Merge branch 'psl-hb-infrachanges' of https://github.com/Harsh-Microsoft/Multi-Agent-Custom-Automation-Engine-Solution-Accelerator into psl-hb-infrachanges

Author: Tejasri-Microsoft

azure.yaml

@@ -11,24 +11,6 @@ hooks:
       shell: pwsh
       interactive: true
     posix:
-      run: |
-        Blue='\033[0;34m'
-        Green='\033[0;32m'
-        Yellow='\033[1;33m'
-        NC='\033[0m'
-
-        printf "\n"
-
-        printf "${Yellow}===============================================================\n"
-        printf "${Green} POST-DEPLOYMENT STEPS (Bash)\n"
-        printf "${Yellow}===============================================================${NC}\n\n"
-
-        printf  "Upload Team Configurations and index sample data:\n"
-        printf  "  👉 Run the following command in Bash:\n"
-        printf  "   ${Blue}bash infra/scripts/post-provision/selecting_team_config_and_data.sh${NC}\n\n"
-
-        printf "🌐 Access your deployed Frontend application at:\n"
-        printf "   ${Blue}https://%s${NC}\n\n" "$webSiteDefaultHostname"
-
+      run: bash infra/scripts/post-provision/post_deploy.sh
       shell: sh
       interactive: true

azure_custom.yaml

@@ -46,62 +46,10 @@ services:
 hooks:
   postdeploy:
     windows:
-      run: |
-        # Detect if running in Git Bash or similar Bash environment
-        if ($env:SHELL -like "*bash*" -or $env:MSYSTEM) {
-          # Running in Git Bash/MSYS2 environment
-          Write-Host ""
-          Write-Host "===============================================================" -ForegroundColor Yellow
-          Write-Host " POST-DEPLOYMENT STEPS (Bash)" -ForegroundColor Green  
-          Write-Host "===============================================================" -ForegroundColor Yellow
-          Write-Host ""
-
-          Write-Host " Upload Team Configurations and index sample data" -ForegroundColor White
-          Write-Host "  👉 Run the following command in Bash:" -ForegroundColor White
-          Write-Host "   bash infra/scripts/post-provision/selecting_team_config_and_data.sh" -ForegroundColor Cyan
-          Write-Host ""
-
-          Write-Host "🌐 Access your deployed Frontend application at:" -ForegroundColor Green
-          Write-Host "   https://$env:webSiteDefaultHostname" -ForegroundColor Cyan
-          Write-Host ""
-        } else {
-          # Running in PowerShell
-          Write-Host ""
-          Write-Host "===============================================================" -ForegroundColor Yellow
-          Write-Host " POST-DEPLOYMENT STEP (PowerShell) " -ForegroundColor Green
-          Write-Host "===============================================================" -ForegroundColor Yellow
-          Write-Host ""
-
-          Write-Host " Upload Team Configurations and index sample data" -ForegroundColor White
-          Write-Host "  👉 Run the following command in PowerShell:" -ForegroundColor White
-          Write-Host "   infra\scripts\post-provision\Selecting-Team-Config-And-Data.ps1" -ForegroundColor Cyan
-          Write-Host ""
-
-          Write-Host "🌐 Access your deployed Frontend application at:" -ForegroundColor Green
-          Write-Host "   https://$env:webSiteDefaultHostname" -ForegroundColor Cyan
-          Write-Host ""
-        }
-        
+      run: infra/scripts/post-provision/post_deploy.ps1
       shell: pwsh
       interactive: true
     posix:
-      run: |
-        Blue='\033[0;34m'
-        Green='\033[0;32m'
-        Yellow='\033[1;33m'
-        NC='\033[0m'
-
-        printf "\n"
-
-        printf "${Yellow}===============================================================\n"
-        printf "${Green} POST-DEPLOYMENT STEPS (Bash)\n"
-        printf "${Yellow}===============================================================${NC}\n\n"
-
-        printf  "Upload Team Configurations and index sample data:\n"
-        printf  "  👉 Run the following command in Bash:\n"
-        printf  "   ${Blue}bash infra/scripts/post-provision/selecting_team_config_and_data.sh${NC}\n\n"
-
-        printf "🌐 Access your deployed Frontend application at:\n"
-        printf "   ${Blue}https://%s${NC}\n\n" "$webSiteDefaultHostname"
+      run: bash infra/scripts/post-provision/post_deploy.sh
       shell: sh
       interactive: true

infra/avm/main.bicep

@@ -555,37 +555,6 @@ var aiSearchIndexNameForRFPSummary = 'macae-rfp-summary-index'
 var aiSearchIndexNameForRFPRisk = 'macae-rfp-risk-index'
 var aiSearchIndexNameForRFPCompliance = 'macae-rfp-compliance-index'
 
-// var aiFoundryRoleIds = {
-//   foundryUser: '53ca6127-db72-4b80-b1b0-d745d6d5456d'
-//   azureAiDeveloper: '64702f94-c441-49e6-a78b-ef80e0188fee'
-//   cognitiveServicesOpenAIUser: '5e0bd9bd-7b93-4f28-af87-19fc36ad61bd'
-// }
-
-// var existingAiFoundryManagedIdentityRoles = [
-//   {
-//     suffix: 'managedidentity-foundry-user'
-//     roleDefinitionId: format('/subscriptions/{0}/providers/Microsoft.Authorization/roleDefinitions/{1}', aiFoundryAiServicesSubscriptionId, aiFoundryRoleIds.foundryUser)
-//   }
-//   {
-//     suffix: 'managedidentity-ai-developer'
-//     roleDefinitionId: format('/subscriptions/{0}/providers/Microsoft.Authorization/roleDefinitions/{1}', aiFoundryAiServicesSubscriptionId, aiFoundryRoleIds.azureAiDeveloper)
-//   }
-//   {
-//     suffix: 'managedidentity-openai-user'
-//     roleDefinitionId: format('/subscriptions/{0}/providers/Microsoft.Authorization/roleDefinitions/{1}', aiFoundryAiServicesSubscriptionId, aiFoundryRoleIds.cognitiveServicesOpenAIUser)
-//   }
-// ]
-
-// var existingAiFoundryDeployerRoles = [
-//   {
-//     suffix: 'deployer-foundry-user'
-//     roleDefinitionId: format('/subscriptions/{0}/providers/Microsoft.Authorization/roleDefinitions/{1}', aiFoundryAiServicesSubscriptionId, aiFoundryRoleIds.foundryUser)
-//   }
-//   {
-//     suffix: 'deployer-ai-developer'
-//     roleDefinitionId: format('/subscriptions/{0}/providers/Microsoft.Authorization/roleDefinitions/{1}', aiFoundryAiServicesSubscriptionId, aiFoundryRoleIds.azureAiDeveloper)
-//   }
-// ]
 
 // ============================================================================
 // Resource Group Tags
@@ -758,6 +727,7 @@ module virtualMachine './modules/compute/virtual-machine.bicep' = if (enablePriv
     location: location
     tags: tags
     enableTelemetry: enableTelemetry
+    deployingUserPrincipalId: deployingUserPrincipalId
     vmSize: vmSize
     adminUsername: vmAdminUsername ?? 'JumpboxAdminUser'
     adminPassword: vmAdminPassword ?? 'JumpboxAdminP@ssw0rd1234!'
@@ -833,32 +803,7 @@ module ai_foundry_project './modules/ai/ai-foundry-project.bicep' = if (!useExis
   }
 }
 
-// @batchSize(1)
-// module existingAiFoundryManagedIdentityRoleAssignments './modules/identity/cross-scope-role-assignment.bicep' = [for role in existingAiFoundryManagedIdentityRoles: if (useExistingAIProject) {
-//   name: take('module.existing-aif-mi-${role.suffix}.${solutionName}', 64)
-//   scope: resourceGroup(aiFoundryAiServicesSubscriptionId, aiFoundryAiServicesResourceGroupName)
-//   params: {
-//     principalId: managed_identity.outputs.principalId
-//     roleDefinitionId: role.roleDefinitionId
-//     roleAssignmentName: guid(solutionSuffix, aiFoundryAiServicesResourceName, role.suffix)
-//     aiFoundryName: aiFoundryAiServicesResourceName
-//     principalType: 'ServicePrincipal'
-//   }
-// }]
-
-// @batchSize(1)
-// module existingAiFoundryDeployerRoleAssignments './modules/identity/cross-scope-role-assignment.bicep' = [for role in existingAiFoundryDeployerRoles: if (useExistingAIProject) {
-//   name: take('module.existing-aif-deployer-${role.suffix}.${solutionName}', 64)
-//   scope: resourceGroup(aiFoundryAiServicesSubscriptionId, aiFoundryAiServicesResourceGroupName)
-//   params: {
-//     principalId: deployingUserPrincipalId
-//     roleDefinitionId: role.roleDefinitionId
-//     roleAssignmentName: guid(solutionSuffix, aiFoundryAiServicesResourceName, role.suffix)
-//     aiFoundryName: aiFoundryAiServicesResourceName
-//     principalType: deployerPrincipalType
-//   }
-// }]
-
+// Commented Private Endpoints as MCP KnowledgeBase Connections doesn't work private endpoints
 // module aiFoundryPrivateEndpoint './modules/networking/private-endpoint.bicep' = if (enablePrivateNetworking && !useExistingAIProject) {
 //   name: take('module.pe-ai-foundry.${solutionName}', 64)
 //   params: {
@@ -895,12 +840,12 @@ module ai_foundry_project './modules/ai/ai-foundry-project.bicep' = if (!useExis
 //   }
 // }
 
-var aiFoundryAiProjectName = useExistingAIProject ? existing_project_setup!.outputs.aiProjectName : ai_foundry_project!.outputs.projectName
+var aiFoundryAiProjectName = useExistingAIProject ? existing_project_setup!.outputs.projectName : ai_foundry_project!.outputs.projectName
 var aiFoundryAiProjectEndpoint = useExistingAIProject ? existing_project_setup!.outputs.projectEndpoint : ai_foundry_project!.outputs.projectEndpoint
-var aiFoundryAiProjectPrincipalId = useExistingAIProject ? existing_project_setup!.outputs.aiProjectPrincipalId : ai_foundry_project!.outputs.projectIdentityPrincipalId
-var aiFoundryAiServicesEndpoint = useExistingAIProject ? existing_project_setup!.outputs.aiFoundryEndpoint : ai_foundry_project!.outputs.endpoint
+var aiFoundryAiProjectPrincipalId = useExistingAIProject ? existing_project_setup!.outputs.projectIdentityPrincipalId : ai_foundry_project!.outputs.projectIdentityPrincipalId
+var aiFoundryAiServicesEndpoint = useExistingAIProject ? existing_project_setup!.outputs.endpoint : ai_foundry_project!.outputs.endpoint
 var aiFoundryOpenAIEndpoint = 'https://${aiFoundryAiServicesResourceName}.openai.azure.com/'
-var aiFoundryResourceId = useExistingAIProject ? existing_project_setup!.outputs.aiFoundryResourceId : ai_foundry_project!.outputs.resourceId
+var aiFoundryResourceId = useExistingAIProject ? existing_project_setup!.outputs.resourceId : ai_foundry_project!.outputs.resourceId
 
 @batchSize(1)
 module model_deployments './modules/ai/ai-foundry-model-deployment.bicep' = [for (deployment, i) in aiModelDeployments: {
@@ -1426,6 +1371,7 @@ module webSite './modules/compute/app-service.bicep' = {
     virtualNetworkSubnetId: enablePrivateNetworking ? virtualNetwork!.outputs.webserverfarmSubnetResourceId : ''
     publicNetworkAccess: 'Enabled'
     diagnosticSettings: monitoringDiagnosticSettings
+    applicationInsightResourceId: enableMonitoring ? app_insights!.outputs.resourceId : ''
   }
 }