Merge pull request #925 from microsoft/main

fix: downmerge from main to demo

Author: Prajwal-Microsoft

.devcontainer/devcontainer.json

@@ -6,7 +6,11 @@
     "forwardPorts": [50505],
     "features": {
         "ghcr.io/azure/azure-dev/azd:latest": {},
-        "ghcr.io/devcontainers/features/azure-cli:1": {},
+        "ghcr.io/devcontainers/features/azure-cli:1": {
+            "installBicep": true,
+            "version": "latest",
+            "bicepVersion": "latest"
+        },
         "ghcr.io/devcontainers/features/docker-in-docker:2": {},
         "ghcr.io/jlaundry/devcontainer-features/mssql-odbc-driver:1": {
 			"version": "18"

.github/workflows/azd-template-validation.yml

@@ -0,0 +1,42 @@
+name: AZD Template Validation
+on:
+  schedule:
+    - cron: '30 1 * * 4' # Every Thursday at 7:00 AM IST (1:30 AM UTC)
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+  pull-requests: write
+
+jobs:
+  template_validation_job:
+    runs-on: ubuntu-latest
+    name: azd template validation
+    environment: production
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Set timestamp
+        run: echo "HHMM=$(date -u +'%H%M')" >> $GITHUB_ENV
+
+      - uses: microsoft/template-validation-action@v0.4.3
+        with:
+          validateAzd: ${{ vars.TEMPLATE_VALIDATE_AZD }}
+          validateTests: ${{ vars.TEMPLATE_VALIDATE_TESTS }}
+          useDevContainer: ${{ vars.TEMPLATE_USE_DEV_CONTAINER }}
+        id: validation
+        env:
+          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          AZURE_ENV_NAME: azd-${{ vars.AZURE_ENV_NAME }}-${{ env.HHMM }}
+          AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+          AZURE_ENV_AI_SERVICE_LOCATION: ${{ vars.AZURE_ENV_AI_SERVICE_LOCATION || 'eastus2' }}
+          USE_CASE: ${{ vars.USE_CASE || 'telecom' }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
+
+
+      - name: print result
+        run: cat ${{ steps.validation.outputs.resultFile }}

.github/workflows/azure-dev-validation.yml

@@ -1,49 +1,58 @@
-name: Deploy to Azure
+name: Azure Dev Deploy
 
 on:
   workflow_dispatch:
-  # push:
-  #   branches:
-  #     - main
 
-# Set up permissions for deploying with secretless Azure federated credentials
-# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
 permissions:
-  id-token: write
   contents: read
+  id-token: write
 
 jobs:
-  build:
+  deploy:
     runs-on: ubuntu-latest
     environment: production
     env:
-      AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
-      AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
-      AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
-      AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
       AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
-      AZURE_ENV_OPENAI_LOCATION: ${{ vars.AZURE_ENV_OPENAI_LOCATION || 'eastus2' }}
-      AZURE_ENV_USE_CASE: ${{ vars.AZURE_ENV_USE_CASE || 'telecom' }}
+      AZURE_ENV_AI_SERVICE_LOCATION: ${{ vars.AZURE_ENV_AI_SERVICE_LOCATION || 'eastus2' }}
+      USE_CASE: ${{ vars.USE_CASE || 'telecom' }}
       AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
     steps:
-      - name: Checkout
-        uses: actions/checkout@v6
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set timestamp and env name
+        run: |
+          HHMM=$(date -u +'%H%M')
+          echo "AZURE_ENV_NAME=azd-${{ vars.AZURE_ENV_NAME }}-${HHMM}" >> $GITHUB_ENV
 
       - name: Install azd
-        uses: Azure/setup-azd@v2.0.0
+        uses: Azure/setup-azd@v2
+
+      - name: Login to Azure
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Login to AZD
+        shell: bash
+        run: |
+          azd auth login \
+            --client-id "$AZURE_CLIENT_ID" \
+            --federated-credential-provider "github" \
+            --tenant-id "$AZURE_TENANT_ID"
 
-      - name: Log in with Azure (Federated Credentials)
+      - name: Provision and Deploy
+        shell: bash
         run: |
-          azd auth login `
-            --client-id "$Env:AZURE_CLIENT_ID" `
-            --federated-credential-provider "github" `
-            --tenant-id "$Env:AZURE_TENANT_ID"
-        shell: pwsh
-
-      - name: Provision Infrastructure
-        run: azd provision --no-prompt
-        env:
-          AZD_INITIAL_ENVIRONMENT_CONFIG: ${{ secrets.AZD_INITIAL_ENVIRONMENT_CONFIG }}
-
-      - name: Deploy Application
-        run: azd deploy --no-prompt
+          if ! azd env select "$AZURE_ENV_NAME"; then
+            azd env new "$AZURE_ENV_NAME" --subscription "$AZURE_SUBSCRIPTION_ID" --location "$AZURE_LOCATION" --no-prompt
+          fi
+          azd config set defaults.subscription "$AZURE_SUBSCRIPTION_ID"
+          azd env set AZURE_ENV_AI_SERVICE_LOCATION="$AZURE_ENV_AI_SERVICE_LOCATION"
+          azd env set USE_CASE="$USE_CASE"
+          azd up --no-prompt

.github/workflows/azure-dev.yml

@@ -3,6 +3,11 @@ on:
   push:
     branches:
       - ckm-v2
+    paths:
+      - 'infra/**/*.bicep'
+      - 'infra/**/*.json'
+      - 'infra/scripts/**'
+      - '.github/workflows/bicep_deploy.yml'
 
 permissions:
   contents: read

.github/workflows/bicep_deploy.yml

@@ -130,7 +130,7 @@ jobs:
           az deployment group create \
             --resource-group ${{ env.RESOURCE_GROUP_NAME }} \
             --template-file infra/main.bicep \
-            --parameters solutionName=${{env.SOLUTION_PREFIX}} location="${{ env.AZURE_LOCATION }}" contentUnderstandingLocation="swedencentral" secondaryLocation="${{ env.AZURE_LOCATION }}" gptDeploymentCapacity=150 aiServiceLocation="${{ env.AZURE_LOCATION }}" createdBy="Pipeline" tags="{'Purpose':'Deploying and Cleaning Up Resources for Validation','CreatedDate':'$current_date'}"
+            --parameters solutionName=${{env.SOLUTION_PREFIX}} location="${{ env.AZURE_LOCATION }}" secondaryLocation="${{ env.AZURE_LOCATION }}" gptDeploymentCapacity=150 aiServiceLocation="${{ env.AZURE_LOCATION }}" createdBy="Pipeline" tags="{'Purpose':'Deploying and Cleaning Up Resources for Validation','CreatedDate':'$current_date'}"
 
      
 

.github/workflows/deploy-KMGeneric.yml

@@ -42,12 +42,12 @@ on:
         required: false
         default: 'GoldenPath-Testing'
         type: string
-      azure_env_log_analytics_workspace_id:
+      azure_env_existing_log_analytics_workspace_rid:
         description: 'Log Analytics Workspace ID (Optional)'
         required: false
         default: ''
         type: string
-      azure_existing_ai_project_resource_id:
+      azure_existing_aiproject_resource_id:
         description: 'AI Project Resource ID (Optional)'
         required: false
         default: ''
@@ -57,7 +57,7 @@ on:
         required: false
         default: ''
         type: string
-      azure_env_use_case:
+      use_case:
         description: 'Azure Environment Use Case (telecom or IT_helpdesk)'
         required: false
         default: 'telecom'
@@ -91,9 +91,9 @@ jobs:
       exp: ${{ inputs.exp }}
       build_docker_image: ${{ inputs.build_docker_image }}
       existing_webapp_url: ${{ inputs.existing_webapp_url }}
-      azure_env_log_analytics_workspace_id: ${{ inputs.azure_env_log_analytics_workspace_id }}
-      azure_existing_ai_project_resource_id: ${{ inputs.azure_existing_ai_project_resource_id }}
-      azure_env_use_case: ${{ inputs.azure_env_use_case }}
+      azure_env_existing_log_analytics_workspace_rid: ${{ inputs.azure_env_existing_log_analytics_workspace_rid }}
+      azure_existing_aiproject_resource_id: ${{ inputs.azure_existing_aiproject_resource_id }}
+      use_case: ${{ inputs.use_case }}
       docker_image_tag: ${{ needs.docker-build.outputs.IMAGE_TAG }}
       run_e2e_tests: ${{ inputs.run_e2e_tests }}
       cleanup_resources: ${{ inputs.cleanup_resources }}
@@ -107,7 +107,7 @@ jobs:
       KMGENERIC_URL: ${{ needs.deploy.outputs.WEB_APP_URL || inputs.existing_webapp_url }}
       KMGENERIC_URL_API: ${{ needs.deploy.outputs.API_APP_URL || inputs.existing_webapp_url }}
       TEST_SUITE: ${{ inputs.trigger_type == 'workflow_dispatch' && inputs.run_e2e_tests || 'GoldenPath-Testing' }}
-      AZURE_ENV_USE_CASE: ${{ inputs.azure_env_use_case }}
+      USE_CASE: ${{ inputs.use_case }}
     secrets: inherit
 
   cleanup-deployment:
@@ -121,7 +121,7 @@ jobs:
       existing_webapp_url: ${{ inputs.existing_webapp_url }}
       resource_group_name: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
       azure_location: ${{ needs.deploy.outputs.AZURE_LOCATION }}
-      azure_env_openai_location: ${{ needs.deploy.outputs.AZURE_ENV_OPENAI_LOCATION }}
+      azure_env_ai_service_location: ${{ needs.deploy.outputs.AZURE_ENV_AI_SERVICE_LOCATION }}
       env_name: ${{ needs.deploy.outputs.ENV_NAME }}
       image_tag: ${{ needs.deploy.outputs.IMAGE_TAG }}
     secrets: inherit