Merged
Conversation
chore: Update post-release process steps and fix deployment issues
…esh authentication token
…eck from deployment workflow
…ID for Service Principal
…onment if not provided
…ross documentation
fix: add bicep version requirement (>= 0.33.0) to azure.yaml
ci: Enhance Azure Dev workflow with submodule support and service principal configuration
fix: Set functional default VM admin password and credential params
feat: Add quota check scripts for Azure OpenAI models and Fabric capacity
Saswato-Microsoft
requested review from
Avijit-Microsoft,
Prajwal-Microsoft,
Roopan-Microsoft,
Vinay-Microsoft,
aniaroramsft and
dgp10801
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR improves deployment reliability and documentation by adding pre-deployment quota checking scripts, tightening CI workflow triggers, and standardizing infrastructure parameters for principal handling and VM credentials.
Changes:
- Added Bash and PowerShell quota check scripts and expanded quota documentation (OpenAI + optional Fabric capacity checks).
- Updated GitHub Actions workflows to reduce unnecessary runs, checkout submodules recursively, and automate principal ID/resource group handling.
- Updated Bicep parameters and docs to standardize principal type and Jump VM credential configuration.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/quota_check.sh | Adds Bash quota checker for OpenAI (and optional Fabric) across regions. |
| scripts/quota_check.ps1 | Adds PowerShell quota checker equivalent to the Bash script. |
| infra/main.bicepparam | Adds env-driven principal type and VM username; changes VM password default. |
| docs/quota_check.md | Updates quota-check guidance and adds Bash/PowerShell usage examples + sample output. |
| docs/post_deployment_steps.md | Updates Bastion/Jump VM credential instructions and defaults. |
| docs/deploymentguide.md | Updates VM credential configuration guidance and examples. |
| docs/deploy_app_from_foundry.md | Clarifies where VM credentials come from. |
| docs/ACCESSING_PRIVATE_RESOURCES.md | Updates Jump VM credential retrieval/reset guidance. |
| azure.yaml | Adds required Bicep version constraint. |
| .github/workflows/azure-dev.yml | Adds submodule checkout + principal ID resolution + RG creation before provisioning. |
| .github/workflows/azd-template-validation.yml | Adds path filters, submodule checkout, and principal env vars for validation. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Closed
4 tasks
Rafi-Microsoft
added a commit
to Rafi-Microsoft/Deploy-Your-AI-Application-In-Production
that referenced
this pull request
Apr 20, 2026
Replace unsafe eval-based dynamic variable names with a declare -A associative array keyed by 'region:index'. This eliminates potential code-injection risks from eval and improves script maintainability. Addresses Copilot review comments on PR microsoft#131 (lines 191, 216, 226, 294 of scripts/quota_check.sh). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Roopan-Microsoft
approved these changes
Apr 20, 2026
|
🎉 This PR is included in version 1.3.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request introduces several improvements and clarifications to the deployment process, infrastructure configuration, and documentation for the accelerator. The main changes enhance automation for service principal handling, clarify and standardize VM credential management, update quota check instructions, and improve workflow triggers and environment variable handling for CI/CD. These updates aim to make deployments more reliable, transparent, and user-friendly.
Infrastructure and Workflow Automation:
AZURE_PRINCIPAL_IDdynamically if not provided, and useAZURE_PRINCIPAL_TYPEwith a default of'ServicePrincipal'. This ensures correct role assignments and RBAC configuration during deployment. (.github/workflows/azure-dev.yml,infra/main.bicepparam, [1] [2] [3].github/workflows/azd-template-validation.yml,.github/workflows/azure-dev.yml, [1] [2] [3]VM Credential Management and Documentation:
VM_ADMIN_USERNAME,VM_ADMIN_PASSWORD) are now the recommended method, with clear fallbacks and defaults (testvmuserfor username, a default password). Documentation is updated to reflect this across guides and troubleshooting sections. (infra/main.bicepparam,docs/ACCESSING_PRIVATE_RESOURCES.md,docs/deploymentguide.md,docs/post_deployment_steps.md, [1] [2] [3] [4] [5]Quota Check and Model/Capacity Documentation:
docs/quota_check.md, [1] [2]Other Notable Improvements:
azure.yamlto ensure compatibility. (azure.yaml, azure.yamlR5).github/workflows/azure-dev.yml, .github/workflows/azure-dev.ymlL27-R96)Let me know if you want to walk through any of these changes in detail or see how they impact your development workflow!
Does this introduce a breaking change?
Golden Path Validation
Deployment Validation
What to Check
Verify that the following are valid
Other Information