-base = "live" instrumentation-enabled = false - chart-name = "potomacdevap/charts/wds" + chart-name = "oci://potomacdevap.azurecr.io/charts/wds" chart-version = "0.94.0" release-name-suffix = "wds-rls" namespace-name-suffix = "wds-ns" From da173efb01e1681225d5658613e6d6a8cfd9b454 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 11 Sep 2024 22:07:28 -0700 Subject: [PATCH 07/72] Use local helm chart --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 76d3e836d7..315c8b070b 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -398,7 +398,7 @@ azure { environment = "dev" environment-base = "live" instrumentation-enabled = false - chart-name = "oci://potomacdevap.azurecr.io/charts/wds" + chart-name = "/leonardo/wds" chart-version = "0.94.0" release-name-suffix = "wds-rls" namespace-name-suffix = "wds-ns" From 79ebef8c7d402d22b3c3fcc3b154accbf3057946 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 7 Oct 2024 11:43:28 -0700 Subject: [PATCH 08/72] Update Dependencies.scala --- project/Dependencies.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index c3b4f56b07..5d7ce3ede8 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -24,7 +24,7 @@ object Dependencies { val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.8-$workbenchLibsHash" + val workbenchAzureV = s"0.9-3fa02c66-SNAP" val helmScalaSdkV = "0.0.8.5" From abe660c5fdc340c56716a258cccaa37055d2ea3f Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 16 Oct 2024 08:22:08 -0700 Subject: [PATCH 09/72] carry over other changes --- docker/build.sh | 2 ++ docker/build_jar.sh | 1 + http/src/main/resources/reference.conf | 2 +- .../leonardo/http/AppDependenciesBuilder.scala | 10 ++++------ 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/docker/build.sh b/docker/build.sh index 31b7435ff4..986135c196 100755 --- a/docker/build.sh +++ b/docker/build.sh @@ -144,6 +144,8 @@ function make_jar() -v $PWD:/working \ -v jar-cache:/root/.ivy \ -v jar-cache:/root/.ivy2 \ + -v jar-cache:/home/vsts/.ivy \ + -v jar-cache:/home/vsts/.ivy2 \ sbtscala/scala-sbt:openjdk-17.0.2_1.8.0_2.13.10 \ /working/docker/install.sh /working || EXIT_CODE=$? diff --git a/docker/build_jar.sh b/docker/build_jar.sh index 1508c85dd2..d4471e3b61 100755 --- a/docker/build_jar.sh +++ b/docker/build_jar.sh @@ -12,6 +12,7 @@ GIT_HASH=$(git log -n 1 --pretty=format:%h) EXIT_CODE=0 docker run --rm -v $PWD:/working \ -v sbt-cache:/root/.sbt -v jar-cache:/root/.ivy -v jar-cache:/root/.ivy2 \ + -v /home/vsts/.ivy:/home/vsts/.ivy -v /home/vsts/.ivy2:/home/vsts/.ivy2 \ -v coursier-cache:/root/.cache/coursier \ sbtscala/scala-sbt:openjdk-17.0.2_1.7.2_2.13.10 /working/docker/clean_install.sh /working \ || EXIT_CODE=$? diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 315c8b070b..ac8ea3c546 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -259,7 +259,7 @@ azure { } # [IA-4997] to support CHIPS by setting partitioned cookies # listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:474f157" - listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:76d982c" + listener-image = "potomacdevap.azurecr.io/terra-azure-relay-listeners:latest" } } diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala index e8bbbe6fb6..933434e69c 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala @@ -169,7 +169,7 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu baselineDependencies.azureContainerService ) - val metricsMonitor = new LeoMetricsMonitor( + /*val metricsMonitor = new LeoMetricsMonitor( ConfigReader.appConfig.metrics, baselineDependencies.appDAO, baselineDependencies.wdsDAO, @@ -180,7 +180,7 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu baselineDependencies.samDAO, kubeAlg, baselineDependencies.azureContainerService - ) + )*/ val cromwellAppInstall = new CromwellAppInstall[IO]( ConfigReader.appConfig.azure.coaAppConfig, @@ -290,8 +290,7 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu pubsubSubscriber.process, Stream.eval(baselineDependencies.subscriber.start), autopauseMonitorProcess, - autodeleteAppMonitorProcess, - metricsMonitor.process + autodeleteAppMonitorProcess ) ++ cloudSpecificProcessList case LeoExecutionModeConfig.FrontLeoOnly => asyncTasks.process :: createFrontEndLeoProcesses(baselineDependencies) @@ -301,8 +300,7 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu pubsubSubscriber.process, Stream.eval(baselineDependencies.subscriber.start), autopauseMonitorProcess, - autodeleteAppMonitorProcess, - metricsMonitor.process + autodeleteAppMonitorProcess ) ++ cloudSpecificProcessList ++ createFrontEndLeoProcesses(baselineDependencies) } From 59bc2eab7fa1d84ad32299f161c9a45bbbca5770 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 16 Oct 2024 08:39:11 -0700 Subject: [PATCH 10/72] Update clean_install.sh --- docker/clean_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/clean_install.sh b/docker/clean_install.sh index 8c1dd38800..dc6dce56ce 100755 --- a/docker/clean_install.sh +++ b/docker/clean_install.sh @@ -8,7 +8,7 @@ set -eux LEONARDO_DIR=$1 cd $LEONARDO_DIR -export SBT_OPTS="-Xmx6G -Xms6G -Xss4m" +export SBT_OPTS="-Xmx6G -Xms6G -Xss4m -Dsbt.ivy.home=/home/vsts/.ivy2" echo "starting sbt clean assembly ..." sbt -v \ From e70ec141d3d0d4d45306df0ed6fbad5621dc2c79 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 16 Oct 2024 09:14:30 -0700 Subject: [PATCH 11/72] Update MonitorAtBoot.scala --- .../workbench/leonardo/monitor/MonitorAtBoot.scala | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala index 460bf06b1d..b01bf474e6 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala @@ -223,8 +223,9 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], ) ) leoAuth <- samDAO.getLeoAuthToken + token = leoAuth.credentials.toString().split(" ")(1) workspaceDescOpt <- wsmClientProvider.getWorkspace( - leoAuth, + token, workspaceId ) workspaceDesc <- F.fromOption(workspaceDescOpt, @@ -266,8 +267,9 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], ) ) leoAuth <- samDAO.getLeoAuthToken + token = leoAuth.credentials.toString().split(" ")(1) workspaceDescOpt <- wsmClientProvider.getWorkspace( - leoAuth, + token, workspaceId ) workspaceDesc <- F.fromOption(workspaceDescOpt, @@ -396,8 +398,9 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], controlledResourceOpt = WsmControlledResourceId(UUID.fromString(runtime.internalId)) leoAuth <- samDAO.getLeoAuthToken workspaceDescOpt <- wsmClientProvider.getWorkspace( - leoAuth, + leoAuth.credentials.renderString, wid + ) workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(wid, traceId)) } yield LeoPubsubMessage.DeleteAzureRuntimeMessage( runtimeId = runtime.id, @@ -423,8 +426,9 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], MonitorAtBootException(s"no workspaceId found for ${runtime.id.toString}", traceId) ) leoAuth <- samDAO.getLeoAuthToken + token = leoAuth.credentials.toString().split(" ")(1) workspaceDescOpt <- wsmClientProvider.getWorkspace( - leoAuth, + token, wid ) From 548b753f45157da35c961e225a66a75256638743 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 16 Oct 2024 09:28:59 -0700 Subject: [PATCH 12/72] Update AKSInterpreter.scala --- .../dsde/workbench/leonardo/util/AKSInterpreter.scala | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala index 172ea35528..875cbbd746 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala @@ -539,6 +539,7 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, // Query the Landing Zone service for the landing zone resources leoAuth <- samDao.getLeoAuthToken + token = leoAuth.credentials.toString().split(" ")(1) landingZoneResources <- childSpan("getLandingZoneResources").use { implicit ev => legacyWsmDao.getLandingZoneResources(billingProfileId, leoAuth) } @@ -630,7 +631,7 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, // Delete the Sam resource getCachedArbitraryPetAccessToken _ <- childSpan("deleteSamResource").use { implicit ev => - samService.deleteResource(leoAuth, dbApp.app.samResourceId) + samService.deleteResource(token, dbApp.app.samResourceId) } _ <- logger.info( From adad799d022d67f56edf2d36df59c0c08dbf468b Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 16 Oct 2024 11:38:41 -0700 Subject: [PATCH 13/72] Remove leo auth token from app charts --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 4 +--- .../workbench/leonardo/app/CromwellRunnerAppInstall.scala | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 8f16b9af4e..c6c263b657 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -69,8 +69,6 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, AppCreationException("Postgres server required for Cromwell app", Some(ctx.traceId)) ) - leoAuth <- authProvider.getLeoAuthToken - values = List( // azure resources configs raw"config.resourceGroup=${params.cloudContext.managedResourceGroupName.value}", @@ -117,7 +115,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${leoAuth}", + raw"provenance.userAccessToken=", // Database configs raw"postgres.podLocalDatabaseEnabled=false", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 7029899d02..4ec4f90898 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -81,8 +81,6 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // Get the pet userToken - leoAuth <- authProvider.getLeoAuthToken - parsedUUID <- F.delay(Either.catchNonFatal(UUID.fromString(params.billingProfileId.value))) profileAttempt <- parsedUUID.traverse { uuid => bpmClient.getProfile(leoAuth, uuid) @@ -129,7 +127,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${leoAuth}", + raw"provenance.userAccessToken=", // database configs raw"postgres.podLocalDatabaseEnabled=false", From 6e056b6fcac72924857f4747f45d0ab7fe2fb491 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 16 Oct 2024 11:47:50 -0700 Subject: [PATCH 14/72] Update CromwellRunnerAppInstall.scala --- .../dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala | 2 ++ 1 file changed, 2 insertions(+) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 4ec4f90898..5927e4f300 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -81,6 +81,8 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // Get the pet userToken + leoAuth <- authProvider.getLeoAuthToken + parsedUUID <- F.delay(Either.catchNonFatal(UUID.fromString(params.billingProfileId.value))) profileAttempt <- parsedUUID.traverse { uuid => bpmClient.getProfile(leoAuth, uuid) From f912dea1eb407a2591b78755caefc74f27a8b4ab Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 22 Oct 2024 09:30:27 -0700 Subject: [PATCH 15/72] Remove auth tokens from app configs --- .../dsde/workbench/leonardo/app/WdsAppInstall.scala | 3 +-- .../dsde/workbench/leonardo/app/WorkflowsAppInstall.scala | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index 0d180973d7..8d142fffb1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -55,7 +55,6 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, AppCreationException("Postgres server required for WDS app", Some(ctx.traceId)) ) - leoAuth <- authProvider.getLeoAuthToken // Get the pet userToken // Get Vpa enabled tag @@ -90,7 +89,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${leoAuth}", + raw"provenance.userAccessToken=", raw"provenance.sourceWorkspaceId=${params.app.sourceWorkspaceId.map(_.value).getOrElse("")}", // database configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index b11a804c28..7b0061d098 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -68,7 +68,6 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, ) // Get the pet userToken - leoAuth <- samDao.getLeoAuthToken values = List( @@ -103,7 +102,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=${leoAuth}", + raw"provenance.userAccessToken=", // database configs raw"postgres.podLocalDatabaseEnabled=false", From a7d27af23cb5dd527f8d4bef05e738f36ce14cce Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 28 Oct 2024 07:58:08 -0700 Subject: [PATCH 16/72] Update LeoAppServiceInterp.scala --- .../leonardo/http/service/LeoAppServiceInterp.scala | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala index 7d64ef2810..4043fa0c60 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala @@ -168,7 +168,9 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, Some(googleProject), None, - getAppSamPolicyMap(userEmail, req.accessScope) + getAppSamPolicyMap(userEmail, + WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), + req.accessScope) ) saveCluster <- F.fromEither( getSavableCluster(userEmail, cloudContext, req.autopilot.isDefined, ctx.now) @@ -787,7 +789,9 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, None, Some(workspaceId), - getAppSamPolicyMap(userEmail, req.accessScope) + getAppSamPolicyMap(userEmail, + WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), + req.accessScope) ) // Save or retrieve a KubernetesCluster record for the app @@ -1692,13 +1696,14 @@ object LeoAppServiceInterp { * Private apps are represented as kubernetes-app resources in Sam and have a "creator" role. */ private[http] def getAppSamPolicyMap(userEmail: WorkbenchEmail, + leoEmail: WorkbenchEmail, accessScope: Option[AppAccessScope] ): Map[String, SamPolicyData] = accessScope match { case Some(AppAccessScope.WorkspaceShared) => - Map("owner" -> SamPolicyData(List(userEmail), List(SharedAppRole.Owner.asString))) + Map("owner" -> SamPolicyData(List(userEmail, leoEmail), List(SharedAppRole.Owner.asString))) case _ => - Map("creator" -> SamPolicyData(List(userEmail), List(AppRole.Creator.asString))) + Map("creator" -> SamPolicyData(List(userEmail, leoEmail), List(AppRole.Creator.asString))) } } From b592443ba05494d5d67be6087f285573f7087440 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 28 Oct 2024 08:00:41 -0700 Subject: [PATCH 17/72] Update Dependencies.scala --- project/Dependencies.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 5d7ce3ede8..55723db2fb 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -24,7 +24,7 @@ object Dependencies { val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9-3fa02c66-SNAP" + val workbenchAzureV = s"0.9" val helmScalaSdkV = "0.0.8.5" From e597b539639b57e23ee0f5708f1966dcffd3bc5c Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 28 Oct 2024 08:28:31 -0700 Subject: [PATCH 18/72] Update Dependencies.scala --- project/Dependencies.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 55723db2fb..d8b74b152a 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -17,14 +17,14 @@ object Dependencies { val munitCatsEffectV = "1.0.7" val pact4sV = "0.10.0" - private val workbenchLibsHash = "3cea4eb" + private val workbenchLibsHash = "d3d4967" val serviceTestV = s"5.0-$workbenchLibsHash" val workbenchModelV = s"0.20-$workbenchLibsHash" val workbenchGoogleV = s"0.32-$workbenchLibsHash" val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9" + val workbenchAzureV = s"0.9-$workbenchLibsHash" val helmScalaSdkV = "0.0.8.5" From b050782875b648fd49e12bd287f977e532901e08 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 28 Oct 2024 08:36:04 -0700 Subject: [PATCH 19/72] Update Dependencies.scala --- project/Dependencies.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index d8b74b152a..0cd20ebde7 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -17,14 +17,14 @@ object Dependencies { val munitCatsEffectV = "1.0.7" val pact4sV = "0.10.0" - private val workbenchLibsHash = "d3d4967" + private val workbenchLibsHash = "3cea4eb" val serviceTestV = s"5.0-$workbenchLibsHash" val workbenchModelV = s"0.20-$workbenchLibsHash" val workbenchGoogleV = s"0.32-$workbenchLibsHash" val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9-$workbenchLibsHash" + val workbenchAzureV = s"0.9-d3d4967" val helmScalaSdkV = "0.0.8.5" From aa1586e0a9220f824e4d53adf17adb6b35430f80 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 30 Oct 2024 09:55:04 -0700 Subject: [PATCH 20/72] Update LeoAppServiceInterp.scala --- .../leonardo/http/service/LeoAppServiceInterp.scala | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala index 4043fa0c60..7d64ef2810 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala @@ -168,9 +168,7 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, Some(googleProject), None, - getAppSamPolicyMap(userEmail, - WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), - req.accessScope) + getAppSamPolicyMap(userEmail, req.accessScope) ) saveCluster <- F.fromEither( getSavableCluster(userEmail, cloudContext, req.autopilot.isDefined, ctx.now) @@ -789,9 +787,7 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, None, Some(workspaceId), - getAppSamPolicyMap(userEmail, - WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), - req.accessScope) + getAppSamPolicyMap(userEmail, req.accessScope) ) // Save or retrieve a KubernetesCluster record for the app @@ -1696,14 +1692,13 @@ object LeoAppServiceInterp { * Private apps are represented as kubernetes-app resources in Sam and have a "creator" role. */ private[http] def getAppSamPolicyMap(userEmail: WorkbenchEmail, - leoEmail: WorkbenchEmail, accessScope: Option[AppAccessScope] ): Map[String, SamPolicyData] = accessScope match { case Some(AppAccessScope.WorkspaceShared) => - Map("owner" -> SamPolicyData(List(userEmail, leoEmail), List(SharedAppRole.Owner.asString))) + Map("owner" -> SamPolicyData(List(userEmail), List(SharedAppRole.Owner.asString))) case _ => - Map("creator" -> SamPolicyData(List(userEmail, leoEmail), List(AppRole.Creator.asString))) + Map("creator" -> SamPolicyData(List(userEmail), List(AppRole.Creator.asString))) } } From 23d6ca20ed0cd2403b05dff044cd4206ccec9e18 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 30 Oct 2024 12:12:29 -0700 Subject: [PATCH 21/72] Revert "Update LeoAppServiceInterp.scala" This reverts commit aa1586e0a9220f824e4d53adf17adb6b35430f80. --- .../leonardo/http/service/LeoAppServiceInterp.scala | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala index 7d64ef2810..4043fa0c60 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala @@ -168,7 +168,9 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, Some(googleProject), None, - getAppSamPolicyMap(userEmail, req.accessScope) + getAppSamPolicyMap(userEmail, + WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), + req.accessScope) ) saveCluster <- F.fromEither( getSavableCluster(userEmail, cloudContext, req.autopilot.isDefined, ctx.now) @@ -787,7 +789,9 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, None, Some(workspaceId), - getAppSamPolicyMap(userEmail, req.accessScope) + getAppSamPolicyMap(userEmail, + WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), + req.accessScope) ) // Save or retrieve a KubernetesCluster record for the app @@ -1692,13 +1696,14 @@ object LeoAppServiceInterp { * Private apps are represented as kubernetes-app resources in Sam and have a "creator" role. */ private[http] def getAppSamPolicyMap(userEmail: WorkbenchEmail, + leoEmail: WorkbenchEmail, accessScope: Option[AppAccessScope] ): Map[String, SamPolicyData] = accessScope match { case Some(AppAccessScope.WorkspaceShared) => - Map("owner" -> SamPolicyData(List(userEmail), List(SharedAppRole.Owner.asString))) + Map("owner" -> SamPolicyData(List(userEmail, leoEmail), List(SharedAppRole.Owner.asString))) case _ => - Map("creator" -> SamPolicyData(List(userEmail), List(AppRole.Creator.asString))) + Map("creator" -> SamPolicyData(List(userEmail, leoEmail), List(AppRole.Creator.asString))) } } From 134b8ac6c72f099f85d84550b95e16e34917ab8d Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Wed, 30 Oct 2024 13:17:54 -0700 Subject: [PATCH 22/72] Get leo email from token --- .../leonardo/http/service/LeoAppServiceInterp.scala | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala index 4043fa0c60..49af036107 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala @@ -163,13 +163,15 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, // Retrieve parent workspaceId for the google project parentWorkspaceId <- samService.lookupWorkspaceParentForGoogleProject(userInfo.accessToken.token, googleProject) + leoToken <- authProvider.getLeoAuthToken + leoEmail <- samService.getUserEmail(leoToken) notifySamAndCreate = for { _ <- samService.createResource(userInfo.accessToken.token, samResourceId, Some(googleProject), None, getAppSamPolicyMap(userEmail, - WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), + leoEmail, req.accessScope) ) saveCluster <- F.fromEither( @@ -785,12 +787,14 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId <- F.delay(AppSamResourceId(UUID.randomUUID().toString, req.accessScope)) // Create kubernetes-app Sam resource with a creator policy and the workspace as the parent + leoToken <- authProvider.getLeoAuthToken + leoEmail <- samService.getUserEmail(leoToken) _ <- samService.createResource(userInfo.accessToken.token, samResourceId, None, Some(workspaceId), getAppSamPolicyMap(userEmail, - WorkbenchEmail("90d2e10c-0bbb-48e6-935e-9df9b1989998@uami.terra.bio"), + leoEmail, req.accessScope) ) From 59aff84a266f8a6cdc8dd421cfaaa76d74da580a Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 4 Nov 2024 08:23:45 -0800 Subject: [PATCH 23/72] Update reference.conf --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index ac8ea3c546..315c8b070b 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -259,7 +259,7 @@ azure { } # [IA-4997] to support CHIPS by setting partitioned cookies # listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:474f157" - listener-image = "potomacdevap.azurecr.io/terra-azure-relay-listeners:latest" + listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:76d982c" } } From 58fd92758ac3516bb05e2dadbbe6d90deea76e6d Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Tue, 5 Nov 2024 17:25:30 -0500 Subject: [PATCH 24/72] Update Dependencies.scala --- project/Dependencies.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 0cd20ebde7..edfdd334a2 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -24,7 +24,7 @@ object Dependencies { val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9-d3d4967" + val workbenchAzureV = s"0.9-939664aa-SNAP" val helmScalaSdkV = "0.0.8.5" From 73556981f308440cc1cf35c432d7cdc3ab74df78 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Wed, 6 Nov 2024 10:36:15 -0500 Subject: [PATCH 25/72] Update Dependencies.scala --- project/Dependencies.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index edfdd334a2..34d77250e3 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -24,7 +24,7 @@ object Dependencies { val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9-939664aa-SNAP" + val workbenchAzureV = s"0.9-21b542fa-SNAP" val helmScalaSdkV = "0.0.8.5" From d1c31af6104451f95487c26421bbcfded7c0d27b Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Wed, 6 Nov 2024 13:01:24 -0500 Subject: [PATCH 26/72] update gov servicebus and sql suffixes --- .../leonardo/app/CromwellAppInstall.scala | 4 ++-- .../leonardo/app/CromwellRunnerAppInstall.scala | 2 +- .../workbench/leonardo/app/WdsAppInstall.scala | 4 ++-- .../leonardo/app/WorkflowsAppInstall.scala | 4 ++-- .../leonardo/config/AzureHostingModeConfig.scala | 15 ++++++++++++--- .../workbench/leonardo/util/AKSInterpreter.scala | 4 ++-- .../leonardo/util/AzurePubsubHandler.scala | 2 +- .../leonardo/util/BuildHelmChartValues.scala | 11 +++++++---- .../leonardo/app/CromwellAppInstallSpec.scala | 12 ++++-------- .../app/CromwellRunnerAppInstallSpec.scala | 3 ++- .../leonardo/app/WdsAppInstallSpec.scala | 5 +++-- .../leonardo/app/WorkflowsAppInstallSpec.scala | 3 ++- 12 files changed, 40 insertions(+), 29 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index c6c263b657..c83a70af68 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -8,7 +8,7 @@ import org.broadinstitute.dsde.workbench.leonardo.app.AppInstall.getAzureDatabas import org.broadinstitute.dsde.workbench.leonardo.{AppContext, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider -import org.broadinstitute.dsde.workbench.leonardo.config.CoaAppConfig +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, CoaAppConfig} import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException @@ -119,7 +119,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, // Database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres.database.azure.com", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 5927e4f300..6f307166af 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -133,7 +133,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres.database.azure.com", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index 8d142fffb1..50c45d26ca 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -8,7 +8,7 @@ import cats.syntax.all._ import org.broadinstitute.dsde.workbench.azure.AzureApplicationInsightsService import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider -import org.broadinstitute.dsde.workbench.leonardo.config.WdsAppConfig +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, WdsAppConfig} import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException @@ -93,7 +93,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, raw"provenance.sourceWorkspaceId=${params.app.sourceWorkspaceId.map(_.value).getOrElse("")}", // database configs - raw"postgres.host=${postgresServer.name}.postgres.database.azure.com", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", raw"postgres.dbname=$dbName", // convention is that the database user is the same as the service account name diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index 7b0061d098..eb3c3546e8 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -8,7 +8,7 @@ import org.broadinstitute.dsde.workbench.azure.{AzureApplicationInsightsService, import org.broadinstitute.dsde.workbench.leonardo.{AppContext, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.app.AppInstall.getAzureDatabaseName import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase -import org.broadinstitute.dsde.workbench.leonardo.config.WorkflowsAppConfig +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, WorkflowsAppConfig} import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException @@ -106,7 +106,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, // database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres.database.azure.com", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala index 8d7bc4b6b1..e826d03855 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala @@ -17,15 +17,24 @@ case class AzureManagedIdentityAuthConfig( ) object AzureEnvironmentConverter { - val Azure: String = "AZURE" + val Azure: String = "AZURE"F val AzureGov: String = "AZURE_US_GOVERNMENT" - val AzureChina: String = "AZURE_CHINA" def fromString(s: String): AzureEnvironment = s match { case AzureGov => AzureEnvironment.AZURE_US_GOVERNMENT - case AzureChina => AzureEnvironment.AZURE_CHINA // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default case Azure => AzureEnvironment.AZURE case _ => AzureEnvironment.AZURE } + + def relaySuffixFromEnvironment(azureEnvironment: AzureEnvironment): String = azureEnvironment match { + case AzureEnvironment.AZURE_US_GOVERNMENT => ".servicebus.usgovcloudapi.net" + // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default + case AzureEnvironment.AZURE => ".servicebus.windows.net" + case _ => ".servicebus.windows.net" + } + + def relaySuffixFromString(s: String): String = { + relaySuffixFromEnvironment(fromString(s)) + } } diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala index 875cbbd746..b4399911d4 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala @@ -183,7 +183,7 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, relayPrimaryKey <- childSpan("createRelayHybridConnection").use { implicit ev => azureRelayService.createRelayHybridConnection(landingZoneResources.relayNamespace, hcName, params.cloudContext) } - relayDomain = s"${landingZoneResources.relayNamespace.value}.servicebus.windows.net" + relayDomain = s"${landingZoneResources.relayNamespace.value}${AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" relayEndpoint = s"https://${relayDomain}/" relayPath = Uri.unsafeFromString(relayEndpoint) / hcName.value @@ -417,7 +417,7 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, // Get relay hybrid connection information hcName = RelayHybridConnectionName(s"${params.appName.value}-${workspaceId.value}") - relayDomain = s"${landingZoneResources.relayNamespace.value}.servicebus.windows.net" + relayDomain = s"${landingZoneResources.relayNamespace.value}${AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" relayEndpoint = s"https://${relayDomain}/" relayPath = Uri.unsafeFromString(relayEndpoint) / hcName.value relayPrimaryKey <- azureRelayService.getRelayHybridConnectionKey(landingZoneResources.relayNamespace, diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index 21dabb2523..90c86c4c99 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -892,7 +892,7 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( ) ) case JobReport.StatusEnum.SUCCEEDED => - val hostIp = s"${params.landingZoneResources.relayNamespace.value}.servicebus.windows.net" + val hostIp = s"${params.landingZoneResources.relayNamespace.value}${AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" for { now <- nowInstant _ <- clusterQuery.updateClusterHostIp(params.runtime.id, Some(IP(hostIp)), now).transaction diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/BuildHelmChartValues.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/BuildHelmChartValues.scala index ab11f42ccb..25ad63b9cd 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/BuildHelmChartValues.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/BuildHelmChartValues.scala @@ -8,9 +8,9 @@ import org.broadinstitute.dsde.workbench.google2.GKEModels.NodepoolName import org.broadinstitute.dsde.workbench.google2.KubernetesSerializableName.{NamespaceName, ServiceAccountName} import org.broadinstitute.dsde.workbench.leonardo.AppRestore.GalaxyRestore import org.broadinstitute.dsde.workbench.leonardo.SamResourceId.AppSamResourceId -import org.broadinstitute.dsde.workbench.leonardo.config.SamConfig +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, SamConfig} import org.broadinstitute.dsde.workbench.leonardo.dao.CustomAppService -import org.broadinstitute.dsde.workbench.leonardo.http.kubernetesProxyHost +import org.broadinstitute.dsde.workbench.leonardo.http.{kubernetesProxyHost, ConfigReader} import org.broadinstitute.dsde.workbench.model.WorkbenchEmail import org.broadinstitute.dsde.workbench.model.google.GcsBucketName import org.broadinstitute.dsp.{Release, Values} @@ -275,9 +275,12 @@ private[leonardo] object BuildHelmChartValues { Values( List( raw"""connection.removeEntityPathFromHttpUrl="${removeEntityPathFromHttpUrl.toString}"""", - raw"connection.connectionString=Endpoint=sb://${relayNamespace.value}.servicebus.windows.net/;SharedAccessKeyName=listener;SharedAccessKey=${relayPrimaryKey.value};EntityPath=${relayHcName.value}", + raw"connection.connectionString=Endpoint=sb://${relayNamespace.value}${AzureEnvironmentConverter.relaySuffixFromString( + ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment + )}/;SharedAccessKeyName=listener;SharedAccessKey=${relayPrimaryKey.value};EntityPath=${relayHcName.value}", raw"connection.connectionName=${relayHcName.value}", - raw"connection.endpoint=https://${relayNamespace.value}.servicebus.windows.net", + raw"connection.endpoint=https://${relayNamespace.value}${AzureEnvironmentConverter + .relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"connection.targetHost=$relayTargetHost", raw"sam.url=${samConfig.server}", raw"sam.resourceId=${samResourceId.resourceId}", diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index 867d708cd9..c71461fd1b 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -2,14 +2,10 @@ package org.broadinstitute.dsde.workbench.leonardo.app import cats.effect.IO import org.broadinstitute.dsde.workbench.google2.KubernetesSerializableName.ServiceAccountName -import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{ - azureRegion, - billingProfileId, - landingZoneResources, - petUserInfo -} +import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{azureRegion, billingProfileId, landingZoneResources, petUserInfo} import org.broadinstitute.dsde.workbench.leonardo.{ManagedIdentityName, PostgresServer, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.TestUtils.appContext +import org.broadinstitute.dsde.workbench.leonardo.config.AzureEnvironmentConverter import org.broadinstitute.dsde.workbench.leonardo.http.ConfigReader import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException import org.http4s.Uri @@ -70,7 +66,7 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres.database.azure.com," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + @@ -126,7 +122,7 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres.database.azure.com," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + "postgres.pgbouncer.enabled=false," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala index 85925b83d8..e2712de0bd 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala @@ -4,6 +4,7 @@ import cats.effect.IO import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{azureRegion, landingZoneResources, petUserInfo} import org.broadinstitute.dsde.workbench.leonardo.http.ConfigReader import org.broadinstitute.dsde.workbench.leonardo.TestUtils.appContext +import org.broadinstitute.dsde.workbench.leonardo.config.AzureEnvironmentConverter import org.broadinstitute.dsde.workbench.leonardo.{BillingProfileId, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.config.Config.samConfig import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException @@ -56,7 +57,7 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres.database.azure.com," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala index 8905af7a2b..5f4919c690 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala @@ -3,6 +3,7 @@ package org.broadinstitute.dsde.workbench.leonardo.app import cats.effect.IO import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{azureRegion, landingZoneResources, petUserInfo} import org.broadinstitute.dsde.workbench.leonardo.TestUtils.appContext +import org.broadinstitute.dsde.workbench.leonardo.config.AzureEnvironmentConverter import org.broadinstitute.dsde.workbench.leonardo.{WorkspaceId, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.dao.WdsDAO import org.broadinstitute.dsde.workbench.leonardo.http.ConfigReader @@ -50,7 +51,7 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "provenance.sourceWorkspaceId=," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres.database.azure.com," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + "postgres.pgbouncer.enabled=true," + s"postgres.dbname=$wdsAzureDbName," + "postgres.user=ksa-1" @@ -81,7 +82,7 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + s"provenance.sourceWorkspaceId=${sourceWorkspaceId.value}," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres.database.azure.com," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + "postgres.pgbouncer.enabled=true," + s"postgres.dbname=$wdsAzureDbName," + "postgres.user=ksa-1" diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala index 84ff8d58be..c7ef312691 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala @@ -4,6 +4,7 @@ import cats.effect.IO import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{landingZoneResources, petUserInfo} import org.broadinstitute.dsde.workbench.leonardo.TestUtils.appContext import org.broadinstitute.dsde.workbench.leonardo.WsmControlledDatabaseResource +import org.broadinstitute.dsde.workbench.leonardo.config.AzureEnvironmentConverter import org.broadinstitute.dsde.workbench.leonardo.http.ConfigReader import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException @@ -48,7 +49,7 @@ class WorkflowsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres.database.azure.com," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwellMetadata=$cromwellMetadataAzureDbName," + From 83a04ac5efd1c6c5eb23c2218dfafa968e5e9018 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Wed, 6 Nov 2024 13:36:02 -0500 Subject: [PATCH 27/72] fix import and typo --- .../leonardo/app/CromwellRunnerAppInstall.scala | 2 +- .../leonardo/config/AzureHostingModeConfig.scala | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 6f307166af..344e69382e 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -9,7 +9,7 @@ import org.broadinstitute.dsde.workbench.leonardo.{AppContext, WsmControlledData import org.broadinstitute.dsde.workbench.leonardo.app.AppInstall.getAzureDatabaseName import org.broadinstitute.dsde.workbench.leonardo.app.Database.{ControlledDatabase, ReferenceDatabase} import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider -import org.broadinstitute.dsde.workbench.leonardo.config.{CromwellRunnerAppConfig, SamConfig} +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, CromwellRunnerAppConfig, SamConfig} import org.broadinstitute.dsde.workbench.leonardo.dao.{BpmApiClientProvider, CromwellDAO, SamDAO} import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala index e826d03855..ae6b1f561c 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala @@ -17,24 +17,23 @@ case class AzureManagedIdentityAuthConfig( ) object AzureEnvironmentConverter { - val Azure: String = "AZURE"F + val Azure: String = "AZURE" val AzureGov: String = "AZURE_US_GOVERNMENT" def fromString(s: String): AzureEnvironment = s match { - case AzureGov => AzureEnvironment.AZURE_US_GOVERNMENT + case AzureGov => AzureEnvironment.AZURE_US_GOVERNMENT // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default case Azure => AzureEnvironment.AZURE case _ => AzureEnvironment.AZURE } def relaySuffixFromEnvironment(azureEnvironment: AzureEnvironment): String = azureEnvironment match { - case AzureEnvironment.AZURE_US_GOVERNMENT => ".servicebus.usgovcloudapi.net" + case AzureEnvironment.AZURE_US_GOVERNMENT => ".servicebus.usgovcloudapi.net" // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default case AzureEnvironment.AZURE => ".servicebus.windows.net" - case _ => ".servicebus.windows.net" + case _ => ".servicebus.windows.net" } - def relaySuffixFromString(s: String): String = { + def relaySuffixFromString(s: String): String = relaySuffixFromEnvironment(fromString(s)) - } } From 78df15b04b001e58b33b0dadb16f5cc481daf94b Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Wed, 6 Nov 2024 14:53:33 -0500 Subject: [PATCH 28/72] update azure gov config --- http/src/main/resources/leo.conf | 2 +- .../dsde/workbench/leonardo/config/AzureHostingModeConfig.scala | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/http/src/main/resources/leo.conf b/http/src/main/resources/leo.conf index e833d40fd0..1558869df5 100644 --- a/http/src/main/resources/leo.conf +++ b/http/src/main/resources/leo.conf @@ -162,7 +162,7 @@ azure { # If true, it is assumed that Leo is hosted on Azure and will use Azure managed identity for authentication. enabled = ${?AZURE_HOSTING_MODE_ENABLED} # valid values are AZURE (Azure Commercial), AZURE_US_GOVERNMENT and AZURE_CHINA - azure-environment = ${?AZURE_HOSTING_ENVIRONMENT} + azure-environment = ${?AZURE_ENVIRONMENT} managed-identity-auth-config{ token-scope = ${?AZURE_MI_TOKEN_SCOPE} token-acquisition-timeout = ${?AZURE_MI_TOKEN_ACQUISITION_TIMEOUT} diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala index ae6b1f561c..43498408d9 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala @@ -18,7 +18,7 @@ case class AzureManagedIdentityAuthConfig( object AzureEnvironmentConverter { val Azure: String = "AZURE" - val AzureGov: String = "AZURE_US_GOVERNMENT" + val AzureGov: String = "AZURE_GOV" def fromString(s: String): AzureEnvironment = s match { case AzureGov => AzureEnvironment.AZURE_US_GOVERNMENT From 9c521d9d115c3d3b948b59057743df66c505a5cb Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 7 Nov 2024 11:01:29 -0500 Subject: [PATCH 29/72] update storage account suffix to support azure gov --- .../dsde/workbench/leonardo/app/HailBatchAppInstall.scala | 7 +++++-- .../workbench/leonardo/app/HailBatchAppInstallSpec.scala | 3 ++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstall.scala index c8170143dc..5e91371de5 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstall.scala @@ -3,8 +3,9 @@ import cats.effect.Async import cats.mtl.Ask import cats.syntax.all._ import org.broadinstitute.dsde.workbench.leonardo.AppContext -import org.broadinstitute.dsde.workbench.leonardo.config.HailBatchAppConfig +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, HailBatchAppConfig} import org.broadinstitute.dsde.workbench.leonardo.dao.HailBatchDAO +import org.broadinstitute.dsde.workbench.leonardo.http.ConfigReader import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException import org.broadinstitute.dsp.Values import org.http4s.Uri @@ -34,7 +35,9 @@ class HailBatchAppInstall[F[_]](config: HailBatchAppConfig, hailBatchDao: HailBa raw"persistence.workspaceManager.url=${params.config.wsmConfig.uri.renderString}", raw"persistence.workspaceManager.workspaceId=${params.workspaceId.value}", raw"persistence.workspaceManager.containerResourceId=${storageContainer.resourceId.value.toString}", - raw"persistence.workspaceManager.storageContainerUrl=https://${params.landingZoneResources.storageAccountName.value}.blob.core.windows.net/${storageContainer.name.value}", + raw"persistence.workspaceManager.storageContainerUrl=https://${params.landingZoneResources.storageAccountName.value}.blob${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}/${storageContainer.name.value}", raw"persistence.leoAppName=${params.app.appName.value}", // identity configs diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala index df91a85f2f..b83f997021 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala @@ -2,6 +2,7 @@ package org.broadinstitute.dsde.workbench.leonardo.app import cats.effect.IO import org.broadinstitute.dsde.workbench.leonardo.TestUtils.appContext +import org.broadinstitute.dsde.workbench.leonardo.config.AzureEnvironmentConverter import org.broadinstitute.dsde.workbench.leonardo.dao.HailBatchDAO import org.broadinstitute.dsde.workbench.leonardo.http.ConfigReader import org.mockito.ArgumentMatchers.any @@ -26,7 +27,7 @@ class HailBatchAppInstallSpec extends BaseAppInstallSpec { s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + s"persistence.workspaceManager.workspaceId=${workspaceId.value}," + s"persistence.workspaceManager.containerResourceId=${storageContainer.resourceId.value.toString}," + - s"persistence.workspaceManager.storageContainerUrl=https://${lzResources.storageAccountName.value}.blob.core.windows.net/${storageContainer.name.value}," + + s"persistence.workspaceManager.storageContainerUrl=https://${lzResources.storageAccountName.value}.blob${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}/${storageContainer.name.value}," + "persistence.leoAppName=app1," + "workloadIdentity.serviceAccountName=ksa-1," + s"relay.domain=relay.com," + From e49ce53e47df452a07381f07c5f0735e515d1345 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Sun, 10 Nov 2024 09:50:41 -0800 Subject: [PATCH 30/72] Fix postgres suffix in commercial --- .../workbench/leonardo/app/CromwellAppInstall.scala | 2 +- .../leonardo/app/CromwellRunnerAppInstall.scala | 2 +- .../dsde/workbench/leonardo/app/WdsAppInstall.scala | 2 +- .../workbench/leonardo/app/WorkflowsAppInstall.scala | 2 +- .../leonardo/config/AzureHostingModeConfig.scala | 10 ++++++++++ .../leonardo/app/CromwellAppInstallSpec.scala | 4 ++-- .../leonardo/app/CromwellRunnerAppInstallSpec.scala | 2 +- .../workbench/leonardo/app/WdsAppInstallSpec.scala | 4 ++-- .../leonardo/app/WorkflowsAppInstallSpec.scala | 2 +- 9 files changed, 20 insertions(+), 10 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index c83a70af68..ca71c8490d 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -119,7 +119,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, // Database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 344e69382e..ad4990b4dc 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -133,7 +133,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index 50c45d26ca..8c2d4152c9 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -93,7 +93,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, raw"provenance.sourceWorkspaceId=${params.app.sourceWorkspaceId.map(_.value).getOrElse("")}", // database configs - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", raw"postgres.dbname=$dbName", // convention is that the database user is the same as the service account name diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index eb3c3546e8..c316740a48 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -106,7 +106,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, // database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala index 43498408d9..1cde5631f1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala @@ -36,4 +36,14 @@ object AzureEnvironmentConverter { def relaySuffixFromString(s: String): String = relaySuffixFromEnvironment(fromString(s)) + + def postgresSuffixFromEnvironment(azureEnvironment: AzureEnvironment): String = azureEnvironment match { + case AzureEnvironment.AZURE_US_GOVERNMENT => ".database.usgovcloudapi.net" + // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default + case AzureEnvironment.AZURE => ".database.azure.com" + case _ => ".database.azure.com" + } + + def postgresSuffixFromString(s: String): String = + postgresSuffixFromEnvironment(fromString(s)) } diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index c71461fd1b..3214de4d3e 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -66,7 +66,7 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + @@ -122,7 +122,7 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=false," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala index e2712de0bd..85ab409c1b 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala @@ -57,7 +57,7 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala index 5f4919c690..64c39ebe26 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala @@ -51,7 +51,7 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "provenance.sourceWorkspaceId=," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + s"postgres.dbname=$wdsAzureDbName," + "postgres.user=ksa-1" @@ -82,7 +82,7 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + s"provenance.sourceWorkspaceId=${sourceWorkspaceId.value}," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + s"postgres.dbname=$wdsAzureDbName," + "postgres.user=ksa-1" diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala index c7ef312691..74872c7b97 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala @@ -49,7 +49,7 @@ class WorkflowsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwellMetadata=$cromwellMetadataAzureDbName," + From 5f9bcfb12990b6b2aaa28db4c1f9048d99581ae1 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 14 Nov 2024 13:30:43 -0500 Subject: [PATCH 31/72] test cromwell version --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 4 ++++ .../workbench/leonardo/app/CromwellRunnerAppInstall.scala | 8 ++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index ca71c8490d..f9ab9f59a1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -126,6 +126,10 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"postgres.dbnames.cromwell=${dbNames.cromwell}", raw"postgres.dbnames.cbas=${dbNames.cbas}", raw"postgres.dbnames.tes=${dbNames.tes}" + + // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR + raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" + ) } yield Values(values.mkString(",")) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index ad4990b4dc..348b837d3a 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -133,7 +133,8 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", @@ -150,7 +151,10 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // Bard configs raw"bard.bardUrl=${config.bardBaseUri}", - raw"bard.enabled=${config.bardEnabled}" + raw"bard.enabled=${config.bardEnabled}", + + // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR + raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" ) finalList = maybeLimits match { From a5926581db82c386440730d4feee4a12f1266bad Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 14 Nov 2024 14:15:36 -0500 Subject: [PATCH 32/72] Update CromwellAppInstall.scala --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index f9ab9f59a1..4b35df2a75 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -125,11 +125,11 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"postgres.user=${params.ksaName.value}", raw"postgres.dbnames.cromwell=${dbNames.cromwell}", raw"postgres.dbnames.cbas=${dbNames.cbas}", - raw"postgres.dbnames.tes=${dbNames.tes}" + raw"postgres.dbnames.tes=${dbNames.tes}", // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" - + ) } yield Values(values.mkString(",")) From 12e1ad78300876800203cb4d715592fa34b1f21e Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Fri, 15 Nov 2024 13:30:02 -0500 Subject: [PATCH 33/72] with test cromwell-runner-app version --- http/src/main/resources/reference.conf | 2 +- .../workbench/leonardo/app/CromwellAppInstall.scala | 12 ++++++++---- .../leonardo/app/CromwellRunnerAppInstall.scala | 3 +++ 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 315c8b070b..8d289436ec 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -373,7 +373,7 @@ azure { cromwell-runner-app-config { instrumentation-enabled = false - chart-name = "terra-helm/cromwell-runner-app" + chart-name = "leonardo/cromwell-runner-app" chart-version = "0.185.0" release-name-suffix = "cra-rls" namespace-name-suffix = "cra-ns" diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 4b35df2a75..5102e4782a 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -80,6 +80,10 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"config.subscriptionId=${params.cloudContext.subscriptionId.value}", raw"config.region=${params.landingZoneResources.region}", raw"config.applicationInsightsConnectionString=${applicationInsightsComponent.connectionString()}", + raw"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}", + raw"config.azureManagementTokenScope=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}/.default", // relay configs raw"relay.path=${params.relayPath.renderString}", @@ -119,7 +123,8 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, // Database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", @@ -127,9 +132,8 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"postgres.dbnames.cbas=${dbNames.cbas}", raw"postgres.dbnames.tes=${dbNames.tes}", - // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR - raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" - + // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR + raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" ) } yield Values(values.mkString(",")) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 348b837d3a..e4ebcfb702 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -105,6 +105,9 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"config.subscriptionId=${params.cloudContext.subscriptionId.value}", raw"config.region=${params.landingZoneResources.region}", raw"config.applicationInsightsConnectionString=${applicationInsightsComponent.connectionString()}", + raw"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}", + raw"config.azureManagementTokenScope=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getResourceManagerEndpoint}/.default", // relay configs raw"relay.path=${params.relayPath.renderString}", From 93fa99284f1a8d10ad360a4705ef3909750c59f1 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Fri, 15 Nov 2024 14:17:54 -0500 Subject: [PATCH 34/72] Update reference.conf --- http/src/main/resources/reference.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 8d289436ec..67042d7799 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -373,8 +373,8 @@ azure { cromwell-runner-app-config { instrumentation-enabled = false - chart-name = "leonardo/cromwell-runner-app" - chart-version = "0.185.0" + chart-name = "/leonardo/cromwell-runner-app" + chart-version = "0.197.0" release-name-suffix = "cra-rls" namespace-name-suffix = "cra-ns" ksa-name = "cra-ksa" From ae97497dbe534e88af6ae4de21cc94cd134d198d Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Fri, 15 Nov 2024 16:26:15 -0500 Subject: [PATCH 35/72] update tokenscope --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 2 +- .../dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 5102e4782a..b760eac863 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -83,7 +83,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}", raw"config.azureManagementTokenScope=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getResourceManagerEndpoint}/.default", + .getResourceManagerEndpoint}.default", // relay configs raw"relay.path=${params.relayPath.renderString}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index e4ebcfb702..5ffabab04c 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -107,7 +107,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"config.applicationInsightsConnectionString=${applicationInsightsComponent.connectionString()}", raw"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}", raw"config.azureManagementTokenScope=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getResourceManagerEndpoint}/.default", + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getResourceManagerEndpoint}.default", // relay configs raw"relay.path=${params.relayPath.renderString}", From 1518e8d70e2b5897cc8268e96c9b0d9125702097 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 18 Nov 2024 13:03:23 -0500 Subject: [PATCH 36/72] update batch account suffix and re-value environment strings to match azure api --- .../leonardo/app/CromwellAppInstall.scala | 2 ++ .../leonardo/app/CromwellRunnerAppInstall.scala | 2 ++ .../config/AzureHostingModeConfig.scala | 17 +++++++++++++++-- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index b760eac863..2a79ae3db5 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -84,6 +84,8 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"config.azureManagementTokenScope=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) .getResourceManagerEndpoint}.default", + raw"config.batchAccountSuffix=${AzureEnvironmentConverter + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", // relay configs raw"relay.path=${params.relayPath.renderString}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 5ffabab04c..08c32ee60c 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -108,6 +108,8 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}", raw"config.azureManagementTokenScope=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getResourceManagerEndpoint}.default", + raw"config.batchAccountSuffix=${AzureEnvironmentConverter + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", // relay configs raw"relay.path=${params.relayPath.renderString}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala index 1cde5631f1..bf7a0b5dc6 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala @@ -17,8 +17,8 @@ case class AzureManagedIdentityAuthConfig( ) object AzureEnvironmentConverter { - val Azure: String = "AZURE" - val AzureGov: String = "AZURE_GOV" + val Azure: String = "AzureCloud" + val AzureGov: String = "AzureUSGovernmentCloud" def fromString(s: String): AzureEnvironment = s match { case AzureGov => AzureEnvironment.AZURE_US_GOVERNMENT @@ -27,6 +27,7 @@ object AzureEnvironmentConverter { case _ => AzureEnvironment.AZURE } + // servicebus suffix not currently provided by AzureEnvironment library, values found here def relaySuffixFromEnvironment(azureEnvironment: AzureEnvironment): String = azureEnvironment match { case AzureEnvironment.AZURE_US_GOVERNMENT => ".servicebus.usgovcloudapi.net" // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default @@ -37,6 +38,7 @@ object AzureEnvironmentConverter { def relaySuffixFromString(s: String): String = relaySuffixFromEnvironment(fromString(s)) + // database suffix not currently provided by AzureEnvironment library, values found here def postgresSuffixFromEnvironment(azureEnvironment: AzureEnvironment): String = azureEnvironment match { case AzureEnvironment.AZURE_US_GOVERNMENT => ".database.usgovcloudapi.net" // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default @@ -46,4 +48,15 @@ object AzureEnvironmentConverter { def postgresSuffixFromString(s: String): String = postgresSuffixFromEnvironment(fromString(s)) + + // batchAccount suffix not currently provided by AzureEnvironment library, values found here + def batchAccountSuffixFromEnvironment(azureEnvironment: AzureEnvironment): String = azureEnvironment match { + case AzureEnvironment.AZURE_US_GOVERNMENT => ".batch.usgovcloudapi.net" + // a bit redundant, but I want to have a explicit case for Azure for clarity, even though it's the default + case AzureEnvironment.AZURE => ".batch.azure.com" + case _ => ".batch.azure.com" + } + + def batchAccountSuffixFromString(s: String): String = + postgresSuffixFromEnvironment(fromString(s)) } From e9fb8946de29ee76782eb725e27c3ea6b67908a9 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 18 Nov 2024 13:52:41 -0500 Subject: [PATCH 37/72] update test cromwell version --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 2 +- .../workbench/leonardo/app/CromwellRunnerAppInstall.scala | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 2a79ae3db5..c22bde5773 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -135,7 +135,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"postgres.dbnames.tes=${dbNames.tes}", // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR - raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" + raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" ) } yield Values(values.mkString(",")) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 08c32ee60c..7833b19db2 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -107,9 +107,10 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"config.applicationInsightsConnectionString=${applicationInsightsComponent.connectionString()}", raw"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}", raw"config.azureManagementTokenScope=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getResourceManagerEndpoint}.default", + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}.default", raw"config.batchAccountSuffix=${AzureEnvironmentConverter - .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", // relay configs raw"relay.path=${params.relayPath.renderString}", @@ -159,7 +160,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"bard.enabled=${config.bardEnabled}", // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR - raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:e2b89ddf7915044b5f9281a7c8ab257ce658c181" + raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" ) finalList = maybeLimits match { From be60a6ee4b5708226dde2303017035e550df4255 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 18 Nov 2024 14:58:45 -0500 Subject: [PATCH 38/72] Update Dependencies.scala --- project/Dependencies.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 34d77250e3..8aac152348 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -24,7 +24,7 @@ object Dependencies { val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9-21b542fa-SNAP" + val workbenchAzureV = s"0.9-c18669a7-SNAP" val helmScalaSdkV = "0.0.8.5" From 8b4ea1f44a27d5d2add32c273337d8ac308bb77d Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 18 Nov 2024 17:02:49 -0500 Subject: [PATCH 39/72] Update AzureHostingModeConfig.scala --- .../dsde/workbench/leonardo/config/AzureHostingModeConfig.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala index bf7a0b5dc6..e4a50812d9 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/config/AzureHostingModeConfig.scala @@ -58,5 +58,5 @@ object AzureEnvironmentConverter { } def batchAccountSuffixFromString(s: String): String = - postgresSuffixFromEnvironment(fromString(s)) + batchAccountSuffixFromEnvironment(fromString(s)) } From 6bc1d1ba16ccb94171c0cdfeb434c94a84a2c81b Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 18 Nov 2024 18:02:32 -0500 Subject: [PATCH 40/72] Update CromwellAppInstall.scala --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 3 +++ 1 file changed, 3 insertions(+) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index c22bde5773..239ff33a78 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -93,6 +93,9 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, // persistence configs raw"persistence.storageResourceGroup=${params.cloudContext.managedResourceGroupName.value}", raw"persistence.storageAccount=${params.landingZoneResources.storageAccountName.value}", + raw"persistence.storageAccountSuffix=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}", raw"persistence.blobContainer=${storageContainer.name.value}", raw"persistence.leoAppInstanceName=${params.app.appName.value}", raw"persistence.workspaceManager.url=${params.config.wsmConfig.uri.renderString}", From 1d7eabcd255604e0e5f91a66eb35d2f8708edfdb Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 18 Nov 2024 18:44:59 -0500 Subject: [PATCH 41/72] Update CromwellRunnerAppInstall.scala --- .../dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala | 3 +++ 1 file changed, 3 insertions(+) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 7833b19db2..6a539d3584 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -117,6 +117,9 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // persistence configs raw"persistence.storageAccount=${params.landingZoneResources.storageAccountName.value}", + raw"persistence.storageAccountSuffix=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}", raw"persistence.blobContainer=${storageContainer.name.value}", raw"persistence.leoAppInstanceName=${params.app.appName.value}", raw"persistence.workspaceManager.url=${params.config.wsmConfig.uri.renderString}", From a9d6b4dc086efca2ee92bc2501bae791fd7a5c54 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Sat, 23 Nov 2024 18:45:51 -0800 Subject: [PATCH 42/72] Update AppDependenciesBuilder.scala --- .../leonardo/http/AppDependenciesBuilder.scala | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala index 933434e69c..e8bbbe6fb6 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/AppDependenciesBuilder.scala @@ -169,7 +169,7 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu baselineDependencies.azureContainerService ) - /*val metricsMonitor = new LeoMetricsMonitor( + val metricsMonitor = new LeoMetricsMonitor( ConfigReader.appConfig.metrics, baselineDependencies.appDAO, baselineDependencies.wdsDAO, @@ -180,7 +180,7 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu baselineDependencies.samDAO, kubeAlg, baselineDependencies.azureContainerService - )*/ + ) val cromwellAppInstall = new CromwellAppInstall[IO]( ConfigReader.appConfig.azure.coaAppConfig, @@ -290,7 +290,8 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu pubsubSubscriber.process, Stream.eval(baselineDependencies.subscriber.start), autopauseMonitorProcess, - autodeleteAppMonitorProcess + autodeleteAppMonitorProcess, + metricsMonitor.process ) ++ cloudSpecificProcessList case LeoExecutionModeConfig.FrontLeoOnly => asyncTasks.process :: createFrontEndLeoProcesses(baselineDependencies) @@ -300,7 +301,8 @@ class AppDependenciesBuilder(baselineDependenciesBuilder: BaselineDependenciesBu pubsubSubscriber.process, Stream.eval(baselineDependencies.subscriber.start), autopauseMonitorProcess, - autodeleteAppMonitorProcess + autodeleteAppMonitorProcess, + metricsMonitor.process ) ++ cloudSpecificProcessList ++ createFrontEndLeoProcesses(baselineDependencies) } From 2bdcaa7b71cda8fe59d436fecd398805c3391e08 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Fri, 29 Nov 2024 17:11:51 -0500 Subject: [PATCH 43/72] update relay suffix in notebook init script --- .../resources/init-resources/azure_vm_init_script.sh | 11 ++++++++--- .../workbench/leonardo/util/AzurePubsubHandler.scala | 3 ++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/http/src/main/resources/init-resources/azure_vm_init_script.sh b/http/src/main/resources/init-resources/azure_vm_init_script.sh index 986c75669e..88f9bf7b02 100644 --- a/http/src/main/resources/init-resources/azure_vm_init_script.sh +++ b/http/src/main/resources/init-resources/azure_vm_init_script.sh @@ -109,6 +109,8 @@ SAMURL=$6 SAMRESOURCEID=$7 CONTENTSECURITYPOLICY_FILE=$8 +RELAY_SUFFIX=${21:-".servicebus.windows.net"} + # Envs for welder WELDER_WSM_URL=${9:-localhost} WORKSPACE_ID="${10:-dummy}" # Additionally used for welder @@ -126,16 +128,18 @@ WORKSPACE_STORAGE_CONTAINER_URL="${17:-dummy}" SERVER_APP_BASE_URL="/${RELAY_CONNECTION_NAME}/" SERVER_APP_ALLOW_ORIGIN="*" HCVAR='\$hc' -SERVER_APP_WEBSOCKET_URL="wss://${RELAY_NAME}.servicebus.windows.net/${HCVAR}/${RELAY_CONNECTION_NAME}" -SERVER_APP_WEBSOCKET_HOST="${RELAY_NAME}.servicebus.windows.net" +SERVER_APP_WEBSOCKET_URL="wss://${RELAY_NAME}${RELAY_SUFFIX}/${HCVAR}/${RELAY_CONNECTION_NAME}" +SERVER_APP_WEBSOCKET_HOST="${RELAY_NAME}${RELAY_SUFFIX}" # Relay listener configuration -RELAY_CONNECTIONSTRING="Endpoint=sb://${RELAY_NAME}.servicebus.windows.net/;SharedAccessKeyName=listener;SharedAccessKey=${RELAY_CONNECTION_POLICY_KEY};EntityPath=${RELAY_CONNECTION_NAME}" +RELAY_CONNECTIONSTRING="Endpoint=sb://${RELAY_NAME}${RELAY_SUFFIX}/;SharedAccessKeyName=listener;SharedAccessKey=${RELAY_CONNECTION_POLICY_KEY};EntityPath=${RELAY_CONNECTION_NAME}" # Relay listener configuration - setDateAccessed listener LEONARDO_URL="${18:-dummy}" RUNTIME_NAME="${19:-dummy}" VALID_HOSTS="${20:-dummy}" + + DATEACCESSED_SLEEP_SECONDS=60 # supercedes default defined in terra-azure-relay-listeners/service/src/main/resources/application.yml # Log in script output for debugging purposes. @@ -143,6 +147,7 @@ echo "RELAY_NAME = ${RELAY_NAME}" echo "RELAY_CONNECTION_NAME = ${RELAY_CONNECTION_NAME}" echo "RELAY_TARGET_HOST = ${RELAY_TARGET_HOST}" echo "RELAY_CONNECTION_POLICY_KEY = ${RELAY_CONNECTION_POLICY_KEY}" +echo "RELAY_SUFFIX = ${RELAY_SUFFIX}" echo "LISTENER_DOCKER_IMAGE = ${LISTENER_DOCKER_IMAGE}" echo "SAMURL = ${SAMURL}" echo "SAMRESOURCEID = ${SAMRESOURCEID}" diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index 90c86c4c99..d08267be51 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -228,7 +228,8 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( wsStorageContainerUrl, applicationConfig.leoUrlBase, params.runtime.runtimeName.asString, - s"'${refererConfig.validHosts.mkString("','")}'" + s"'${refererConfig.validHosts.mkString("','")}'", + ${AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)} ) val cmdToExecute = s"touch /var/log/azure_vm_init_script.log && chmod 400 /var/log/azure_vm_init_script.log &&" + From fc5466c7a2b5c2671e69b88d453922adb5b38df1 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 2 Dec 2024 10:32:57 -0500 Subject: [PATCH 44/72] Update AzurePubsubHandler.scala --- .../dsde/workbench/leonardo/util/AzurePubsubHandler.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index d08267be51..f02c19f37e 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -229,7 +229,7 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( applicationConfig.leoUrlBase, params.runtime.runtimeName.asString, s"'${refererConfig.validHosts.mkString("','")}'", - ${AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)} + AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) ) val cmdToExecute = s"touch /var/log/azure_vm_init_script.log && chmod 400 /var/log/azure_vm_init_script.log &&" + From f58c237b4dc235cd1c24c6dfc7500c07bdbd5bc3 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 5 Dec 2024 12:20:12 -0500 Subject: [PATCH 45/72] Update reference.conf --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 67042d7799..f914b498d6 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -255,7 +255,7 @@ azure { type = "CustomScript", version = "2.1", minor-version-auto-upgrade = true, - file-uris = ["https://raw.githubusercontent.com/DataBiosphere/leonardo/8390d25ccd761fb206cf388560a571be77a42bbd/http/src/main/resources/init-resources/azure_vm_init_script.sh"] + file-uris = ["https://raw.githubusercontent.com/DataBiosphere/leonardo/refs/heads/jsaun/leo-service-account/http/src/main/resources/init-resources/azure_vm_init_script.sh"] } # [IA-4997] to support CHIPS by setting partitioned cookies # listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:474f157" From 74bb32b2374c5a4b8f985ebc25481b4a6c419dc5 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 17 Dec 2024 15:03:32 -0800 Subject: [PATCH 46/72] Update Dependencies.scala --- project/Dependencies.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 8aac152348..8949112120 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -24,7 +24,7 @@ object Dependencies { val workbenchGoogle2V = s"0.36-$workbenchLibsHash" val workbenchOpenTelemetryV = s"0.8-$workbenchLibsHash" val workbenchOauth2V = "0.8-3e0cf25" - val workbenchAzureV = s"0.9-c18669a7-SNAP" + val workbenchAzureV = s"0.10-b25c29d" val helmScalaSdkV = "0.0.8.5" From 03d1e94e5809754924d1105320fa67a66bcbf8e3 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 17 Dec 2024 15:03:49 -0800 Subject: [PATCH 47/72] Revert "Update reference.conf" This reverts commit f58c237b4dc235cd1c24c6dfc7500c07bdbd5bc3. --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index f914b498d6..67042d7799 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -255,7 +255,7 @@ azure { type = "CustomScript", version = "2.1", minor-version-auto-upgrade = true, - file-uris = ["https://raw.githubusercontent.com/DataBiosphere/leonardo/refs/heads/jsaun/leo-service-account/http/src/main/resources/init-resources/azure_vm_init_script.sh"] + file-uris = ["https://raw.githubusercontent.com/DataBiosphere/leonardo/8390d25ccd761fb206cf388560a571be77a42bbd/http/src/main/resources/init-resources/azure_vm_init_script.sh"] } # [IA-4997] to support CHIPS by setting partitioned cookies # listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:474f157" From caf54659c0568a84f957a239b677453f82105d20 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 17 Dec 2024 15:05:36 -0800 Subject: [PATCH 48/72] Update reference.conf --- http/src/main/resources/reference.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index caf1111981..7317dc0e67 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -255,7 +255,7 @@ azure { type = "CustomScript", version = "2.1", minor-version-auto-upgrade = true, - file-uris = ["https://raw.githubusercontent.com/DataBiosphere/leonardo/8390d25ccd761fb206cf388560a571be77a42bbd/http/src/main/resources/init-resources/azure_vm_init_script.sh"] + file-uris = ["https://raw.githubusercontent.com/DataBiosphere/leonardo/f58c237b4dc235cd1c24c6dfc7500c07bdbd5bc3/http/src/main/resources/init-resources/azure_vm_init_script.sh"] } # [IA-4997] to support CHIPS by setting partitioned cookies # listener-image = "terradevacrpublic.azurecr.io/terra-azure-relay-listeners:474f157" From 666b19a746d77da061ca7242c1194920dc431f09 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 17 Dec 2024 15:49:18 -0800 Subject: [PATCH 49/72] Default empty user token --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 6 +++++- .../workbench/leonardo/app/CromwellRunnerAppInstall.scala | 6 +++++- .../dsde/workbench/leonardo/app/WdsAppInstall.scala | 6 +++++- .../dsde/workbench/leonardo/app/WorkflowsAppInstall.scala | 4 +++- 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 239ff33a78..332a8c59ab 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -69,6 +69,10 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, AppCreationException("Postgres server required for Cromwell app", Some(ctx.traceId)) ) + // Get the pet userToken + tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) + userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + values = List( // azure resources configs raw"config.resourceGroup=${params.cloudContext.managedResourceGroupName.value}", @@ -124,7 +128,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=", + raw"provenance.userAccessToken=${userToken}", // Database configs raw"postgres.podLocalDatabaseEnabled=false", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 6a539d3584..753c953835 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -94,6 +94,10 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, .map(v => raw"config.concurrentJobLimit=${v}") } + // Get the pet userToken + tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) + userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + values = List( // azure resources configs raw"config.resourceGroup=${params.cloudContext.managedResourceGroupName.value}", @@ -138,7 +142,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=", + raw"provenance.userAccessToken=${userToken}", // database configs raw"postgres.podLocalDatabaseEnabled=false", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index 8c2d4152c9..721569a0ee 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -60,6 +60,10 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, // Get Vpa enabled tag vpaEnabled <- F.pure(params.landingZoneResources.aksCluster.tags.getOrElse("aks-cost-vpa-enabled", false)) + // Get the pet userToken + tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) + userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + valuesList = List( // pass enviiroment information to wds so it can properly pick its config @@ -89,7 +93,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=", + raw"provenance.userAccessToken=${userToken}", raw"provenance.sourceWorkspaceId=${params.app.sourceWorkspaceId.map(_.value).getOrElse("")}", // database configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index c316740a48..48796912dd 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -68,6 +68,8 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, ) // Get the pet userToken + tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) + userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. values = List( @@ -102,7 +104,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, raw"instrumentationEnabled=${config.instrumentationEnabled}", // provenance (app-cloning) configs - raw"provenance.userAccessToken=", + raw"provenance.userAccessToken=${userToken}", // database configs raw"postgres.podLocalDatabaseEnabled=false", From fdfb13fee602633368bf56d1df6723921e34ad0a Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 17 Dec 2024 15:59:33 -0800 Subject: [PATCH 50/72] pr cleanup --- docker/build.sh | 2 -- docker/build_jar.sh | 1 - docker/clean_install.sh | 2 +- .../main/resources/init-resources/azure_vm_init_script.sh | 2 -- http/src/main/resources/reference.conf | 2 +- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 5 +---- .../leonardo/http/service/AppServiceInterpSpec.scala | 7 ++++--- 7 files changed, 7 insertions(+), 14 deletions(-) diff --git a/docker/build.sh b/docker/build.sh index 986135c196..31b7435ff4 100755 --- a/docker/build.sh +++ b/docker/build.sh @@ -144,8 +144,6 @@ function make_jar() -v $PWD:/working \ -v jar-cache:/root/.ivy \ -v jar-cache:/root/.ivy2 \ - -v jar-cache:/home/vsts/.ivy \ - -v jar-cache:/home/vsts/.ivy2 \ sbtscala/scala-sbt:openjdk-17.0.2_1.8.0_2.13.10 \ /working/docker/install.sh /working || EXIT_CODE=$? diff --git a/docker/build_jar.sh b/docker/build_jar.sh index d4471e3b61..1508c85dd2 100755 --- a/docker/build_jar.sh +++ b/docker/build_jar.sh @@ -12,7 +12,6 @@ GIT_HASH=$(git log -n 1 --pretty=format:%h) EXIT_CODE=0 docker run --rm -v $PWD:/working \ -v sbt-cache:/root/.sbt -v jar-cache:/root/.ivy -v jar-cache:/root/.ivy2 \ - -v /home/vsts/.ivy:/home/vsts/.ivy -v /home/vsts/.ivy2:/home/vsts/.ivy2 \ -v coursier-cache:/root/.cache/coursier \ sbtscala/scala-sbt:openjdk-17.0.2_1.7.2_2.13.10 /working/docker/clean_install.sh /working \ || EXIT_CODE=$? diff --git a/docker/clean_install.sh b/docker/clean_install.sh index dc6dce56ce..8c1dd38800 100755 --- a/docker/clean_install.sh +++ b/docker/clean_install.sh @@ -8,7 +8,7 @@ set -eux LEONARDO_DIR=$1 cd $LEONARDO_DIR -export SBT_OPTS="-Xmx6G -Xms6G -Xss4m -Dsbt.ivy.home=/home/vsts/.ivy2" +export SBT_OPTS="-Xmx6G -Xms6G -Xss4m" echo "starting sbt clean assembly ..." sbt -v \ diff --git a/http/src/main/resources/init-resources/azure_vm_init_script.sh b/http/src/main/resources/init-resources/azure_vm_init_script.sh index 88f9bf7b02..cf2690f659 100644 --- a/http/src/main/resources/init-resources/azure_vm_init_script.sh +++ b/http/src/main/resources/init-resources/azure_vm_init_script.sh @@ -138,8 +138,6 @@ RELAY_CONNECTIONSTRING="Endpoint=sb://${RELAY_NAME}${RELAY_SUFFIX}/;SharedAccess LEONARDO_URL="${18:-dummy}" RUNTIME_NAME="${19:-dummy}" VALID_HOSTS="${20:-dummy}" - - DATEACCESSED_SLEEP_SECONDS=60 # supercedes default defined in terra-azure-relay-listeners/service/src/main/resources/application.yml # Log in script output for debugging purposes. diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 7317dc0e67..86be5bb5b8 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -398,7 +398,7 @@ azure { environment = "dev" environment-base = "live" instrumentation-enabled = false - chart-name = "/leonardo/wds" + chart-name = "terra-helm/wds" chart-version = "0.94.0" release-name-suffix = "wds-rls" namespace-name-suffix = "wds-ns" diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 332a8c59ab..34c8ae17e1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -139,10 +139,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"postgres.user=${params.ksaName.value}", raw"postgres.dbnames.cromwell=${dbNames.cromwell}", raw"postgres.dbnames.cbas=${dbNames.cbas}", - raw"postgres.dbnames.tes=${dbNames.tes}", - - // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR - raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" + raw"postgres.dbnames.tes=${dbNames.tes}" ) } yield Values(values.mkString(",")) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala index 84f1705522..d0adbdcade 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala @@ -3349,17 +3349,18 @@ class AppServiceInterpTest extends AnyFlatSpec with AppServiceInterpSpec with Le } it should "get a correct sam policy map for apps" in { - val map1 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, None) + val leoEmail = WorkbenchEmail("leonardo") + val map1 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, leoEmail, None) map1 should have size 1 map1 should contain key "creator" map1("creator") shouldBe SamPolicyData(List(userEmail), List(AppRole.Creator.asString)) - val map2 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, Some(AppAccessScope.UserPrivate)) + val map2 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, leoEmail, Some(AppAccessScope.UserPrivate)) map2 should have size 1 map2 should contain key "creator" map2("creator") shouldBe SamPolicyData(List(userEmail), List(AppRole.Creator.asString)) - val map3 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, Some(AppAccessScope.WorkspaceShared)) + val map3 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, leoEmail, Some(AppAccessScope.WorkspaceShared)) map3 should have size 1 map3 should contain key "owner" map3("owner") shouldBe SamPolicyData(List(userEmail), List(SharedAppRole.Owner.asString)) From afd724aafa08f715dd560b8a103ca56d89ecd9c6 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 17 Dec 2024 18:01:27 -0800 Subject: [PATCH 51/72] Fix types --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 2 +- .../dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala | 2 +- .../dsde/workbench/leonardo/app/WdsAppInstall.scala | 2 +- .../dsde/workbench/leonardo/app/WorkflowsAppInstall.scala | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 34c8ae17e1..53dcf62b40 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -71,7 +71,7 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. values = List( // azure resources configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 753c953835..f6890e3103 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -96,7 +96,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. values = List( // azure resources configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index 721569a0ee..f34b181eee 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -62,7 +62,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + userToken <- C(tokenOpt.getOrElse("")) // Empty token when running on Azure. valuesList = List( diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index 48796912dd..b32b4598bc 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -69,7 +69,7 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- tokenOpt.getOrElse("") // Empty token when running on Azure. + userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. values = List( From a7fc8ddc03bf879e787fd2c1a0f1311ab6a019f7 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Fri, 20 Dec 2024 15:15:17 -0800 Subject: [PATCH 52/72] Update WdsAppInstall.scala --- .../dsde/workbench/leonardo/app/WdsAppInstall.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index f34b181eee..d66c788096 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -62,7 +62,7 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- C(tokenOpt.getOrElse("")) // Empty token when running on Azure. + userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. valuesList = List( From a6c9800765c0f23e55da942f2dc53ae10fa9c44b Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Fri, 20 Dec 2024 16:06:22 -0800 Subject: [PATCH 53/72] Fix specs --- .../dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala | 3 ++- .../dsde/workbench/leonardo/app/WdsAppInstallSpec.scala | 3 ++- .../dsde/workbench/leonardo/http/ConfigReaderSpec.scala | 4 ---- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index 3214de4d3e..3416e971e2 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -19,7 +19,8 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { mockCromwellDAO, mockCbasDAO, mockAzureBatchService, - mockAzureApplicationInsightsService + mockAzureApplicationInsightsService, + mockSamAuthProvider, ) val cromwellAzureDbName = "cromwell_tghfgi" diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala index 64c39ebe26..aa4f441538 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala @@ -21,7 +21,8 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { ConfigReader.appConfig.azure.tdr, mockSamDAO, mockWdsDAO, - mockAzureApplicationInsightsService + mockAzureApplicationInsightsService, + mockSamAuthProvider ) val wdsAzureDbName = "wds_rtyjga" diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index 36f22b0a71..a0a5aa429e 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -266,10 +266,6 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { val govEnv = AzureEnvironmentConverter.fromString(AzureEnvironmentConverter.AzureGov) val expectedGovEnv = AzureEnvironment.AZURE_US_GOVERNMENT govEnv shouldBe expectedGovEnv - - val chinaEnv = AzureEnvironmentConverter.fromString(AzureEnvironmentConverter.AzureChina) - val expectedChinaEnv = AzureEnvironment.AZURE_CHINA - chinaEnv shouldBe expectedChinaEnv } } From 64a1920de9ab8137b3a67707eeb735da05e2ba42 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Fri, 20 Dec 2024 16:17:17 -0800 Subject: [PATCH 54/72] scalaFmt --- .../leonardo/app/CromwellAppInstall.scala | 4 ++-- .../workbench/leonardo/app/WdsAppInstall.scala | 3 ++- .../leonardo/app/WorkflowsAppInstall.scala | 3 ++- .../http/service/LeoAppServiceInterp.scala | 8 ++------ .../leonardo/monitor/MonitorAtBoot.scala | 14 +++++++------- .../leonardo/util/AKSInterpreter.scala | 8 ++++---- .../leonardo/util/AzurePubsubHandler.scala | 17 +++++++++-------- 7 files changed, 28 insertions(+), 29 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 53dcf62b40..17adb9f5bb 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -98,8 +98,8 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, raw"persistence.storageResourceGroup=${params.cloudContext.managedResourceGroupName.value}", raw"persistence.storageAccount=${params.landingZoneResources.storageAccountName.value}", raw"persistence.storageAccountSuffix=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getStorageEndpointSuffix}", + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}", raw"persistence.blobContainer=${storageContainer.name.value}", raw"persistence.leoAppInstanceName=${params.app.appName.value}", raw"persistence.workspaceManager.url=${params.config.wsmConfig.uri.renderString}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index d66c788096..c6506da3e6 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -97,7 +97,8 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, raw"provenance.sourceWorkspaceId=${params.app.sourceWorkspaceId.map(_.value).getOrElse("")}", // database configs - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", raw"postgres.dbname=$dbName", // convention is that the database user is the same as the service account name diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index b32b4598bc..259e946a50 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -108,7 +108,8 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, // database configs raw"postgres.podLocalDatabaseEnabled=false", - raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", + raw"postgres.host=${postgresServer.name}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}", raw"postgres.pgbouncer.enabled=${postgresServer.pgBouncerEnabled}", // convention is that the database user is the same as the service account name raw"postgres.user=${params.ksaName.value}", diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala index 49af036107..0bd913242e 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala @@ -170,9 +170,7 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, Some(googleProject), None, - getAppSamPolicyMap(userEmail, - leoEmail, - req.accessScope) + getAppSamPolicyMap(userEmail, leoEmail, req.accessScope) ) saveCluster <- F.fromEither( getSavableCluster(userEmail, cloudContext, req.autopilot.isDefined, ctx.now) @@ -793,9 +791,7 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, samResourceId, None, Some(workspaceId), - getAppSamPolicyMap(userEmail, - leoEmail, - req.accessScope) + getAppSamPolicyMap(userEmail, leoEmail, req.accessScope) ) // Save or retrieve a KubernetesCluster record for the app diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala index b01bf474e6..1d9cc53baa 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala @@ -225,9 +225,9 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], leoAuth <- samDAO.getLeoAuthToken token = leoAuth.credentials.toString().split(" ")(1) workspaceDescOpt <- wsmClientProvider.getWorkspace( - token, - workspaceId - ) + token, + workspaceId + ) workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(workspaceId, appContext.traceId) ) @@ -398,8 +398,8 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], controlledResourceOpt = WsmControlledResourceId(UUID.fromString(runtime.internalId)) leoAuth <- samDAO.getLeoAuthToken workspaceDescOpt <- wsmClientProvider.getWorkspace( - leoAuth.credentials.renderString, - wid + leoAuth.credentials.renderString, + wid ) workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(wid, traceId)) } yield LeoPubsubMessage.DeleteAzureRuntimeMessage( @@ -428,8 +428,8 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], leoAuth <- samDAO.getLeoAuthToken token = leoAuth.credentials.toString().split(" ")(1) workspaceDescOpt <- wsmClientProvider.getWorkspace( - token, - wid + token, + wid ) workspaceDesc <- F.fromOption(workspaceDescOpt, WorkspaceNotFoundException(wid, traceId)) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala index b4399911d4..3313aebec2 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AKSInterpreter.scala @@ -110,10 +110,10 @@ class AKSInterpreter[F[_]](config: AKSInterpreterConfig, // Get the optional storage container for the workspace storageContainerOpt <- childSpan("getWorkspaceStorageContainer").use { implicit ev => - wsmDao.getWorkspaceStorageContainer( - params.workspaceId, - leoAuth - ) + wsmDao.getWorkspaceStorageContainer( + params.workspaceId, + leoAuth + ) } wsmResourceApi <- buildWsmResourceApiClient diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala index f02c19f37e..026971cbbc 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/AzurePubsubHandler.scala @@ -136,9 +136,9 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( ) // Get the optional storage container for the workspace workspaceStorageContainerOpt <- wsmDao.getWorkspaceStorageContainer( - msg.workspaceId, - leoAuth - ) + msg.workspaceId, + leoAuth + ) workspaceStorageContainer <- F.fromOption( workspaceStorageContainerOpt, @@ -158,10 +158,10 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( // Get optional action managed identity from Sam for the private_azure_storage_account/read action. // Identities must be passed to WSM for application-managed resources. actionIdentityOpt <- samDAO.getAzureActionManagedIdentity( - leoAuth, - PrivateAzureStorageAccountSamResourceId(msg.billingProfileId.value), - PrivateAzureStorageAccountAction.Read - ) + leoAuth, + PrivateAzureStorageAccountSamResourceId(msg.billingProfileId.value), + PrivateAzureStorageAccountAction.Read + ) _ <- logger.info( s"[AzurePubsubHandler/createAndPollRuntime] beginning to monitor runtime creation for runtime ${msg.runtimeId}" @@ -893,7 +893,8 @@ class AzurePubsubHandlerInterp[F[_]: Parallel]( ) ) case JobReport.StatusEnum.SUCCEEDED => - val hostIp = s"${params.landingZoneResources.relayNamespace.value}${AzureEnvironmentConverter.relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + val hostIp = s"${params.landingZoneResources.relayNamespace.value}${AzureEnvironmentConverter + .relaySuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" for { now <- nowInstant _ <- clusterQuery.updateClusterHostIp(params.runtime.id, Some(IP(hostIp)), now).transaction From 25110ffe701c77b7cf994f2a3797fc25e8952cad Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Fri, 20 Dec 2024 17:00:39 -0800 Subject: [PATCH 55/72] scalaFmt again --- .../leonardo/app/CromwellAppInstallSpec.scala | 15 +++++++++++---- .../app/CromwellRunnerAppInstallSpec.scala | 3 ++- .../leonardo/app/HailBatchAppInstallSpec.scala | 4 +++- .../leonardo/app/WdsAppInstallSpec.scala | 6 ++++-- .../leonardo/app/WorkflowsAppInstallSpec.scala | 3 ++- 5 files changed, 22 insertions(+), 9 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index 3416e971e2..a3bae3cb61 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -2,7 +2,12 @@ package org.broadinstitute.dsde.workbench.leonardo.app import cats.effect.IO import org.broadinstitute.dsde.workbench.google2.KubernetesSerializableName.ServiceAccountName -import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{azureRegion, billingProfileId, landingZoneResources, petUserInfo} +import org.broadinstitute.dsde.workbench.leonardo.CommonTestData.{ + azureRegion, + billingProfileId, + landingZoneResources, + petUserInfo +} import org.broadinstitute.dsde.workbench.leonardo.{ManagedIdentityName, PostgresServer, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.TestUtils.appContext import org.broadinstitute.dsde.workbench.leonardo.config.AzureEnvironmentConverter @@ -20,7 +25,7 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { mockCbasDAO, mockAzureBatchService, mockAzureApplicationInsightsService, - mockSamAuthProvider, + mockSamAuthProvider ) val cromwellAzureDbName = "cromwell_tghfgi" @@ -67,7 +72,8 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + @@ -123,7 +129,8 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=false," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala index 85ab409c1b..db9adb100e 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala @@ -57,7 +57,8 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwell=$cromwellAzureDbName," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala index b83f997021..baa03e8fda 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala @@ -27,7 +27,9 @@ class HailBatchAppInstallSpec extends BaseAppInstallSpec { s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + s"persistence.workspaceManager.workspaceId=${workspaceId.value}," + s"persistence.workspaceManager.containerResourceId=${storageContainer.resourceId.value.toString}," + - s"persistence.workspaceManager.storageContainerUrl=https://${lzResources.storageAccountName.value}.blob${AzureEnvironmentConverter.fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment).getSqlServerHostnameSuffix}/${storageContainer.name.value}," + + s"persistence.workspaceManager.storageContainerUrl=https://${lzResources.storageAccountName.value}.blob${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getSqlServerHostnameSuffix}/${storageContainer.name.value}," + "persistence.leoAppName=app1," + "workloadIdentity.serviceAccountName=ksa-1," + s"relay.domain=relay.com," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala index aa4f441538..990995c8ac 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstallSpec.scala @@ -52,7 +52,8 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "provenance.sourceWorkspaceId=," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + s"postgres.dbname=$wdsAzureDbName," + "postgres.user=ksa-1" @@ -83,7 +84,8 @@ class WdsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + s"provenance.sourceWorkspaceId=${sourceWorkspaceId.value}," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + s"postgres.dbname=$wdsAzureDbName," + "postgres.user=ksa-1" diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala index 74872c7b97..20cc7a1c46 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstallSpec.scala @@ -49,7 +49,8 @@ class WorkflowsAppInstallSpec extends BaseAppInstallSpec { "instrumentationEnabled=false," + s"provenance.userAccessToken=${petUserInfo.accessToken.token}," + "postgres.podLocalDatabaseEnabled=false," + - s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter.postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + + s"postgres.host=${lzResources.postgresServer.map(_.name).get}.postgres${AzureEnvironmentConverter + .postgresSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "postgres.pgbouncer.enabled=true," + "postgres.user=ksa-1," + s"postgres.dbnames.cromwellMetadata=$cromwellMetadataAzureDbName," + From 53d2399f5859fc486448db552010a667d6daedae Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Wed, 25 Dec 2024 22:56:49 -0500 Subject: [PATCH 56/72] Update HailBatchAppInstallSpec.scala --- .../dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala index baa03e8fda..e0b0dd34c1 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/HailBatchAppInstallSpec.scala @@ -29,7 +29,7 @@ class HailBatchAppInstallSpec extends BaseAppInstallSpec { s"persistence.workspaceManager.containerResourceId=${storageContainer.resourceId.value.toString}," + s"persistence.workspaceManager.storageContainerUrl=https://${lzResources.storageAccountName.value}.blob${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getSqlServerHostnameSuffix}/${storageContainer.name.value}," + + .getStorageEndpointSuffix}/${storageContainer.name.value}," + "persistence.leoAppName=app1," + "workloadIdentity.serviceAccountName=ksa-1," + s"relay.domain=relay.com," + From a0f5a16cadb38ca9eee25e67402957a2c6b82c20 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 26 Dec 2024 13:42:14 -0500 Subject: [PATCH 57/72] Update AppServiceInterpSpec.scala --- .../workbench/leonardo/http/service/AppServiceInterpSpec.scala | 1 + 1 file changed, 1 insertion(+) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala index d0adbdcade..07d99aac3a 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala @@ -306,6 +306,7 @@ class AppServiceInterpTest extends AnyFlatSpec with AppServiceInterpSpec with Le val mockAuthProvider = mock[LeoAuthProvider[IO]] when(mockAuthProvider.hasPermission(any, any, any)(any, any)).thenReturn(IO.pure(true)) when(mockAuthProvider.lookupOriginatingUserEmail(any)(any)).thenReturn(IO.pure(userInfo.userEmail)) + when(mockAuthProvider.getLeoAuthToken).thenReturn(IO.pure("")) val publisherQueue = QueueFactory.makePublisherQueue() val mockSamService = mock[SamService[IO]] when(mockSamService.createResource(any, any, any, any, any)(any)).thenReturn(IO.unit) From 3627fe67d7d82a0b36280a61cad6aaeee25ec04c Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 26 Dec 2024 14:05:37 -0500 Subject: [PATCH 58/72] Update AllowlistAuthProvider.scala --- .../dsde/workbench/leonardo/auth/AllowlistAuthProvider.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/auth/AllowlistAuthProvider.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/auth/AllowlistAuthProvider.scala index b7ee1e8bf7..85558acd82 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/auth/AllowlistAuthProvider.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/auth/AllowlistAuthProvider.scala @@ -168,5 +168,5 @@ class AllowlistAuthProvider(config: Config) extends LeoAuthProvider[IO] { override def isSasAppAllowed(userEmail: WorkbenchEmail)(implicit ev: Ask[IO, TraceId]): IO[Boolean] = IO.pure(true) - override def getLeoAuthToken: IO[String] = ??? + override def getLeoAuthToken: IO[String] = IO.pure("") } From 59e0cc6790a500de307ccd4980642f9352afd583 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 26 Dec 2024 15:20:38 -0500 Subject: [PATCH 59/72] Update AppServiceInterpSpec.scala --- .../leonardo/http/service/AppServiceInterpSpec.scala | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala index 07d99aac3a..f5528ae07f 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/AppServiceInterpSpec.scala @@ -3354,16 +3354,16 @@ class AppServiceInterpTest extends AnyFlatSpec with AppServiceInterpSpec with Le val map1 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, leoEmail, None) map1 should have size 1 map1 should contain key "creator" - map1("creator") shouldBe SamPolicyData(List(userEmail), List(AppRole.Creator.asString)) + map1("creator") shouldBe SamPolicyData(List(userEmail, leoEmail), List(AppRole.Creator.asString)) val map2 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, leoEmail, Some(AppAccessScope.UserPrivate)) map2 should have size 1 map2 should contain key "creator" - map2("creator") shouldBe SamPolicyData(List(userEmail), List(AppRole.Creator.asString)) + map2("creator") shouldBe SamPolicyData(List(userEmail, leoEmail), List(AppRole.Creator.asString)) val map3 = LeoAppServiceInterp.getAppSamPolicyMap(userEmail, leoEmail, Some(AppAccessScope.WorkspaceShared)) map3 should have size 1 map3 should contain key "owner" - map3("owner") shouldBe SamPolicyData(List(userEmail), List(SharedAppRole.Owner.asString)) + map3("owner") shouldBe SamPolicyData(List(userEmail, leoEmail), List(SharedAppRole.Owner.asString)) } } From ae716da3751e5ba084e4bcfd2e4c04f02f17674a Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 26 Dec 2024 15:40:12 -0500 Subject: [PATCH 60/72] update helm override specs --- .../leonardo/app/CromwellAppInstallSpec.scala | 18 ++++++++++++++++++ .../app/CromwellRunnerAppInstallSpec.scala | 13 ++++++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index a3bae3cb61..45dc50513a 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -51,9 +51,18 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "config.subscriptionId=sub," + s"config.region=${azureRegion}," + "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + + s"config.azureManagementTokenScope=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}.default" + + s"config.batchAccountSuffix=${AzureEnvironmentConverter + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + "relay.path=https://relay.com/app," + "persistence.storageResourceGroup=mrg," + "persistence.storageAccount=storage," + + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}" + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + @@ -108,9 +117,18 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "config.subscriptionId=sub," + s"config.region=${azureRegion}," + "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + + s"config.azureManagementTokenScope=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}.default" + + s"config.batchAccountSuffix=${AzureEnvironmentConverter + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + "relay.path=https://relay.com/app," + "persistence.storageResourceGroup=mrg," + "persistence.storageAccount=storage," + + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}" + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala index db9adb100e..bfa59aa5fe 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala @@ -43,8 +43,17 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { "config.subscriptionId=sub," + s"config.region=${azureRegion}," + "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + + s"config.azureManagementTokenScope=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}.default" + + s"config.batchAccountSuffix=${AzureEnvironmentConverter + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + "relay.path=https://relay.com/app," + "persistence.storageAccount=storage," + + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}" + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + @@ -68,7 +77,9 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { s"sam.baseUri=https://sam.test.org:443," + s"sam.acrPullActionIdentityResourceId=spend-profile," + "bard.bardUrl=https://terra-bard-dev.appspot.com," + - "bard.enabled=false" + "bard.enabled=false" + + // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR + s"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" it should "build cromwell-runner override values" in { val params = buildHelmOverrideValuesParams(cromwellRunnerAzureDatabases) From ef9015aa93bc1e9d0570ea91c35e0c2f4e95bfc0 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Thu, 26 Dec 2024 15:46:02 -0500 Subject: [PATCH 61/72] scalafmt --- .../leonardo/app/CromwellAppInstallSpec.scala | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index 45dc50513a..14f98eb3c2 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -53,16 +53,16 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + s"config.azureManagementTokenScope=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getResourceManagerEndpoint}.default" + + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}.default" + s"config.batchAccountSuffix=${AzureEnvironmentConverter - .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + "relay.path=https://relay.com/app," + "persistence.storageResourceGroup=mrg," + "persistence.storageAccount=storage," + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getStorageEndpointSuffix}" + + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}" + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + @@ -119,16 +119,16 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + s"config.azureManagementTokenScope=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getResourceManagerEndpoint}.default" + + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getResourceManagerEndpoint}.default" + s"config.batchAccountSuffix=${AzureEnvironmentConverter - .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + "relay.path=https://relay.com/app," + "persistence.storageResourceGroup=mrg," + "persistence.storageAccount=storage," + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter - .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getStorageEndpointSuffix}" + + .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) + .getStorageEndpointSuffix}" + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + From a29056ccd627693ac9ce0ce9e7ec44901b482a88 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 30 Dec 2024 10:02:21 -0500 Subject: [PATCH 62/72] update specs --- .../leonardo/app/CromwellAppInstallSpec.scala | 8 ++++---- .../leonardo/app/CromwellRunnerAppInstallSpec.scala | 10 +++++----- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index 14f98eb3c2..8cfe7115f8 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -51,18 +51,18 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "config.subscriptionId=sub," + s"config.region=${azureRegion}," + "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + - s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}," + s"config.azureManagementTokenScope=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getResourceManagerEndpoint}.default" + + .getResourceManagerEndpoint}.default," + s"config.batchAccountSuffix=${AzureEnvironmentConverter - .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "relay.path=https://relay.com/app," + "persistence.storageResourceGroup=mrg," + "persistence.storageAccount=storage," + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getStorageEndpointSuffix}" + + .getStorageEndpointSuffix}," + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala index bfa59aa5fe..13c427c499 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala @@ -43,17 +43,17 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { "config.subscriptionId=sub," + s"config.region=${azureRegion}," + "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + - s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}," + s"config.azureManagementTokenScope=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getResourceManagerEndpoint}.default" + + .getResourceManagerEndpoint}.default," + s"config.batchAccountSuffix=${AzureEnvironmentConverter - .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "relay.path=https://relay.com/app," + "persistence.storageAccount=storage," + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getStorageEndpointSuffix}" + + .getStorageEndpointSuffix}," + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + @@ -77,7 +77,7 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { s"sam.baseUri=https://sam.test.org:443," + s"sam.acrPullActionIdentityResourceId=spend-profile," + "bard.bardUrl=https://terra-bard-dev.appspot.com," + - "bard.enabled=false" + + "bard.enabled=false," + // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR s"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" From 50dd92be913ece7c06602fa5ee5279c437e80f7a Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 30 Dec 2024 10:48:48 -0500 Subject: [PATCH 63/72] update test specs --- .../workbench/leonardo/app/CromwellAppInstallSpec.scala | 8 ++++---- .../dsde/workbench/leonardo/dao/MockSamDAO.scala | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala index 8cfe7115f8..12be250fe1 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstallSpec.scala @@ -117,18 +117,18 @@ class CromwellAppInstallSpec extends BaseAppInstallSpec { "config.subscriptionId=sub," + s"config.region=${azureRegion}," + "config.applicationInsightsConnectionString=applicationInsightsConnectionString," + - s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}" + + s"config.azureEnvironment=${ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment}," + s"config.azureManagementTokenScope=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getResourceManagerEndpoint}.default" + + .getResourceManagerEndpoint}.default," + s"config.batchAccountSuffix=${AzureEnvironmentConverter - .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}" + + .batchAccountSuffixFromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment)}," + "relay.path=https://relay.com/app," + "persistence.storageResourceGroup=mrg," + "persistence.storageAccount=storage," + s"persistence.storageAccountSuffix=${AzureEnvironmentConverter .fromString(ConfigReader.appConfig.azure.hostingModeConfig.azureEnvironment) - .getStorageEndpointSuffix}" + + .getStorageEndpointSuffix}," + "persistence.blobContainer=sc-container," + "persistence.leoAppInstanceName=app1," + s"persistence.workspaceManager.url=${ConfigReader.appConfig.azure.wsm.uri.renderString}," + diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/dao/MockSamDAO.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/dao/MockSamDAO.scala index 68736235f6..74d04d7163 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/dao/MockSamDAO.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/dao/MockSamDAO.scala @@ -445,7 +445,7 @@ class MockSamDAO extends SamDAO[IO] { } override def getLeoAuthToken: IO[Authorization] = - IO.pure(Authorization(Credentials.Token(AuthScheme.Bearer, ""))) + IO.pure(Authorization(Credentials.Token(AuthScheme.Bearer, "dummytoken"))) override def getSamUserInfo(token: String)(implicit ev: Ask[IO, TraceId]): IO[Option[SamUserInfo]] = if (token == OAuth2BearerToken(s"TokenFor${MockSamDAO.disabledUserEmail}").token) From 9f228c75ba98a06f995f00923784eb4dc6137cd5 Mon Sep 17 00:00:00 2001 From: bennettn4 Date: Mon, 30 Dec 2024 11:29:32 -0500 Subject: [PATCH 64/72] Update ConfigReaderSpec.scala --- .../dsde/workbench/leonardo/http/ConfigReaderSpec.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index a0a5aa429e..84559e5a35 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -74,7 +74,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { "2.1", true, List( - "https://raw.githubusercontent.com/DataBiosphere/leonardo/8390d25ccd761fb206cf388560a571be77a42bbd/http/src/main/resources/init-resources/azure_vm_init_script.sh" + "https://raw.githubusercontent.com/DataBiosphere/leonardo/f58c237b4dc235cd1c24c6dfc7500c07bdbd5bc3/http/src/main/resources/init-resources/azure_vm_init_script.sh" ) ), // [IA-4997] to support CHIPS by setting partitioned cookies From a209d3e5543dc6d6717836f1c1b0217d906d7788 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 28 Jan 2025 08:54:41 -0800 Subject: [PATCH 65/72] Address pr comments --- .../leonardo/app/CromwellAppInstall.scala | 16 +++++++++-- .../app/CromwellRunnerAppInstall.scala | 10 ++++++- .../leonardo/app/WdsAppInstall.scala | 10 ++++++- .../leonardo/app/WorkflowsAppInstall.scala | 10 ++++++- .../http/service/LeoAppServiceInterp.scala | 1 + .../leonardo/monitor/LeoMetricsMonitor.scala | 21 +++++++++++---- .../leonardo/monitor/MonitorAtBoot.scala | 27 ++++++++++++++++--- 7 files changed, 81 insertions(+), 14 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 17adb9f5bb..1b3f136165 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -8,7 +8,11 @@ import org.broadinstitute.dsde.workbench.leonardo.app.AppInstall.getAzureDatabas import org.broadinstitute.dsde.workbench.leonardo.{AppContext, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider -import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, CoaAppConfig} +import org.broadinstitute.dsde.workbench.leonardo.config.{ + AzureEnvironmentConverter, + AzureHostingModeConfig, + CoaAppConfig +} import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException @@ -71,7 +75,15 @@ class CromwellAppInstall[F[_]](config: CoaAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. + userToken <- ConfigReader.appConfig.azure.hostingModeConfig.enabled match { + case false => + F.fromOption( + tokenOpt, + AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) + ) + case true => + F.pure("") // No pet user token in Azure. + } values = List( // azure resources configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index f6890e3103..4d711e4c20 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -96,7 +96,15 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. + userToken <- ConfigReader.appConfig.azure.hostingModeConfig.enabled match { + case false => + F.fromOption( + tokenOpt, + AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) + ) + case true => + F.pure("") // No pet user token in Azure. + } values = List( // azure resources configs diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala index c6506da3e6..c7ddb183cd 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WdsAppInstall.scala @@ -62,7 +62,15 @@ class WdsAppInstall[F[_]](config: WdsAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. + userToken <- ConfigReader.appConfig.azure.hostingModeConfig.enabled match { + case false => + F.fromOption( + tokenOpt, + AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) + ) + case true => + F.pure("") // No pet user token in Azure. + } valuesList = List( diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala index 259e946a50..abaf0cf897 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/WorkflowsAppInstall.scala @@ -69,7 +69,15 @@ class WorkflowsAppInstall[F[_]](config: WorkflowsAppConfig, // Get the pet userToken tokenOpt <- samDao.getCachedArbitraryPetAccessToken(params.app.auditInfo.creator) - userToken <- F.pure(tokenOpt.getOrElse("")) // Empty token when running on Azure. + userToken <- ConfigReader.appConfig.azure.hostingModeConfig.enabled match { + case false => + F.fromOption( + tokenOpt, + AppCreationException(s"Pet not found for user ${params.app.auditInfo.creator}", Some(ctx.traceId)) + ) + case true => + F.pure("") // No pet user token in Azure. + } values = List( diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala index 0bd913242e..a40d3b5d05 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/http/service/LeoAppServiceInterp.scala @@ -163,6 +163,7 @@ final class LeoAppServiceInterp[F[_]: Parallel](config: AppServiceConfig, // Retrieve parent workspaceId for the google project parentWorkspaceId <- samService.lookupWorkspaceParentForGoogleProject(userInfo.accessToken.token, googleProject) + // Leo email used to give permissions when running in Azure. leoToken <- authProvider.getLeoAuthToken leoEmail <- samService.getUserEmail(leoToken) notifySamAndCreate = for { diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/LeoMetricsMonitor.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/LeoMetricsMonitor.scala index 08bc4e4887..d98e069d30 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/LeoMetricsMonitor.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/LeoMetricsMonitor.scala @@ -167,11 +167,22 @@ class LeoMetricsMonitor[F[_]](config: LeoMetricsMonitorConfig, appDAO.isProxyAvailable(project, app.appName, serviceName, ctx.traceId) case CloudContext.Azure(_) => for { - tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(app.auditInfo.creator) - token <- F.fromOption( - tokenOpt, - AppCreationException(s"Pet not found for user ${app.auditInfo.creator}", Some(ctx.traceId)) - ) + token <- ConfigReader.appConfig.azure.hostingModeConfig.enabled match { + case false => + for { + tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(app.auditInfo.creator) + token <- F.fromOption( + tokenOpt, + AppCreationException(s"Pet not found for user ${app.auditInfo.creator}", Some(ctx.traceId)) + ) + } yield token + case true => + for { + leoAuth <- samDAO.getLeoAuthToken + token = leoAuth.credentials.toString().split(" ")(1) + } yield token + } + authHeader = Authorization(Credentials.Token(AuthScheme.Bearer, token)) relayPath = Uri .unsafeFromString(baseUri.asString) / s"${app.appName.value}-${app.workspaceId.map(_.value.toString).getOrElse("")}" diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala index 1d9cc53baa..e93bb788ab 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala @@ -18,6 +18,7 @@ import org.broadinstitute.dsde.workbench.leonardo.monitor.LeoPubsubMessage.{ DeleteAppMessage, DeleteAppV2Message } +import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException import org.broadinstitute.dsde.workbench.model.{TraceId, WorkbenchEmail} import org.broadinstitute.dsde.workbench.openTelemetry.OpenTelemetryMetrics import org.typelevel.log4cats.Logger @@ -222,8 +223,7 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], appContext.traceId ) ) - leoAuth <- samDAO.getLeoAuthToken - token = leoAuth.credentials.toString().split(" ")(1) + token <- getAuthToken(app.auditInfo.creator) workspaceDescOpt <- wsmClientProvider.getWorkspace( token, workspaceId @@ -266,8 +266,7 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], appContext.traceId ) ) - leoAuth <- samDAO.getLeoAuthToken - token = leoAuth.credentials.toString().split(" ")(1) + token <- getAuthToken(app.auditInfo.creator) workspaceDescOpt <- wsmClientProvider.getWorkspace( token, workspaceId @@ -443,6 +442,26 @@ class MonitorAtBoot[F[_]](publisherQueue: Queue[F, LeoPubsubMessage], ) case x => F.raiseError(MonitorAtBootException(s"Unexpected status for runtime ${runtime.id}: ${x}", traceId)) } + + private def getAuthToken(creator: WorkbenchEmail)(implicit + ev: Ask[F, TraceId] + ): F[String] = + ConfigReader.appConfig.azure.hostingModeConfig.enabled match { + case false => + for { + traceId <- ev.ask + tokenOpt <- samDAO.getCachedArbitraryPetAccessToken(creator) + token <- F.fromOption( + tokenOpt, + MonitorAtBootException(s"Pet not found for user ${creator}", traceId) + ) + } yield token + case true => + for { + leoAuth <- samDAO.getLeoAuthToken + token = leoAuth.credentials.toString().split(" ")(1) + } yield token + } } final case class RuntimeToMonitor( From df089ce196be4e7bdbbe03966c4acd480d8c6321 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 28 Jan 2025 09:47:09 -0800 Subject: [PATCH 66/72] fix imports --- .../dsde/workbench/leonardo/app/CromwellAppInstall.scala | 6 +----- .../dsde/workbench/leonardo/monitor/MonitorAtBoot.scala | 1 - 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala index 1b3f136165..9f9c7b18f5 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellAppInstall.scala @@ -8,11 +8,7 @@ import org.broadinstitute.dsde.workbench.leonardo.app.AppInstall.getAzureDatabas import org.broadinstitute.dsde.workbench.leonardo.{AppContext, WsmControlledDatabaseResource} import org.broadinstitute.dsde.workbench.leonardo.app.Database.ControlledDatabase import org.broadinstitute.dsde.workbench.leonardo.auth.SamAuthProvider -import org.broadinstitute.dsde.workbench.leonardo.config.{ - AzureEnvironmentConverter, - AzureHostingModeConfig, - CoaAppConfig -} +import org.broadinstitute.dsde.workbench.leonardo.config.{AzureEnvironmentConverter, CoaAppConfig} import org.broadinstitute.dsde.workbench.leonardo.dao._ import org.broadinstitute.dsde.workbench.leonardo.http._ import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala index e93bb788ab..91f20b03a1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/monitor/MonitorAtBoot.scala @@ -18,7 +18,6 @@ import org.broadinstitute.dsde.workbench.leonardo.monitor.LeoPubsubMessage.{ DeleteAppMessage, DeleteAppV2Message } -import org.broadinstitute.dsde.workbench.leonardo.util.AppCreationException import org.broadinstitute.dsde.workbench.model.{TraceId, WorkbenchEmail} import org.broadinstitute.dsde.workbench.openTelemetry.OpenTelemetryMetrics import org.typelevel.log4cats.Logger From 63f36e4a9bf15f4cdf35ac6b4f6fe50450e95d77 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Fri, 31 Jan 2025 09:31:41 -0800 Subject: [PATCH 67/72] Remove placeholder cromwell image --- http/src/main/resources/reference.conf | 2 +- .../workbench/leonardo/app/CromwellRunnerAppInstall.scala | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index 0e717b53dd..b769ee44cf 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -374,7 +374,7 @@ azure { cromwell-runner-app-config { instrumentation-enabled = false chart-name = "terra-helm/cromwell-runner-app" - chart-version = "0.197.0" + chart-version = "0.198.0" release-name-suffix = "cra-rls" namespace-name-suffix = "cra-ns" ksa-name = "cra-ksa" diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala index 4d711e4c20..63f2d9e4b1 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstall.scala @@ -172,10 +172,7 @@ class CromwellRunnerAppInstall[F[_]](config: CromwellRunnerAppConfig, // Bard configs raw"bard.bardUrl=${config.bardBaseUri}", - raw"bard.enabled=${config.bardEnabled}", - - // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR - raw"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" + raw"bard.enabled=${config.bardEnabled}" ) finalList = maybeLimits match { From 3363e56609462b3feaba3b3a400790d59280c44e Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Sun, 2 Feb 2025 22:44:23 -0800 Subject: [PATCH 68/72] Update CromwellRunnerAppInstallSpec.scala --- .../workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala index 13c427c499..59df8bffd1 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/app/CromwellRunnerAppInstallSpec.scala @@ -77,9 +77,7 @@ class CromwellRunnerAppInstallSpec extends BaseAppInstallSpec { s"sam.baseUri=https://sam.test.org:443," + s"sam.acrPullActionIdentityResourceId=spend-profile," + "bard.bardUrl=https://terra-bard-dev.appspot.com," + - "bard.enabled=false," + - // TEMPORARY HELM OVERRIDE VALUES WHILE WAITING FOR PR - s"cromwell.image=potomacdevap.azurecr.us/broadinstitute/cromwell:84214c9d71721269f9945406d72e30a6f8aac514" + "bard.enabled=false" it should "build cromwell-runner override values" in { val params = buildHelmOverrideValuesParams(cromwellRunnerAzureDatabases) From 1c68ff4438e8a5bdf8b14cdda5917a7fe2ab7bd9 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 3 Feb 2025 08:38:18 -0800 Subject: [PATCH 69/72] Update ConfigReaderSpec.scala --- .../dsde/workbench/leonardo/http/ConfigReaderSpec.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index 84559e5a35..cfb7003fd8 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -152,7 +152,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { ), CromwellRunnerAppConfig( ChartName("terra-helm/cromwell-runner-app"), - ChartVersion("0.197.0"), + ChartVersion("0.198.0"), ReleaseNameSuffix("cra-rls"), NamespaceNameSuffix("cra-ns"), KsaName("cra-ksa"), From c9abbea0449e21dc746b52e550f0e89c04093cb5 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 3 Feb 2025 14:57:33 -0800 Subject: [PATCH 70/72] Update ConfigReaderSpec.scala --- .../leonardo/http/ConfigReaderSpec.scala | 25 ++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index cfb7003fd8..f0a8884576 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -266,6 +266,29 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { val govEnv = AzureEnvironmentConverter.fromString(AzureEnvironmentConverter.AzureGov) val expectedGovEnv = AzureEnvironment.AZURE_US_GOVERNMENT govEnv shouldBe expectedGovEnv - } + val govRelay = AzureEnvironmentConverter.relaySuffixFromString(AzureEnvironmentConverter.AzureGov) + val expectedGovRelay = AzureEnvironmentConverter.relaySuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) + govRelay shouldBe expectedGovRelay + + val govPostgres = AzureEnvironmentConverter.postgresSuffixFromString(AzureEnvironmentConverter.AzureGov) + val expectedGovPostgres = AzureEnvironmentConverter.postgresSuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) + govPostgres shouldBe expectedGovPostgres + + val govBatch = AzureEnvironmentConverter.batchAccountSuffixFromString(AzureEnvironmentConverter.AzureGov) + val expectedGovBatch = AzureEnvironmentConverter.batchAccountSuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) + govBatch shouldBe expectedGovBatch + + val defaultRelay = AzureEnvironmentConverter.relaySuffixFromString("") + val expectedDefaultRelay = AzureEnvironmentConverter.relaySuffixFromEnvironment(AzureEnvironment.AZURE) + defaultRelay shouldBe expectedDefaultRelay + + val defaultPostgres = AzureEnvironmentConverter.postgresSuffixFromString("") + val expectedDefaultPostgres = AzureEnvironmentConverter.postgresSuffixFromEnvironment(AzureEnvironment.AZURE) + defaultPostgres shouldBe expectedDefaultPostgres + + val defaultBatch = AzureEnvironmentConverter.batchAccountSuffixFromString(AzureEnvironmentConverter.AzureGov) + val expectedDefaultBatch = AzureEnvironmentConverter.batchAccountSuffixFromEnvironment(AzureEnvironment.AZURE) + defaultBatch shouldBe expectedDefaultBatch + } } From 52da05d886b4d7ac7add348f40ed3b0c3620f111 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Mon, 3 Feb 2025 21:15:43 -0800 Subject: [PATCH 71/72] Update ConfigReaderSpec.scala --- .../dsde/workbench/leonardo/http/ConfigReaderSpec.scala | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index f0a8884576..8a194ad10f 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -272,12 +272,12 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { govRelay shouldBe expectedGovRelay val govPostgres = AzureEnvironmentConverter.postgresSuffixFromString(AzureEnvironmentConverter.AzureGov) - val expectedGovPostgres = AzureEnvironmentConverter.postgresSuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) - govPostgres shouldBe expectedGovPostgres + val expGovPostgres = AzureEnvironmentConverter.postgresSuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) + govPostgres shouldBe expGovPostgres val govBatch = AzureEnvironmentConverter.batchAccountSuffixFromString(AzureEnvironmentConverter.AzureGov) - val expectedGovBatch = AzureEnvironmentConverter.batchAccountSuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) - govBatch shouldBe expectedGovBatch + val expGovBatch = AzureEnvironmentConverter.batchAccountSuffixFromEnvironment(AzureEnvironment.AZURE_US_GOVERNMENT) + govBatch shouldBe expGovBatch val defaultRelay = AzureEnvironmentConverter.relaySuffixFromString("") val expectedDefaultRelay = AzureEnvironmentConverter.relaySuffixFromEnvironment(AzureEnvironment.AZURE) From c39ccc3c4532fd4a4b0bfa461dacda9c09945b27 Mon Sep 17 00:00:00 2001 From: Jonathon Saunders Date: Tue, 4 Feb 2025 10:22:24 -0800 Subject: [PATCH 72/72] Update ConfigReaderSpec.scala --- .../dsde/workbench/leonardo/http/ConfigReaderSpec.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index 8a194ad10f..4cae79f5b8 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -287,7 +287,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { val expectedDefaultPostgres = AzureEnvironmentConverter.postgresSuffixFromEnvironment(AzureEnvironment.AZURE) defaultPostgres shouldBe expectedDefaultPostgres - val defaultBatch = AzureEnvironmentConverter.batchAccountSuffixFromString(AzureEnvironmentConverter.AzureGov) + val defaultBatch = AzureEnvironmentConverter.batchAccountSuffixFromString(AzureEnvironmentConverter.Azure) val expectedDefaultBatch = AzureEnvironmentConverter.batchAccountSuffixFromEnvironment(AzureEnvironment.AZURE) defaultBatch shouldBe expectedDefaultBatch }