UI MVP (#2001)

* scaffold, fluent, react-router, basic layouts and routes

* aad auth for root + workspace, auth api calls, basic get workspace / services

* read path to user resource, debug panel, breadcrumb

* todos

* added readme

* rbac implementation for root + workspace

* included index html

* included index.html in gitignore

* set config to point to shared env

* note in the readme for OCW

* moved resource debug to shared

* fixed yarn install cmd

* error boundaries, auth check + friendly errors, basic spinners

* logout process implemented

* nav architecture after ux discussion

* String -> string

* Notifications Panel (#1851)

* basic polling

* btn placement, panel

* fun with polling

* mostly implemented

* shimmer on loading

* polling from config

* pr feedback

* Fixing notification loading shimmer (#1858)

* basic polling

* btn placement, panel

* fun with polling

* mostly implemented

* shimmer on loading

* polling from config

* pr feedback

* shimmer at top of list

* Resource Card (#1861)

* basic resource card

* callout and context menu

* pr snags

* Initial ResourcePropertyPanel (#1869)

* ResourcePropertyPanel implemented to display resource properties in a consistent manner.
* ResourcePropertyPanel included in WorkspaceItem, WorkspaceServiceItem and UserResourceItem
* Property values starting with https:// rendered as links.
* updatedWhen formatted using moment.

* Connect button on resource card (#1871)

* Adds a Connect button to the ResourceCard
* Connect button shown if there's a connection_uri available in the resource props.
* connection_uri launched in new window.

* Enable Browser Debugging of React App (#1874)

* enable browser debugging

* Update to use pwa-msedge

Co-authored-by: Steve Haigh <[email protected]>

Co-authored-by: Steve Haigh <[email protected]>

* UI - create resources with dynamic forms (#1875)

* Added pages within create panel

* Added dynamic form and creating page

* Added workspace service integration

* Added to main services page

* Moved navigate hook

* New line

* New line

* Remove npm lock

* Disable / Delete / Notifications sync (#1885)

* better control of all contexts, resource update management, disable/enable implemented

* cards with disable/enable/delete

* deleted

* merged form, fixed snags

* fixed notifications race issues

* PR snags

* Resource Actions (#1907)

* initial actions implementation

* moved all workspace props to context for consistency

* workspace context fixed + owned by workspace provider

* improved stability on adding multiple ops

* getting all ops consistently, clearing ws context

* customactions implemented and tested

* Added some basic Workspace History (#1856)

* add empty ResourcePropertyPanel component

* add initial display of workspace properties

* display workspace service and user resource properties too

* Initial work with History

* Dynamic Key/value display

* UI Tweaks

* DetailsList

* Sorted the history for most recent

Co-authored-by: Christofer Löf <[email protected]>

* UI: Shared Services (#1909)

* shared services, tweaks to allow Create form to create any resource type

* pivot areas used + resource history re-used across all resource types

* Clarify app resource and debug setting (#1918)

Clarify settings.

* feature/UI refresh (#1942)

* Fix Guacamole refresh token (#1785)

* Fixing Guacamole refresh token

* Fix aad tenant bug

Co-authored-by: Anat Balzam <[email protected]>

* Add Contributor to the Role permissions (#1781)

* Put it back to Owner during investigation

* Attempt to find correct permissions

* User Access Administrator

Co-authored-by: Marcus Robinson <[email protected]>

* Ignore Only Root index.html (#1800)

* fixes #1775

* remove unwanted cli prefix

* only ignore root index.html

* Gitea/Guacamole should be able to access AAD_TENANT_ID (#1798)

* Add auth-tenant-id to ws keyvault

* Bump versions

* linting

* re-instating the deploy/destroy files

* Linting

* Update deploy.sh

* Update destroy.sh

* shared services in pr bot and split out in tests (#1813)

* Resource Processor: Configure logging handler per process (#1784)

* Update TRE Developer doc for API (#1801)

* E2E work with scope_id from workspace properties (#1797)

* E2E work with local API

* Added scope identifier uri into tests

* Hangiver from previous method

* Try adding a sleep into the endpoint dns

* Bump the version

* Wait for the private endpoint

* Bump version

* Forgot to wait on teh sleep

* Bumped

* refactoring bug

* Purge Protection

* Bump version

* PR Comments

* More PR tweaks

* typo

* shell check comment

* Remove purge protection

* _get_app_auth_info

* Update docs on running End-to-end tests locally (#1829)

* Fix check order in pr-bot (#1850)

Only check user permissions if a command is detected
to avoid adding 'sorry, not allowed' comments in response to comments
that aren't commands

* Next available IP range calculator only considers active workspaces (#1849)

* Increase Azure CLI version (#1864)

* update all versions to 0.3 (#1754)

* Fix Firewall Logging (#1870)

* switch firewall away from dedicated log tables

* update TF lock

* fix liniting issue with firewall.tf

* Change how access properties in get_scope (#1882)

* added missing param for invoke-action (#1906)

* added missing param

* api version

* Add Bicep tools to devcontainer (#1848)

Co-authored-by: Marcus Robinson <[email protected]>

* E2E tests: Fix shared service and performance tests  (#1860)

* Fix tests

* WIP

* WIP: add a command to build a user resource

* Fix performance test

* fix gucacamole dev vm

* removed unused import

* Fix shared services test

* fix user resources command

* Revert Makefile changes

* fix tabs

* Update templates/workspaces/base/terraform/variables.tf

Co-authored-by: Ross Smith <[email protected]>

* Add .terraform in .dockerignore files (#1872)

* Bump pyjwt from 2.3.0 to 2.4.0 in /api_app (#1913)

* Add resource id var to shared services. (#1914)

* Add resource id var to shared services.

* Update gitea version.

* Fix linter version.

Co-authored-by: Liza Shakury <[email protected]>

* add tflint config (#1919)

* Update httpx package (#1917)

* update httpx package

* bump version number of API

* Improve documentation for Resource Processor (#1827)

* Re-host Nexus on vm (#1584)

* Initial commit

* Replaced webapp with vm

* Amended docker start commands

* Amended firewall

* Add nexus config to persistent volume

* Add private dns zone

* Corrected rg var

* Added Nexus letsencrypt cert gen

* Fixed linting

* Changed terraform.lock.hcl to previous version

* Removed leftover debug

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* File path amend

Co-authored-by: Stuart Leeks <[email protected]>

* Fix for cloudapp DNS resolution errors

* Docker running on Nexus VM

* Documented Letsencrypt process

* Permissions fix

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Formatting changes

* Added reference to letsencrypt doc

* Added new page reference

* Moved password generation for nexus to tf

* Write script to fs first before execution

* Password reset finally working

* Make config nexus script runnable from any dir

* Added basic status info

* Fix recursive file loop

* Typo fix

* Updated docs

* renamed env file

* Fix typo

* Added new nexus fqdn to user resources

* Add vnet link to workspaces

* Bump versions

* Removed nexus properties file

* Updated execution permissions

* Get cert in tf

* Added az cli get cert

* Amended prune job

* Added msi id to login

* Amended msi and exported cert pwd

* Jetty configuration

* Escape jetty vars

* Password script fixes

* Amended networking to use module

* Use https in config script

* Removed res proc location variable

* Potential linting fix

* Linting fixes

* Linting directive positioning

* Gitea version bump

* Terraform format

* Reorder linting to workaround superlinter bug with Terraform

* Added nexus-cert to build and caching of letsencrypt

* Adopted new shared service deploy method

* Added cron job to renew nexus cert

* Removed location references

* And another

* Removed location refs and added az cli

* Fixed nexus-cert kv permissions

* Corrected outputs directory

* Fixed shared service deployment steps

* Updated docs and removed renew prompt

* version bump

* Increase bundle versions

* remote location from variables files

* Removed shared service make

* Removed docker prune

* Bash headers

* Layer clean

* Reduce layer

* Testing without kv role assignment

* Removed kv role assignment

* Adding firewall rule to allow letsencrypt from RP

* Genericised cert service and added letsencrypt action

* Fixed auth hook

* Removed make commands

* Certbot in bundle container

* Tidied naming

* Python base image

* Generate action successful

* Inject cert name to nexus bundle

* Implemented app gateway start/stop

* Separated cloudinit yaml into scripts

* Fixed new line issue

* Fixed bash casing

* Added local nexus repo config

* Added retry logic to config repos

* gitea bump

* Fixed status code

* terraform linting

* Added docs

* Lint fix

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-admins/setup-instructions/configuring-shared-services.md

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-admins/setup-instructions/configuring-shared-services.md

Co-authored-by: Marcus Robinson <[email protected]>

* Fix firewall conflict

* Added note to docs for cert kv conflicts

* Renamed sonatype-nexus to nexus for new version

* Added old nexus service code

* Lint fix

* Renamed folder to be obvious as the nexus-vm

* Added docs for upgrade path

* Added data.azurerm rg core

* linting

* bash linting

* Require workspace of 0.2.14 or above

* Moved new version notes to section below config steps

* Removed give new cert name

* RP cert permissions

* tf format

* Added required params for certs and nexus tempalte schema

* Added cert import permissions

* Added certs delete permission

* App gateway az login

* Version bumps

* tf fmt

* Added missing az cred params to certs

* Add purge permission

* Bump tf versions to 3.4.0 & set purge to false

* Removed unsupported property from new provider

* Moved nexus private zone to core

* Amended location var

* Amended zone location

* Added upgrade flag for tf

* Remove tf lock

* Added new tf key

* Added key into uninstall

* Resolve firewall rule conflicts

* Var reference fix

* Fix for potential @ symbol in nexus admin password causing curl bug

* Added nexus_version variable to user resources for back compat

* Added docs for nexus_version

* downgrade superlinter

* revert superlinter to v4

* Remove lint aws plugin block

* Use superlinter latest

* Manually set tflint path

Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: marrobi <[email protected]>

* Mandatory client-secret when creating a workspace (#1924)

* Mandatory client_secret when creating workspace

* Debugging settings

* azure rm version

* Update templates/workspaces/base/.env.sample

Co-authored-by: Marcus Robinson <[email protected]>

* Update templates/workspaces/base/.env.sample

Co-authored-by: Marcus Robinson <[email protected]>

* Update templates/workspaces/base/terraform/variables.tf

Co-authored-by: Marcus Robinson <[email protected]>

* disable app service's ftp (#1930)

* Airlock resources - tf scripts (#1843)

* Airlock resources - tf scripts

* reusing the existing sb + adding network rules
bug fixes

* Make etag required in API documentaiton, remove custom check (#1932)

* Make etag required in API documentaiton, remove custom check

* Update _version.py

* tests + remove string

Co-authored-by: sharon <[email protected]>

* Reimage Resource Processor Automatically (#1929)

* reimage resource processor automatically

* resource processor vm user docker permissions

* update hcl

* initial swa deploy

* Tag tre core services (#1916)

* tag core resources

Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: Marcus Robinson <[email protected]>
Co-authored-by: Martin Peck <[email protected]>
Co-authored-by: tanya-borisova <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Tamir Kamara <[email protected]>
Co-authored-by: Sven Aelterman <[email protected]>
Co-authored-by: Sonali Rajput <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: James Griffin <[email protected]>
Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Elad Iwanir <[email protected]>
Co-authored-by: Sharon Hart <[email protected]>
Co-authored-by: sharon <[email protected]>
Co-authored-by: Guy Bertental <[email protected]>

* UI CI (#1935)

* Fix Guacamole refresh token (#1785)

* Fixing Guacamole refresh token

* Fix aad tenant bug

Co-authored-by: Anat Balzam <[email protected]>

* Add Contributor to the Role permissions (#1781)

* Put it back to Owner during investigation

* Attempt to find correct permissions

* User Access Administrator

Co-authored-by: Marcus Robinson <[email protected]>

* Ignore Only Root index.html (#1800)

* fixes #1775

* remove unwanted cli prefix

* only ignore root index.html

* Gitea/Guacamole should be able to access AAD_TENANT_ID (#1798)

* Add auth-tenant-id to ws keyvault

* Bump versions

* linting

* re-instating the deploy/destroy files

* Linting

* Update deploy.sh

* Update destroy.sh

* shared services in pr bot and split out in tests (#1813)

* Resource Processor: Configure logging handler per process (#1784)

* Update TRE Developer doc for API (#1801)

* E2E work with scope_id from workspace properties (#1797)

* E2E work with local API

* Added scope identifier uri into tests

* Hangiver from previous method

* Try adding a sleep into the endpoint dns

* Bump the version

* Wait for the private endpoint

* Bump version

* Forgot to wait on teh sleep

* Bumped

* refactoring bug

* Purge Protection

* Bump version

* PR Comments

* More PR tweaks

* typo

* shell check comment

* Remove purge protection

* _get_app_auth_info

* Update docs on running End-to-end tests locally (#1829)

* Fix check order in pr-bot (#1850)

Only check user permissions if a command is detected
to avoid adding 'sorry, not allowed' comments in response to comments
that aren't commands

* Next available IP range calculator only considers active workspaces (#1849)

* Increase Azure CLI version (#1864)

* update all versions to 0.3 (#1754)

* Fix Firewall Logging (#1870)

* switch firewall away from dedicated log tables

* update TF lock

* fix liniting issue with firewall.tf

* Change how access properties in get_scope (#1882)

* added missing param for invoke-action (#1906)

* added missing param

* api version

* Add Bicep tools to devcontainer (#1848)

Co-authored-by: Marcus Robinson <[email protected]>

* E2E tests: Fix shared service and performance tests  (#1860)

* Fix tests

* WIP

* WIP: add a command to build a user resource

* Fix performance test

* fix gucacamole dev vm

* removed unused import

* Fix shared services test

* fix user resources command

* Revert Makefile changes

* fix tabs

* Update templates/workspaces/base/terraform/variables.tf

Co-authored-by: Ross Smith <[email protected]>

* shared services, tweaks to allow Create form to create any resource type

* pivot areas used + resource history re-used across all resource types

* Add .terraform in .dockerignore files (#1872)

* Bump pyjwt from 2.3.0 to 2.4.0 in /api_app (#1913)

* Add resource id var to shared services. (#1914)

* Add resource id var to shared services.

* Update gitea version.

* Fix linter version.

Co-authored-by: Liza Shakury <[email protected]>

* add tflint config (#1919)

* Update httpx package (#1917)

* update httpx package

* bump version number of API

* Improve documentation for Resource Processor (#1827)

* Re-host Nexus on vm (#1584)

* Initial commit

* Replaced webapp with vm

* Amended docker start commands

* Amended firewall

* Add nexus config to persistent volume

* Add private dns zone

* Corrected rg var

* Added Nexus letsencrypt cert gen

* Fixed linting

* Changed terraform.lock.hcl to previous version

* Removed leftover debug

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* File path amend

Co-authored-by: Stuart Leeks <[email protected]>

* Fix for cloudapp DNS resolution errors

* Docker running on Nexus VM

* Documented Letsencrypt process

* Permissions fix

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Formatting changes

* Added reference to letsencrypt doc

* Added new page reference

* Moved password generation for nexus to tf

* Write script to fs first before execution

* Password reset finally working

* Make config nexus script runnable from any dir

* Added basic status info

* Fix recursive file loop

* Typo fix

* Updated docs

* renamed env file

* Fix typo

* Added new nexus fqdn to user resources

* Add vnet link to workspaces

* Bump versions

* Removed nexus properties file

* Updated execution permissions

* Get cert in tf

* Added az cli get cert

* Amended prune job

* Added msi id to login

* Amended msi and exported cert pwd

* Jetty configuration

* Escape jetty vars

* Password script fixes

* Amended networking to use module

* Use https in config script

* Removed res proc location variable

* Potential linting fix

* Linting fixes

* Linting directive positioning

* Gitea version bump

* Terraform format

* Reorder linting to workaround superlinter bug with Terraform

* Added nexus-cert to build and caching of letsencrypt

* Adopted new shared service deploy method

* Added cron job to renew nexus cert

* Removed location references

* And another

* Removed location refs and added az cli

* Fixed nexus-cert kv permissions

* Corrected outputs directory

* Fixed shared service deployment steps

* Updated docs and removed renew prompt

* version bump

* Increase bundle versions

* remote location from variables files

* Removed shared service make

* Removed docker prune

* Bash headers

* Layer clean

* Reduce layer

* Testing without kv role assignment

* Removed kv role assignment

* Adding firewall rule to allow letsencrypt from RP

* Genericised cert service and added letsencrypt action

* Fixed auth hook

* Removed make commands

* Certbot in bundle container

* Tidied naming

* Python base image

* Generate action successful

* Inject cert name to nexus bundle

* Implemented app gateway start/stop

* Separated cloudinit yaml into scripts

* Fixed new line issue

* Fixed bash casing

* Added local nexus repo config

* Added retry logic to config repos

* gitea bump

* Fixed status code

* terraform linting

* Added docs

* Lint fix

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-admins/setup-instructions/configuring-shared-services.md

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-admins/setup-instructions/configuring-shared-services.md

Co-authored-by: Marcus Robinson <[email protected]>

* Fix firewall conflict

* Added note to docs for cert kv conflicts

* Renamed sonatype-nexus to nexus for new version

* Added old nexus service code

* Lint fix

* Renamed folder to be obvious as the nexus-vm

* Added docs for upgrade path

* Added data.azurerm rg core

* linting

* bash linting

* Require workspace of 0.2.14 or above

* Moved new version notes to section below config steps

* Removed give new cert name

* RP cert permissions

* tf format

* Added required params for certs and nexus tempalte schema

* Added cert import permissions

* Added certs delete permission

* App gateway az login

* Version bumps

* tf fmt

* Added missing az cred params to certs

* Add purge permission

* Bump tf versions to 3.4.0 & set purge to false

* Removed unsupported property from new provider

* Moved nexus private zone to core

* Amended location var

* Amended zone location

* Added upgrade flag for tf

* Remove tf lock

* Added new tf key

* Added key into uninstall

* Resolve firewall rule conflicts

* Var reference fix

* Fix for potential @ symbol in nexus admin password causing curl bug

* Added nexus_version variable to user resources for back compat

* Added docs for nexus_version

* downgrade superlinter

* revert superlinter to v4

* Remove lint aws plugin block

* Use superlinter latest

* Manually set tflint path

Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: marrobi <[email protected]>

* Mandatory client-secret when creating a workspace (#1924)

* Mandatory client_secret when creating workspace

* Debugging settings

* azure rm version

* Update templates/workspaces/base/.env.sample

Co-authored-by: Marcus Robinson <[email protected]>

* Update templates/workspaces/base/.env.sample

Co-authored-by: Marcus Robinson <[email protected]>

* Update templates/workspaces/base/terraform/variables.tf

Co-authored-by: Marcus Robinson <[email protected]>

* disable app service's ftp (#1930)

* Airlock resources - tf scripts (#1843)

* Airlock resources - tf scripts

* reusing the existing sb + adding network rules
bug fixes

* workspace nav fix

* Make etag required in API documentaiton, remove custom check (#1932)

* Make etag required in API documentaiton, remove custom check

* Update _version.py

* tests + remove string

Co-authored-by: sharon <[email protected]>

* Reimage Resource Processor Automatically (#1929)

* reimage resource processor automatically

* resource processor vm user docker permissions

* update hcl

* initial swa deploy

* swa deploy, CORS set

* SWA deployment

* post deploy manual step message

* defaulting ui location as global resource, fmt

* deploy_ui feature flag

Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: Marcus Robinson <[email protected]>
Co-authored-by: Martin Peck <[email protected]>
Co-authored-by: tanya-borisova <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Tamir Kamara <[email protected]>
Co-authored-by: Sven Aelterman <[email protected]>
Co-authored-by: Sonali Rajput <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: James Griffin <[email protected]>
Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Elad Iwanir <[email protected]>
Co-authored-by: Sharon Hart <[email protected]>
Co-authored-by: sharon <[email protected]>

* Listing workspace operations. for #1852  (#1867)

* workspace operations models

* workspaceOperationsPanel

* WorkspaceOperations Component

* UI operations list

* cleanup

* Seperate ResourceOperationListItem

* Clean up Resorce Operatiion list

* using workspaceContext

Co-authored-by: Joao Almeida <[email protected]>

* UI Enhancements (#1956)

* initial swa deploy

* extracted context menu to reusable component

* context menu on resource pages

* shared service page with context menu

* component manager custom hook

* removed dummy nav items, integrated ops list component everywhere

* component action remove on pages@

* hoisted create form to top level and used context

* Update resource via the central form

* UI: Resource Status + lifecycles (#1972)

* initial swa deploy

* status implemented

* Damoo/resource status (#1974)

* initial swa deploy

* status implemented

* swa config

* UI: MVP Readiness (#1982)

* initial swa deploy

* mvp snagging

* fixes resetting state for create form

* Move UI to blob storage behind app gw. (#1983)

* Switch 404 page to index (#1985)

* UI Deploy Fixes (#1986)

* initial swa deploy

* deploy fixes

* UI Snagging + Migration (#1996)

* initial swa deploy

* fixed create form state reset (again)

* added required roles to create buttons

* API migration for deploymentStatus field

* include num rows in migration

* Merged Main (#1999)

* Fix Guacamole refresh token (#1785)

* Fixing Guacamole refresh token

* Fix aad tenant bug

Co-authored-by: Anat Balzam <[email protected]>

* Add Contributor to the Role permissions (#1781)

* Put it back to Owner during investigation

* Attempt to find correct permissions

* User Access Administrator

Co-authored-by: Marcus Robinson <[email protected]>

* Ignore Only Root index.html (#1800)

* fixes #1775

* remove unwanted cli prefix

* only ignore root index.html

* Gitea/Guacamole should be able to access AAD_TENANT_ID (#1798)

* Add auth-tenant-id to ws keyvault

* Bump versions

* linting

* re-instating the deploy/destroy files

* Linting

* Update deploy.sh

* Update destroy.sh

* shared services in pr bot and split out in tests (#1813)

* Resource Processor: Configure logging handler per process (#1784)

* Update TRE Developer doc for API (#1801)

* E2E work with scope_id from workspace properties (#1797)

* E2E work with local API

* Added scope identifier uri into tests

* Hangiver from previous method

* Try adding a sleep into the endpoint dns

* Bump the version

* Wait for the private endpoint

* Bump version

* Forgot to wait on teh sleep

* Bumped

* refactoring bug

* Purge Protection

* Bump version

* PR Comments

* More PR tweaks

* typo

* shell check comment

* Remove purge protection

* _get_app_auth_info

* Update docs on running End-to-end tests locally (#1829)

* Fix check order in pr-bot (#1850)

Only check user permissions if a command is detected
to avoid adding 'sorry, not allowed' comments in response to comments
that aren't commands

* Next available IP range calculator only considers active workspaces (#1849)

* Increase Azure CLI version (#1864)

* update all versions to 0.3 (#1754)

* Fix Firewall Logging (#1870)

* switch firewall away from dedicated log tables

* update TF lock

* fix liniting issue with firewall.tf

* Change how access properties in get_scope (#1882)

* added missing param for invoke-action (#1906)

* added missing param

* api version

* Add Bicep tools to devcontainer (#1848)

Co-authored-by: Marcus Robinson <[email protected]>

* E2E tests: Fix shared service and performance tests  (#1860)

* Fix tests

* WIP

* WIP: add a command to build a user resource

* Fix performance test

* fix gucacamole dev vm

* removed unused import

* Fix shared services test

* fix user resources command

* Revert Makefile changes

* fix tabs

* Update templates/workspaces/base/terraform/variables.tf

Co-authored-by: Ross Smith <[email protected]>

* Add .terraform in .dockerignore files (#1872)

* Bump pyjwt from 2.3.0 to 2.4.0 in /api_app (#1913)

* Add resource id var to shared services. (#1914)

* Add resource id var to shared services.

* Update gitea version.

* Fix linter version.

Co-authored-by: Liza Shakury <[email protected]>

* add tflint config (#1919)

* Update httpx package (#1917)

* update httpx package

* bump version number of API

* Improve documentation for Resource Processor (#1827)

* Re-host Nexus on vm (#1584)

* Initial commit

* Replaced webapp with vm

* Amended docker start commands

* Amended firewall

* Add nexus config to persistent volume

* Add private dns zone

* Corrected rg var

* Added Nexus letsencrypt cert gen

* Fixed linting

* Changed terraform.lock.hcl to previous version

* Removed leftover debug

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* File path amend

Co-authored-by: Stuart Leeks <[email protected]>

* Fix for cloudapp DNS resolution errors

* Docker running on Nexus VM

* Documented Letsencrypt process

* Permissions fix

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Typo fix

Co-authored-by: Stuart Leeks <[email protected]>

* Formatting changes

* Added reference to letsencrypt doc

* Added new page reference

* Moved password generation for nexus to tf

* Write script to fs first before execution

* Password reset finally working

* Make config nexus script runnable from any dir

* Added basic status info

* Fix recursive file loop

* Typo fix

* Updated docs

* renamed env file

* Fix typo

* Added new nexus fqdn to user resources

* Add vnet link to workspaces

* Bump versions

* Removed nexus properties file

* Updated execution permissions

* Get cert in tf

* Added az cli get cert

* Amended prune job

* Added msi id to login

* Amended msi and exported cert pwd

* Jetty configuration

* Escape jetty vars

* Password script fixes

* Amended networking to use module

* Use https in config script

* Removed res proc location variable

* Potential linting fix

* Linting fixes

* Linting directive positioning

* Gitea version bump

* Terraform format

* Reorder linting to workaround superlinter bug with Terraform

* Added nexus-cert to build and caching of letsencrypt

* Adopted new shared service deploy method

* Added cron job to renew nexus cert

* Removed location references

* And another

* Removed location refs and added az cli

* Fixed nexus-cert kv permissions

* Corrected outputs directory

* Fixed shared service deployment steps

* Updated docs and removed renew prompt

* version bump

* Increase bundle versions

* remote location from variables files

* Removed shared service make

* Removed docker prune

* Bash headers

* Layer clean

* Reduce layer

* Testing without kv role assignment

* Removed kv role assignment

* Adding firewall rule to allow letsencrypt from RP

* Genericised cert service and added letsencrypt action

* Fixed auth hook

* Removed make commands

* Certbot in bundle container

* Tidied naming

* Python base image

* Generate action successful

* Inject cert name to nexus bundle

* Implemented app gateway start/stop

* Separated cloudinit yaml into scripts

* Fixed new line issue

* Fixed bash casing

* Added local nexus repo config

* Added retry logic to config repos

* gitea bump

* Fixed status code

* terraform linting

* Added docs

* Lint fix

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-admins/setup-instructions/configuring-shared-services.md

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-developers/letsencrypt.md

* Update docs/tre-admins/setup-instructions/configuring-shared-services.md

Co-authored-by: Marcus Robinson <[email protected]>

* Fix firewall conflict

* Added note to docs for cert kv conflicts

* Renamed sonatype-nexus to nexus for new version

* Added old nexus service code

* Lint fix

* Renamed folder to be obvious as the nexus-vm

* Added docs for upgrade path

* Added data.azurerm rg core

* linting

* bash linting

* Require workspace of 0.2.14 or above

* Moved new version notes to section below config steps

* Removed give new cert name

* RP cert permissions

* tf format

* Added required params for certs and nexus tempalte schema

* Added cert import permissions

* Added certs delete permission

* App gateway az login

* Version bumps

* tf fmt

* Added missing az cred params to certs

* Add purge permission

* Bump tf versions to 3.4.0 & set purge to false

* Removed unsupported property from new provider

* Moved nexus private zone to core

* Amended location var

* Amended zone location

* Added upgrade flag for tf

* Remove tf lock

* Added new tf key

* Added key into uninstall

* Resolve firewall rule conflicts

* Var reference fix

* Fix for potential @ symbol in nexus admin password causing curl bug

* Added nexus_version variable to user resources for back compat

* Added docs for nexus_version

* downgrade superlinter

* revert superlinter to v4

* Remove lint aws plugin block

* Use superlinter latest

* Manually set tflint path

Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: marrobi <[email protected]>

* Mandatory client-secret when creating a workspace (#1924)

* Mandatory client_secret when creating workspace

* Debugging settings

* azure rm version

* Update templates/workspaces/base/.env.sample

Co-authored-by: Marcus Robinson <[email protected]>

* Update templates/workspaces/base/.env.sample

Co-authored-by: Marcus Robinson <[email protected]>

* Update templates/workspaces/base/terraform/variables.tf

Co-authored-by: Marcus Robinson <[email protected]>

* disable app service's ftp (#1930)

* Airlock resources - tf scripts (#1843)

* Airlock resources - tf scripts

* reusing the existing sb + adding network rules
bug fixes

* Make etag required in API documentaiton, remove custom check (#1932)

* Make etag required in API documentaiton, remove custom check

* Update _version.py

* tests + remove string

Co-authored-by: sharon <[email protected]>

* Reimage Resource Processor Automatically (#1929)

* reimage resource processor automatically

* resource processor vm user docker permissions

* update hcl

* initial swa deploy

* Tag tre core services (#1916)

* tag core resources

* Setting workspace_owner_object_id when creating workspaces (#1928)

* Wait for DNS

* workspace_owner_object_id

* Bumped version

* Added extra value for local testing

* Pass through workspace_owner_object_id

* workspace_identifier_uri

* typo in test name

* Kept extra check for 202

* Optimize Guacamole docker image (#1933)

* Optimize Guacamole docker image

* remove comments

* pin tomcat version

* lint changes

* fix

* ignore linter error about the user

* fix user

* update versions

Co-authored-by: Ross Smith <[email protected]>

* Upgrade azurerm provider version to 3.5.0 (#1947)

* E2E on main run in sequence (#1945)

* Allow e2e tests to run in sequence from main

* fix

* actions lint fix

* add missing markers to pytest.ini

* fix selector string

* update timeout

* fix prbot e2eTestsCustomSelector param (#1959)

* Airlock processor - function app based - Base (#1950)

* Cost Report - Tag Gitea shared service (#1941)

* Tag gitea shared service

* Fix format

* Upgrade mysql

* Ignore tflint error due to a bug in it.

* CR changes

* Move tflint ignore comment.

* Fix TF fmt.

* Fix TF lint.

* Upgrade gitea version

Co-authored-by: Liza Shakury <[email protected]>

* update-ws-svc-fw-rule-name-ad (#1957)

* azurerm_app_service_plan is deprecated and we should use azurerm_service_plan (#1958)

* azurerm_app_service_plan ->azurerm_service_plan

* Migrate resources

* Linter

* tflint

* azurerm_app_service_plan ->azurerm_service_plan

* Migrate resources

* Linter

* tflint

* Handle empty state

* Don't migrate Terraform (#1977)

* [cost] Tag firewall and nexus shared services. (#1979)

* Tag firewall and nexus

* Update gitea version.

* Update nexus porter

* Update nexus parameters

* Update nexus variables

Co-authored-by: Liza Shakury <[email protected]>

* Create Application Administrator (#1975)

* Create Application Administrator

* Change sp name to have TRE in it

* Cleanup bundle dockerfiles (#1969)

* cleanup bundle dockerfiles

* lint fixes

* pin apt-get versions

* fix version

* bump version

* Register VM Bundle for E2E tests (#1987)

* Publish before Register (#1988)

* Publish before Register

* TF_VAR_application_admin_client_id

* Registering a user_resource needs the Workspace Service Name (#1989)

* WORKSPACE_SERVICE_NAME

* run command needs WORKSPACE_SERVICE_NAME

* And added to the docker run

* add missing dockerfile.tmpl references (#1990)

Co-authored-by: Ross Smith <[email protected]>

* Create user_resource in e2e tests (#1952)

* Create user_resource in e2e tests

* Testing user Resource

* Purge Protection

* Added guacamole-azure-windowsvm fpr e2e

* Register the Windows VM

* TF_VAR_application_admin_client_id (#1993)

* Missing Inputs (#1994)

* Use different identity to create applications (#1976)

* Use different identity to create applications

* Bump version

* Mandatory application_admin_client_id

* Missing porter parameters

* [cost] Tag Guacamole Workspace Service in Terraform (#1971)

tag Guacamole workspace service for cost feature

Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: Tamir Kamara <[email protected]>
Co-authored-by: Guy Bertental <[email protected]>

* config.sample -> config.source

* gitignore config.json

* page title, favicon, readme

* left nav padding

Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: Marcus Robinson <[email protected]>
Co-authored-by: Martin Peck <[email protected]>
Co-authored-by: tanya-borisova <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Tamir Kamara <[email protected]>
Co-authored-by: Sven Aelterman <[email protected]>
Co-authored-by: Sonali Rajput <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: James Griffin <[email protected]>
Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Elad Iwanir <[email protected]>
Co-authored-by: Sharon Hart <[email protected]>
Co-authored-by: sharon <[email protected]>
Co-authored-by: Guy Bertental <[email protected]>
Co-authored-by: dusan-ilic-mhra <[email protected]>
Co-authored-by: Ciprian Maftei <[email protected]>

* initial swa deploy

* api version bump

* linting

* linting

* UI Doc (#2000)

* removed swa config

* UI doc

* reverted dockerfile change

* reverted dockerfile change

* merge weirdness

* Update docs/tre-developers/ui.md

Co-authored-by: Marcus Robinson <[email protected]>

* Update ui.md

Co-authored-by: Marcus Robinson <[email protected]>

* linting

* yml file regression

* pr feedback

* moved launch tasks

* reverted client apps -> swagger ui

* moved var check to makefile over script

* dockerfile linting

* dockerfile typo fix

* dockerfile typo fix

Co-authored-by: Christofer Löf <[email protected]>
Co-authored-by: Martin Peck <[email protected]>
Co-authored-by: Steve Haigh <[email protected]>
Co-authored-by: James Griffin <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: Marcus Robinson <[email protected]>
Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: Anat Balzam <[email protected]>
Co-authored-by: tanya-borisova <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: Tamir Kamara <[email protected]>
Co-authored-by: Sven Aelterman <[email protected]>
Co-authored-by: Sonali Rajput <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: Liza Shakury <[email protected]>
Co-authored-by: oliver7598 <[email protected]>
Co-authored-by: Stuart Leeks <[email protected]>
Co-authored-by: ross-p-smith <[email protected]>
Co-authored-by: Jamie D <[email protected]>
Co-authored-by: Elad Iwanir <[email protected]>
Co-authored-by: Sharon Hart <[email protected]>
Co-authored-by: sharon <[email protected]>
Co-authored-by: Guy Bertental <[email protected]>
Co-authored-by: João Almeida <[email protected]>
Co-authored-by: Joao Almeida <[email protected]>
Co-authored-by: dusan-ilic-mhra <[email protected]>
Co-authored-by: Ciprian Maftei <[email protected]>

.devcontainer/Dockerfile

@@ -13,15 +13,15 @@ ARG USER_GID=$USER_UID
 
 # Set up non-root user
 COPY .devcontainer/scripts/non-root-user.sh /tmp/
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN bash /tmp/non-root-user.sh "${USERNAME}" "${USER_UID}" "${USER_GID}"
 
 # Set env for tracking that we're running in a devcontainer
 ENV DEVCONTAINER=true
 
-# [Option] Install Node.js
-ARG INSTALL_NODE="false"
+# Install Node.js for GH actions tests and UI
 ARG NODE_VERSION="lts/*"
-RUN if [ "${INSTALL_NODE}" = "true" ]; then su $USERNAME -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi
+RUN su $USERNAME -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
 
 # Install terraform
 ARG TERRAFORM_VERSION="1.1.5"
@@ -33,6 +33,7 @@ COPY .devcontainer/scripts/docker-client.sh /tmp/
 RUN /tmp/docker-client.sh $USERNAME
 
 # Install Docker
+# hadolint ignore=DL3008,DL3004
 RUN apt-get update && sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release \
     && curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg \
     && echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" \
@@ -41,9 +42,11 @@ RUN apt-get update && sudo apt-get install -y apt-transport-https ca-certificate
     && apt-get clean -y && rm -rf /var/lib/apt/lists/*
 
 # Install nekos act - run GitHub workflows locally https://github.com/nektos/act
+# hadolint ignore=DL3004
 RUN if [ "${INTERACTIVE}" = "true" ]; then curl https://raw.githubusercontent.com/nektos/act/master/install.sh | sudo bash; fi
 
 # Install Certbot
+# hadolint ignore=DL3008
 RUN apt-get update && apt-get install -y python3 python3-venv libaugeas0 \
     && python3 -m venv /opt/certbot/ \
     && /opt/certbot/bin/pip install --no-cache-dir --upgrade pip \
@@ -81,7 +84,7 @@ RUN export AZURE_CLI_VERSION=${AZURE_CLI_VERSION} \
     && /tmp/azure-cli.sh
 
 ARG YQ_VERSION="v4.13.0"
-RUN wget -O /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" \
+RUN curl -L --fail -o /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" \
     && chmod +x /usr/local/bin/yq
 
 USER $USERNAME

.devcontainer/devcontainer.json

@@ -161,6 +161,20 @@
           "purpose": [
             "debug-test"
           ]
+        },
+        {
+          "name": "Launch Edge (localhost)",
+          "type": "pwa-msedge",
+          "request": "launch",
+          "url": "http://localhost:3000",
+          "webRoot": "${workspaceFolder}/ui/app"
+        },
+        {
+          "name": "Launch Chrome (localhost)",
+          "type": "pwa-chrome",
+          "request": "launch",
+          "url": "http://localhost:3000",
+          "webRoot": "${workspaceFolder}/ui/app"
         }
       ],
       "compounds": []

Makefile

@@ -17,8 +17,8 @@ build-and-push-resource-processor: build-resource-processor-vm-porter-image push
 build-and-push-gitea: build-gitea-image push-gitea-image
 build-and-push-guacamole: build-guacamole-image push-guacamole-image
 build-and-push-mlflow: build-mlflow-image push-mlflow-image
+tre-deploy: deploy-core build-and-deploy-ui deploy-shared-services db-migrate show-core-output
 build-and-push-airlock-processor: build-airlock-processor push-airlock-processor
-tre-deploy: deploy-core deploy-shared-services db-migrate show-core-output
 deploy-shared-services:
 	$(MAKE) firewall-install \
 	&& . ./devops/scripts/load_env.sh ./templates/core/.env \
@@ -371,7 +371,18 @@ static-web-upload:
 	&& . ${MAKEFILE_DIR}/devops/scripts/load_terraform_env.sh ./templates/core/.env \
 	&& pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \
 	&& . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \
-	&& ${MAKEFILE_DIR}/templates/core/terraform/scripts/upload_static_web.sh
+	&& ${MAKEFILE_DIR}/devops/scripts/upload_static_web.sh
+
+build-and-deploy-ui:
+	$(call target_title, "Build and deploy UI") \
+	&& . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker \
+	&& . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ./templates/core/.env \
+	&& . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ./devops/.env \
+	&& . ${MAKEFILE_DIR}/devops/scripts/load_terraform_env.sh ./devops/.env \
+	&& . ${MAKEFILE_DIR}/devops/scripts/load_terraform_env.sh ./templates/core/.env \
+	&& pushd ${MAKEFILE_DIR}/templates/core/terraform/ > /dev/null && . ./outputs.sh && popd > /dev/null \
+	&& . ${MAKEFILE_DIR}/devops/scripts/load_env.sh ${MAKEFILE_DIR}/templates/core/private.env \
+	&& if [ "$${DEPLOY_UI}" == "true" ]; then ${MAKEFILE_DIR}/devops/scripts/build_deploy_ui.sh; else echo "UI Deploy skipped as DEPLOY_UI not true"; fi \
 
 prepare-for-e2e:
 	$(call workspace_bundle,base) \

api_app/_version.py

@@ -1 +1 @@
-__version__ = "0.3.7"
+__version__ = "0.3.8"

api_app/api/routes/migrations.py

@@ -1,6 +1,8 @@
 import logging
 
 from fastapi import APIRouter, Depends, HTTPException, status
+from db.migrations.resources import ResourceMigration
+from db.repositories.operations import OperationRepository
 from services.authentication import get_current_admin_user
 from resources import strings
 from api.dependencies.database import get_repository
@@ -19,8 +21,10 @@
                              response_model=MigrationOutList,
                              dependencies=[Depends(get_current_admin_user)])
 async def migrate_database(resources_repo=Depends(get_repository(ResourceRepository)),
+                           operations_repo=Depends(get_repository(OperationRepository)),
                            shared_services_migration=Depends(get_repository(SharedServiceMigration)),
-                           workspace_migration=Depends(get_repository(WorkspaceMigration))):
+                           workspace_migration=Depends(get_repository(WorkspaceMigration)),
+                           resource_migration=Depends(get_repository(ResourceMigration))):
     try:
         migrations = list()
         logging.info("PR 1030.")
@@ -43,6 +47,10 @@ async def migrate_database(resources_repo=Depends(get_repository(ResourceReposit
         migration_status = "Executed" if workspace_migration.moveAuthInformationToProperties() else "Skipped"
         migrations.append(Migration(issueNumber="PR 1726", status=migration_status))
 
+        logging.info("#1406 - Extra field to support UI")
+        num_rows = resource_migration.add_deployment_status_field(operations_repo)
+        migrations.append(Migration(issueNumber="1406", status=f'Updated {num_rows} resource objects'))
+
         return MigrationOutList(migrations=migrations)
     except Exception as e:
         logging.error(f"Failed to migrate database: {e}")

api_app/api/routes/shared_service_templates.py

@@ -22,9 +22,9 @@ async def get_shared_service_templates(template_repo=Depends(get_repository(Reso
 
 
 @shared_service_templates_core_router.get("/shared-service-templates/{shared_service_template_name}", response_model=SharedServiceTemplateInResponse, response_model_exclude_none=True, name=strings.API_GET_SHARED_SERVICE_TEMPLATE_BY_NAME, dependencies=[Depends(get_current_tre_user_or_tre_admin)])
-async def get_current_shared_service_template_by_name(shared_service_template_name: str, template_repo=Depends(get_repository(ResourceTemplateRepository))) -> SharedServiceTemplateInResponse:
+async def get_current_shared_service_template_by_name(shared_service_template_name: str, is_update: bool = False, template_repo=Depends(get_repository(ResourceTemplateRepository))) -> SharedServiceTemplateInResponse:
     try:
-        template = get_current_template_by_name(shared_service_template_name, template_repo, ResourceType.SharedService)
+        template = get_current_template_by_name(shared_service_template_name, template_repo, ResourceType.SharedService, is_update=is_update)
         return parse_obj_as(SharedServiceTemplateInResponse, template)
     except EntityDoesNotExist:
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=strings.SHARED_SERVICE_TEMPLATE_DOES_NOT_EXIST)

api_app/db/migrations/resources.py

@@ -0,0 +1,26 @@
+import logging
+import uuid
+from azure.cosmos import CosmosClient
+from db.errors import EntityDoesNotExist
+from db.repositories.operations import OperationRepository
+from db.repositories.resources import ResourceRepository
+
+
+class ResourceMigration(ResourceRepository):
+    def __init__(self, client: CosmosClient):
+        super().__init__(client)
+
+    def add_deployment_status_field(self, operations_repository: OperationRepository) -> int:
+
+        i = 0
+        for op in operations_repository.query("SELECT * from c ORDER BY c._ts ASC"):
+            try:
+                resource = self.get_resource_by_id(uuid.UUID(op['resourceId']))
+                resource.deploymentStatus = op['status']
+                self.update_item(resource)
+                i = i + 1
+            except EntityDoesNotExist:
+                logging.info(f'Resource Id {op["resourceId"]} not found')
+                # ignore errors and try the next one
+
+        return i

api_app/db/repositories/resources.py

@@ -5,7 +5,7 @@
 from pydantic import UUID4, parse_obj_as
 import copy
 from models.domain.authentication import User
-
+from azure.cosmos.exceptions import CosmosResourceNotFoundError
 from core import config
 from db.errors import EntityDoesNotExist
 from db.repositories.base import BaseRepository
@@ -55,12 +55,11 @@ def get_resource_dict_by_id(self, resource_id: UUID4) -> dict:
         return resources[0]
 
     def get_resource_by_id(self, resource_id: UUID4) -> Resource:
-        query = self._active_resources_by_id_query(str(resource_id))
-        resources = self.query(query=query)
-        if not resources:
+        try:
+            resource = self.read_item_by_id(str(resource_id))
+        except CosmosResourceNotFoundError:
             raise EntityDoesNotExist
 
-        resource = resources[0]
         if resource["resourceType"] == ResourceType.SharedService:
             return parse_obj_as(SharedService, resource)
         if resource["resourceType"] == ResourceType.Workspace:

api_app/models/domain/operation.py

@@ -58,6 +58,13 @@ def is_failure(self) -> bool:
             Status.Failed
         )
 
+    def is_action(self) -> bool:
+        return self.status in (
+            Status.ActionSucceeded,
+            Status.ActionFailed,
+            Status.InvokingAction
+        )
+
 
 class Operation(AzureTREModel):
     """

api_app/models/domain/resource.py

@@ -1,5 +1,5 @@
 from enum import Enum
-from typing import List
+from typing import List, Optional
 from pydantic import Field
 from models.domain.azuretremodel import AzureTREModel
 from models.domain.request_action import RequestAction
@@ -38,6 +38,7 @@ class Resource(AzureTREModel):
     isActive: bool = True  # When False, hides resource document from list views
     isEnabled: bool = True  # Must be set before a resource can be deleted
     resourceType: ResourceType
+    deploymentStatus: Optional[str] = Field(title="Deployment Status", description="Overall deployment status of the resource")
     etag: str = Field(title="_etag", description="eTag of the document", alias="_etag")
     resourcePath: str = ""
     resourceVersion: int = 0

api_app/schemas/shared_service.json

@@ -5,21 +5,27 @@
   "title": "Shared Service Default Parameters",
   "description": "These parameters are required for all shared services",
   "required": [
-      "display_name",
-      "description"
+    "display_name",
+    "description"
   ],
   "properties": {
-      "display_name": {
-          "type": "string",
-          "title": "Name for the shared service",
-          "description": "The name of the shared service to be displayed to users",
-          "updateable": true
-      },
-      "description": {
-          "type": "string",
-          "title": "Description of the shared service",
-          "description": "Description of the shared service",
-          "updateable": true
-      }
+    "display_name": {
+      "type": "string",
+      "title": "Name for the shared service",
+      "description": "The name of the shared service to be displayed to users",
+      "updateable": true
+    },
+    "description": {
+      "type": "string",
+      "title": "Description of the shared service",
+      "description": "Description of the shared service",
+      "updateable": true
+    },
+    "overview": {
+      "type": "string",
+      "title": "Shared Service Overview",
+      "description": "Long form description of the shared service, in markdown syntax",
+      "updateable": true
+    }
   }
 }

api_app/schemas/user_resource.json

@@ -5,21 +5,27 @@
   "title": "User Resource Default Parameters",
   "description": "These parameters are required for all user resources",
   "required": [
-      "display_name",
-      "description"
+    "display_name",
+    "description"
   ],
   "properties": {
-      "display_name": {
-          "type": "string",
-          "title": "Name for the user resource",
-          "description": "The name of the user resource to be displayed to users",
-          "updateable": true
-      },
-      "description": {
-          "type": "string",
-          "title": "Description of the user resource",
-          "description": "Description of the user resource",
-          "updateable": true
-      }
+    "display_name": {
+      "type": "string",
+      "title": "Name for the user resource",
+      "description": "The name of the user resource to be displayed to users",
+      "updateable": true
+    },
+    "description": {
+      "type": "string",
+      "title": "Description of the user resource",
+      "description": "Description of the user resource",
+      "updateable": true
+    },
+    "overview": {
+      "type": "string",
+      "title": "User Resource Overview",
+      "description": "Long form description of the user resource, in markdown syntax",
+      "updateable": true
+    }
   }
 }

api_app/schemas/workspace.json

@@ -5,38 +5,44 @@
   "title": "Workspace Default Parameters",
   "description": "These parameters are required for all workspaces",
   "required": [
-      "display_name",
-      "description",
-      "address_space_size"
+    "display_name",
+    "description",
+    "address_space_size"
   ],
   "properties": {
-      "display_name": {
-          "type": "string",
-          "title": "Name for the workspace",
-          "description": "The name of the workspace to be displayed to users",
-          "updateable": true
-      },
-      "description": {
-          "type": "string",
-          "title": "Description of the workspace",
-          "description": "Description of the workspace",
-          "updateable": true
-      },
-      "address_space_size": {
-        "type": "string",
-        "title": "Address space size",
-        "description": "Network address size (small, medium, large or custom) to be used by the workspace",
-        "enum": [
-          "small",
-          "medium",
-          "large",
-          "custom"
-        ]
-      },
-      "address_space": {
-          "type": "string",
-          "title": "Address space",
-          "description": "Network address space to be used by the workspace if address_space_size is custom"
-      }
+    "display_name": {
+      "type": "string",
+      "title": "Name for the workspace",
+      "description": "The name of the workspace to be displayed to users",
+      "updateable": true
+    },
+    "description": {
+      "type": "string",
+      "title": "Description of the workspace",
+      "description": "Description of the workspace",
+      "updateable": true
+    },
+    "overview": {
+      "type": "string",
+      "title": "Workspace Overview",
+      "description": "Long form description of the workspace, in markdown syntax",
+      "updateable": true
+    },
+    "address_space_size": {
+      "type": "string",
+      "title": "Address space size",
+      "description": "Network address size (small, medium, large or custom) to be used by the workspace",
+      "enum": [
+        "small",
+        "medium",
+        "large",
+        "custom"
+      ]
+    },
+    "address_space": {
+      "type": "string",
+      "title": "Address space",
+      "description": "Network address space to be used by the workspace if address_space_size is custom"
+    }
   }
 }