From 72bc099135da37d59496f8c72047aa36baa07960 Mon Sep 17 00:00:00 2001
From: Marcus Robinson <marrobi@microsoft.com>
Date: Tue, 17 Dec 2024 13:30:20 +0000
Subject: [PATCH 1/2] Fix unable to delete Guacamole VM in stopped state

Fixes #4135

Add `skip_shutdown_and_force_delete` configuration to Guacamole VM templates to fix deletion issue.

* Modify `main.tf` files in `templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform`, `guacamole-azure-import-reviewvm/terraform`, `guacamole-azure-linuxvm/terraform`, and `guacamole-azure-windowsvm/terraform` to include `skip_shutdown_and_force_delete = true` under the `virtual_machine` block in the `features` section.
* Update `porter.yaml` files in `templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm`, `guacamole-azure-import-reviewvm`, `guacamole-azure-windowsvm`, and `guacamole-azure-linuxvm` to increment the version numbers.
* Update `CHANGELOG.md` to include the fix for the deletion issue.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/AzureTRE/issues/4135?shareId=XXXX-XXXX-XXXX-XXXX).
---
 CHANGELOG.md                                                   | 1 +
 .../user_resources/guacamole-azure-export-reviewvm/porter.yaml | 2 +-
 .../guacamole-azure-export-reviewvm/terraform/main.tf          | 3 +++
 .../user_resources/guacamole-azure-import-reviewvm/porter.yaml | 2 +-
 .../guacamole-azure-import-reviewvm/terraform/main.tf          | 3 +++
 .../user_resources/guacamole-azure-linuxvm/porter.yaml         | 2 +-
 .../user_resources/guacamole-azure-linuxvm/terraform/main.tf   | 3 +++
 .../user_resources/guacamole-azure-windowsvm/porter.yaml       | 2 +-
 .../user_resources/guacamole-azure-windowsvm/terraform/main.tf | 3 +++
 9 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4094db546c..48b8affa8c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -32,6 +32,7 @@ BUG FIXES:
 - Create policy to allow all user to configure color profiles to remove auth dialog. ([#4184](https://github.com/microsoft/AzureTRE/pull/4184))
 - Pre configure VS code option to prevent script failure ([#4185](https://github.com/microsoft/AzureTRE/pull/4185))
 - Enable symlinks to work on Linux VM shared storage ([#4180](https://github.com/microsoft/AzureTRE/issues/4180))
+- Unable to delete virtual machines, add skip_shutdown_and_force_delete = true ([#4135](https://github.com/microsoft/AzureTRE/issues/4135))
 
 COMPONENTS:
 
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml
index 3affcfa3c9..03e283dd57 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-export-reviewvm
-version: 0.1.12
+version: 0.1.13
 description: "An Azure TRE User Resource Template for reviewing Airlock export requests"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/main.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/main.tf
index 05be02b3ce..dd51f0ff90 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/main.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/terraform/main.tf
@@ -32,6 +32,9 @@ provider "azurerm" {
       recover_soft_deleted_certificates = true
       recover_soft_deleted_keys         = true
     }
+    virtual_machine {
+      skip_shutdown_and_force_delete = true
+    }
   }
   storage_use_azuread = true
 }
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml
index 4ec556a834..a70cea2d47 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-import-reviewvm
-version: 0.2.12
+version: 0.2.13
 description: "An Azure TRE User Resource Template for reviewing Airlock import requests"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/main.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/main.tf
index 05be02b3ce..dd51f0ff90 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/main.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/terraform/main.tf
@@ -32,6 +32,9 @@ provider "azurerm" {
       recover_soft_deleted_certificates = true
       recover_soft_deleted_keys         = true
     }
+    virtual_machine {
+      skip_shutdown_and_force_delete = true
+    }
   }
   storage_use_azuread = true
 }
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
index 31321e315c..5fb3a8276c 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-linuxvm
-version: 1.0.7
+version: 1.0.8
 description: "An Azure TRE User Resource Template for Guacamole (Linux)"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf
index a5a8dca738..5231913385 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf
@@ -33,6 +33,9 @@ provider "azurerm" {
       recover_soft_deleted_certificates = true
       recover_soft_deleted_keys         = true
     }
+    virtual_machine {
+      skip_shutdown_and_force_delete = true
+    }
   }
   storage_use_azuread = true
 }
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml
index 13cd81c763..7a1c1d1cf4 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-windowsvm
-version: 1.0.6
+version: 1.0.7
 description: "An Azure TRE User Resource Template for Guacamole (Windows 10)"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/main.tf b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/main.tf
index 105c2658b3..616fac90a5 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/main.tf
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/main.tf
@@ -28,6 +28,9 @@ provider "azurerm" {
       recover_soft_deleted_certificates = true
       recover_soft_deleted_keys         = true
     }
+    virtual_machine {
+      skip_shutdown_and_force_delete = true
+    }
   }
   storage_use_azuread = true
 }

From c2477fa4f5bc4edf330dd270f7c27936187503e6 Mon Sep 17 00:00:00 2001
From: Marcus Robinson <marrobi@microsoft.com>
Date: Thu, 2 Jan 2025 12:53:59 +0000
Subject: [PATCH 2/2] Use script for Linux VM

---
 templates/scripts/delete_azure_resources.sh   | 26 +++++++++++++++++++
 .../guacamole-azure-linuxvm/Dockerfile.tmpl   |  4 +++
 .../porter-build-context.env                  |  1 +
 .../guacamole-azure-linuxvm/porter.yaml       | 11 +++++++-
 4 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100755 templates/scripts/delete_azure_resources.sh
 create mode 100644 templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter-build-context.env

diff --git a/templates/scripts/delete_azure_resources.sh b/templates/scripts/delete_azure_resources.sh
new file mode 100755
index 0000000000..7de2c5099c
--- /dev/null
+++ b/templates/scripts/delete_azure_resources.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Parameters
+tre_id=$1
+workspace_id=$2
+workspace_service_id=$3
+user_resource_id=$4
+
+# Build the tag filter query
+tag_filters="--tag tre_resource_id=$tre_id"
+[ -n "$workspace_id" ] && tag_filters="$tag_filters --tag tre_workspace_id=$workspace_id"
+[ -n "$workspace_service_id" ] && tag_filters="$tag_filters --tag tre_workspace_service_id=$workspace_service_id"
+[ -n "$user_resource_id" ] && tag_filters="$tag_filters --tag tre_user_resource_id=$user_resource_id"
+
+# login to azure
+az login --identity
+
+# Get the resource IDs with the specified tags
+resource_ids=$(az resource list "$tag_filters" --query "[].id" -o tsv)
+
+# Delete the resources
+if [ -n "$resource_ids" ]; then
+  az resource delete --ids "$resource_ids" --yes
+else
+  echo "No resources found with the specified tags."
+fi
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/Dockerfile.tmpl b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/Dockerfile.tmpl
index 4494f207a1..2943d93165 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/Dockerfile.tmpl
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/Dockerfile.tmpl
@@ -6,4 +6,8 @@ FROM --platform=linux/amd64 debian:bookworm-slim
 # PORTER_MIXINS
 
 # Use the BUNDLE_DIR build argument to copy files into the bundle
+RUN mkdir -p ${BUNDLE_DIR}/app
+# hadolint ignore=DL3022
+COPY --from=scripts --link . ${BUNDLE_DIR}/scripts/
+
 COPY --link . ${BUNDLE_DIR}/
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter-build-context.env b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter-build-context.env
new file mode 100644
index 0000000000..7c2ad444b0
--- /dev/null
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter-build-context.env
@@ -0,0 +1 @@
+export PORTER_BUILD_CONTEXT="scripts=../../../../scripts"
diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
index 30895442e5..c5bc20e2ae 100644
--- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
+++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/porter.yaml
@@ -1,7 +1,7 @@
 ---
 schemaVersion: 1.0.0
 name: tre-service-guacamole-linuxvm
-version: 1.2.3
+version: 1.3.1
 description: "An Azure TRE User Resource Template for Guacamole (Linux)"
 dockerfile: Dockerfile.tmpl
 registry: azuretre
@@ -244,6 +244,15 @@ uninstall:
         container_name: ${ bundle.parameters.tfstate_container_name }
         key: ${ bundle.parameters.id }
 
+  - exec:
+      description: "Run the clean_up_resources.sh script"
+      command: "./scripts/delete_azure_resources.sh"
+      arguments:
+        - ${ bundle.parameters.tre_id }
+        - ${ bundle.parameters.workspace_id }
+        - ${ bundle.parameters.parent_service_id }
+        - ${ bundle.parameters.id }
+
 start:
   - terraform:
       arguments: