Azure Database for MySQL single server is on the retirement path

templates/shared_services/gitea/parameters.json

@@ -45,6 +45,12 @@
       "source": {
         "env": "ARM_ENVIRONMENT"
       }
+    },
+    {
+      "name": "gitea_sku",
+      "source": {
+        "env": "GITEA_SKU"
+      }
     }
   ]
 }

templates/shared_services/gitea/porter.yaml

@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-shared-service-gitea
-version: 0.6.10
+version: 1.0.0
 description: "A Gitea shared service"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
@@ -51,6 +51,9 @@ parameters:
     env: ARM_ENVIRONMENT
     type: string
     default: "public"
+  - name: gitea_sku
+    type: string
+    default: "B | 4GB 2vCores"
 
 mixins:
   - terraform:
@@ -89,6 +92,7 @@ install:
         mgmt_resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         acr_name: ${ bundle.parameters.mgmt_acr_name }
         arm_environment: ${ bundle.parameters.arm_environment }
+        gitea_sku: ${ bundle.parameters.gitea_sku }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }
@@ -129,6 +133,7 @@ uninstall:
         mgmt_resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         acr_name: ${ bundle.parameters.mgmt_acr_name }
         arm_environment: ${ bundle.parameters.arm_environment }
+        gitea_sku: ${ bundle.parameters.gitea_sku }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }

templates/shared_services/gitea/terraform/gitea-webapp.tf

@@ -46,9 +46,9 @@ resource "azurerm_linux_web_app" "gitea" {
 
     GITEA__database__SSL_MODE = "true"
     GITEA__database__DB_TYPE  = "mysql"
-    GITEA__database__HOST     = azurerm_mysql_server.gitea.fqdn
+    GITEA__database__HOST     = azurerm_mysql_flexible_server.gitea.fqdn
     GITEA__database__NAME     = azurerm_mysql_database.gitea.name
-    GITEA__database__USER     = "${azurerm_mysql_server.gitea.administrator_login}@${azurerm_mysql_server.gitea.fqdn}"
+    GITEA__database__USER     = "${azurerm_mysql_flexible_server.gitea.administrator_login}@${azurerm_mysql_flexible_server.gitea.fqdn}"
     GITEA__database__PASSWD   = "@Microsoft.KeyVault(SecretUri=${azurerm_key_vault_secret.db_password.id})"
   }
 

templates/shared_services/gitea/terraform/locals.tf

@@ -6,6 +6,11 @@ locals {
   keyvault_name            = "kv-${var.tre_id}"
   version                  = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "")
   gitea_allowed_fqdns_list = distinct(compact(split(",", replace(var.gitea_allowed_fqdns, " ", ""))))
+  gitea_sku = {
+    "B | 4GB 2vCores"   = { value = "Standard_B2s" },
+    "GP | 8GB 2vCores"  = { value = "Standard_D2ads_v5" },
+    "BC | 16GB 2vCores" = { value = "Standard_E2ds_v4" }
+  }
   tre_shared_service_tags = {
     tre_id                = var.tre_id
     tre_shared_service_id = var.tre_resource_id

templates/shared_services/gitea/terraform/mysql.tf

@@ -6,31 +6,24 @@ resource "random_password" "password" {
   min_special = 2
 }
 
-resource "azurerm_mysql_server" "gitea" {
-  name                              = "mysql-${var.tre_id}"
-  resource_group_name               = local.core_resource_group_name
-  location                          = data.azurerm_resource_group.rg.location
-  administrator_login               = "mysqladmin"
-  administrator_login_password      = random_password.password.result
-  sku_name                          = "GP_Gen5_2"
-  storage_mb                        = 5120
-  version                           = "8.0"
-  auto_grow_enabled                 = true
-  backup_retention_days             = 7
-  geo_redundant_backup_enabled      = false
-  infrastructure_encryption_enabled = false
-  public_network_access_enabled     = false
-  ssl_enforcement_enabled           = true
-  ssl_minimal_tls_version_enforced  = "TLS1_2"
-  tags                              = local.tre_shared_service_tags
+resource "azurerm_mysql_flexible_server" "gitea" {
+  name                         = "mysql-${var.tre_id}"
+  resource_group_name          = local.core_resource_group_name
+  location                     = data.azurerm_resource_group.rg.location
+  administrator_login          = "mysqladmin"
+  sku_name                     = local.gitea_sku[var.gitea_sku].value
+  version                      = "8.0.21"
+  backup_retention_days        = 7
+  geo_redundant_backup_enabled = false
+  tags                         = local.tre_shared_service_tags
 
-  lifecycle { ignore_changes = [tags, threat_detection_policy] }
+  lifecycle { ignore_changes = [tags] }
 }
 
 resource "azurerm_mysql_database" "gitea" {
   name                = "gitea"
   resource_group_name = local.core_resource_group_name
-  server_name         = azurerm_mysql_server.gitea.name
+  server_name         = azurerm_mysql_flexible_server.gitea.name
   charset             = "utf8"
   collation           = "utf8_unicode_ci"
 }
@@ -41,15 +34,15 @@ moved {
 }
 
 resource "azurerm_private_endpoint" "private_endpoint" {
-  name                = "pe-${azurerm_mysql_server.gitea.name}"
+  name                = "pe-${azurerm_mysql_flexible_server.gitea.name}"
   location            = data.azurerm_resource_group.rg.location
   resource_group_name = local.core_resource_group_name
   subnet_id           = data.azurerm_subnet.shared.id
   tags                = local.tre_shared_service_tags
 
   private_service_connection {
-    private_connection_resource_id = azurerm_mysql_server.gitea.id
-    name                           = "psc-${azurerm_mysql_server.gitea.name}"
+    private_connection_resource_id = azurerm_mysql_flexible_server.gitea.id
+    name                           = "psc-${azurerm_mysql_flexible_server.gitea.name}"
     subresource_names              = ["mysqlServer"]
     is_manual_connection           = false
   }
@@ -63,7 +56,7 @@ resource "azurerm_private_endpoint" "private_endpoint" {
 }
 
 resource "azurerm_key_vault_secret" "db_password" {
-  name         = "${azurerm_mysql_server.gitea.name}-administrator-password"
+  name         = "${azurerm_mysql_flexible_server.gitea.name}-administrator-password"
   value        = random_password.password.result
   key_vault_id = data.azurerm_key_vault.keyvault.id
   tags         = local.tre_shared_service_tags

templates/shared_services/gitea/terraform/variables.tf

@@ -33,3 +33,7 @@ variable "acr_name" {
 variable "arm_environment" {
   type = string
 }
+
+variable "gitea_sku" {
+  type = string
+}

templates/workspace_services/gitea/parameters.json

@@ -63,6 +63,12 @@
       "source": {
         "env": "ARM_ENVIRONMENT"
       }
+    },
+    {
+      "name": "gitea_sku",
+      "source": {
+        "env": "GITEA_SKU"
+      }
     }
   ]
 }

templates/workspace_services/gitea/porter.yaml

@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-workspace-service-gitea
-version: 0.8.7
+version: 0.8.9
 description: "A Gitea workspace service"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
@@ -60,6 +60,9 @@ parameters:
     env: ARM_ENVIRONMENT
     type: string
     default: "public"
+  - name: gitea_sku
+    type: string
+    default: "B | 4GB 2vCores"
   - name: aad_authority_url
     type: string
     default: "https://login.microsoftonline.com"
@@ -102,6 +105,7 @@ install:
         mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name }
         aad_authority_url: ${ bundle.parameters.aad_authority_url }
         arm_environment: ${ bundle.parameters.arm_environment }
+        gitea_sku: ${ bundle.parameters.gitea_sku }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }
@@ -146,6 +150,7 @@ uninstall:
         mgmt_resource_group_name: ${ bundle.parameters.mgmt_resource_group_name }
         aad_authority_url: ${ bundle.parameters.aad_authority_url }
         arm_environment: ${ bundle.parameters.arm_environment }
+        gitea_sku: ${ bundle.parameters.gitea_sku }
       backendConfig:
         resource_group_name: ${ bundle.parameters.tfstate_resource_group_name }
         storage_account_name: ${ bundle.parameters.tfstate_storage_account_name }

templates/workspace_services/gitea/terraform/gitea-webapp.tf

@@ -56,9 +56,9 @@ resource "azurerm_linux_web_app" "gitea" {
     GITEA__service__SHOW_REGISTRATION_BUTTON         = false
     GITEA__database__SSL_MODE                        = "true"
     GITEA__database__DB_TYPE                         = "mysql"
-    GITEA__database__HOST                            = azurerm_mysql_server.gitea.fqdn
+    GITEA__database__HOST                            = azurerm_mysql_flexible_server.gitea.fqdn
     GITEA__database__NAME                            = azurerm_mysql_database.gitea.name
-    GITEA__database__USER                            = "${azurerm_mysql_server.gitea.administrator_login}@${azurerm_mysql_server.gitea.fqdn}"
+    GITEA__database__USER                            = "${azurerm_mysql_flexible_server.gitea.administrator_login}@${azurerm_mysql_flexible_server.gitea.fqdn}"
     GITEA__database__PASSWD                          = "@Microsoft.KeyVault(SecretUri=${azurerm_key_vault_secret.db_password.id})"
   }
 

templates/workspace_services/gitea/terraform/locals.tf

@@ -8,6 +8,11 @@ locals {
   core_resource_group_name       = "rg-${var.tre_id}"
   keyvault_name                  = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}")
   version                        = replace(replace(replace(data.local_file.version.content, "__version__ = \"", ""), "\"", ""), "\n", "")
+  gitea_sku = {
+    "B | 4GB 2vCores"   = { value = "Standard_B2s" },
+    "GP | 8GB 2vCores"  = { value = "Standard_D2ads_v5" },
+    "BC | 16GB 2vCores" = { value = "Standard_E2ds_v4" }
+  }
   workspace_service_tags = {
     tre_id                   = var.tre_id
     tre_workspace_id         = var.workspace_id

templates/workspace_services/gitea/terraform/mysql.tf

@@ -6,31 +6,24 @@ resource "random_password" "password" {
   min_special = 2
 }
 
-resource "azurerm_mysql_server" "gitea" {
-  name                              = "mysql-${local.service_resource_name_suffix}"
-  resource_group_name               = data.azurerm_resource_group.ws.name
-  location                          = data.azurerm_resource_group.ws.location
-  administrator_login               = "mysqladmin"
-  administrator_login_password      = random_password.password.result
-  sku_name                          = "GP_Gen5_2"
-  storage_mb                        = 5120
-  version                           = "8.0"
-  auto_grow_enabled                 = true
-  backup_retention_days             = 7
-  geo_redundant_backup_enabled      = false
-  infrastructure_encryption_enabled = false
-  public_network_access_enabled     = false
-  ssl_enforcement_enabled           = true
-  ssl_minimal_tls_version_enforced  = "TLS1_2"
-  tags                              = local.workspace_service_tags
+resource "azurerm_mysql_flexible_server" "gitea" {
+  name                         = "mysql-${local.service_resource_name_suffix}"
+  resource_group_name          = data.azurerm_resource_group.ws.name
+  location                     = data.azurerm_resource_group.ws.location
+  administrator_login          = "mysqladmin"
+  sku_name                     = local.gitea_sku[var.gitea_sku].value
+  version                      = "8.0.21"
+  backup_retention_days        = 7
+  geo_redundant_backup_enabled = false
+  tags                         = local.workspace_service_tags
 
   lifecycle { ignore_changes = [tags] }
 }
 
 resource "azurerm_mysql_database" "gitea" {
   name                = "gitea"
   resource_group_name = data.azurerm_resource_group.ws.name
-  server_name         = azurerm_mysql_server.gitea.name
+  server_name         = azurerm_mysql_flexible_server.gitea.name
   charset             = "utf8"
   collation           = "utf8_unicode_ci"
 }
@@ -41,15 +34,15 @@ moved {
 }
 
 resource "azurerm_private_endpoint" "private_endpoint" {
-  name                = "pe-${azurerm_mysql_server.gitea.name}"
+  name                = "pe-${azurerm_mysql_flexible_server.gitea.name}"
   location            = data.azurerm_resource_group.ws.location
   resource_group_name = data.azurerm_resource_group.ws.name
   subnet_id           = data.azurerm_subnet.services.id
   tags                = local.workspace_service_tags
 
   private_service_connection {
-    private_connection_resource_id = azurerm_mysql_server.gitea.id
-    name                           = "psc-${azurerm_mysql_server.gitea.name}"
+    private_connection_resource_id = azurerm_mysql_flexible_server.gitea.id
+    name                           = "psc-${azurerm_mysql_flexible_server.gitea.name}"
     subresource_names              = ["mysqlServer"]
     is_manual_connection           = false
   }
@@ -63,7 +56,7 @@ resource "azurerm_private_endpoint" "private_endpoint" {
 }
 
 resource "azurerm_key_vault_secret" "db_password" {
-  name         = "${azurerm_mysql_server.gitea.name}-administrator-password"
+  name         = "${azurerm_mysql_flexible_server.gitea.name}-administrator-password"
   value        = random_password.password.result
   key_vault_id = data.azurerm_key_vault.ws.id
   tags         = local.workspace_service_tags

templates/workspace_services/gitea/terraform/variables.tf

@@ -24,3 +24,6 @@ variable "gitea_storage_limit" {
 variable "arm_environment" {
   type = string
 }
+variable "gitea_sku" {
+  type = string
+}

templates/workspace_services/gitea/version.txt

@@ -1 +1 @@
-__version__ = "0.6.0"
+__version__ = "0.6.1"

templates/workspace_services/mysql/porter.yaml

@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-workspace-service-mysql
-version: 0.4.5
+version: 0.4.6
 description: "A MySQL workspace service"
 registry: azuretre
 dockerfile: Dockerfile.tmpl
@@ -47,7 +47,7 @@ parameters:
     default: "public"
   - name: sql_sku
     type: string
-    default: "GP | 5GB 2vCores"
+    default: "B | 4GB 2vCores"
   - name: storage_mb
     type: integer
     default: 5120

templates/workspace_services/mysql/template_schema.json

@@ -12,12 +12,11 @@
       "title": "MySQL server SKU",
       "description": "MySQL server SKU",
       "enum": [
-        "GP | 5GB 2vCores",
-        "GP | 5GB 4vCores",
-        "GP | 5GB 6vCores",
-        "GP | 5GB 8vCores"
+        "B | 4GB 2vCores",
+        "GP | 8GB 2vCores",
+        "BC | 16GB 2vCores"
       ],
-      "default": "GP | 5GB 2vCores"
+      "default": "B | 4GB 2vCores"
     },
     "storage_mb": {
       "$id": "#/properties/storage_mb",

templates/workspace_services/mysql/terraform/locals.tf

@@ -6,10 +6,9 @@ locals {
   keyvault_name                  = lower("kv-${substr(local.workspace_resource_name_suffix, -20, -1)}")
   core_resource_group_name       = "rg-${var.tre_id}"
   sql_sku = {
-    "GP | 5GB 2vCores" = { value = "GP_Gen5_2" },
-    "GP | 5GB 4vCores" = { value = "GP_Gen5_4" },
-    "GP | 5GB 6vCores" = { value = "GP_Gen5_6" },
-    "GP | 5GB 8vCores" = { value = "GP_Gen5_8" }
+    "B | 4GB 2vCores"   = { value = "Standard_B2s" },
+    "GP | 8GB 2vCores"  = { value = "Standard_D2ads_v5" },
+    "BC | 16GB 2vCores" = { value = "Standard_E2ds_v4" }
   }
   workspace_service_tags = {
     tre_id                   = var.tre_id