Implement Azure IaC generator with Bicep and diagram support#1892
Closed
Ba4bes wants to merge 661 commits intomicrosoft:mainfrom
Closed
Implement Azure IaC generator with Bicep and diagram support#1892Ba4bes wants to merge 661 commits intomicrosoft:mainfrom
Ba4bes wants to merge 661 commits intomicrosoft:mainfrom
Conversation
…ft#1364) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.33.0 to 4.33.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@603b797...b1bff81) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update eslint in scripts/ * Update scripts/ engine * Remove unused dependency
…rify.md (microsoft#1382) * Initial plan * Fix: add text language tag to bare fence in verify.md Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> * Fix: add text language tag to remaining bare fence in verify.md Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> Agent-Logs-Url: https://github.com/microsoft/GitHub-Copilot-for-Azure/sessions/87d4bd81-1b5f-4727-878a-009175faed4c * Update: bump azure-deploy SKILL.md version to 1.0.7 Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> Agent-Logs-Url: https://github.com/microsoft/GitHub-Copilot-for-Azure/sessions/7c285dc6-270b-4d34-8caf-3273f2118706 --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com>
…oft#1381) * Initial plan * Fix: simplify redundant⚠️ callout in azure-deploy verify.md Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com>
…icep test (microsoft#1393) The azure-prepare standalone Bicep recipe test expected only .parameters.json files, but the agent generated a .bicepparam file (the modern native Bicep parameter format). Both formats are valid for standalone Bicep deployments. Update the regex to accept either .parameters.json or .bicepparam. Fixes microsoft#1388 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…t#1394) The azure-resource-visualizer integration tests assert that a Mermaid diagram file (architecture*.md) exists in the workspace, but the test prompts did not tell the agent where to write the file. The agent wrote to /tmp/ instead of the workspace cwd, causing hasDiagramFile to fail. Updated both resource-group-visualization prompts to explicitly request the diagram be saved to an architecture.md file in the current working directory, which is set to the workspace by the test harness. Fixes microsoft#1384 Fixes microsoft#1387 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix more testPathPattern -> testPathPatterns rename * Bump skill version
* Added hooks support for copilot and claude with test data * Added track-telemetry.sh that calls the azmcp command to emit telemetry * delete test-hook.sh * update the script to support claude code in addition to copilot cli * added AZURE_MCP_COLLECT_TELEMETRY check in the script. added powershell support for copilot cli * update to space * dont store filepath for skill * Update plugin/hooks/scripts/track-telemetry.ps1 Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * remove redirect * Update plugin/.plugin/plugin.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * remove stale data and rename --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* removed shouldTerminateEarly and prefetch info * add information about EH consumer client for python, remove prefetch * update version * incorporate copilot feedback * add guardrails for dac
* Pin GitHub Action references to full commit SHA * Address review feedback
…crosoft#1395) The azure-cloud-migrate skill may create its output directory as a child of the workspace (e.g. /tmp/ws/ws-azure) rather than as a sibling (/tmp/ws-azure). The test only checked the sibling path, causing an ENOENT failure when the directory was nested. Add findAzureOutputDir() to search both locations so the test passes regardless of where the skill places the output. Fixes microsoft#1386 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…oft#1424) * fix: refine azure-rbac test to not check for cli and doc tool * Update snapshot * Update comments
* feat: Repository Health Dashboard — local-first with 8 collectors and SWA deployment - Greenfield data pipeline: DashboardReport schema, sanitization module, JSON Schema validation - 8 collectors: tests, coverage, lint, typecheck, tokens, frontmatter, references, quality metrics - Integration test aggregation across all test-run directories (26 skills) - Quality metrics panel with 4 threshold cards (invocation rate, E2E pass rate, deploy retries, confidence) - Vanilla HTML/CSS/JS dashboard: collapsible panels, clickable filters, dark/light mode, WCAG AA - Local dev server: npm run dashboard = collect + serve at localhost:3000 - Azure SWA deployment via azd (Bicep infra included) - Added --json flag to frontmatter and references CLIs - GITHUB_RUN_ID capture in run-tests.js for future per-run deep links - 468 unit tests, zero innerHTML, all quality gates green Closes microsoft#1117 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Working UI * Add monitoring, blob container, and customize data source * Add publish to storage step (always run for testing) * Add readme * Document data preparation steps * Optimize data loading * Only return up to 30 days of data by default * Address Copilot feedback * Only publish data for scheduled runs * Fix lint * Clear error on new selected date * Sanitize filename for download * Add fast-xml-parser --------- Co-authored-by: Jon Gallant <2163001+jongio@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…pi (microsoft#1429) Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.5.3 to 5.5.8. - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v5.5.3...v5.5.8) --- updated-dependencies: - dependency-name: fast-xml-parser dependency-version: 5.5.8 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…icrosoft#1349) * Initial plan * Update analyze-test-run skill to prefer MCP tools for artifact access Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> * Update: remove all gh CLI references, use MCP tools only in analyze-test-run skill Co-authored-by: JasonYeMSFT <39359541+JasonYeMSFT@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> Co-authored-by: JasonYeMSFT <39359541+JasonYeMSFT@users.noreply.github.com>
…oft#1426) * Initial plan * fix: findDirRecursive checks current level first and skips .git/node_modules Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com> Agent-Logs-Url: https://github.com/microsoft/GitHub-Copilot-for-Azure/sessions/550a5b02-5ee8-462f-bde7-78bbe4ed673e --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: tmeschter <10506730+tmeschter@users.noreply.github.com>
* Bump internal skill char budget to 20k * Fix env var name
…osoft#1425) The regex /infra\/.*\.(parameters\.json|bicepparam)$/ required a dot before 'parameters.json', so it matched 'main.parameters.json' but not 'parameters.json'. The azure-prepare skill generates the latter form, causing the test to fail. Change \. to \.? to make the dot optional, accepting both naming conventions. Fixes microsoft#1416 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* core functionality migration init * reduced file amounts and rely more on mcp doc search tools. * reduced file amounts and rely more on mcp doc search tools. * fix: wrap parameters per PR comment microsoft#1314 (comment) * fix: correctly reference documentation tool * fix maintain heading consistency per PR comment microsoft#1314 (comment) * fix: get resources to verify post deployment microsoft#1314 (comment) * fix: reference WAF tool correctly microsoft#1314 (comment) * fix: phase ordering inconsistency microsoft#1314 (comment) * fix: add complete infra plan example microsoft#1314 (comment) microsoft#1314 (review) * fix: update trigger phrases microsoft#1314 (comment) microsoft#1314 (comment) https://gist.github.com/kvenkatrajan/b6fe0b625977ae47586b89598f111ab6 * fix: update description and trigger * fix: add quick references and error handling microsoft#1314 (comment) * feat: copy over previous testing code * feat: update tests * feat: use more infra based prompts * feat: add E2E tests https://gist.github.com/kvenkatrajan/b6fe0b625977ae47586b89598f111ab6 * fix: update trigger tests * feat: schedule integration tests * update trigger snapshot and update what tests are pushed through * remove emoji in md title * break up contraints.md and resources.md into folder structure * test: update tests to check for reference files * test: delete unreferenced golden_dataset.txt * fix: resource naming consistency microsoft#1314 (comment) * test: update functions microsoft#1314 (comment) * test: add more assertions for integration tests microsoft#1314 (comment) * feat: add approval checkpoint after phase 2 microsoft#1314 (comment) * feat: reduce token count - split networking into two files microsoft#1314 (comment) * fix: update categoryFiles to match actual directory structure networking-services.md was split into networking-connectivity.md and networking-traffic.md Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Select scope based on infrastructure deployment type Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * make sure bicep scopes are correct in the context of the infra plan * fix: add explicit placeholders microsoft#1314 (comment) * fix: include error handling in SKILL.md microsoft#1314 (comment) * fix: split phases into separate file microsoft#1314 (comment) * fix: bring MCP tool section back to SKILL.md * feat: remove MCP tools table from workflow.md * feat: update error handling table * update snapshot and unit tests based on new SKILL.md * enableSoftDelete fix for consistency * trigger test fix, removed trigger test that more aligns with azure prepare * first iteration => version 1.0.0 * update snapshot header due to jest update: FAIL azure-enterprise-infra-planner/triggers.test.ts ● Test suite failed to run Outdated guide link: The snapshot guide link at the top of this snapshot is outdated. Please update all snapshots during this upgrade of Jest. Expected: https://jestjs.io/docs/snapshot-testing Received: https://goo.gl/fbAQLP --------- Co-authored-by: Jon Brockett <jbrockett@microsoft.com> Co-authored-by: Michael Ren <mren@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
…1428) In issue microsoft#1413 the deployment succeeded and azd printed endpoint URLs, but the LM produced an empty final response and never relayed them to the user. The plan template checklist—which the LM follows step by step—had no item requiring it to report the URLs. Add the missing checklist item to Phase 4 so the LM treats URL reporting as a required deployment step. Fixes microsoft#1413 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ssion-state (microsoft#1430) The LM was writing plan.md to the Copilot session-state folder instead of <workspace>/.azure/plan.md, which broke the azure-validate and azure-deploy skill chain since those skills read .azure/plan.md from the workspace root. Adds explicit disambiguation between the two plan.md files and bumps version to 1.0.7. Fixes microsoft#1408 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…nces (microsoft#1278) * Refactored azure-compute to be a router to vm-recommender and vm-troubleshooter sub-skills * Cleaned up description frontmatter, added to When to Use This Skill section * BREAKING CHANGE: modified skill description frontmatter; reverted manual version change since it's handled automatically now * feat!: pulled latest for semantic-version; bumping major version for update to description frontmatter * Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Refactored agents folder to workflows, and moved workflow-specific references to a references folder directly under the parent workflow; Updated integration tests; Added new isToolCalled helper function to evaluate.ts * Removed leftover test.only --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…e for plugin telemetry compatibility (microsoft#1439)
* Clarify Aspire + Functions secret storage Fixes microsoft#1323. When an Aspire app deploys to Azure Functions we need to ensure that the application is setup to access secret storage properly. Here we add the necessary guidance. Without this, the app may appear to deploy but then fail to start properly. Using the Azure skills, Copilot is likely to recover from this issue but it would be better to proactively check for this and avoid problems to begin with. * Pull out Aspire-specific guidance Move Aspire-specific guidance to a dedicated file. This guidance is very specific to Aspire and isn't needed for validating non-Aspire applications. * Address PR review feedback on secret storage guidance - Narrow grep scope: check AzureWebJobsSecretStorageType only in AppHost files containing AddAzureFunctionsProject, not repo-wide - Remove azd up references: use only azd provision to stay consistent with azure-validate's rule against running azd up directly - Stop hard-coding AppHost.cs: reference 'the AppHost source file containing AddAzureFunctionsProject' instead - Bump azure-validate version to 1.0.3 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix version bump to 1.0.1 No intermediate versions (1.0.1, 1.0.2) were released, so use the next sequential patch version instead of 1.0.3. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix fragile find|xargs pipeline for paths with spaces Use -print0 and xargs -0 to safely handle paths containing spaces in the detection commands for AzureWebJobsSecretStorageType. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add PowerShell equivalents for detection commands Provide PowerShell versions alongside bash commands for cross-platform consistency, matching the pattern already used in the post-provisioning section. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * DRY out aspire.md pre-provisioning section Replace duplicated detection commands and fix example with a brief summary and link to aspire-functions-secrets.md, which is the single source of truth for this guidance. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix grep flags: remove -l so file names and line numbers are printed The -l flag overrides -n by only printing matching filenames. Removing it lets -rn output both the filename and line number as intended. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* updated client support matrix * update the columns in the matrix
* Add Gulp build system with TypeScript gulpfile Introduce a Gulp-based build pipeline that copies plugin/ to output/. - Add gulp, ts-node, typescript, @types/gulp, @types/node as devDependencies - Create gulpfile.ts with a default task copying plugin/** to output/ - Create root tsconfig.json for ts-node - Add "build" npm script - Add output/ to .gitignore Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add NBGV auto-versioning for skills Use Nerdbank.GitVersioning to compute skill versions from git history. Each top-level skill gets a version.json with pathFilters so only commits within that skill's directory affect its version height. - Add version.json to each plugin/skills/*/ directory - Set SKILL.md metadata.version to placeholder (stamped at build time) - Update gulpfile.ts to stamp versions inline via a Transform stream - Add nerdbank-gitversioning and @types/vinyl as devDependencies Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add NBGV versioning for plugin.json files Stamp the version field in .plugin/plugin.json, .cursor-plugin/plugin.json, and .claude-plugin/plugin.json at build time using a shared NBGV version derived from plugin/version.json. Any commit under plugin/ increments the version height. Also refactors the gulpfile into separate stampSkillVersions and stampPluginVersions transforms, switches logging to fancy-log, and adds comments to regex constants. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Update CI pipelines to build from output/ with NBGV versioning - publish-to-marketplace.yml: Add build step, sync from output/ instead of plugin/, remove manual version bump logic - pr.yml skill-validation: Build first, validate frontmatter and skills.json against output/, remove version bump check - pr.yml reference-check: Build first, validate references against output/skills via new --skills-dir option - references/cli.ts: Add --skills-dir CLI option to override default plugin/skills directory - update-plugin-versions.yml: Mark as deprecated (NBGV replaces semantic-release) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Replace symlink-based local dev with build + --plugin-dir workflow - Rewrite CONTRIBUTING.md: npm install && npm run build + copilot --plugin-dir ./output - Delete scripts/src/local/ (setup, verify, test commands) and verify-local.ts - Update script entries in package.json and scripts/package.json - Add local dev note to README.md sovereign cloud section - Update docs/spec/azure-hosted-copilot-sdk.md to reflect removal Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR feedback: validate placeholder replacement, clean output/, validate --skills-dir - Fail build if version placeholder is missing from SKILL.md or plugin.json - Clean output/ directory before each build to prevent stale files - Validate --skills-dir path exists before using it - Add version.json and placeholder for new airunway-aks-setup skill from upstream Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR feedback: use --ignore-scripts in CI, fix MCP tool names - Use npm ci --ignore-scripts for root install in CI (postinstall runs scripts/ npm install which is unnecessary for the build) - Fix mcp_azure_mcp_get_bestpractices -> mcp_azure_mcp_get_azure_bestpractices in azure-cloud-migrate and azure-upgrade skills (bad merge resolution) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix TS2345: narrow parseArgs skills-dir type guard Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Replace version-change check with placeholder validation The old check compared base vs head plugin.json versions to detect manual changes. With NBGV handling versioning at build time, source files should always contain "0.0.0-placeholder". The new check validates this invariant directly. - Simplified script: reads files from disk, no git diff needed - Removed BASE_SHA/HEAD_SHA env vars from workflow - Removed fetch-depth: 0 (no longer needs git history) - Rewrote tests for new approach Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix azure-compute SKILL.md: restore upstream content lost in merge The merge in 6028b5e used git checkout --ours to resolve version conflicts, which inadvertently discarded upstream content changes (removal of Capacity Reservation workflow). Restored upstream content while keeping the 0.0.0-placeholder version. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address jongio review feedback - Add build output smoke test: validates all SKILL.md and plugin.json files in output/ have real semver versions (not placeholders), catching NBGV stamping failures before they reach customers - Update skill-files.instructions.md: version is now "0.0.0-placeholder" in source, stamped automatically by NBGV at build time - Fix @types/node to ^22 to match engines.node >=22.14.0 - Validate .github/skills references alongside output/skills in the markdown reference check job Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Revert instructions version to 1.0.0, clarify plugin vs non-plugin skills The 0.0.0-placeholder convention only applies to skills under plugin/. Skills elsewhere (e.g., .github/skills/) still use real semver versions. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Update tests to use built output from output/skills Tests now read skill files from output/skills (built by gulp) instead of plugin/skills (source). This ensures tests validate the same version-stamped files that customers receive. Updated: - jest.setup.ts: global SKILLS_PATH - skill-loader.ts: fallback paths - agent-runner.ts: integration test skill directory - jest.config.ts: coverage collection paths - 7 test files with hardcoded paths - README.md: added build prerequisite to setup instructions Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove accidentally committed .lscache files Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove .github/skills from markdown reference validation .github/skills are not part of the gulp build pipeline and contain intentional example broken links. Only validate output/skills. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR review feedback: build steps, path safety, exit codes - pr-plugin-version-check.yml: add fetch-depth: 0 so CHANGELOG diff has the base SHA available - gulpfile.ts: split on "/" instead of path.sep since Vinyl normalizes paths to forward slashes on all platforms - test-all-skills.yml, test-skill-reusable.yml, test-azure-deploy.yml, test-all-integration.yml, dashboard-collect.yml: add npm run build step and fetch-depth: 0 so tests run against built output - package.json, scripts/package.json: removed stubs now exit 1 so callers fail loudly instead of silently succeeding Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Extract build output version check into standalone script Move the inline github-script from pr.yml into scripts/src/verify-build-output-versions.ts. Add npm script verifyBuildOutputVersions. The workflow now calls the script via npm run instead of embedding JS in YAML. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1. Exclude version.json files from the copy to output. While their presence probably wouldn't harm anything they aren't meant to be part of the shipping product. 2. Support both / and \ as path separators when determining skill versions.
* Fix benchmarking running pipeline issue * Update .PARAMETER docs and add ValidateNotNullOrEmpty() for StorageAccountName and ContainerName Agent-Logs-Url: https://github.com/microsoft/GitHub-Copilot-for-Azure/sessions/a62fabb7-c9fc-4276-9498-ebf1a450f93d Co-authored-by: fanyang-mono <52458914+fanyang-mono@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
* Add performance dashboard * Potential fix for pull request finding 'CodeQL / Unused variable, import, function or class' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Add time period filter * Create an independent function app for syncing metrics data to the table from storage blob. And keep dashboard MI has ready only permission to storage account. * Check env var before using them and upgrade to node 22 * Only display dates with none zero reports and updated MI role assignments * Add a comment --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Tweak instructions to resolve synk high risks * Update snapshot * Incorporate copilot feedback * Adopt code review suggestions
…s test (microsoft#1994) The integration test was terminating early on the router skill (azure-kubernetes) instead of the sub-skill (azure-kubernetes-automatic-readiness), causing 0% invocation rate. Updated shouldEarlyTerminate and softCheckSkill to use SKILL_NAME and removed unused ROUTER_SKILL_NAME constant. Fixes microsoft#1979 Signed-off-by: Tatsat Mishra <tamishra@microsoft.com>
* add retry table * update deploy retry count logic * count retries per run * fix null scenario
…crosoft#1996) * test: improve AKS Automatic readiness integration test resilience - Add content-based fallback to isReadinessWorkflowInvoked() for environments where skill routing isnt available but the agent response clearly covers AKS Automatic migration/compatibility/readiness - Broaden severity classification keywords (requirement, restriction, limitation, constraint) to match the agents descriptive responses when no manifests are present to assess Signed-off-by: Tatsat Mishra <tamishra@microsoft.com> * test: address review feedback for AKS Automatic readiness test - Tighten content-based fallback to require 2+ domain terms instead of 1, reducing false positives from prompt echo - Remove "constraint" from severity keywords since the prompt itself contains "constraints" Signed-off-by: Tatsat Mishra <tamishra@microsoft.com> --------- Signed-off-by: Tatsat Mishra <tamishra@microsoft.com>
…icrosoft#1990) Fixes microsoft#1927 - Agent was using subdirectory names (e.g. todo-src-azure) instead of workspace root name for the output directory. - Replace ambiguous <source-folder> and <aws-folder> placeholders with explicit <workspace-root-basename> across all skill reference files - Add clarification that it refers to the top-level workspace directory, NOT a subdirectory within it
* move troubleshoot under new folder structure * update code block lengths * update troubleshooting file lengths and content * fix pr comments --------- Co-authored-by: Alex Okonechnikov <alexok@microsoft.com>
* Add deploy-dashboard workflow * No WEB_URL * Fix comment * Remove trailing whitespace
…t#2000) * chore: add todo placeholder * feat: MAF GA * chore: add Pre-Execution Requirements * fix: agent_update sub tool call * fix: comments * fix: comments * chore: improve agent_update param * fix: sync credentials * fix: comments * chore: improve deploy param
…icrosoft#2007) Co-authored-by: Jon Brockett <jbrockett@microsoft.com>
* Redact sas values * Relax sas regex
* Initialize test result entry * Adopt copilot suggestions
* Refactor local link validator * Fix link value in LinkIssue * Add eof newline * Fix link property value Only search for existing non-directory links for orphans
Co-authored-by: Copilot <copilot@github.com>
…kill, fix invoke skill and other issues (microsoft#2013) * refactor: muli-protocal and fix invoke, deploy * chore: add MI rbac assignment after deployment * fix: scripts relative path * chore: update tests * fix: comments * fix: comments * fix: comments * fix: tests * fix: test * chore: add invoke fallback * chore: clean * fix: comments * fix: relative path * chore: improve lifecycle * chore: add code owners
Co-authored-by: Copilot <copilot@github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 8 comments.
Comments suppressed due to low confidence (1)
plugin/skills/azure-iac-generator/references/procedures/diagram-parsing.md:49
- The output schema description says
locationis a “container” field, but inazure-resource-model.mdthelocationfield is defined as the Azure region. Recommend aligning terminology (e.g., useresourceGroup/parent/relationships.containsfor containment, and reservelocationfor region).
## Output Schema
The parsed model follows [azure-resource-model.md](../azure-resource-model.md). Each resource has: `id`, `type`, `name`, `location` (container), `relationships`, and `tags`.
Comment on lines
+9
to
+13
| ### Microsoft.Storage/storageAccounts | ||
|
|
||
| **MCP Tool**: `mcp_azure_storage` | ||
| **Fallback**: `az storage account show --ids <resourceId> -o json` | ||
|
|
There was a problem hiding this comment.
The MCP tool identifiers here use mcp_azure_* (e.g., mcp_azure_storage, mcp_azure_sql), which doesn’t match the repo’s validated Azure MCP reference formats (mcp_azure_mcp_<tool> or azure__<tool>). As written, this guidance will cause invalid tool calls. Recommend updating to the correct tool IDs (e.g., mcp_azure_mcp_storage, mcp_azure_mcp_sql, etc.).
Comment on lines
+33
to
+36
| | Field | Type | Required | Description | | ||
| |-------|------|----------|-------------| | ||
| | `id` | string | Yes | Unique identifier within the model. Use a short slug (e.g., `vm-web-01`). | | ||
| | `type` | string | Yes | Azure resource provider type (e.g., `Microsoft.Compute/virtualMachines`). | |
There was a problem hiding this comment.
The schema defines id as a short slug (e.g., vm-web-01), but the Azure-to-Bicep workflow instructs extracting id from group_resource_list (ARM resource ID). This mismatch will make downstream comparisons and relationship targetId ambiguous. Consider either defining id as the ARM resource ID, or adding separate fields (e.g., armId + id slug) and updating the workflows accordingly.
Comment on lines
+22
to
+30
| Always note the version choice in `.bicepparam` comments: | ||
|
|
||
| ```bicep | ||
| // Runtime stack for the App Service. | ||
| // DOTNET|10.0 → .NET 10 (LTS, supported until Nov 2028) | ||
| // NODE|22-lts → Node.js 22 LTS (supported until Apr 2027) | ||
| // PYTHON|3.13 → Python 3.13 (supported until Oct 2029) | ||
| // JAVA|21 → Java 21 LTS (supported until Sep 2028) | ||
| param appServiceRuntimeStack = 'DOTNET|10.0' |
There was a problem hiding this comment.
The .bicepparam example hardcodes specific runtime versions and “supported until” dates. Since this file is meant to enforce version currency over time, these concrete versions/dates will inevitably go stale and may mislead users. Consider making the example clearly illustrative (placeholders) and/or instructing the agent to look up the current support window at generation time rather than embedding dates here.
Suggested change
| Always note the version choice in `.bicepparam` comments: | |
| ```bicep | |
| // Runtime stack for the App Service. | |
| // DOTNET|10.0 → .NET 10 (LTS, supported until Nov 2028) | |
| // NODE|22-lts → Node.js 22 LTS (supported until Apr 2027) | |
| // PYTHON|3.13 → Python 3.13 (supported until Oct 2029) | |
| // JAVA|21 → Java 21 LTS (supported until Sep 2028) | |
| param appServiceRuntimeStack = 'DOTNET|10.0' | |
| Always note the version choice in `.bicepparam` comments. Treat the example below as a template only: look up the current supported runtime and support window at generation time rather than copying literal versions or dates from this document. | |
| ```bicep | |
| // Runtime stack for the App Service. | |
| // Replace the placeholders below with the current supported values at generation time. | |
| // <runtime-stack-1> → <runtime-display-name-1> (<support-channel-1>, supported until <support-end-date-1>) | |
| // <runtime-stack-2> → <runtime-display-name-2> (<support-channel-2>, supported until <support-end-date-2>) | |
| // <runtime-stack-3> → <runtime-display-name-3> (<support-channel-3>, supported until <support-end-date-3>) | |
| // <runtime-stack-4> → <runtime-display-name-4> (<support-channel-4>, supported until <support-end-date-4>) | |
| param appServiceRuntimeStack = '<current-supported-runtime-stack>' |
Co-authored-by: Copilot <copilot@github.com>
4 tasks
Author
|
Replaced with #2053 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
split from #1834
Adds azure-iac-generator, to create bicep templates and draw.io diagrams based on the live Azure environment
Checklist
cd tests && npm test)npm run test:skills:integration -- <skill>)USE FOR/DO NOT USE FOR/PREFER OVERclauses: confirmed no routing regressions for competing skillsRelated Issues