From 4dce05f25699e92da23698747ccfd76c27df1c06 Mon Sep 17 00:00:00 2001
From: Tamir Kamara <26870601+tamirkamara@users.noreply.github.com>
Date: Wed, 4 Oct 2023 14:52:21 +0000
Subject: [PATCH] vm updates

---
 .../workspace_services/guacamole/porter.yaml  | 44 ++++++++-----------
 .../guacamole/template_schema.json            | 12 ++---
 .../guacamole/terraform/outputs.tf            | 16 ++++---
 .../guacamole-azure-linuxvm/porter.yaml       |  7 ++-
 .../guacamole-azure-linuxvm/terraform/main.tf |  5 ---
 .../terraform/outputs.tf                      |  2 +-
 .../terraform/variables.tf                    |  7 +++
 .../terraform/variables.tf                    |  4 ++
 8 files changed, 53 insertions(+), 44 deletions(-)

diff --git a/templates/workspace_services/guacamole/porter.yaml b/templates/workspace_services/guacamole/porter.yaml
index 2c3ca82dc8..8315d0d3e2 100644
--- a/templates/workspace_services/guacamole/porter.yaml
+++ b/templates/workspace_services/guacamole/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole
-version: 0.11.0
+version: 0.11.1
 
 description: "An Azure TRE service for Guacamole"
 dockerfile: Dockerfile.tmpl
@@ -109,22 +109,17 @@ parameters:
     type: string
 
 outputs:
-  # - name: authentication_callback_uri
-  #   type: string
-  #   applyTo:
-  #     - install
-  #     - upgrade
-  # - name: connection_uri
-  #   type: string
-  #   applyTo:
-  #     - install
-  #     - upgrade
-  # - name: web_apps_addresses
-  #   type: string
-  #   applyTo:
-  #     - install
-  #     - upgrade
-  - name: internals
+  - name: authentication_callback_uri
+    type: string
+    applyTo:
+      - install
+      - upgrade
+  - name: web_apps_addresses
+    type: string
+    applyTo:
+      - install
+      - upgrade
+  - name: routing_fqdn
     type: string
     applyTo:
       - install
@@ -167,11 +162,10 @@ install:
         container_name: ${ bundle.parameters.tfstate_container_name }
         key: tre-service-guacamole-${ bundle.parameters.id }
       outputs:
-        # - name: authentication_callback_uri
-        # - name: web_apps_addresses
+        - name: authentication_callback_uri
+        - name: web_apps_addresses
         - name: admin_connection_uri
-        # - name: connection_uri
-        - name: internals
+        - name: routing_fqdn
 
 upgrade:
   - terraform:
@@ -201,11 +195,11 @@ upgrade:
         container_name: ${ bundle.parameters.tfstate_container_name }
         key: tre-service-guacamole-${ bundle.parameters.id }
       outputs:
-        # - name: authentication_callback_uri
-        # - name: web_apps_addresses
+        - name: authentication_callback_uri
+        - name: web_apps_addresses
         - name: admin_connection_uri
-        # - name: connection_uri
-        - name: internals
+        - name: routing_fqdn
+
 
 uninstall:
   - terraform:
diff --git a/templates/workspace_services/guacamole/template_schema.json b/templates/workspace_services/guacamole/template_schema.json
index 71a94bf9cb..60bf6df3f4 100644
--- a/templates/workspace_services/guacamole/template_schema.json
+++ b/templates/workspace_services/guacamole/template_schema.json
@@ -91,7 +91,7 @@
             "arrayMatchField": "name",
             "value": {
               "name": "{{ resource.id }}",
-              "fqdn": "{{ resource.properties.internals.routing_fqdn }}"
+              "fqdn": "{{ resource.properties.routing_fqdn }}"
             }
           }
         ]
@@ -109,7 +109,7 @@
             "arrayMatchField": "name",
             "value": {
               "name": "{{ resource.id }}",
-              "value": "{{ resource.properties.internals.authentication_callback_uri }}"
+              "value": "{{ resource.properties.authentication_callback_uri }}"
             }
           }
         ]
@@ -133,7 +133,7 @@
                 {
                   "name": "AzureAD",
                   "description": "AAD access for authNZ",
-                  "source_addresses": "{{ resource.properties.internals.web_apps_addresses }}",
+                  "source_addresses": "{{ resource.properties.web_apps_addresses }}",
                   "destination_addresses": [
                     "AzureActiveDirectory"
                   ],
@@ -168,7 +168,7 @@
             "arrayMatchField": "name",
             "value": {
               "name": "{{ resource.id }}",
-              "fqdn": "{{ resource.properties.internals.routing_fqdn }}"
+              "fqdn": "{{ resource.properties.routing_fqdn }}"
             }
           }
         ]
@@ -186,7 +186,7 @@
             "arrayMatchField": "name",
             "value": {
               "name": "{{ resource.id }}",
-              "value": "{{ resource.properties.internals.authentication_callback_uri }}"
+              "value": "{{ resource.properties.authentication_callback_uri }}"
             }
           }
         ]
@@ -210,7 +210,7 @@
                 {
                   "name": "AzureAD",
                   "description": "AAD access for authNZ",
-                  "source_addresses": "{{ resource.properties.internals.web_apps_addresses }}",
+                  "source_addresses": "{{ resource.properties.web_apps_addresses }}",
                   "destination_addresses": [
                     "AzureActiveDirectory"
                   ],
diff --git a/templates/workspace_services/guacamole/terraform/outputs.tf b/templates/workspace_services/guacamole/terraform/outputs.tf
index 42170caf95..4873a93090 100644
--- a/templates/workspace_services/guacamole/terraform/outputs.tf
+++ b/templates/workspace_services/guacamole/terraform/outputs.tf
@@ -1,9 +1,13 @@
-output "internals" {
-  value = jsonencode({
-    authentication_callback_uri = local.webapp_auth_callback_url
-    routing_fqdn                = var.is_exposed_externally ? azurerm_linux_web_app.guacamole.default_hostname : ""
-    web_apps_addresses          = data.azurerm_subnet.web_apps.address_prefixes
-  })
+output "authentication_callback_uri" {
+  value = local.webapp_auth_callback_url
+}
+
+output "routing_fqdn" {
+  value = var.is_exposed_externally ? azurerm_linux_web_app.guacamole.default_hostname : ""
+}
+
+output "web_apps_addresses" {
+  value = jsonencode(data.azurerm_subnet.web_apps.address_prefixes)
 }
 
 output "admin_connection_uri" {
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
index f36a668258..e00249ead9 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-linuxvm
-version: 0.6.9
+version: 0.7.0
 description: "An Azure TRE User Resource Template for Guacamole (Linux)"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
@@ -101,6 +101,8 @@ parameters:
   - name: shared_storage_name
     type: string
     default: "vm-shared-storage"
+  - name: tre_url
+    type: string
 
 outputs:
   - name: ip
@@ -146,6 +148,7 @@ install:
         shared_storage_access: ${ bundle.parameters.shared_storage_access }
         shared_storage_name: ${ bundle.parameters.shared_storage_name }
         image_gallery_id: ${ bundle.parameters.image_gallery_id }
+        tre_url: ${ bundle.parameters.tre_url }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }
@@ -170,6 +173,7 @@ upgrade:
         shared_storage_access: ${ bundle.parameters.shared_storage_access }
         shared_storage_name: ${ bundle.parameters.shared_storage_name }
         image_gallery_id: ${ bundle.parameters.image_gallery_id }
+        tre_url: ${ bundle.parameters.tre_url }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }
@@ -203,6 +207,7 @@ uninstall:
         shared_storage_access: ${ bundle.parameters.shared_storage_access }
         shared_storage_name: ${ bundle.parameters.shared_storage_name }
         image_gallery_id: ${ bundle.parameters.image_gallery_id }
+        tre_url: ${ bundle.parameters.tre_url }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf
index eb0ba0fac3..a37f47ab0c 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf
@@ -60,11 +60,6 @@ data "azurerm_key_vault" "ws" {
   resource_group_name = data.azurerm_resource_group.ws.name
 }
 
-data "azurerm_linux_web_app" "guacamole" {
-  name                = "guacamole-${var.tre_id}-ws-${local.short_workspace_id}-svc-${local.short_parent_id}"
-  resource_group_name = data.azurerm_resource_group.ws.name
-}
-
 data "azurerm_public_ip" "app_gateway_ip" {
   name                = "pip-agw-${var.tre_id}"
   resource_group_name = data.azurerm_resource_group.core.name
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/outputs.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/outputs.tf
index 30a5a90a39..9453a165b5 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/outputs.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/outputs.tf
@@ -11,7 +11,7 @@ output "azure_resource_id" {
 }
 
 output "connection_uri" {
-  value = "https://${data.azurerm_linux_web_app.guacamole.default_hostname}/?/client/${textencodebase64("${azurerm_linux_virtual_machine.linuxvm.name}\u0000c\u0000azuretre", "UTF-8")}"
+  value = "${var.tre_url}/${var.parent_service_id}/?/client/${textencodebase64("${azurerm_linux_virtual_machine.linuxvm.name}\u0000c\u0000azuretre", "UTF-8")}"
 }
 
 output "vm_username" {
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf
index 4908ae52a2..58eb2528c5 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf
@@ -26,3 +26,10 @@ variable "image_gallery_id" {
   type    = string
   default = ""
 }
+variable "tre_url" {
+  type = string
+  validation {
+    condition     = startswith(var.tre_url, "http") && length(var.tre_url) > 10
+    error_message = "Invalid tre_url. Must start with http or https."
+  }
+}
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf
index 8742e44891..58eb2528c5 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf
@@ -28,4 +28,8 @@ variable "image_gallery_id" {
 }
 variable "tre_url" {
   type = string
+  validation {
+    condition     = startswith(var.tre_url, "http") && length(var.tre_url) > 10
+    error_message = "Invalid tre_url. Must start with http or https."
+  }
 }