DataBiosphere · jgainerdewar · Jul 23, 2025 · Jun 27, 2025 · Jun 30, 2025 · Jul 1, 2025
@@ -1,7 +1,6 @@
 package org.broadinstitute.dsde.workbench.leonardo
 
 import cats.effect.{IO, Resource}
-import com.azure.resourcemanager.compute.models.VirtualMachineSizeTypes
 import org.broadinstitute.dsde.workbench.DoneCheckable
 import org.broadinstitute.dsde.workbench.DoneCheckableSyntax._
 import org.broadinstitute.dsde.workbench.google2.{
@@ -135,19 +134,6 @@ object LeonardoApiClient {
     None
   )
 
-  val defaultCreateAzureRuntimeRequest = CreateAzureRuntimeRequest(
-    Map.empty,
-    VirtualMachineSizeTypes.STANDARD_DS1_V2,
-    Map.empty,
-    CreateAzureDiskRequest(
-      Map.empty,
-      AzureDiskName(UUID.randomUUID().toString.substring(0, 8)),
-      None,
-      None
-    ),
-    Some(0)
-  )
-
   def createRuntime(
     googleProject: GoogleProject,
     runtimeName: RuntimeName,
@@ -685,101 +671,6 @@ object LeonardoApiClient {
         }
     } yield r
 
-  def createAzureRuntime(
-    workspaceId: WorkspaceId,
-    runtimeName: RuntimeName,
-    useExistingDisk: Boolean,
-    createAzureRuntimeRequest: CreateAzureRuntimeRequest = defaultCreateAzureRuntimeRequest
-  )(implicit client: Client[IO], authorization: IO[Authorization]): IO[Unit] =
-    for {
-      traceIdHeader <- genTraceIdHeader()
-      authHeader <- authorization
-      r <- client
-        .run(
-          Request[IO](
-            method = Method.POST,
-            headers = Headers(authHeader, defaultMediaType, traceIdHeader),
-            uri = rootUri
-              .withPath(
-                Uri.Path
-                  .unsafeFromString(s"/api/v2/runtimes/${workspaceId.value.toString}/azure/${runtimeName.asString}")
-              )
-              .withQueryParam("useExistingDisk", useExistingDisk),
-            entity = createAzureRuntimeRequest
-          )
-        )
-        .use { resp =>
-          if (!resp.status.isSuccess) {
-            onError(s"Failed to create runtime ${workspaceId.value.toString}/${runtimeName.asString}")(resp)
-              .flatMap(IO.raiseError)
-          } else
-            IO.unit
-        }
-    } yield ()
-
-  def getAzureRuntime(
-    workspaceId: WorkspaceId,
-    runtimeName: RuntimeName
-  )(implicit client: Client[IO], authorization: IO[Authorization]): IO[GetRuntimeResponseCopy] =
-    for {
-      traceIdHeader <- genTraceIdHeader()
-      authHeader <- authorization
-      r <- client.expectOr[GetRuntimeResponseCopy](
-        Request[IO](
-          method = Method.GET,
-          headers = Headers(authHeader, traceIdHeader),
-          uri = rootUri.withPath(
-            Uri.Path.unsafeFromString(s"/api/v2/runtimes/${workspaceId.value.toString}/azure/${runtimeName.asString}")
-          )
-        )
-      )(onError(s"Failed to get runtime ${workspaceId.value.toString}/${runtimeName.asString}"))
-    } yield r
-
-  def deleteRuntimeV2(
-    workspaceId: WorkspaceId,
-    runtimeName: RuntimeName,
-    deleteDisk: Boolean = true
-  )(implicit client: Client[IO], authorization: IO[Authorization]): IO[Unit] =
-    for {
-      traceIdHeader <- genTraceIdHeader()
-      authHeader <- authorization
-      r <- client
-        .run(
-          Request[IO](
-            method = Method.DELETE,
-            headers = Headers(authHeader, traceIdHeader),
-            uri = rootUri
-              .withPath(
-                Uri.Path
-                  .unsafeFromString(s"/api/v2/runtimes/${workspaceId.value.toString}/azure/${runtimeName.asString}")
-              )
-              .withQueryParam("deleteDisk", deleteDisk)
-          )
-        )
-        .use { resp =>
-          if (!resp.status.isSuccess) {
-            onError(s"Failed to delete runtime ${workspaceId.value.toString}/${runtimeName.asString}")(resp)
-              .flatMap(IO.raiseError)
-          } else
-            IO.unit
-        }
-    } yield r
-
-  // TODO: delete this
-  def deleteRuntimeV2WithWait(
-    workspaceId: WorkspaceId,
-    runtimeName: RuntimeName,
-    deleteDisk: Boolean = true
-  )(implicit client: Client[IO], authorization: IO[Authorization]): IO[Unit] =
-    for {
-      _ <- deleteRuntimeV2(workspaceId, runtimeName, deleteDisk)
-      ioa = getAzureRuntime(workspaceId, runtimeName).attempt
-      res <- IO.sleep(20 seconds) >> streamFUntilDone(ioa, 50, 5 seconds).compile.lastOrError
-      _ <-
-        if (res.isDone) IO.unit
-        else IO.raiseError(new TimeoutException(s"delete runtime ${workspaceId}/${runtimeName.asString}"))
-    } yield ()
-
   def testSparkWebUi(
     googleProject: GoogleProject,
     runtimeName: RuntimeName,

@@ -36,13 +36,6 @@ object LeonardoConfig extends CommonConfig {
     val leonardoServiceAccountUsername = gcs.getString("leonardoServiceAccountUsername")
   }
 
-  object Azure {
-    val vmUser = azure.getString("leoVmUser")
-    val vmPassword = azure.getString("leoVmPassword")
-    val bastionName = azure.getString("bastionName")
-    val defaultBastionPort = azure.getInt("defaultBastionPort")
-  }
-
   // TODO: this should be updated once we're able to run azure automation tests as part of CI
   object WSM {
     val wsmUri: String = "https://workspace.dsde-dev.broadinstitute.org"

@@ -3,14 +3,13 @@ package org.broadinstitute.dsde.workbench.leonardo
 import cats.effect.{IO, Resource}
 import com.google.cloud.oslogin.common.OsLoginProto.SshPublicKey
 import com.google.cloud.oslogin.v1.{ImportSshPublicKeyRequest, OsLoginServiceClient}
-import org.broadinstitute.dsde.rawls.model.AzureManagedAppCoordinates
-import org.typelevel.log4cats.StructuredLogger
-import org.typelevel.log4cats.slf4j.Slf4jLogger
 import net.schmizz.sshj.SSHClient
 import net.schmizz.sshj.connection.channel.direct.Session
 import net.schmizz.sshj.transport.verification.PromiscuousVerifier
 import org.broadinstitute.dsde.workbench.model.WorkbenchEmail
 import org.broadinstitute.dsde.workbench.model.google.GoogleProject
+import org.typelevel.log4cats.StructuredLogger
+import org.typelevel.log4cats.slf4j.Slf4jLogger
 
 import java.nio.file.{Files, Path, Paths}
 import java.util.UUID
@@ -27,33 +26,6 @@ case class Tunnel(pid: String, port: Int) {
 object SSH {
   val loggerIO: StructuredLogger[IO] = Slf4jLogger.getLogger[IO]
 
-  // TODO: If multiple tests need to ssh into an azure VM: add a lock of sorts, only one tunnel at a time with same port
-  // A bastion tunnel is needed to tunnel to an azure vm
-  // See: https://learn.microsoft.com/en-us/azure/bastion/native-client
-  def startAzureBastionTunnel(runtimeName: RuntimeName, port: Int = LeonardoConfig.Azure.defaultBastionPort)(implicit
-    staticTestCoordinates: AzureManagedAppCoordinates
-  ): Resource[IO, Tunnel] = {
-    val targetResourceId =
-      s"/subscriptions/${staticTestCoordinates.subscriptionId.toString}/resourceGroups/${staticTestCoordinates.managedResourceGroupId}/providers/Microsoft.Compute/virtualMachines/${runtimeName.asString}"
-
-    val makeTunnel = for {
-      scriptPath <- IO(getClass.getClassLoader.getResource("startTunnel.sh").getPath)
-      process = Process(
-        scriptPath,
-        None,
-        "BASTION_NAME" -> LeonardoConfig.Azure.bastionName,
-        "RESOURCE_GROUP" -> staticTestCoordinates.managedResourceGroupId,
-        "RESOURCE_ID" -> targetResourceId,
-        "PORT" -> port.toString
-      )
-      output <- IO(process !!)
-      _ <- loggerIO.info(s"Bastion tunnel start command full output:\n\t${output}")
-      tunnel = Tunnel(output.split('\n').last, port)
-    } yield tunnel
-
-    Resource.make(makeTunnel)(tunnel => loggerIO.info("Closing tunnel") >> closeTunnel(tunnel))
-  }
-
   final case class SSHSession(session: Session, client: SSHClient)
   // Note that a session is a one time use resource, and only supports one command execution
   // This method starts an ssh session to either an azure or google runtime.
@@ -72,18 +44,12 @@ object SSH {
       _ <- IO(client.connect(hostName, port))
 
       _ <- loggerIO.info("Authenticating ssh client ")
-      _ <-
-        if (sshConfig.cloudProvider == CloudProvider.Azure)
-          IO(client.authPassword(LeonardoConfig.Azure.vmUser, LeonardoConfig.Azure.vmPassword))
-        else {
-          for {
-            keyConfig <- createSSHKeys(WorkbenchEmail(LeonardoConfig.Leonardo.serviceAccountEmail),
-                                       sshConfig.googleProject.get
-            )
-            _ <- IO(client.authPublickey(keyConfig.username, keyConfig.privateKey.toAbsolutePath.toString))
-          } yield ()
-        }
-
+      _ <- for {
+        keyConfig <- createSSHKeys(WorkbenchEmail(LeonardoConfig.Leonardo.serviceAccountEmail),
+                                   sshConfig.googleProject.get
+        )
+        _ <- IO(client.authPublickey(keyConfig.username, keyConfig.privateKey.toAbsolutePath.toString))
+      } yield ()
       _ <- loggerIO.info("Starting ssh session")
       session <- IO(client.startSession())
     } yield SSHSession(session, client)