chore: dev to main merge#65
Merged
Merged
Conversation
fix: codeQL issues
fix: Updated azure.yaml file to exclude the 1.23.9 azd version
fix: Fabric Event Hub connection credentials
fix: add SecurityControl Ignore tag to Event Hub namespace to allow local auth
Saswato-Microsoft
requested review from
Avijit-Microsoft,
Prajwal-Microsoft,
Roopan-Microsoft,
Vinay-Microsoft,
aniaroramsft,
dgp10801,
nchandhi and
toherman-msft
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR improves the Microsoft Fabric ↔ Azure Event Hub integration (especially for SAS-based connections) by normalizing Event Hub endpoints and aligning connection payloads, while also introducing an Event Hub–specific tag override in the infra deployment and cleaning up unused imports/tooling constraints.
Changes:
- Add Event Hub endpoint normalization and apply it during Event Hub connection create/update flows, including explicitly setting
singleSignOnTypeto"None". - Add
eventHubTagsin Bicep to apply a targetedSecurityControl: 'Ignore'tag override to the Event Hub namespace module. - Remove unused Python imports across Fabric helper scripts and adjust
azdversion constraints inazure.yaml.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| infra/scripts/fabric/graph_api.py | Removes unused typing imports. |
| infra/scripts/fabric/fabric_workspace.py | Removes unused sys import. |
| infra/scripts/fabric/fabric_eventstream_definition.py | Removes unused typing imports. |
| infra/scripts/fabric/fabric_eventhub.py | Removes unused sys import. |
| infra/scripts/fabric/fabric_eventhouse.py | Removes unused typing imports. |
| infra/scripts/fabric/fabric_database.py | Removes unused imports and drops unused Kusto request properties import. |
| infra/scripts/fabric/fabric_common_utils.py | Removes unused argparse import. |
| infra/scripts/fabric/fabric_api.py | Adds endpoint normalization + updates Event Hub connection create/update payloads. |
| infra/scripts/fabric/fabric_activator_definition.py | Removes unused typing imports. |
| infra/main.bicep | Adds Event Hub–specific tag overrides and applies them to the namespace module. |
| azure.yaml | Updates azd required version constraint to exclude a specific version. |
Comments suppressed due to low confidence (1)
infra/scripts/fabric/fabric_api.py:785
- In create_eventhub_connection, allowConnectionUsageInGateway is set to the string "false" while update_eventhub_connection uses a boolean False. Since this payload is JSON-encoded from a Python dict, sending a string here can cause the API to reject the request or interpret the value incorrectly; it should be a boolean for consistency with the update flow.
"displayName": name,
"connectivityType": "ShareableCloud",
"allowConnectionUsageInGateway": "false",
"connectionDetails": {
"type": "EventHub",
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
chore: Add AZD Template Validation Workflow (Scheduled & On-Demand) and Refactor Azure Deployment Pipeline for RTI
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Document the known platform-level limitation of the Fabric Data Agent SDK (Preview) where programmatic table selections do not persist after publishing. Added Preview callout banner, Known Limitations section with root cause details (confirmed by Microsoft Support SR 2604010010005113), and step-by-step manual workaround with placeholder screenshots for the required post-deployment table selection in the Fabric portal. Fixes Bug #38607 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…election-docs docs: Document Fabric Data Agent table selection limitation and workaround
Accept dev's workflow_dispatch-only trigger for azure-dev.yml (with commented-out push/PR triggers). Accept dev's schedule+dispatch trigger for azd-ai-template-validation.yml. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Restore push and pull_request triggers with path filters for both azure-dev.yml and azd-ai-template-validation.yml, while keeping dev's schedule trigger and structural changes. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
fix: Filter the paths to run the pipeline
Roopan-Microsoft
temporarily deployed
to
rti-build
GitHub Actions
Inactive
Roopan-Microsoft
temporarily deployed
to
rti-validate
GitHub Actions
Inactive
Roopan-Microsoft
temporarily deployed
to
rti-build
GitHub Actions
Inactive
Roopan-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Roopan-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Roopan-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Roopan-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Roopan-Microsoft
approved these changes
Apr 14, 2026
The tags parameter was defined in main.bicep but not mapped in main.parameters.json, so users could not pass custom tags via azd env set AZURE_TAGS. This is needed to support SFI policy bypass by setting Securitycontrol:Ignore tag on the resource group before Event Hub creation (which requires local auth enabled). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
fix: Wire tags parameter in main.parameters.json for SFI policy bypass
Yamini-Microsoft
temporarily deployed
to
rti-build
GitHub Actions
Inactive
Yamini-Microsoft
temporarily deployed
to
rti-validate
GitHub Actions
Inactive
Yamini-Microsoft
temporarily deployed
to
rti-build
GitHub Actions
Inactive
Yamini-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Yamini-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Yamini-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Yamini-Microsoft
temporarily deployed
to
rti-dev
GitHub Actions
Inactive
Avijit-Microsoft
approved these changes
Apr 20, 2026
|
🎉 This PR is included in version 1.3.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request focuses on improving the reliability and maintainability of the Azure Event Hub integration, particularly for Fabric SAS connections, and includes several code cleanups and minor dependency adjustments. The most significant change is the normalization of Event Hub endpoints to ensure compatibility and prevent connection issues. Additionally, the pull request introduces targeted tag overrides for Event Hub resources and removes unused imports for cleaner scripts.
Event Hub Integration Improvements
_normalize_eventhub_endpointstatic method infabric_api.pyto standardize Event Hub endpoints, ensuring that both bare namespaces and full endpoints are converted to the expected host format. This normalization is now used in both connection creation and update flows. [1] [2] [3] [4]singleSignOnTypeto"None"in the Event Hub connection payloads to explicitly disable SSO, aligning with the required authentication method for SAS connections. [1] [2]Infrastructure Tagging
eventHubTagsinmain.bicepto override security policy controls by setting theSecurityControltag to'Ignore'for Event Hub resources, and applied these tags to the Event Hub namespace module. [1] [2]Dependency and Import Cleanups
argparse,sys,ClientRequestProperties, and certain typing annotations) from various Python scripts to improve code clarity and reduce linting noise. [1] [2] [3] [4] [5] [6] [7] [8] [9]Tooling Version Control
azdrequired version constraint inazure.yamlto explicitly exclude version1.23.9due to compatibility or known issues.Does this introduce a breaking change?
How to Test
What to Check
Verify that the following are valid
Other Information