Remove manual (makefile) install option for Gitea and Nexus

CHANGELOG.md

@@ -23,6 +23,7 @@ ENHANCEMENTS:
 * Add `is_expsed_externally` option to Azure ML Workspace Service ([#2548](https://github.com/microsoft/AzureTRE/pull2548))
 * Azure ML workspace service assigns Azure ML Data Scientist role to Workspace Researchers ([#2539](https://github.com/microsoft/AzureTRE/pull/2539))
 * UI is deployed by default ([#2554](https://github.com/microsoft/AzureTRE/pull/2554))
+* Remove manual/makefile option to install Gitea/Nexus ([#2573](https://github.com/microsoft/AzureTRE/pull/2573))
 
 
 BUG FIXES:

Makefile

@@ -11,18 +11,13 @@ LINTER_REGEX_INCLUDE?=all # regular expression used to specify which files to in
 target_title = @echo -e "\n\e[34m»»» 🧩 \e[96m$(1)\e[0m..."
 
 all: bootstrap mgmt-deploy images tre-deploy
-tre-deploy: deploy-core build-and-deploy-ui deploy-shared-services db-migrate show-core-output
+tre-deploy: deploy-core build-and-deploy-ui firewall-install db-migrate show-core-output
 
 images: build-and-push-api build-and-push-resource-processor build-and-push-airlock-processor
 build-and-push-api: build-api-image push-api-image
 build-and-push-resource-processor: build-resource-processor-vm-porter-image push-resource-processor-vm-porter-image
 build-and-push-airlock-processor: build-airlock-processor push-airlock-processor
 
-deploy-shared-services: firewall-install
-	. ${MAKEFILE_DIR}/devops/scripts/load_env.sh ./templates/core/.env \
-	&& if [ "$${DEPLOY_GITEA}" == "true" ]; then $(MAKE) gitea-install; fi \
-	&& if [ "$${DEPLOY_NEXUS}" == "true" ]; then $(MAKE) nexus-install; fi
-
 # to move your environment from the single 'core' deployment (which includes the firewall)
 # toward the shared services model, where it is split out - run the following make target before a tre-deploy
 # This will remove + import the resource state into a shared service
@@ -107,7 +102,10 @@ prepare-tf-state:
 deploy-core: tre-start
 	$(call target_title, "Deploying TRE") \
 	&& . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env,auth \
-	&& if [[ "$${TF_LOG}" == "DEBUG" ]]; then echo "TF DEBUG set - output supressed - see tflogs container for log file" && cd ${MAKEFILE_DIR}/templates/core/terraform/ && ./deploy.sh 1>/dev/null 2>/dev/null; else cd ${MAKEFILE_DIR}/templates/core/terraform/ && ./deploy.sh; fi;
+	&& if [[ "$${TF_LOG}" == "DEBUG" ]]; \
+		then echo "TF DEBUG set - output supressed - see tflogs container for log file" && cd ${MAKEFILE_DIR}/templates/core/terraform/ \
+			&& ./deploy.sh 1>/dev/null 2>/dev/null; \
+		else cd ${MAKEFILE_DIR}/templates/core/terraform/ && ./deploy.sh; fi;
 
 letsencrypt:
 	$(call target_title, "Requesting LetsEncrypt SSL certificate") \
@@ -249,7 +247,9 @@ bundle-register:
 	&& az acr login --name $${ACR_NAME}	\
 	&& . ${MAKEFILE_DIR}/devops/scripts/get_access_token.sh \
 	&& cd ${DIR} \
-	&& ${MAKEFILE_DIR}/devops/scripts/register_bundle_with_api.sh --acr-name "$${ACR_NAME}" --bundle-type "$${BUNDLE_TYPE}" --current --insecure --tre_url "$${TRE_URL:-https://$${TRE_ID}.$${LOCATION}.cloudapp.azure.com}" --verify --workspace-service-name "$${WORKSPACE_SERVICE_NAME}"
+	&& ${MAKEFILE_DIR}/devops/scripts/register_bundle_with_api.sh --acr-name "$${ACR_NAME}" --bundle-type "$${BUNDLE_TYPE}" \
+		--current --insecure --tre_url "$${TRE_URL:-https://$${TRE_ID}.$${LOCATION}.cloudapp.azure.com}" --verify \
+		--workspace-service-name "$${WORKSPACE_SERVICE_NAME}"
 
 workspace_bundle = $(MAKE) bundle-build bundle-publish bundle-register \
 	DIR="${MAKEFILE_DIR}/templates/workspaces/$(1)" BUNDLE_TYPE=workspace
@@ -275,18 +275,6 @@ firewall-install:
 	$(MAKE) bundle-build bundle-publish bundle-register deploy-shared-service \
 	DIR=${MAKEFILE_DIR}/templates/shared_services/firewall/ BUNDLE_TYPE=shared_service
 
-nexus-install:
-	$(MAKE) bundle-build bundle-publish bundle-register deploy-shared-service \
-	DIR="${MAKEFILE_DIR}/templates/shared_services/certs" BUNDLE_TYPE=shared_service PROPS="--domain_prefix nexus --cert_name nexus-ssl" \
-	&& $(MAKE) bundle-build bundle-publish bundle-register deploy-shared-service \
-	DIR=${MAKEFILE_DIR}/templates/shared_services/sonatype-nexus-vm/ BUNDLE_TYPE=shared_service PROPS="--ssl_cert_name nexus-ssl"
-
-gitea-install:
-	$(MAKE) bundle-build bundle-publish bundle-register deploy-shared-service DIR=${MAKEFILE_DIR}/templates/shared_services/gitea/ BUNDLE_TYPE=shared_service
-
-temp-do-upload:
-	$(MAKE) static-web-upload DIR=${MAKEFILE_DIR}/dummy
-
 static-web-upload:
 	$(call target_title, "Uploading to static website") \
 	&& . ${MAKEFILE_DIR}/devops/scripts/check_dependencies.sh nodocker,env,auth \

docs/tre-admins/environment-variables.md

@@ -29,9 +29,6 @@
 | `AAD_TENANT_ID` | Generated when following [pre-deployment steps](./setup-instructions/pre-deployment-steps.md) guide. Tenant id against which auth is performed. |
 | `API_CLIENT_ID` | Generated when following [pre-deployment steps](./setup-instructions/pre-deployment-steps.md) guide. Client id of the "TRE API". |
 | `API_CLIENT_SECRET` | Generated when following [pre-deployment steps](./setup-instructions/pre-deployment-steps.md) guide. Client secret of the "TRE API". |
-| `DEPLOY_GITEA` | If set to `false` disables deployment of the [Gitea shared service](../tre-templates/shared-services/gitea.md). |
-| `DEPLOY_NEXUS` | If set to `false` disables deployment of the [Nexus shared service](../tre-templates/shared-services/nexus.md). |
-| `KEYVAULT_PURGE_PROTECTION_ENABLED` | If set to `false` disables purge protection of keyvault. A recommended setting for developers. |
 | `STATEFUL_RESOURCES_LOCKED` | If set to `false` locks on stateful resources won't be created. A recommended setting for developers. |
 | `ENABLE_AIRLOCK_MALWARE_SCANNING` | If False, Airlock requests will skip the malware scanning stage. If set to True, Setting up a scanner manually is required! |
 | `ENABLE_LOCAL_DEBUGGING` | Set to `false` by default. Setting this to `true` will ensure that Azure resources are accessible from your local development machine. (e.g. ServiceBus and Cosmos) |

docs/tre-admins/setup-instructions/configuring-shared-services.md

@@ -1,16 +1,8 @@
 # Configuring Shared Services
 
-## Deploy/configure Nexus manually
+In general, a shared service should be installed by using the UI or API directly once its bundle has been registered on the system.
 
-Setting `DEPLOY_NEXUS=true` in your `.env` and running `make all` will install and configure certs & Nexus automatically. You can also
-do this by running `make nexus-install`.
-
-If you're deploying a brand new environment and you didn't flag Nexus to be installed automatically, you should deploy the VM-based (V2) service manually (read section `A`). If you wish to migrate from an existing App Service Nexus service (V1) to the VM-based service, first manually deploy the new service (section `A`) then proceed to section `B`.
-
-!!! info
-    Guacamole user resources of version `0.3.6` or higher target Nexus V2 by default, but have the option to manually specify V1 as a `nexus_version` parameter if you have an instance of the Nexus V1 service that you wish to use. When you're readu to migrate to the new service, you can do so manually by following section `B`.
-
-### A. Deploy & configure V2 Nexus service (hosted on VM)
+## Deploy & configure V2 Nexus service (hosted on VM)
 
 !!! caution
     Before deploying the V2 Nexus service, you will need workspaces of version `0.3.2` or above due to a dependency on a DNS zone link for the workspace(s) to connect to the Nexus VM.
@@ -84,9 +76,9 @@ You can optionally go to the Nexus web interface by visiting `https://nexus-{TRE
 
 Just bear in mind that if this service is redeployed any changes made in the Nexus UI won't be persisted. If you wish to permanently add new repositories or alter existing ones, modify the JSON files within the `./nexus_repos_config` directory and redeploy.
 
-### B. Migrate from an existing V1 Nexus service (hosted on App Service)
+### Migrate from an existing V1 Nexus service (hosted on App Service)
 
-Once you've created the new V2 (VM-based) Nexus service by following section `A`, you can migrate from the V1 Nexus service by following these steps:
+Once you've created the new V2 (VM-based) Nexus service by following the previous section, you can migrate from the V1 Nexus service by following these steps:
 
 1. Identify any existing Guacamole user resources that are using the old proxy URL (`https://nexus-{TRE_ID}.azurewebsites.net/`). These will be any VMs with bundle versions < `0.3.2`.
 

docs/tre-admins/setup-instructions/workflows.md

@@ -131,8 +131,6 @@ Configure additional repository secrets used in the deployment pipeline
 | `ACR_NAME` | A globally unique name for the Azure Container Registry (ACR) that will be created to store deployment images. |
 | `CORE_ADDRESS_SPACE` |  The address space for the Azure TRE core virtual network. E.g. `10.1.0.0/22`. Recommended `/22` or larger.  |
 | `TRE_ADDRESS_SPACE` | The address space for the whole TRE environment virtual network where workspaces networks will be created (can include the core network as well). E.g. `10.0.0.0/12`|
-| `DEPLOY_GITEA` | If set to `false` disables deployment of the Gitea shared service. |
-| `DEPLOY_NEXUS` | If set to `false` disables deployment of the Nexus shared service. |
 
 ### Deploy the TRE using the workflow
 

docs/tre-templates/shared-services/gitea.md

@@ -6,7 +6,7 @@ Documentation on Gitea can be found here: [https://docs.gitea.io/](https://docs.
 
 ## Deploy
 
-To deploy set `DEPLOY_GITEA=true` in `templates/core/.env`
+To deploy this shared service you should use the UI (or the API) to issue a request. If you don't see the option available for this specifc template make sure it has been built, published and registered by the TRE Admin.
 
 ## Getting Started
 

docs/tre-templates/shared-services/nexus.md

@@ -6,7 +6,7 @@ Documentation on Nexus can be found here: [https://help.sonatype.com/repomanager
 
 ## Deploy
 
-To deploy set `DEPLOY_NEXUS=true` in `templates/core/.env`.
+To deploy this service use the UI or API directly and choose the nexus template.
 
 Nexus will be deployed as part of the main TRE terraform deployment. A configuration script needs to be run once the deployment is done. The script will:
 

templates/core/.env.sample

@@ -51,14 +51,6 @@ AUTO_WORKSPACE_APP_REGISTRATION=true
 CORE_ADDRESS_SPACE="10.1.0.0/22"
 TRE_ADDRESS_SPACE="10.0.0.0/12"
 
-# Uncomment this to deploy Gitea
-# DEPLOY_GITEA=true
-
-# Uncomment this to deploy Nexus
-# DEPLOY_NEXUS=true
-
-RESOURCE_PROCESSOR_TYPE="vmss_porter"
-API_APP_SERVICE_PLAN_SKU_SIZE="P1v2"
 APP_SERVICE_PLAN_SKU="P1v2"
 ADMIN_JUMPBOX_VM_SKU="Standard_B2s"
 RESOURCE_PROCESSOR_VMSS_SKU="Standard_B2s"

templates/core/version.txt

@@ -1 +1 @@
-__version__ = "0.4.22"
+__version__ = "0.4.23"