Remove public IP from TRE's firewall when forced tunneling is configured

[yuvalyaron]

Resolves #4237

What is being addressed

When forced tunneling is configured on TRE's firewall, its public IP is not in use, hence we should not deploy it.

[github-actions]

Unit Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit 2d1c932.

♻️ This comment has been updated with latest results.

[yuvalyaron]

/test

[github-actions]

🤖 pr-bot 🤖

🏃 Running tests: https://github.com/microsoft/AzureTRE/actions/runs/13226992452 (with refid c4c99fa9)

(in response to this comment from @yuvalyaron)

[yuvalyaron]

/help

[github-actions]

🤖 pr-bot 🤖

Hello!

You can use the following commands:
    /test - build, deploy and run smoke tests on a PR
    /test-extended - build, deploy and run smoke & extended tests on a PR
    /test-extended-aad - build, deploy and run smoke & extended AAD tests on a PR
    /test-shared-services - test the deployment of shared services on a PR build
    /test-force-approve - force approval of the PR tests (i.e. skip the deployment checks)
    /test-destroy-env - delete the validation environment for a PR (e.g. to enable testing a deployment from a clean start after previous tests)
    /help - show this help

(in response to this comment from @yuvalyaron)

[yuvalyaron]

/test-destroy-env

[github-actions]

Destroying PR test environment (RG: rg-trec4c99fa9)... (run: https://github.com/microsoft/AzureTRE/actions/runs/13227676379)

[github-actions]

PR test environment destroy complete (RG: rg-trec4c99fa9)

[yuvalyaron]

/test

[github-actions]

🤖 pr-bot 🤖

🏃 Running tests: https://github.com/microsoft/AzureTRE/actions/runs/13228076922 (with refid c4c99fa9)

(in response to this comment from @yuvalyaron)

[yuvalyaron]

/test-force-approve

[github-actions]

🤖 pr-bot 🤖

✅ Marking tests as complete (for commit 2d1c932)

(in response to this comment from @yuvalyaron)

[marrobi]

@yuvalyaron getting:

Public I P Addresses Name: "pip-fw-mr0110"): performing Delete: unexpected status 400 (400 Bad Request) with error: PublicIPAddressCannotBeDeleted: Public IP address /subscriptions//resourceGroups/rg-mr0110/providers/Microsoft.Network/publicIPAddresses/pip-fw-mr0110 can not be deleted since it is still allocated to resource /subscriptions//resourceGroups/rg-mr0110/providers/Microsoft.Network/azureFirewalls/fw-mr0110/azureFirewallIpConfigurations/fw-ip-configuration. In order to delete the public IP, disassociate/detach the Public IP address from the resource. To learn how to do this, see aka.ms/deletepublicip.

When upgrading the firewall, I don't; have forced tunnelling enabled. Can you look at this as will block any users who take main. Thanks.