diff --git a/CHANGELOG.md b/CHANGELOG.md index 8fafc87bd..c9d7659bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,12 @@ ## (Unreleased) +**BREAKING CHANGES** +* Remove Windows 10 and dsvm image support from Guacamole. ([#4890](https://github.com/microsoft/AzureTRE/issues/4890)) ENHANCEMENTS: * Specify default_outbound_access_enabled = false setting for all subnets ([#4757](https://github.com/microsoft/AzureTRE/pull/4757)) * Pin all GitHub Actions workflow steps to full commit SHAs to prevent supply chain attacks plus update to latest releases ([#4886](https://github.com/microsoft/AzureTRE/pull/4886)) +* Add Windows Server 2025 image support to Guacamole. ([#4890](https://github.com/microsoft/AzureTRE/issues/4890)) ## (0.28.0) (March 2, 2026) **BREAKING CHANGES** diff --git a/api_app/_version.py b/api_app/_version.py index 2cb28789f..7923a95d3 100644 --- a/api_app/_version.py +++ b/api_app/_version.py @@ -1 +1 @@ -__version__ = "0.25.15" +__version__ = "0.25.16" diff --git a/api_app/tests_ma/test_api/test_routes/test_workspaces.py b/api_app/tests_ma/test_api/test_routes/test_workspaces.py index 5e97af84f..f97312f97 100644 --- a/api_app/tests_ma/test_api/test_routes/test_workspaces.py +++ b/api_app/tests_ma/test_api/test_routes/test_workspaces.py @@ -218,8 +218,9 @@ def sample_resource_template() -> ResourceTemplate: 'title': 'Windows image', 'description': 'Select Windows image to use for VM', 'enum': [ - 'Windows 10', - 'Server 2019 Data Science VM' + 'Windows 11', + 'Server 2019 Data Science VM', + 'Server 2022 Data Science VM' ], 'updateable': False }, diff --git a/api_app/tests_ma/test_db/test_repositories/test_resource_repository.py b/api_app/tests_ma/test_db/test_repositories/test_resource_repository.py index 60b8569c5..c3ffceb1c 100644 --- a/api_app/tests_ma/test_db/test_repositories/test_resource_repository.py +++ b/api_app/tests_ma/test_db/test_repositories/test_resource_repository.py @@ -82,8 +82,9 @@ def sample_resource_template() -> ResourceTemplate: 'title': 'Windows image', 'description': 'Select Windows image to use for VM', 'enum': [ - 'Windows 10', - 'Server 2019 Data Science VM' + 'Windows 11', + 'Server 2019 Data Science VM', + 'Server 2022 Data Science VM' ], 'updateable': False }, diff --git a/docs/tre-admins/setup-instructions/installing-workspace-service-and-user-resource.md b/docs/tre-admins/setup-instructions/installing-workspace-service-and-user-resource.md index 8feea8146..b34f7e361 100644 --- a/docs/tre-admins/setup-instructions/installing-workspace-service-and-user-resource.md +++ b/docs/tre-admins/setup-instructions/installing-workspace-service-and-user-resource.md @@ -89,7 +89,7 @@ Once the workspace service has been created, we can use the workspace API to cre } ``` - > Note: You can also specify "Windows 10" in "os_image" for a standard Windows 10 image. + > Note: You can also specify "Windows 11" in "os_image" for a standard Windows 11 image. The API will return an `operation` object with a `Location` header to query the operation status, as well as the `resourceId` and `resourcePath` properties to query the resource under creation. diff --git a/docs/tre-templates/user-resources/guacamole-windows-vm.md b/docs/tre-templates/user-resources/guacamole-windows-vm.md index 39300d541..c1393b4af 100644 --- a/docs/tre-templates/user-resources/guacamole-windows-vm.md +++ b/docs/tre-templates/user-resources/guacamole-windows-vm.md @@ -1,6 +1,6 @@ # Guacamole User Resource Service bundle (Windows) -This is a User Resource Service template. It defines a Windows 10/Server 2019 VM to be used by TRE researchers and to be connected to using a [Guacamole server](https://guacamole.apache.org/). +This is a User Resource Service template. It defines a Windows 11/Server 2019/Server 2022 VM to be used by TRE researchers and to be connected to using a [Guacamole server](https://guacamole.apache.org/). It blocks all inbound and outbound traffic to the internet and allows only RDP connections from within the vnet. ## Prerequisites diff --git a/e2e_tests/test_workspace_services.py b/e2e_tests/test_workspace_services.py index c4b67036a..dedee606a 100644 --- a/e2e_tests/test_workspace_services.py +++ b/e2e_tests/test_workspace_services.py @@ -31,7 +31,7 @@ async def test_create_guacamole_service_into_base_workspace(setup_test_workspace "properties": { "display_name": "My VM", "description": "Will be using this VM for my research", - "os_image": "Windows 10", + "os_image": "Windows 11", "admin_username": "researcher" } } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml index b8fdcf7f0..db3211f12 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-export-reviewvm -version: 0.3.5 +version: 0.3.6 description: "An Azure TRE User Resource Template for reviewing Airlock export requests" dockerfile: Dockerfile.tmpl registry: azuretre @@ -11,15 +11,15 @@ custom: vm_sizes: "2 CPU | 8GB RAM": Standard_D2s_v5 image_options: - "Server 2019 Data Science VM": + "Windows Server 2025": source_image_reference: - publisher: microsoft-dsvm - offer: dsvm-win-2019 - sku: winserver-2019 + publisher: MicrosoftWindowsServer + offer: WindowsServer + sku: 2025-datacenter-g2 version: latest - conda_config: true - secure_boot_enabled: false # dsvm-win-2019 is not a gen2 image - vtpm_enabled: false + conda_config: false + secure_boot_enabled: true + vtpm_enabled: true credentials: - name: azure_tenant_id diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/template_schema.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/template_schema.json index f7041a8c8..598e60d96 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/template_schema.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/template_schema.json @@ -1,41 +1,41 @@ { - "$schema": "http://json-schema.org/draft-07/schema", - "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/template_schema.json", - "type": "object", - "title": "Export review Virtual Machine", - "description": "Windows virtual machine for export review", - "required": [ - ], - "authorizedRoles": [ - "AirlockManager" - ], - "properties": { - "os_image": { - "$id": "#/properties/os_image", - "type": "string", - "title": "Windows image", - "description": "Select Windows image to use for VM", - "enum": [ - "Server 2019 Data Science VM" - ] - }, - "vm_size": { - "$id": "#/properties/vm_size", - "type": "string", - "title": "VM Size", - "description": "Select size of VM", - "enum": [ - "2 CPU | 8GB RAM" - ], - "updateable": true - }, - "airlock_request_sas_url": { - "$id": "#/properties/airlock_request_sas_url", - "type": "string", - "title": "Airlock request SAS Token", - "description": "SAS Token for airlock request", - "updateable": false, - "sensitive": true - } + "$schema": "http://json-schema.org/draft-07/schema", + "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-export-reviewvm/template_schema.json", + "type": "object", + "title": "Export review Virtual Machine", + "description": "Windows virtual machine for export review", + "required": [], + "authorizedRoles": [ + "AirlockManager" + ], + "properties": { + "os_image": { + "$id": "#/properties/os_image", + "type": "string", + "title": "Windows image", + "description": "Select Windows image to use for VM", + "enum": [ + "Server 2019 Data Science VM", + "Server 2022 Data Science VM" + ] + }, + "vm_size": { + "$id": "#/properties/vm_size", + "type": "string", + "title": "VM Size", + "description": "Select size of VM", + "enum": [ + "2 CPU | 8GB RAM" + ], + "updateable": true + }, + "airlock_request_sas_url": { + "$id": "#/properties/airlock_request_sas_url", + "type": "string", + "title": "Airlock request SAS Token", + "description": "SAS Token for airlock request", + "updateable": false, + "sensitive": true } + } } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml index 685da7e5a..32b673310 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/porter.yaml @@ -1,7 +1,7 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-import-reviewvm -version: 0.4.4 +version: 0.4.5 description: "An Azure TRE User Resource Template for reviewing Airlock import requests" dockerfile: Dockerfile.tmpl registry: azuretre @@ -11,15 +11,15 @@ custom: vm_sizes: "2 CPU | 8GB RAM": Standard_D2s_v5 image_options: - "Server 2019 Data Science VM": + "Windows Server 2025": source_image_reference: - publisher: microsoft-dsvm - offer: dsvm-win-2019 - sku: winserver-2019 + publisher: MicrosoftWindowsServer + offer: WindowsServer + sku: 2025-datacenter-g2 version: latest - conda_config: true - secure_boot_enabled: false # dsvm-win-2019 is not a gen2 image - vtpm_enabled: false + conda_config: false + secure_boot_enabled: true + vtpm_enabled: true # For information on using custom images, see README.me in the guacamole/user-resources folder # "Custom Image From Gallery": # source_image_name: sltestwin1 diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json index fe51c46fa..3249282d9 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json @@ -1,41 +1,41 @@ { - "$schema": "http://json-schema.org/draft-07/schema", - "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json", - "type": "object", - "title": "Import review Virtual Machine", - "description": "Windows virtual machine for import review", - "required": [ - ], - "authorizedRoles": [ - "AirlockManager" - ], - "properties": { - "os_image": { - "$id": "#/properties/os_image", - "type": "string", - "title": "Windows image", - "description": "Select Windows image to use for VM", - "enum": [ - "Server 2019 Data Science VM" - ] - }, - "vm_size": { - "$id": "#/properties/vm_size", - "type": "string", - "title": "VM Size", - "description": "Select size of VM", - "enum": [ - "2 CPU | 8GB RAM" - ], - "updateable": true - }, - "airlock_request_sas_url": { - "$id": "#/properties/airlock_request_sas_url", - "type": "string", - "title": "Airlock request SAS Token", - "description": "SAS Token for airlock request", - "updateable": false, - "sensitive": true - } + "$schema": "http://json-schema.org/draft-07/schema", + "$id": "https://github.com/microsoft/AzureTRE/templates/workspace_services/guacamole/user_resources/guacamole-azure-import-reviewvm/template_schema.json", + "type": "object", + "title": "Import review Virtual Machine", + "description": "Windows virtual machine for import review", + "required": [], + "authorizedRoles": [ + "AirlockManager" + ], + "properties": { + "os_image": { + "$id": "#/properties/os_image", + "type": "string", + "title": "Windows image", + "description": "Select Windows image to use for VM", + "enum": [ + "Server 2019 Data Science VM", + "Server 2022 Data Science VM" + ] + }, + "vm_size": { + "$id": "#/properties/vm_size", + "type": "string", + "title": "VM Size", + "description": "Select size of VM", + "enum": [ + "2 CPU | 8GB RAM" + ], + "updateable": true + }, + "airlock_request_sas_url": { + "$id": "#/properties/airlock_request_sas_url", + "type": "string", + "title": "Airlock request SAS Token", + "description": "SAS Token for airlock request", + "updateable": false, + "sensitive": true } + } } diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml index 9d285417b..6871fe4c9 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/porter.yaml @@ -1,8 +1,8 @@ --- schemaVersion: 1.0.0 name: tre-service-guacamole-windowsvm -version: 1.4.4 -description: "An Azure TRE User Resource Template for Guacamole (Windows 10)" +version: 1.4.5 +description: "An Azure TRE User Resource Template for Guacamole (Windows 11 or Windows Server Data Science VM)" dockerfile: Dockerfile.tmpl registry: azuretre @@ -14,15 +14,6 @@ custom: "8 CPU | 32GB RAM": Standard_D8s_v6 "16 CPU | 64GB RAM": Standard_D16s_v6 image_options: - "Windows 10": - source_image_reference: - publisher: MicrosoftWindowsDesktop - offer: Windows-10 - sku: win10-22h2-pro-g2 - version: latest - conda_config: false - secure_boot_enabled: true - vtpm_enabled: true "Windows 11": source_image_reference: publisher: microsoftwindowsdesktop @@ -32,15 +23,15 @@ custom: conda_config: false secure_boot_enabled: true vtpm_enabled: true - "Server 2019 Data Science VM": + "Windows Server 2025": source_image_reference: - publisher: microsoft-dsvm - offer: dsvm-win-2019 - sku: winserver-2019 + publisher: MicrosoftWindowsServer + offer: WindowsServer + sku: 2025-datacenter-g2 version: latest - conda_config: true - secure_boot_enabled: false # dsvm-win-2019 is not a gen2 image - vtpm_enabled: false + conda_config: false + secure_boot_enabled: true + vtpm_enabled: true # For information on using custom images, see README.me in the guacamole/user-resources folder # "Custom Image From Gallery": # source_image_name: your-image @@ -103,7 +94,7 @@ parameters: default: false - name: os_image type: string - default: "Windows 10" + default: "Windows 11" - name: admin_username type: string default: "" diff --git a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json index 86d25af96..afe58231a 100644 --- a/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json +++ b/templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json @@ -29,11 +29,11 @@ "type": "string", "title": "Windows image", "description": "Select Windows image to use for VM", - "default": "Windows 10", + "default": "Windows 11", "enum": [ - "Windows 10", "Windows 11", - "Server 2019 Data Science VM" + "Server 2019 Data Science VM", + "Server 2022 Data Science VM" ] }, "admin_username": {