commit

Author: Tejasri-Microsoft

docs/CustomizeSchemaData.md

@@ -77,14 +77,14 @@ A new JSON Schema document needs to be created that defines the schema as a decl
 
 **Sample Schemas:** The accelerator ships with 4 sample schemas — use any as a starting template:
 
-| Schema                    | File                                                                              | Class Name                      | Auto-registered |
+| Schema                    | File                                                                              | Class Name                      | Included sample |
 | ------------------------- | --------------------------------------------------------------------------------- | ------------------------------- | --------------- |
 | Auto Insurance Claim Form | [autoclaim.json](../src/ContentProcessorAPI/samples/schemas/autoclaim.json)             | `AutoInsuranceClaimForm`        | ✅               |
 | Police Report             | [policereport.json](../src/ContentProcessorAPI/samples/schemas/policereport.json)       | `PoliceReportDocument`          | ✅               |
 | Repair Estimate           | [repairestimate.json](../src/ContentProcessorAPI/samples/schemas/repairestimate.json)   | `RepairEstimateDocument`        | ✅               |
 | Damaged Vehicle Image     | [damagedcarimage.json](../src/ContentProcessorAPI/samples/schemas/damagedcarimage.json) | `DamagedVehicleImageAssessment` | ✅               |
 
-> **Note:** All 4 schemas are automatically registered during deployment (via `azd up` or the `register_schema.py` script) and grouped into the **"Auto Claim"** schema set.
+> **Note:** These 4 schemas are included in the repository and are registered when you run the manual post-deployment schema registration step (for example, `register_schemas.ps1` / `register_schemas.sh`, or `run_post_deployment.ps1` / `run_post_deployment.sh`). They are then grouped into the **"Auto Claim"** schema set.
 
 Duplicate one of these files and update with fields that represent your document type.
 

docs/DeploymentGuide.md

@@ -323,7 +323,11 @@ Run schema registration first to:
 **macOS/Linux:**
 
 ```bash
-sed -i 's/\r$//' ./infra/scripts/register_schemas.sh
+if [ "$(uname)" = "Darwin" ]; then
+   sed -i '' 's/\r$//' ./infra/scripts/register_schemas.sh
+else
+   sed -i 's/\r$//' ./infra/scripts/register_schemas.sh
+fi
 bash ./infra/scripts/register_schemas.sh
 ```
 
@@ -347,7 +351,11 @@ After schema registration completes, upload the sample bundles as a separate exp
 **macOS/Linux:**
 
 ```bash
-sed -i 's/\r$//' ./infra/scripts/upload_sample_data.sh
+if [ "$(uname)" = "Darwin" ]; then
+   sed -i '' 's/\r$//' ./infra/scripts/upload_sample_data.sh
+else
+   sed -i 's/\r$//' ./infra/scripts/upload_sample_data.sh
+fi
 bash ./infra/scripts/upload_sample_data.sh
 ```
 
@@ -364,7 +372,11 @@ Run authentication setup as an explicit step after post-deployment data setup:
 **macOS/Linux:**
 
 ```bash
-sed -i 's/\r$//' ./infra/scripts/setup_auth.sh
+if [ "$(uname)" = "Darwin" ]; then
+   sed -i '' 's/\r$//' ./infra/scripts/setup_auth.sh
+else
+   sed -i 's/\r$//' ./infra/scripts/setup_auth.sh
+fi
 bash ./infra/scripts/setup_auth.sh
 ```
 

infra/scripts/configure_auth.ps1

@@ -13,8 +13,8 @@ if ($env:AZURE_SKIP_AUTH_SETUP -eq "true") {
   return
 }
 
-$PrefightOnly = $args -contains "--preflight-only"
-if ($PrefightOnly) {
+$PreflightOnly = $args -contains "--preflight-only"
+if ($PreflightOnly) {
   Write-Host ""
   Write-Host "============================================================"
   Write-Host "🔍 Preflight permission check (read-only — no changes made)"
@@ -26,6 +26,24 @@ if ($PrefightOnly) {
   Write-Host "============================================================"
 }
 
+if (-not (Get-Command az -ErrorAction SilentlyContinue)) {
+  Write-Error "Azure CLI (az) is not installed or not on PATH. Install from https://aka.ms/installazurecli and re-run."
+  exit 1
+}
+
+if (-not (Get-Command azd -ErrorAction SilentlyContinue)) {
+  Write-Error "Azure Developer CLI (azd) is not installed or not on PATH. Install from https://aka.ms/install-azd and re-run."
+  exit 1
+}
+
+try {
+  azd env get-values *> $null
+  if ($LASTEXITCODE -ne 0) { throw }
+} catch {
+  Write-Error "No active azd environment found. Run 'azd env list' and 'azd env select <name>', then re-run."
+  exit 1
+}
+
 function Azd-Get($key, $default = "") {
   try { return (azd env get-value $key 2>$null) } catch { return $default }
 }
@@ -240,7 +258,7 @@ function Validate-PrerequisitesAndPermissions {
 
 Validate-PrerequisitesAndPermissions
 
-if ($PrefightOnly) {
+if ($PreflightOnly) {
   Write-Host ""
   Write-Host "✅ Preflight-only mode: all permission checks passed. No changes were made."
   exit 0
@@ -420,7 +438,6 @@ Ensure-CaSecret $WebClientId $WebName
 # --- Step 5: Enable EasyAuth ------------------------------------------------
 Write-Host ""
 Write-Host "➡️  Step 5/6: Enabling EasyAuth on Web + API container apps"
-$Issuer = "https://login.microsoftonline.com/$TenantId/v2.0"
 
 function Configure-EasyAuth($CaName, $ClientId) {
   # Note: --tenant-id and --issuer are mutually exclusive. Do not override

infra/scripts/configure_auth.sh

@@ -29,6 +29,24 @@ else
   echo "============================================================"
 fi
 
+if ! command -v az >/dev/null 2>&1; then
+  echo "❌ Azure CLI (az) is not installed or not on PATH." >&2
+  echo "   Install it from https://aka.ms/installazurecli, then re-run." >&2
+  exit 1
+fi
+
+if ! command -v azd >/dev/null 2>&1; then
+  echo "❌ Azure Developer CLI (azd) is not installed or not on PATH." >&2
+  echo "   Install it from https://aka.ms/install-azd, then re-run." >&2
+  exit 1
+fi
+
+if ! azd env get-values >/dev/null 2>&1; then
+  echo "❌ No active azd environment found." >&2
+  echo "   Run 'azd env list' and 'azd env select <name>', then re-run." >&2
+  exit 1
+fi
+
 # --- Load values from azd env -------------------------------------------------
 ENV_NAME="$(azd env get-value AZURE_ENV_NAME 2>/dev/null || echo "")"
 RESOURCE_GROUP="$(azd env get-value AZURE_RESOURCE_GROUP 2>/dev/null || true)"
@@ -97,6 +115,20 @@ retry() {
   done
 }
 
+# Generate a UUID in a macOS/Linux portable way.
+generate_uuid() {
+  if command -v uuidgen >/dev/null 2>&1; then
+    uuidgen
+  elif command -v python3 >/dev/null 2>&1; then
+    python3 -c 'import uuid; print(uuid.uuid4())'
+  elif [[ -r /proc/sys/kernel/random/uuid ]]; then
+    cat /proc/sys/kernel/random/uuid
+  else
+    echo "❌ Unable to generate UUID. Install uuidgen or python3." >&2
+    exit 1
+  fi
+}
+
 # Print a preflight check result line
 _check() {
   local status="$1"  # PASS | WARN | FAIL
@@ -164,6 +196,15 @@ validate_prerequisites_and_permissions() {
     fatal=true
   fi
 
+  # ── 3b. Python 3 available (used for authConfig JSON patching) ───
+  if command -v python3 >/dev/null 2>&1; then
+    _check PASS "python3 available (required for authConfig patching)"
+  else
+    _check FAIL "python3 available (required for authConfig patching)" \
+      "Install Python 3 and ensure 'python3' is on PATH, then re-run."
+    fatal=true
+  fi
+
   # ── 4. Contributor (or Owner) on the resource group ──────────────
   local current_principal
   current_principal="$(az ad signed-in-user show --query id -o tsv 2>/dev/null || true)"
@@ -301,7 +342,7 @@ API_IDENTIFIER_URI="api://${API_CLIENT_ID}"
 API_SCOPE_ID="$(az ad app show --id "$API_CLIENT_ID" \
   --query "api.oauth2PermissionScopes[?value=='user_impersonation'].id | [0]" -o tsv)"
 if [[ -z "$API_SCOPE_ID" || "$API_SCOPE_ID" == "null" ]]; then
-  API_SCOPE_ID="$(cat /proc/sys/kernel/random/uuid)"
+  API_SCOPE_ID="$(generate_uuid)"
   cat > /tmp/api_scope_patch.json <<EOF
 {
   "identifierUris": ["$API_IDENTIFIER_URI"],
@@ -365,7 +406,7 @@ WEB_IDENTIFIER_URI="api://${WEB_CLIENT_ID}"
 # + add SPA redirect URI + declare required resource access on API scope + Graph User.Read
 WEB_SCOPE_ID="$(az ad app show --id "$WEB_CLIENT_ID" \
   --query "api.oauth2PermissionScopes[?value=='user_impersonation'].id | [0]" -o tsv)"
-[[ -z "$WEB_SCOPE_ID" || "$WEB_SCOPE_ID" == "null" ]] && WEB_SCOPE_ID="$(cat /proc/sys/kernel/random/uuid)"
+[[ -z "$WEB_SCOPE_ID" || "$WEB_SCOPE_ID" == "null" ]] && WEB_SCOPE_ID="$(generate_uuid)"
 
 cat > /tmp/web_patch.json <<EOF
 {

infra/scripts/post_deployment.ps1

@@ -332,8 +332,9 @@ if (-not $ApiReady) {
 
                 $schemaId = $Registered[$schemaClass]
                 if (-not $schemaId) {
-                    Write-Host "    - No schema ID found for '$schemaClass'. Skipping '$fileName'."
-                    continue
+                    Write-Host "    - No schema ID found for '$schemaClass'. Marking bundle upload as failed and skipping submission."
+                    $uploadSuccess = $false
+                    break
                 }
 
                 Write-Host "    - Uploading '$fileName' (schema: $schemaClass)..."

infra/scripts/post_deployment.sh

@@ -341,8 +341,9 @@ else
         done
 
         if [ -z "$SCHEMA_ID" ]; then
-          echo "    - No schema ID found for '$SCHEMA_CLASS'. Skipping '$FILE_NAME'."
-          continue
+          echo "    ❌ No schema ID found for '$SCHEMA_CLASS'. Marking bundle upload as failed and skipping submission."
+          UPLOAD_SUCCESS=false
+          break
         fi
 
         echo "    - Uploading '$FILE_NAME' (schema: $SCHEMA_CLASS)..."

infra/scripts/run_post_deployment.ps1

@@ -89,8 +89,8 @@ if ($env:SKIP_SCHEMA_REGISTRATION -eq "true") {
         Write-StepOk 1
     } catch {
         Write-StepFail 1
-        Write-Host "  To retry : .\$Step1Script"
-        Write-Host "  To skip  : `$env:SKIP_SCHEMA_REGISTRATION = 'true'; .\$ScriptDir\run_post_deployment.ps1"
+        Write-Host "  To retry : & \"$Step1Script\""
+        Write-Host "  To skip  : `$env:SKIP_SCHEMA_REGISTRATION = 'true'; & \"$(Join-Path $ScriptDir 'run_post_deployment.ps1')\""
         exit 1
     }
 }
@@ -115,8 +115,8 @@ if ($env:SKIP_SAMPLE_DATA_UPLOAD -eq "true") {
         Write-StepOk 2
     } catch {
         Write-StepFail 2
-        Write-Host "  To retry : .\$Step2Script"
-        Write-Host "  To skip  : `$env:SKIP_SAMPLE_DATA_UPLOAD = 'true'; .\$ScriptDir\run_post_deployment.ps1"
+        Write-Host "  To retry : & \"$Step2Script\""
+        Write-Host "  To skip  : `$env:SKIP_SAMPLE_DATA_UPLOAD = 'true'; & \"$(Join-Path $ScriptDir 'run_post_deployment.ps1')\""
         exit 1
     }
 }
@@ -134,18 +134,18 @@ Write-Host "    * Cloud Application Administrator / Global Administrator — to
 Write-Host "    * Contributor on resource group — to update Container Apps"
 Write-Host ""
 Write-Host "  To skip this step:"
-Write-Host "    `$env:SKIP_AUTH_SETUP = 'true'; .\$ScriptDir\run_post_deployment.ps1"
+Write-Host "    `$env:SKIP_AUTH_SETUP = 'true'; & \"$(Join-Path $ScriptDir 'run_post_deployment.ps1')\""
 Write-Host "    — or —"
 Write-Host "    azd env set AZURE_SKIP_AUTH_SETUP true"
-Write-Host "    then run .\$Step3Script later when permissions are available."
+Write-Host "    then run & \"$Step3Script\" later when permissions are available."
 Write-Host ""
 
 $AzureSkipAuth = Azd-Get "AZURE_SKIP_AUTH_SETUP"
 
 if ($env:SKIP_AUTH_SETUP -eq "true" -or $AzureSkipAuth -eq "true" -or $env:AZURE_SKIP_AUTH_SETUP -eq "true") {
     Write-StepSkip 3 "SKIP_AUTH_SETUP=true or AZURE_SKIP_AUTH_SETUP=true"
     Write-Host "  Run manually when permissions are available:"
-    Write-Host "    .\$Step3Script"
+    Write-Host "    & \"$Step3Script\""
 } else {
     if (-not (Test-Path $Step3Script)) {
         Write-Error "Script not found: $Step3Script"
@@ -157,7 +157,7 @@ if ($env:SKIP_AUTH_SETUP -eq "true" -or $AzureSkipAuth -eq "true" -or $env:AZURE
         Write-StepOk 3
     } catch {
         Write-StepFail 3
-        Write-Host "  To retry auth setup  : .\$Step3Script"
+        Write-Host "  To retry auth setup  : & \"$Step3Script\""
         Write-Host "  For manual portal steps: docs/ConfigureAppAuthentication.md"
         exit 1
     }