Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User username as VM username rather than random ID #4333

Merged
merged 18 commits into from
Feb 19, 2025
Merged

User username as VM username rather than random ID #4333

merged 18 commits into from
Feb 19, 2025

Conversation

marrobi
Copy link
Member

@marrobi marrobi commented Feb 6, 2025
edited
Loading

Fixes #1148 #3693

Users email prior to the @ sign (as external users have unhelpful UPNs), or if no email UPN prior to the @ sign, as the username, limits to 20 chars.

Needed to update resource processor to pick OwnerId from the message and used AD TF provider to get details from user objectID.

image

image

@marrobi
Fix dev container initialization on Windows
1ca920b 
Fixes microsoft#4325

Add platform-specific initialization scripts for dev container.

* **Add `initialize.sh` script**: Create directories `.azure` and `.config` in the user's home directory using Bash.
* **Add `initialize.cmd` script**: Create directories `.azure` and `.config` in the user's profile directory using Windows command line.
* **Update `initializeCommand` in `devcontainer.json`**: Use array syntax to reference the new platform-specific initialization scripts.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/AzureTRE/issues/4325?shareId=XXXX-XXXX-XXXX-XXXX).
@marrobi
WIP
a68e577
@marrobi
Merge branch 'main' of https://github.com/microsoft/AzureTRE into mar…
8c494eb 
…robi/username-as-username
@marrobi
Works with Linux and Windows
fbdee79
@marrobi
Merge branch 'main' of https://github.com/microsoft/AzureTRE into mar…
2aff78b 
…robi/username-as-username
@marrobi
Revert changes
8900234
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 6, 2025
edited
Loading

Unit Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit 580e43c.

♻️ This comment has been updated with latest results.

@marrobi marrobi requested a review from Copilot February 6, 2025 16:15
Copilot
Copilot AI reviewed Feb 6, 2025
View reviewed changes

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 4 out of 20 changed files in this pull request and generated no comments.

Files not reviewed (16)
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/template_schema.json: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/.terraform.lock.hcl: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/data.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/linuxvm.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/locals.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/outputs.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/.terraform.lock.hcl: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/data.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/locals.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/main.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/outputs.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/windowsvm.tf: Language not supported
Comments suppressed due to low confidence (1)

resource_processor/resources/commands.py:145

  • The comment contains a spelling mistake: 'ot' should be 'to', 'detaisl' should be 'details', and 'objec tID' should be 'object ID'.
return msg_body.get("ownerId")  # not included in all messages
@marrobi marrobi requested a review from Copilot February 6, 2025 16:17
Copilot
Copilot AI reviewed Feb 6, 2025
View reviewed changes

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 4 out of 20 changed files in this pull request and generated no comments.

Files not reviewed (16)
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/template_schema.json: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/.terraform.lock.hcl: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/data.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/linuxvm.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/locals.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/main.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/outputs.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-linuxvm/terraform/variables.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/template_schema.json: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/.terraform.lock.hcl: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/data.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/locals.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/main.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/outputs.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/variables.tf: Language not supported
  • templates/workspace_services/guacamole/user_resources/guacamole-azure-windowsvm/terraform/windowsvm.tf: Language not supported
Comments suppressed due to low confidence (1)

resource_processor/resources/commands.py:145

  • [nitpick] The parameter name 'owner_id' should be checked for consistency with the rest of the codebase.
return msg_body.get("ownerId")
@marrobi marrobi marked this pull request as ready for review February 6, 2025 16:18
@marrobi
Copy link
Member Author

marrobi commented Feb 6, 2025

/test-extended

@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 6, 2025

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/13183175950 (with refid def25300)

(in response to this comment from @marrobi)

@jonnyry
Copy link
Collaborator

jonnyry commented Feb 13, 2025

@marrobi ok to update this branch? will give it a test locally

@marrobi
Copy link
Member Author

marrobi commented Feb 13, 2025

@marrobi ok to update this branch? will give it a test locally

Done.

@jonnyry
Copy link
Collaborator

jonnyry commented Feb 14, 2025

@marrobi ok to update this branch? will give it a test locally

Done.

Gave it a quick test on a local instance and worked nicely.

jonnyry
jonnyry approved these changes Feb 14, 2025
View reviewed changes
Copy link
Collaborator

@jonnyry jonnyry left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Couple of small comments re username calculation.

@jonnyry
Copy link
Collaborator

jonnyry commented Feb 14, 2025

@marrobi Re the username calculation logic -

 admin_username = (
    length(data.azuread_user.user.mail) > 0 ?
    substr(element(split("@", data.azuread_user.user.mail), 0), 0, 20) :
    substr(
      contains(element(split("@", data.azuread_user.user.user_principal_name), 0), "#EXT#") ?
      element(split("#EXT#", element(split("@", data.azuread_user.user.user_principal_name), 0)), 0) :
      element(split("@", data.azuread_user.user.user_principal_name), 0),
      0, 20
    )
  )

We use internal member accounts, and so would prefer if the UPN was used first - so the username aligns with the user's Entra username, rather than external email accounts which will come from a variety of domains and potentially in different formats.

Though understand a lot of people will be using external guest accounts.

Could the logic be something like this instead, so the UPN is preferred unless its a guest account:

if ((UPN contains "#EXT#") and (email is not blank)) then
  use email address
else
  use UPN

I think that would look something like:

 admin_username = (
    ((length(data.azuread_user.user.mail) > 0) && (contains(data.azuread_user.user.user_principal_name, "#EXT#"))) ?
    substr(element(split("@", data.azuread_user.user.mail), 0), 0, 20) :
    substr(
      contains(element(split("@", data.azuread_user.user.user_principal_name), 0), "#EXT#") ?
      element(split("#EXT#", element(split("@", data.azuread_user.user.user_principal_name), 0)), 0) :
      element(split("@", data.azuread_user.user.user_principal_name), 0),
      0, 20
    )
  )

@marrobi
Copy link
Member Author

marrobi commented Feb 17, 2025

@jonnyry I've updated as per your PR comments, I've also added a fix for the VM deletion issue #4135

Are you able to give this another test? I don't have an environment deployed at the moment.

@marrobi marrobi requested a review from yuvalyaron February 18, 2025 18:59
@marrobi marrobi enabled auto-merge (squash) February 19, 2025 15:33
@marrobi
Copy link
Member Author

marrobi commented Feb 19, 2025

/test

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

🏃 Running tests: https://github.com/microsoft/AzureTRE/actions/runs/13416348783 (with refid def25300)

(in response to this comment from @marrobi)

@marrobi marrobi merged commit 5c7d725 into microsoft:main Feb 19, 2025
12 checks passed
@marrobi marrobi deleted the marrobi/username-as-username branch February 19, 2025 16:41
This was referenced Feb 19, 2025
Closed
Closed
@jonnyry jonnyry mentioned this pull request Feb 21, 2025
Closed
@marrobi marrobi mentioned this pull request Feb 21, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonnyry jonnyry jonnyry approved these changes

Copilot code review Copilot Copilot left review comments

@yuvalyaron yuvalyaron yuvalyaron approved these changes

@tamirkamara tamirkamara Awaiting requested review from tamirkamara

@LizaShak LizaShak Awaiting requested review from LizaShak

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

VM username should be the users username from access token, rather than a random one.
3 participants
@marrobi @jonnyry @yuvalyaron