RBAC-1: Explore the current model for updating templates

[TonyWildish-BH]

Goals:

1. Build a new version of a template with a new version number
2. Rebuild a template without changing the version
3. Update the running template in a workspace to a different version

The model for updating workspace templates, workspace service templates, or shared service templates is the same in all cases. The templates are all installed in the templates directory, and there are build instructions/targets for each type in the top-level Makefile. Building each template will result in two Docker images, in an Azure Container Registry, in the management Resource Group:

Specific example: To build a new version of the Apache Guacamole service, you would do the following:

1. Bump the version number in templates/shared_services/guacamole/porter.yaml
2. Run make bundle-build bundle-publish bundle-register DIR="$PWD/templates/workspace_services/guacamole" BUNDLE_TYPE=workspace_service

bundle-build will build a local Docker image for that template. bundle-publish will push it to the ACR. bundle-publish will publish the template structure in the CosmosDB in the SDE resource group.

If you don't want to bump the version number, there are some extra steps to go through. There's a lot of caching involved in the building of the Docker images, and because of their structure, they don't always detect changes well enough to know something needs rebuilding.

1. Remove any local images that you want to rebuild.
2. Remove them from the ACR as well.
3. For good measure, remove the .cnab and terraform/.terraform directories in the template directory too.
4. Remove the template entry from the CosmosDB.

There's a script in the tre-tools repository which can help with steps 1-3: https://github.com/Barts-Life-Science/tre-tools/blob/main/tre-build/clean-template.sh. Copy it to the top level of the directory you're deploying your SDE from, it will read your config.yaml to pick up stuff.

Step 4 has to be done manually, at the moment. You have to enable network access by adding your network CIDR address or IP address (Azure Portal -> CosmosDB -> Settings -> Networking), this is a one-time thing, which is just as well, because it can take several minutes for it to update. Then just search for the template and delete it.

To update the version of a template in use in a workspace, go to the workspace, select the template, and click Update. Updating allows you to change some of the parameters without changing the template version, or, if there's more than one template version, it should offer you a drop-down to choose the version you want to run. At least, that's my recollection, you should verify that. Correction, see below

You can verify which version of a template is being used from the Details tab.

[TonyWildish-BH]

I've just discovered, out of necessity, that when a new template version is available, an 'Upgrade' button appears in the UI in the relevant place (first screenshot). Then you get a dropdown box where you can select the version (second screenshot).