From db01655eec54c1c2a73b1b2fb7ca14d34450746c Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 5 Oct 2022 12:29:44 +0100 Subject: [PATCH 1/6] :wrench: Change sre.databases config entry to be a list of enabled databases --- deployment/common/Configuration.psm1 | 10 ++- .../resources/sre_bluet1guac_full_config.json | 87 ++++++++++--------- .../sre_bluet3msrds_full_config.json | 87 ++++++++++--------- .../sre_greent2guac_full_config.json | 87 ++++++++++--------- 4 files changed, 142 insertions(+), 129 deletions(-) diff --git a/deployment/common/Configuration.psm1 b/deployment/common/Configuration.psm1 index cd4c2884e0..c1090d9bb8 100644 --- a/deployment/common/Configuration.psm1 +++ b/deployment/common/Configuration.psm1 @@ -1059,7 +1059,9 @@ function Get-SreConfig { # Databases # --------- $config.sre.databases = [ordered]@{ - rg = "$($config.sre.rgPrefix)_DATABASES".ToUpper() + rg = "$($config.sre.rgPrefix)_DATABASES".ToUpper() + enabled = $False + instances = @() } $dbConfig = @{ MSSQL = @{port = "1433"; prefix = "MSSQL"; sku = "sqldev-gen2" } @@ -1070,7 +1072,8 @@ function Get-SreConfig { if (-not @($dbConfig.Keys).Contains($databaseType)) { Add-LogMessage -Level Fatal "Database type '$databaseType' was not recognised!" } - $config.sre.databases["db$($databaseType.ToLower())"] = [ordered]@{ + $databasePorts += $dbConfig[$databaseType].port + $config.sre.databases.instances += [ordered]@{ adminPasswordSecretName = "$($config.sre.shortName)-vm-admin-password-$($databaseType.ToLower())" dbAdminUsernameSecretName = "$($config.sre.shortName)-db-admin-username-$($databaseType.ToLower())" dbAdminPasswordSecretName = "$($config.sre.shortName)-db-admin-password-$($databaseType.ToLower())" @@ -1092,7 +1095,8 @@ function Get-SreConfig { } } } - if ($databaseType -eq "MSSQL") { $config.sre.databases["db$($databaseType.ToLower())"]["enableSSIS"] = $true } + $config.sre.databases.enabled = $True + if ($databaseType -eq "MSSQL") { $config.sre.databases.instances[-1].enableSSIS = $true } $ipOffset += 1 } diff --git a/tests/resources/sre_bluet1guac_full_config.json b/tests/resources/sre_bluet1guac_full_config.json index b0220945ea..43782149fc 100644 --- a/tests/resources/sre_bluet1guac_full_config.json +++ b/tests/resources/sre_bluet1guac_full_config.json @@ -1107,51 +1107,54 @@ } }, "databases": { - "dbmssql": { - "adminPasswordSecretName": "sre-t1guac-vm-admin-password-mssql", - "dbAdminPasswordSecretName": "sre-t1guac-db-admin-password-mssql", - "dbAdminUsernameSecretName": "sre-t1guac-db-admin-username-mssql", - "disks": { - "data": { - "sizeGb": "1024", - "type": "Standard_LRS" + "enabled": true, + "instances": [ + { + "adminPasswordSecretName": "sre-t1guac-vm-admin-password-mssql", + "dbAdminUsernameSecretName": "sre-t1guac-db-admin-username-mssql", + "dbAdminPasswordSecretName": "sre-t1guac-db-admin-password-mssql", + "vmName": "MSSQL-T1GUAC", + "type": "MSSQL", + "ip": "10.151.3.4", + "port": "1433", + "sku": "sqldev-gen2", + "subnet": "databases", + "vmSize": "Standard_DS2_v2", + "disks": { + "data": { + "sizeGb": "1024", + "type": "Standard_LRS" + }, + "os": { + "sizeGb": "128", + "type": "Standard_LRS" + } }, - "os": { - "sizeGb": "128", - "type": "Standard_LRS" - } + "enableSSIS": true }, - "enableSSIS": true, - "ip": "10.151.3.4", - "port": "1433", - "sku": "sqldev-gen2", - "subnet": "databases", - "type": "MSSQL", - "vmName": "MSSQL-T1GUAC", - "vmSize": "Standard_DS2_v2" - }, - "dbpostgresql": { - "adminPasswordSecretName": "sre-t1guac-vm-admin-password-postgresql", - "dbAdminPasswordSecretName": "sre-t1guac-db-admin-password-postgresql", - "dbAdminUsernameSecretName": "sre-t1guac-db-admin-username-postgresql", - "disks": { - "data": { - "sizeGb": "1024", - "type": "Standard_LRS" - }, - "os": { - "sizeGb": "128", - "type": "Standard_LRS" + { + "adminPasswordSecretName": "sre-t1guac-vm-admin-password-postgresql", + "dbAdminUsernameSecretName": "sre-t1guac-db-admin-username-postgresql", + "dbAdminPasswordSecretName": "sre-t1guac-db-admin-password-postgresql", + "vmName": "PSTGRS-T1GUAC", + "type": "PostgreSQL", + "ip": "10.151.3.5", + "port": "5432", + "sku": "Ubuntu-latest", + "subnet": "databases", + "vmSize": "Standard_DS2_v2", + "disks": { + "data": { + "sizeGb": "1024", + "type": "Standard_LRS" + }, + "os": { + "sizeGb": "128", + "type": "Standard_LRS" + } } - }, - "ip": "10.151.3.5", - "port": "5432", - "sku": "Ubuntu-latest", - "subnet": "databases", - "type": "PostgreSQL", - "vmName": "PSTGRS-T1GUAC", - "vmSize": "Standard_DS2_v2" - }, + } + ], "rg": "RG_SHM_BLUE_SRE_T1GUAC_DATABASES" }, "diskTypeDefault": "Standard_LRS", diff --git a/tests/resources/sre_bluet3msrds_full_config.json b/tests/resources/sre_bluet3msrds_full_config.json index 888ab79d6b..b357d2e3ef 100644 --- a/tests/resources/sre_bluet3msrds_full_config.json +++ b/tests/resources/sre_bluet3msrds_full_config.json @@ -1107,51 +1107,54 @@ } }, "databases": { - "dbmssql": { - "adminPasswordSecretName": "sre-t3msrds-vm-admin-password-mssql", - "dbAdminPasswordSecretName": "sre-t3msrds-db-admin-password-mssql", - "dbAdminUsernameSecretName": "sre-t3msrds-db-admin-username-mssql", - "disks": { - "data": { - "sizeGb": "1024", - "type": "Standard_LRS" + "enabled": true, + "instances": [ + { + "adminPasswordSecretName": "sre-t3msrds-vm-admin-password-mssql", + "dbAdminUsernameSecretName": "sre-t3msrds-db-admin-username-mssql", + "dbAdminPasswordSecretName": "sre-t3msrds-db-admin-password-mssql", + "vmName": "MSSQL-T3MSRDS", + "type": "MSSQL", + "ip": "10.163.3.4", + "port": "1433", + "sku": "sqldev-gen2", + "subnet": "databases", + "vmSize": "Standard_DS2_v2", + "disks": { + "data": { + "sizeGb": "1024", + "type": "Standard_LRS" + }, + "os": { + "sizeGb": "128", + "type": "Standard_LRS" + } }, - "os": { - "sizeGb": "128", - "type": "Standard_LRS" - } + "enableSSIS": true }, - "enableSSIS": true, - "ip": "10.163.3.4", - "port": "1433", - "sku": "sqldev-gen2", - "subnet": "databases", - "type": "MSSQL", - "vmName": "MSSQL-T3MSRDS", - "vmSize": "Standard_DS2_v2" - }, - "dbpostgresql": { - "adminPasswordSecretName": "sre-t3msrds-vm-admin-password-postgresql", - "dbAdminPasswordSecretName": "sre-t3msrds-db-admin-password-postgresql", - "dbAdminUsernameSecretName": "sre-t3msrds-db-admin-username-postgresql", - "disks": { - "data": { - "sizeGb": "1024", - "type": "Standard_LRS" - }, - "os": { - "sizeGb": "128", - "type": "Standard_LRS" + { + "adminPasswordSecretName": "sre-t3msrds-vm-admin-password-postgresql", + "dbAdminUsernameSecretName": "sre-t3msrds-db-admin-username-postgresql", + "dbAdminPasswordSecretName": "sre-t3msrds-db-admin-password-postgresql", + "vmName": "PSTGRS-T3MSRDS", + "type": "PostgreSQL", + "ip": "10.163.3.5", + "port": "5432", + "sku": "Ubuntu-latest", + "subnet": "databases", + "vmSize": "Standard_DS2_v2", + "disks": { + "data": { + "sizeGb": "1024", + "type": "Standard_LRS" + }, + "os": { + "sizeGb": "128", + "type": "Standard_LRS" + } } - }, - "ip": "10.163.3.5", - "port": "5432", - "sku": "Ubuntu-latest", - "subnet": "databases", - "type": "PostgreSQL", - "vmName": "PSTGRS-T3MSRDS", - "vmSize": "Standard_DS2_v2" - }, + } + ], "rg": "RG_SHM_BLUE_SRE_T3MSRDS_DATABASES" }, "diskTypeDefault": "Standard_LRS", diff --git a/tests/resources/sre_greent2guac_full_config.json b/tests/resources/sre_greent2guac_full_config.json index cd3d523622..33a2796de9 100644 --- a/tests/resources/sre_greent2guac_full_config.json +++ b/tests/resources/sre_greent2guac_full_config.json @@ -1160,51 +1160,54 @@ } }, "databases": { - "dbmssql": { - "adminPasswordSecretName": "sre-t2guac-vm-admin-password-mssql", - "dbAdminPasswordSecretName": "sre-t2guac-db-admin-password-mssql", - "dbAdminUsernameSecretName": "sre-t2guac-db-admin-username-mssql", - "disks": { - "data": { - "sizeGb": "1024", - "type": "Standard_LRS" + "enabled": true, + "instances": [ + { + "adminPasswordSecretName": "sre-t2guac-vm-admin-password-mssql", + "dbAdminUsernameSecretName": "sre-t2guac-db-admin-username-mssql", + "dbAdminPasswordSecretName": "sre-t2guac-db-admin-password-mssql", + "vmName": "MSSQL-T2GUAC", + "type": "MSSQL", + "ip": "10.152.3.4", + "port": "1433", + "sku": "sqldev-gen2", + "subnet": "databases", + "vmSize": "Standard_DS2_v2", + "disks": { + "data": { + "sizeGb": "1024", + "type": "Standard_LRS" + }, + "os": { + "sizeGb": "128", + "type": "Standard_LRS" + } }, - "os": { - "sizeGb": "128", - "type": "Standard_LRS" - } + "enableSSIS": true }, - "enableSSIS": true, - "ip": "10.152.3.4", - "port": "1433", - "sku": "sqldev-gen2", - "subnet": "databases", - "type": "MSSQL", - "vmName": "MSSQL-T2GUAC", - "vmSize": "Standard_DS2_v2" - }, - "dbpostgresql": { - "adminPasswordSecretName": "sre-t2guac-vm-admin-password-postgresql", - "dbAdminPasswordSecretName": "sre-t2guac-db-admin-password-postgresql", - "dbAdminUsernameSecretName": "sre-t2guac-db-admin-username-postgresql", - "disks": { - "data": { - "sizeGb": "1024", - "type": "Standard_LRS" - }, - "os": { - "sizeGb": "128", - "type": "Standard_LRS" + { + "adminPasswordSecretName": "sre-t2guac-vm-admin-password-postgresql", + "dbAdminUsernameSecretName": "sre-t2guac-db-admin-username-postgresql", + "dbAdminPasswordSecretName": "sre-t2guac-db-admin-password-postgresql", + "vmName": "PSTGRS-T2GUAC", + "type": "PostgreSQL", + "ip": "10.152.3.5", + "port": "5432", + "sku": "Ubuntu-latest", + "subnet": "databases", + "vmSize": "Standard_DS2_v2", + "disks": { + "data": { + "sizeGb": "1024", + "type": "Standard_LRS" + }, + "os": { + "sizeGb": "128", + "type": "Standard_LRS" + } } - }, - "ip": "10.152.3.5", - "port": "5432", - "sku": "Ubuntu-latest", - "subnet": "databases", - "type": "PostgreSQL", - "vmName": "PSTGRS-T2GUAC", - "vmSize": "Standard_DS2_v2" - }, + } + ], "rg": "RG_SHM_GREEN_SRE_T2GUAC_DATABASES" }, "diskTypeDefault": "Standard_LRS", From b7b72fbe48ada6d5f1ff88bede018d3e2bcbd4d1 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 5 Oct 2022 12:30:30 +0100 Subject: [PATCH 2/6] :wrench: Make NSG rules reflect fact that databases may not be deployed --- .../network_rules/sre-nsg-rules-compute.json | 8 +++++++- .../network_rules/sre-nsg-rules-databases.json | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/deployment/secure_research_environment/network_rules/sre-nsg-rules-compute.json b/deployment/secure_research_environment/network_rules/sre-nsg-rules-compute.json index 80ae516c07..afd9e012a1 100644 --- a/deployment/secure_research_environment/network_rules/sre-nsg-rules-compute.json +++ b/deployment/secure_research_environment/network_rules/sre-nsg-rules-compute.json @@ -47,18 +47,24 @@ "sourceAddressPrefix": "{{sre.network.vnet.subnets.compute.cidr}}", "sourcePortRange": "*" }, + {{#sre.databases.enabled}} { "name": "AllowDatabasesSubnetOutbound", "access": "Allow", "description": "Allow outbound connections to the databases subnet", "destinationAddressPrefix": "{{sre.network.vnet.subnets.databases.cidr}}", - "destinationPortRange": ["{{sre.databases.dbmssql.port}}", "{{sre.databases.dbpostgresql.port}}"], + "destinationPortRange": [ + {{#sre.databases.instances}} + "{{port}}", + {{/sre.databases.instances}} + ], "direction": "Outbound", "priority": 500, "protocol": "*", "sourceAddressPrefix": "{{sre.network.vnet.subnets.compute.cidr}}", "sourcePortRange": "*" }, + {{/sre.databases.enabled}} { "name": "AllowWebappsSubnetOutbound", "access": "Allow", diff --git a/deployment/secure_research_environment/network_rules/sre-nsg-rules-databases.json b/deployment/secure_research_environment/network_rules/sre-nsg-rules-databases.json index 42f6a93125..3406bed3fd 100644 --- a/deployment/secure_research_environment/network_rules/sre-nsg-rules-databases.json +++ b/deployment/secure_research_environment/network_rules/sre-nsg-rules-databases.json @@ -1,16 +1,22 @@ [ + {{#sre.databases.enabled}} { "name": "AllowComputeSubnetInbound", "access": "Allow", "description": "Allow inbound connections from the compute subnet", "destinationAddressPrefix": "{{sre.network.vnet.subnets.databases.cidr}}", - "destinationPortRange": ["{{sre.databases.dbmssql.port}}", "{{sre.databases.dbpostgresql.port}}"], + "destinationPortRange": [ + {{#sre.databases.instances}} + "{{port}}", + {{/sre.databases.instances}} + ], "direction": "Inbound", "priority": 500, "protocol": "*", "sourceAddressPrefix": "{{sre.network.vnet.subnets.compute.cidr}}", "sourcePortRange": "*" }, + {{/sre.databases.enabled}} { "name": "DenyAdminVPNInbound", "access": "Deny", From c750f04f3b40af983d914b64c993211395c49e55 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 5 Oct 2022 12:32:23 +0100 Subject: [PATCH 3/6] :coffin: Simplify extraction of database details from config file --- .../setup/Setup_SRE_Databases.ps1 | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/deployment/secure_research_environment/setup/Setup_SRE_Databases.ps1 b/deployment/secure_research_environment/setup/Setup_SRE_Databases.ps1 index 2336096153..0b7fbb2361 100644 --- a/deployment/secure_research_environment/setup/Setup_SRE_Databases.ps1 +++ b/deployment/secure_research_environment/setup/Setup_SRE_Databases.ps1 @@ -44,10 +44,7 @@ $deploymentSubnet = Get-Subnet -Name $config.sre.network.vnet.subnets.deployment # Create each database defined in the config file # ----------------------------------------------- -foreach ($keyName in $config.sre.databases.Keys) { - if ($config.sre.databases[$keyName] -isnot [System.Collections.IDictionary]) { continue } - $databaseCfg = $config.sre.databases[$keyName] - +foreach ($databaseCfg in $config.sre.databases.instances) { # Check whether this database VM has already been deployed # -------------------------------------------------------- if (Get-AzVM -Name $databaseCfg.vmName -ResourceGroupName $config.sre.databases.rg -ErrorAction SilentlyContinue) { From bab89005f9390ece8773cedbd1ab58260a6bbb56 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 5 Oct 2022 13:03:02 +0100 Subject: [PATCH 4/6] :recycle: Update SRD smoke tests to only test the deployed databases --- .../setup/Add_Single_SRD.ps1 | 20 +++++++++++++------ .../run_all_tests.mustache.bats | 4 ++++ .../test_databases.mustache.sh | 8 ++++---- .../test_repository_python.mustache.sh | 2 +- 4 files changed, 23 insertions(+), 11 deletions(-) diff --git a/deployment/secure_research_environment/setup/Add_Single_SRD.ps1 b/deployment/secure_research_environment/setup/Add_Single_SRD.ps1 index 2167773194..46bdf3ea9c 100644 --- a/deployment/secure_research_environment/setup/Add_Single_SRD.ps1 +++ b/deployment/secure_research_environment/setup/Add_Single_SRD.ps1 @@ -250,13 +250,21 @@ Copy-Item (Join-Path $PSScriptRoot ".." ".." "secure_research_desktop" "packages Copy-Item (Join-Path $PSScriptRoot ".." ".." ".." "tests" "srd_smoke_tests") -Filter *.* -Destination (Join-Path $localSmokeTestDir "tests") -Recurse # Expand mustache templates $PythonYaml = (ConvertFrom-Yaml (Get-Content -Raw (Join-Path $PSScriptRoot ".." ".." "secure_research_desktop" "packages" "packages-python.yaml"))) +$MssqlConfig = $config.sre.databases.instances | Where-Object { $_.type -eq "MSSQL" } | Select-Object -First 1 +$PostgresqlConfig = $config.sre.databases.instances | Where-Object { $_.type -eq "PostgreSQL" } | Select-Object -First 1 $config["SmokeTests"] = [ordered]@{ - PyPIPackage0 = Get-Content (Join-Path $PSScriptRoot ".." ".." ".." "environment_configs" "package_lists" "allowlist-full-python-pypi-tier3.list") -Head 1 - PyPIPackage1 = Get-Content (Join-Path $PSScriptRoot ".." ".." ".." "environment_configs" "package_lists" "allowlist-full-python-pypi-tier3.list") -Tail 1 - Python_v0 = $PythonYaml["versions"][0] - Python_v1 = $PythonYaml["versions"][1] - Python_v2 = $PythonYaml["versions"][2] - TestFailures = $config.sre.tier -ge 3 ? 1 : 0 + MSSQLExists = $MssqlConfig.Count -gt 0 + MSSQLPort = $MssqlConfig ? $MssqlConfig.port : "" + MSSQLVMName = $MssqlConfig ? $MssqlConfig.vmName : "" + PostgreSQLExists = $PostgresqlConfig.Count -gt 0 + PostgreSQLPort = $PostgresqlConfig ? $PostgresqlConfig.port : "" + PostgreSQLVMName = $PostgresqlConfig ? $PostgresqlConfig.vmName : "" + PyPIPackageFirst = Get-Content (Join-Path $PSScriptRoot ".." ".." ".." "environment_configs" "package_lists" "allowlist-full-python-pypi-tier3.list") -Head 1 + PyPIPackageLast = Get-Content (Join-Path $PSScriptRoot ".." ".." ".." "environment_configs" "package_lists" "allowlist-full-python-pypi-tier3.list") -Tail 1 + Python_v0 = $PythonYaml["versions"][0] + Python_v1 = $PythonYaml["versions"][1] + Python_v2 = $PythonYaml["versions"][2] + TestFailures = $config.sre.tier -ge 3 ? 1 : 0 } foreach ($MustacheFilePath in (Get-ChildItem -Path $localSmokeTestDir -Include *.mustache.* -File -Recurse)) { $ExpandedFilePath = $MustacheFilePath -replace ".mustache.", "." diff --git a/tests/srd_smoke_tests/run_all_tests.mustache.bats b/tests/srd_smoke_tests/run_all_tests.mustache.bats index c7287a00ef..5b28c53bcd 100644 --- a/tests/srd_smoke_tests/run_all_tests.mustache.bats +++ b/tests/srd_smoke_tests/run_all_tests.mustache.bats @@ -129,6 +129,7 @@ test_python_virtual_environments() { # Databases # --------- +{{#SmokeTests.MSSQLExists}} # Test MS SQL database @test "MS SQL database (Python)" { run bash tests/test_databases.sh -d mssql -l python @@ -138,7 +139,9 @@ test_python_virtual_environments() { run bash tests/test_databases.sh -d mssql -l R assert_output --partial 'All database tests passed' } +{{/SmokeTests.MSSQLExists}} +{{#SmokeTests.PostgreSQLExists}} # Test Postgres database @test "Postgres database (Python)" { run bash tests/test_databases.sh -d postgres -l python @@ -148,6 +151,7 @@ test_python_virtual_environments() { run bash tests/test_databases.sh -d postgres -l R assert_output --partial 'All database tests passed' } +{{/SmokeTests.PostgreSQLExists}} # Mounted drives diff --git a/tests/srd_smoke_tests/test_databases.mustache.sh b/tests/srd_smoke_tests/test_databases.mustache.sh index 292b27d4de..07805ae69c 100644 --- a/tests/srd_smoke_tests/test_databases.mustache.sh +++ b/tests/srd_smoke_tests/test_databases.mustache.sh @@ -11,12 +11,12 @@ done if [ "$db_type" == "mssql" ]; then db_name="master" - port="{{sre.databases.dbmssql.port}}" - server_name="{{sre.databases.dbmssql.vmName}}.{{shm.domain.fqdn}}" + port="{{SmokeTests.MSSQLPort}}" + server_name="{{SmokeTests.MSSQLVMName}}.{{shm.domain.fqdn}}" elif [ "$db_type" == "postgres" ]; then db_name="postgres" - port="{{sre.databases.dbpostgresql.port}}" - server_name="{{sre.databases.dbpostgresql.vmName}}.{{shm.domain.fqdn}}" + port="{{SmokeTests.PostgreSQLPort}}" + server_name="{{SmokeTests.PostgreSQLVMName}}.{{shm.domain.fqdn}}" else echo "Did not recognise database type '$db_type'" fi diff --git a/tests/srd_smoke_tests/test_repository_python.mustache.sh b/tests/srd_smoke_tests/test_repository_python.mustache.sh index 083340f222..078dcff167 100644 --- a/tests/srd_smoke_tests/test_repository_python.mustache.sh +++ b/tests/srd_smoke_tests/test_repository_python.mustache.sh @@ -5,7 +5,7 @@ # - *not* pre-installed # - on the tier-3 list (so we can test all tiers) # - alphabetically early and late (so we can test the progress of the mirror synchronisation) -installable_packages=("{{SmokeTests.PyPIPackage0}}" "{{SmokeTests.PyPIPackage1}}") +installable_packages=("{{SmokeTests.PyPIPackageFirst}}" "{{SmokeTests.PyPIPackageLast}}") uninstallable_packages=("awscli") # Set up a virtual environment for testing From 2773c7149c14a9c1dae5712b902a185ee3a5c3cf Mon Sep 17 00:00:00 2001 From: James Robinson Date: Wed, 5 Oct 2022 16:29:23 +0100 Subject: [PATCH 5/6] :white_check_mark: Ensure that arrays are also handled by ConvertTo-SortedHashtable --- deployment/common/DataStructures.psm1 | 2 ++ tests/pester/ConfigurationFiles.Tests.ps1 | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/deployment/common/DataStructures.psm1 b/deployment/common/DataStructures.psm1 index ab28c95a6d..093a6a19dc 100644 --- a/deployment/common/DataStructures.psm1 +++ b/deployment/common/DataStructures.psm1 @@ -151,6 +151,8 @@ function ConvertTo-SortedHashtable { $OutputHashtable = [ordered]@{} $Sortable.GetEnumerator() | Sort-Object -Property "Name" | ForEach-Object { $OutputHashtable.Add($_.Key, $(ConvertTo-SortedHashtable -Sortable $_.Value)) } return $OutputHashtable + } elseif ($Sortable -is [System.Object[]]) { + return @($Sortable | ForEach-Object { ConvertTo-SortedHashtable $_ }) } else { return $Sortable } diff --git a/tests/pester/ConfigurationFiles.Tests.ps1 b/tests/pester/ConfigurationFiles.Tests.ps1 index d0b3783716..2cefdaf178 100644 --- a/tests/pester/ConfigurationFiles.Tests.ps1 +++ b/tests/pester/ConfigurationFiles.Tests.ps1 @@ -19,7 +19,7 @@ Describe "SHM configuration file check" { # Load test config Mock Write-Information {} # we mock Write-Information here as we expect output from the `Get-SreConfig` call - $testConfig = Get-ShmConfig -shmId $ConfigId + $testConfig = Get-ShmConfig -shmId $ConfigId | ConvertTo-SortedHashtable # Compare the two configs as JSON strings # Note that we could use `Test-Equality` from the `Functional` module here, but that would not tell us *where* any differences are From 8a2630f6013da01bc1443103b41d39966a1b027f Mon Sep 17 00:00:00 2001 From: James Robinson Date: Thu, 6 Oct 2022 09:09:10 +0100 Subject: [PATCH 6/6] :memo: Restore [Optional] tag to description of 'databases' in SRE config --- docs/deployment/snippets/02_configuration.partial.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/deployment/snippets/02_configuration.partial.md b/docs/deployment/snippets/02_configuration.partial.md index b7ef554138..d1d35cb63d 100644 --- a/docs/deployment/snippets/02_configuration.partial.md +++ b/docs/deployment/snippets/02_configuration.partial.md @@ -31,7 +31,7 @@ The following core SRE properties are required - look in the `environment_config "remoteDesktopProvider": "Which remote desktop provider to use. Either 'ApacheGuacamole' (recommended, tiers 0-3) or 'MicrosoftRDS' (tiers 2-3 only)", "azureAdminGroupName": "[Optional] Azure Security Group that admins of this SRE will belong to. If not specified then the same one as the SHM will be used.", "dataAdminIpAddresses": "A list of one or more IP addresses which admins will be using to transfer sensitive data to/from the secure Azure storage area (if not specified then Turing IP addresses will be used).", - "databases": "A list of one or more database flavours from the following list ('MSSQL', 'PostgreSQL'). For example ['MSSQL', 'PostgreSQL'] would deploy both an MS-SQL and a PostgreSQL database.", + "databases": [Optional] "A list of zero or more database flavours from the following list ('MSSQL', 'PostgreSQL'). For example ['MSSQL', 'PostgreSQL'] would deploy both an MS-SQL and a PostgreSQL database.", "deploymentIpAddresses": "[Optional] A list of one or more IP addresses which admins will be using when deploying the SRE (if not specified then deployment commands from any IP address will be permitted).", "domain": "[Optional] The fully qualified domain name for the SRE. If not specified then . will be used.", "overrides": "[Optional, Advanced] Do not use this unless you know what you're doing! If you want to override any of the default settings, you can do so by creating the same JSON structure that would be found in the final config file and nesting it under this entry. For example, to change the name of the Key Vault secret containing the MSSQL admin password, you could use something like: 'sre: { databases: { dbmssql: { adminPasswordSecretName: my-password-name } } }'"