Releases: microsoft/AzureTRE
Releases · microsoft/AzureTRE
0.18.0
BREAKING CHANGES & MIGRATIONS:
- Update Core Terraform Provider versions (#3919)
- Introduction of config value
enable_airlock_email_check, which defaults tofalse, this is a change in behaviour. If you require email addresses for users before an airlock request is created, set totrue. (#3904)
ENHANCEMENTS:
- Additional DataBrick IPs added (#3901)
- Add KeyVault Purge Protection Variable (#3922)
- Update Guacamole Windows 11 VM Image to 2Win11-23h2-pro (#3995)
- Make check for email addresses prior to an airlock request being created optional. (#3904)
- Add Firewall SKU variable (#3961)
BUG FIXES:
- Update Guacamole Linux VM Images to Ubuntu 22.04 LTS. Part of (#3523)
- Update Nexus Shared Service with new proxies. Part of (#3523)
- Update to Resource Processor Image, now using Ubuntu 22.04 (jammy). Part of (#3523)
- Remove TLS1.0/1.1 support from Application Gateway (#3914)
- GitHub Actions version updates. (#3847)
- Add workaround to avoid name clashes for storage accounts(#3863)
- Resource processor fails to deploy first workspace on fresh TRE deployment (#3950)
- Dependency and Vulnerability updates
- Fix Weak hashes (#3931)
- Add lifecycle rule to MySQL resources to stop them recreating on
update(#3993) - Fixes broken links on 'Using the Azure TRE -> Custom Templates' page of documentation ([#4003])
- Fix 'Renew Lets Encrypt Certificates' GitHub Action (#3978)
- Add lifecycle rule to the Gitea Shared Service template for the MySQL resource to stop it recreating on
update(#4006)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.10.1 |
| ui | 0.5.24 |
| tre-service-guacamole-linuxvm | 1.0.0 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 1.0.0 |
| tre-service-guacamole | 0.10.7 |
| tre-service-databricks | 1.0.3 |
| tre-service-mlflow | 0.7.7 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-workspace-service-gitea | 1.0.2 |
| tre-workspace-service-mysql | 1.0.2 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-workspace-service-health | 0.2.5 |
| tre-workspace-airlock-import-review | 0.12.16 |
| tre-workspace-unrestricted | 0.11.4 |
| tre-workspace-base | 1.5.3 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-sonatype-nexus | 3.0.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-firewall | 1.2.0 |
| tre-shared-service-gitea | 1.0.1 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-airlock-notifier | 0.9.0 |
New Contributors
- @michael-fielding made their first contribution in #4005
Full Changelog: v0.17.0...v0.18.0
Contributors
michael-fielding
Assets 2
0.17.0
BREAKING CHANGES & MIGRATIONS:
- Update terraform MySQL resources to MySQL Flexible resources to fix depricating recources. (#3892)
- Migration to new version of Gitea and MySQL, needs to be carried out manually, details to be included in a later release.
ENHANCEMENTS:
- Switch from OpenCensus to OpenTelemetry for logging (#3762)
- Extend PowerShell auto start script to start core VMs (#3811)
- Use managed identity for API connection to CosmosDB (#345)
- Switch to Structured Firewall Logs (#3816)
- Support for building core and workspace service bundles on arm64 platforms (#3823)
BUG FIXES:
- Fix issue with workspace menu not working correctly (#3819)
- Fix issue with connect button showing when no uri (#3820)
- Fix user resource upgrade validation: use the parent_service_template_name instead of the parent_resource_id. (#3824)
- Airlock: Creating an import/export request causes a routing error (#3830)
- Fix registration of templates with no 'authorizedRoles' or 'required' defined (#3849)
- Update terraform for services bus to move network rules into namespace resource to avoid depreciation warning, and update setup_local_debugging.sh to use network_rule_sets (#3858)
- Update terraform MySQL resources to MySQL Flexible resources to fix depricating recources. (#3892)
- Fix issue with firewall failing to deploy on a new TRE deploy (#3775)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.9.6 |
| ui | 0.5.21 |
| tre-service-guacamole-linuxvm | 0.6.9 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 0.7.9 |
| tre-service-guacamole | 0.10.6 |
| tre-service-databricks | 1.0.3 |
| tre-service-mlflow | 0.7.7 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-workspace-service-gitea | 1.0.1 |
| tre-workspace-service-mysql | 1.0.1 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-workspace-service-health | 0.2.5 |
| tre-workspace-airlock-import-review | 0.12.16 |
| tre-workspace-unrestricted | 0.11.4 |
| tre-workspace-base | 1.5.3 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-sonatype-nexus | 2.8.13 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-firewall | 1.1.7 |
| tre-shared-service-gitea | 1.0.1 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-airlock-notifier | 0.9.0 |
New Contributors
- @m1p1h made their first contribution in #3827
- @yahya130 made their first contribution in #3841
- @nasaldrops made their first contribution in #3849
- @tim-allen-ck made their first contribution in #3892
Full Changelog: v0.16.0...v0.17.0
Contributors
nasaldrops, yahya130, and 2 other contributors
Assets 2
0.16.0
BREAKING CHANGES & MIGRATIONS:
To resolve the Airlock import issue described in (#3767), the new airlock import review template will need to be registered using make workspace_bundle BUNDLE=airlock-import-review. Any existing airlock import review workspaces will need to be upgraded.
Once you have upgraded the import review workspaces, delete the private endpoint, named pe-stg-import-inprogress-blob-* in the core resource group, and then run make deploy-core to reinstate the private endpoint and DNS records.
ENHANCEMENTS:
- Security updates aligning to Dependabot, MS Defender for Cloud and Synk (#3796)
BUG FIXES:
- Fix issue where updates fail as read only is not configured consistently on schema fields (#3691)
- When getting available address spaces allow those allocated to deleted workspaces to be reassigned (#3691)
- Update Python packages, and fix breaking changes (#3764)
- Enabling support for more than 20 users/groups in Workspace API (#3759)
- Airlock Import Review workspace uses dedicated DNS zone to prevent conflict with core (#3767)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.9.0 |
| ui | 0.5.17 |
| tre-workspace-base | 1.5.3 |
| tre-workspace-unrestricted | 0.11.4 |
| tre-workspace-airlock-import-review | 0.12.16 |
| tre-service-mlflow | 0.7.7 |
| tre-workspace-service-health | 0.2.5 |
| tre-service-databricks | 1.0.3 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-gitea | 0.8.7 |
| tre-workspace-service-mysql | 0.4.5 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.9 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 0.7.9 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole | 0.10.6 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-gitea | 0.6.10 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.8.13 |
| tre-shared-service-firewall | 1.1.5 |
Full Changelog: v0.15.2...v0.16.0
0.15.2
BUG FIXES:
- Remove .sh extension from nexus renewal script so CRON job executes (#3742)
- Upgrade porter version to v1.0.15 and on error getting porter outputs return dict (#3744)
- Fix notifications displaying workspace name rather than actual resource (#3746)
- Fix SecuredByRole fails if app roles are not loaded (#3752)
- Fix workspace not loading fails if operation or history roles are not loaded (#3755)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.9 |
| ui | 0.5.15 |
| tre-workspace-base | 1.5.0 |
| tre-workspace-unrestricted | 0.11.1 |
| tre-workspace-airlock-import-review | 0.12.7 |
| tre-service-mlflow | 0.7.7 |
| tre-workspace-service-health | 0.2.5 |
| tre-service-databricks | 1.0.3 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-gitea | 0.8.7 |
| tre-workspace-service-mysql | 0.4.5 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.9 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 0.7.9 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole | 0.10.5 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-gitea | 0.6.10 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.8.13 |
| tre-shared-service-firewall | 1.1.5 |
0.15.1
BUG FIXES:
- SecuredByRole failing if roles are null (#3740)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.9 |
| ui | 0.5.11 |
| tre-workspace-base | 1.5.0 |
| tre-workspace-unrestricted | 0.11.1 |
| tre-workspace-airlock-import-review | 0.12.7 |
| tre-service-mlflow | 0.7.7 |
| tre-workspace-service-health | 0.2.5 |
| tre-service-databricks | 1.0.3 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-gitea | 0.8.7 |
| tre-workspace-service-mysql | 0.4.5 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.9 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 0.7.9 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole | 0.10.5 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-gitea | 0.6.10 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.8.12 |
| tre-shared-service-firewall | 1.1.5 |
0.15.0
ENHANCEMENTS:
- Reduce logging noise (#2135)
- Update workspace template to use Terraform's AzureRM 3.73 (#3715)
- Enable cost tags for workspace services and user resources (#2932)
BUG FIXES:
- Upgrade unrestricted and airlock base template versions due to diagnostic settings retention period being depreciated (#3704)
- Enable TRE Admins to view workspace details when don't have a workspace role (#2363)
- Fix shared services list return restricted resource for admins causing issues with updates (#3716)
- Fix grey box appearing on resource card when costs are not available. (#3254)
- Fix notification panel not passing the workspace scope id to the API hence UI not updating (#3353)
- Fix issue with cost tags not displaying correctly for some user roles (#3721)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.9 |
| tre-workspace-base | 1.5.0 |
| tre-workspace-unrestricted | 0.11.1 |
| tre-workspace-airlock-import-review | 0.12.7 |
| tre-service-mlflow | 0.7.7 |
| tre-workspace-service-health | 0.2.5 |
| tre-service-databricks | 1.0.3 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-gitea | 0.8.7 |
| tre-workspace-service-mysql | 0.4.5 |
| tre-workspace-service-ohdsi | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.9 |
| tre-service-guacamole-export-reviewvm | 0.1.8 |
| tre-service-guacamole-windowsvm | 0.7.9 |
| tre-service-guacamole-import-reviewvm | 0.2.8 |
| tre-service-guacamole | 0.10.5 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-shared-service-cyclecloud | 0.5.5 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-gitea | 0.6.10 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.8.12 |
| tre-shared-service-firewall | 1.1.5 |
https://github.com/microsoft/AzureTRE/compare/v0.14.1..v0.15.0
0.14.1
BUG FIXES:
- Fix firewall config related to Nexus so that
pypi.orgis added to the allow-list (#3694)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.6 |
| tre-workspace-base | 1.4.7 |
| tre-workspace-unrestricted | 0.10.4 |
| tre-workspace-airlock-import-review | 0.11.6 |
| tre-service-mlflow | 0.7.5 |
| tre-workspace-service-health | 0.2.4 |
| tre-service-databricks | 1.0.3 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-gitea | 0.8.5 |
| tre-workspace-service-mysql | 0.4.4 |
| tre-workspace-service-ohdsi | 0.2.3 |
| tre-service-guacamole-linuxvm | 0.6.8 |
| tre-service-guacamole-export-reviewvm | 0.1.7 |
| tre-service-guacamole-windowsvm | 0.7.8 |
| tre-service-guacamole-import-reviewvm | 0.2.7 |
| tre-service-guacamole | 0.10.4 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-shared-service-cyclecloud | 0.5.4 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-gitea | 0.6.5 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.8.11 |
| tre-shared-service-firewall | 1.1.4 |
0.14.0
ENHANCEMENTS:
- Change Guacamole username claim to
preferred_username, so email not required (#3539) - Upgrade Ubuntu version for Sonatype Nexus VM to 22.04 LTS (#3523)
BUG FIXES:
- Apply missing lifecycle blocks. (#3670)
- Outputs of type boolean are stored as strings (#3655)
- Add dependency on firewall deployment to rule collection (#3672)
- Check docker return code in set docker sock permissions file (#3674)
- Increase reliability of Nexus deployment ([#3642)
- Add firewall rule to allow airlock to download functions runtime (#3682)
- Update dev container so doesn't try to create new group with clashing ID, only updates user ID (#3682)
- Remove diagnostic settings retention period as has been depreciated (#3682)
- Added missing region entries in
databricks-udr.json([#3688)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.6 |
| tre-workspace-base | 1.4.7 |
| tre-workspace-unrestricted | 0.10.4 |
| tre-workspace-airlock-import-review | 0.11.6 |
| tre-service-mlflow | 0.7.5 |
| tre-workspace-service-health | 0.2.4 |
| tre-service-databricks | 1.0.3 |
| tre-service-innereye | 0.6.4 |
| tre-workspace-service-gitea | 0.8.5 |
| tre-workspace-service-mysql | 0.4.4 |
| tre-workspace-service-ohdsi | 0.2.3 |
| tre-service-guacamole-linuxvm | 0.6.8 |
| tre-service-guacamole-export-reviewvm | 0.1.7 |
| tre-service-guacamole-windowsvm | 0.7.8 |
| tre-service-guacamole-import-reviewvm | 0.2.7 |
| tre-service-guacamole | 0.10.4 |
| tre-user-resource-aml-compute-instance | 0.5.7 |
| tre-service-azureml | 0.8.10 |
| tre-shared-service-cyclecloud | 0.5.4 |
| tre-shared-service-databricks-private-auth | 0.1.5 |
| tre-shared-service-gitea | 0.6.5 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.3 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.8.10 |
| tre-shared-service-firewall | 1.1.4 |
0.13.0
BUG FIXES:
- Custom actions fail on resources with a pipeline (#3646)
- Upgrade airlock and unrestricted workspaces to base workspace version 0.12.0 (#3659)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.3 |
| tre-workspace-base | 1.4.4 |
| tre-workspace-unrestricted | 0.10.2 |
| tre-workspace-airlock-import-review | 0.11.2 |
| tre-service-mlflow | 0.7.2 |
| tre-workspace-service-health | 0.2.1 |
| tre-service-databricks | 1.0.0 |
| tre-service-innereye | 0.6.1 |
| tre-workspace-service-gitea | 0.8.2 |
| tre-workspace-service-mysql | 0.4.1 |
| tre-workspace-service-ohdsi | 0.2.0 |
| tre-service-guacamole-linuxvm | 0.6.5 |
| tre-service-guacamole-export-reviewvm | 0.1.4 |
| tre-service-guacamole-windowsvm | 0.7.5 |
| tre-service-guacamole-import-reviewvm | 0.2.4 |
| tre-service-guacamole | 0.9.4 |
| tre-user-resource-aml-compute-instance | 0.5.4 |
| tre-service-azureml | 0.8.7 |
| tre-shared-service-cyclecloud | 0.5.1 |
| tre-shared-service-databricks-private-auth | 0.1.2 |
| tre-shared-service-gitea | 0.6.2 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-admin-vm | 0.4.0 |
| tre-shared-service-certs | 0.5.1 |
| tre-shared-service-sonatype-nexus | 2.5.3 |
| tre-shared-service-firewall | 1.1.1 |
Full Changelog: v0.12.0...v0.13.0
0.12.0
FEATURES:
- OHDSI workspace service (#3562)
ENHANCEMENTS:
- Workspace networking peering sync is handled natively by Terraform (#3534)
- Use SMTP built in connector vs API connector in Airlock Notifier (#3572)
- Update Guacamole dependencies (#3602)
BUG FIXES:
- Nexus might fail to deploy due to wrong identity used in key-vault extension (#3492)
- Airlock notifier needs SCM basic-auth enabled to install (#3509)
- Databricks fails to deploy in East US (#3515)
load_env.shis able to use an equal=sign in values (#3535)- Make AML route names unique (#3546)
- Azure ML connection URI is an object, not string (#3486)
- Update key in Linux VM deploy script (#3434)
- Add missing
azure_environmentporter parameters (#3549) - Fix airlock_notifier not getting the right smtp password (#3561)
- Fix issue when deleting failed resources gives no steps (#3567)
- Fix airlock_notifier not getting the right smtp password (#3565)
- Fix issues with networking dependencies and AMPLS deployment (#3433)
- Update CLI install method to fix dependency issue (#3601)
- Update Databricks UDRs for west europe and switch to DFS private endpoint. ([#3582)
COMPONENTS:
| name | version |
|---|---|
| devops | 0.5.1 |
| core | 0.8.2 |
| tre-workspace-base | 1.4.4 |
| tre-workspace-airlock-import-review | 0.10.1 |
| tre-workspace-unrestricted | 0.9.0 |
| tre-workspace-service-gitea | 0.8.1 |
| tre-service-guacamole | 0.9.3 |
| tre-service-guacamole-windowsvm | 0.7.5 |
| tre-service-guacamole-import-reviewvm | 0.2.4 |
| tre-service-guacamole-linuxvm | 0.6.5 |
| tre-service-guacamole-export-reviewvm | 0.1.4 |
| tre-workspace-service-health | 0.2.1 |
| tre-workspace-service-ohdsi | 0.2.0 |
| tre-service-azureml | 0.8.7 |
| tre-user-resource-aml-compute-instance | 0.5.4 |
| tre-service-mlflow | 0.7.1 |
| tre-service-databricks | 1.0.0 |
| tre-workspace-service-mysql | 0.4.1 |
| tre-service-innereye | 0.6.1 |
| tre-shared-service-cyclecloud | 0.5.1 |
| tre-shared-service-airlock-notifier | 0.9.0 |
| tre-shared-service-gitea | 0.6.1 |
| tre-shared-service-certs | 0.5.0 |
| tre-shared-service-databricks-private-auth | 0.1.1 |
| tre-shared-service-admin-vm | 0.4.0 |
| tre-shared-service-sonatype-nexus | 2.5.2 |
| tre-shared-service-firewall | 1.1.1 |
Full Changelog: v0.11.0...v0.12.0