Data-safe-haven

**Full Changelog**: https://github.com/alan-turing-institute/data-safe-haven/compare/v5.0.0...v5.0.1

Upgrading

This is a major release and it not compatible with any previous versions.
To use this version you must start a new TRE deployment.

Changes

- Complete rewrite of code in Python using IAC and configuration management tools Pulumi and Ansible

What's Changed

This release is *not* ready for production usage.

Known Issues

- ClamAV not configured
- Unstable container service IP addresses
- Lacking Nvidia utils

What's Changed
* Use pip-compile for package resolution by jemrobinson in https://github.com/alan-turing-institute/data-safe-haven/pull/1514
* Add pip-tools to NON_IMPORTABLE_PACKAGES by edwardchalstrey1 in https://github.com/alan-turing-institute/data-safe-haven/pull/1537
* Add May 2023 DSG to versioning by jemrobinson in https://github.com/alan-turing-institute/data-safe-haven/pull/1545

First version of migration to Python using Pulumi. Penetration tested in September 2023.

Known Issues

This release is **not** ready for production usage.

:warning: Update Requires Manual Intervention :warning:

If you are using a `4.2.x` SHM and want to upgrade to `4.2.2`, please follow the steps below:

For the SHM:
1. Add a `docker` section to your SHM config with a username and personal access token (following the SHM deployment instructions)
1. Re-run `Setup_SHM_Networking.ps1 -shmId {shm}` from `deployment/safe_haven_management/setup`

For any SRE that you deployed using an earlier `4.2.x` version:
1. Delete the `GUACAMOLE-SRE-{sreId}` VM and associated resources from the
`RG_SHM_{shmId}_SRE_{sreId}_REMOTE_DESKTOP` resource group
1. Re-run the deployment script `Deploy_SRE.ps1 -shmId {shm} -sreId {sre} -VmSizes {as before}` from `deployment/secure_research_environment/setup`

Known issues
- As for 4.2.0, 4.2.1

Bug Fixes

- Workaround for an issue where Let's Encrypt refused to provide certificates for uppercase FQDNs 1938
- Fix for change in Azure supported public IP address SKU for VPNs, which prevented deployment of the virtual network gateway for accessing domain controllers 1947
- Require supply of Docker Hub credentials to work round change in Docker download rate limits 1994
- Update approved IP address list for Ubuntu apt repositories
- Update to backup policy rules for Blob storage 1988

**Full Changelog**: https://github.com/alan-turing-institute/data-safe-haven/compare/v4.2.1...v4.2.2

:warning: Update Requires Manual Intervention :warning:

If you are using a `4.2.0` SHM and want to upgrade to `4.2.1`, please follow the steps below:

1. Delete the `GUACAMOLE-SRE-{sreId}` VM and associated resources from the `RG_SHM_{shmId}_SRE_{sreId}_REMOTE_DESKTOP` resource group
1. Re-run the deployment script `Deploy_SRE.ps1 -shmId {shm} -sreId {sre} -VmSizes {as before}` from `deployment/secure_research_environment/setup`

Known issues
- As for 4.2.0

Bug Fixes
- Update Guacamole to 1.5.5 to avoid [this known bug](https://lists.apache.org/thread/0sok6jgddhoxl01yvvlptqf1ptqnp5lc)

**Full Changelog**: https://github.com/alan-turing-institute/data-safe-haven/compare/v4.2.0...v4.2.1