Merge remote-tracking branch 'origin/main' into demo

Author: Prajwal-Microsoft

.devcontainer/setupEnv.sh

@@ -23,10 +23,10 @@ yarn install
 cd ../../
 
 echo "Setting up executable permission for shell scripts"
-sed -i 's/\r$//' ./infra/scripts/post_deployment.sh
-sudo chmod +x ./infra/scripts/docker-build.sh
-sudo chmod +x ./infra/scripts/post_deployment.sh
-sudo chmod +x ./src/ContentProcessorAPI/samples/upload_files.sh
-sudo chmod +x ./src/ContentProcessorAPI/samples/schemas/register_schema.sh
+sed -i 's/\r$//' infra/scripts/post_deployment.sh
+sudo chmod +x infra/scripts/docker-build.sh
+sudo chmod +x infra/scripts/post_deployment.sh
+sudo chmod +x src/ContentProcessorAPI/samples/upload_files.sh
+sudo chmod +x src/ContentProcessorAPI/samples/schemas/register_schema.sh
 
 echo "Setup complete! 🎉"

.github/CODEOWNERS

@@ -2,4 +2,4 @@
 # Each line is a file pattern followed by one or more owners.
 
 # These owners will be the default owners for everything in the repo.
-* @Avijit-Microsoft @Roopan-Microsoft @Prajwal-Microsoft @Vinay-Microsoft @aniaroramsft
+* @Avijit-Microsoft @Roopan-Microsoft @Prajwal-Microsoft @Vinay-Microsoft @aniaroramsft @toherman-msft @nchandhi @dgp10801

.github/dependabot.yml

@@ -1,33 +1,56 @@
 version: 2
 updates:
- # GitHub Actions dependencies
- - package-ecosystem: "github-actions"
-   directory: "/"
-   schedule:
-     interval: "monthly"
-   commit-message:
-     prefix: "build"
-   target-branch: "dependabotchanges"
-   open-pull-requests-limit: 100
+  # GitHub Actions dependencies (grouped)
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    commit-message:
+      prefix: "build"
+    target-branch: "dependabotchanges"
+    open-pull-requests-limit: 10
+    groups:
+      all-actions:
+        patterns:
+          - "*"
+  # uv dependencies (grouped)
+  - package-ecosystem: "uv"
+    directory: "/src/ContentProcessor"
+    schedule:
+      interval: "monthly"
+    commit-message:
+      prefix: "build"
+    target-branch: "dependabotchanges"
+    open-pull-requests-limit: 10
+    groups:
+      all-uv-deps:
+        patterns:
+          - "*"
 
+  # uv dependencies (grouped)
+  - package-ecosystem: "uv"
+    directory: "/src/ContentProcessorAPI"
+    schedule:
+      interval: "monthly"
+    commit-message:
+      prefix: "build"
+    target-branch: "dependabotchanges"
+    open-pull-requests-limit: 10
+    groups:
+      all-uv-deps:
+        patterns:
+          - "*"
 
- - package-ecosystem: "pip"
-   directory: "/src/ContentProcessorAPI"
-   schedule:
-     interval: "monthly"
-   commit-message:
-     prefix: "build"
-   target-branch: "dependabotchanges"
-   open-pull-requests-limit: 100
-
-
-
- 
- - package-ecosystem: "npm"
-   directory: "/src/ContentProcessorWeb"
-   schedule:
-     interval: "monthly"
-   commit-message:
-     prefix: "build"
-   target-branch: "dependabotchanges"
-   open-pull-requests-limit: 100
+  # npm dependencies (grouped)
+  - package-ecosystem: "npm"
+    directory: "/src/ContentProcessorWeb"
+    schedule:
+      interval: "monthly"
+    commit-message:
+      prefix: "build"
+    target-branch: "dependabotchanges"
+    open-pull-requests-limit: 10
+    groups:
+      all-npm-deps:
+        patterns:
+          - "*"

.github/workflows/azure-dev.yaml

@@ -16,19 +16,22 @@ jobs:
     steps:
       # Step 1: Checkout the code from your repository
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       # Step 2: Validate the Azure template using microsoft/template-validation-action
       - name: Validate Azure Template
-        uses: microsoft/template-validation-action@v0.3.5
+        uses: microsoft/template-validation-action@v0.4.3
         id: validation
+        with:
+          useDevContainer: false
         env:
           AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
           AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
           AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
           AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
           AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
 
       # Step 3: Print the result of the validation
       - name: Print result

.github/workflows/broken-links-checker.yml

@@ -0,0 +1,57 @@
+name: Broken Link Checker
+
+on:
+  pull_request:
+    paths:
+      - '**/*.md'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  markdown-link-check:
+    name: Check Markdown Broken Links
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+
+      # For PR : Get only changed markdown files
+      - name: Get changed markdown files (PR only)
+        id: changed-markdown-files
+        if: github.event_name == 'pull_request'
+        uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v46
+        with:
+          files: |
+            **/*.md
+
+
+      # For PR: Check broken links only in changed files
+      - name: Check Broken Links in Changed Markdown Files
+        id: lychee-check-pr
+        if: github.event_name == 'pull_request' && steps.changed-markdown-files.outputs.any_changed == 'true'
+        uses: lycheeverse/lychee-action@v2.6.1
+        with:
+          args: >
+            --verbose --no-progress --exclude ^https?://
+            ${{ steps.changed-markdown-files.outputs.all_changed_files }}
+          failIfEmpty: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      # For manual trigger: Check all markdown files in repo
+      - name: Check Broken Links in All Markdown Files in Entire Repo (Manual Trigger)
+        id: lychee-check-manual
+        if: github.event_name == 'workflow_dispatch'
+        uses: lycheeverse/lychee-action@v2.6.1
+        with:
+          args: >
+            --verbose --no-progress --exclude ^https?://
+            '**/*.md'
+          failIfEmpty: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/build-docker-image.yml

@@ -18,23 +18,28 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Get current date
         id: date
         run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
 
       - name: Log in to Azure Container Registry
-        if: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' }}
+        if: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' || github.ref_name == 'dependabotchanges' }}
         uses: azure/docker-login@v2
         with:
           login-server: ${{ env.ACR_LOGIN_SERVER }}
           username: ${{ env.ACR_USERNAME }}
           password: ${{ env.ACR_PASSWORD }}
-
+      
+      - name: Get registry
+        id: registry
+        run: |
+          echo "ext_registry=${{ env.ACR_LOGIN_SERVER || 'acrlogin.azurecr.io'}}" >> $GITHUB_OUTPUT
+        
       - name: Set Docker image tags
         id: tag
         run: |
@@ -49,6 +54,9 @@ jobs:
             BASE_TAG="demo"
           elif [[ "$BRANCH" == "hotfix" ]]; then
             BASE_TAG="hotfix"
+          elif [[ "$BRANCH" == "dependabotchanges" ]]; then
+            BASE_TAG="dependabotchanges"
+            
           else
             BASE_TAG="pullrequest-ignore"
           fi
@@ -62,27 +70,27 @@ jobs:
         with:
           context: ./src/ContentProcessor
           file: ./src/ContentProcessor/Dockerfile
-          push: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' }}
+          push: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' || github.ref_name == 'dependabotchanges' }}
           tags: |
-            ${{ env.ACR_LOGIN_SERVER }}/contentprocessor:${{ env.BASE_TAG }}
-            ${{ env.ACR_LOGIN_SERVER }}/contentprocessor:${{ env.DATE_TAG }}
+            ${{ steps.registry.outputs.ext_registry }}/contentprocessor:${{ env.BASE_TAG }}
+            ${{ steps.registry.outputs.ext_registry }}/contentprocessor:${{ env.DATE_TAG }}
 
       - name: Build and Push ContentProcessorAPI Docker image
         uses: docker/build-push-action@v6
         with:
           context: ./src/ContentProcessorAPI
           file: ./src/ContentProcessorAPI/Dockerfile
-          push: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' }}
+          push: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' || github.ref_name == 'dependabotchanges' }}
           tags: |
-            ${{ env.ACR_LOGIN_SERVER }}/contentprocessorapi:${{ env.BASE_TAG }}
-            ${{ env.ACR_LOGIN_SERVER }}/contentprocessorapi:${{ env.DATE_TAG }}
+            ${{ steps.registry.outputs.ext_registry }}/contentprocessorapi:${{ env.BASE_TAG }}
+            ${{ steps.registry.outputs.ext_registry }}/contentprocessorapi:${{ env.DATE_TAG }}
 
       - name: Build and Push ContentProcessorWeb Docker image
         uses: docker/build-push-action@v6
         with:
           context: ./src/ContentProcessorWeb
           file: ./src/ContentProcessorWeb/Dockerfile
-          push: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' }}
+          push: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' || github.ref_name == 'dependabotchanges' }}
           tags: |
-            ${{ env.ACR_LOGIN_SERVER }}/contentprocessorweb:${{ env.BASE_TAG }}
-            ${{ env.ACR_LOGIN_SERVER }}/contentprocessorweb:${{ env.DATE_TAG }}
+            ${{ steps.registry.outputs.ext_registry }}/contentprocessorweb:${{ env.BASE_TAG }}
+            ${{ steps.registry.outputs.ext_registry }}/contentprocessorweb:${{ env.DATE_TAG }}

.github/workflows/create-release.yml

@@ -14,11 +14,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ github.event.workflow_run.head_sha }}
 
-      - uses: codfish/semantic-release-action@v3
+      - uses: codfish/semantic-release-action@v4
         id: semantic
         with:
           tag-format: 'v${version}'

.github/workflows/deploy-linux.yml

@@ -0,0 +1,95 @@
+name: Deploy-Test-Cleanup (v2) Linux
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+    inputs:
+      azure_location:
+        description: 'Azure Location For Deployment'
+        required: false
+        default: 'australiaeast'
+        type: choice
+        options:
+          - 'australiaeast'
+          - 'centralus'
+          - 'eastasia'
+          - 'eastus2'
+          - 'japaneast'
+          - 'northeurope'
+          - 'southeastasia'
+          - 'uksouth'
+      resource_group_name:
+        description: 'Resource Group Name (Optional)'
+        required: false
+        default: ''
+        type: string
+
+      waf_enabled:
+        description: 'Enable WAF'
+        required: false
+        default: false
+        type: boolean
+      EXP:
+        description: 'Enable EXP'
+        required: false
+        default: false
+        type: boolean
+      build_docker_image:
+        description: 'Build And Push Docker Image (Optional)'
+        required: false
+        default: false
+        type: boolean
+      
+      cleanup_resources:
+        description: 'Cleanup Deployed Resources'
+        required: false
+        default: false
+        type: boolean
+
+      run_e2e_tests:
+        description: 'Run End-to-End Tests'
+        required: false
+        default: 'GoldenPath-Testing'
+        type: choice
+        options:
+          - 'GoldenPath-Testing'
+          - 'Smoke-Testing'
+          - 'None'
+      
+      AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
+        description: 'Log Analytics Workspace ID (Optional)'
+        required: false
+        default: ''
+        type: string
+      AZURE_EXISTING_AI_PROJECT_RESOURCE_ID:
+        description: 'AI Project Resource ID (Optional)'
+        required: false
+        default: ''
+        type: string
+      existing_webapp_url:
+        description: 'Existing Container WebApp URL (Skips Deployment)'
+        required: false
+        default: ''
+        type: string
+        
+  schedule:
+    - cron: '0 9,21 * * *'  # Runs at 9:00 AM and 9:00 PM GMT
+
+jobs:
+  Run:
+    uses: ./.github/workflows/deploy-orchestrator.yml
+    with:
+      runner_os: ubuntu-latest
+      azure_location: ${{ github.event.inputs.azure_location || 'australiaeast' }}
+      resource_group_name: ${{ github.event.inputs.resource_group_name || '' }}
+      waf_enabled: ${{ github.event.inputs.waf_enabled == 'true' }}
+      EXP: ${{ github.event.inputs.EXP == 'true' }}
+      build_docker_image: ${{ github.event.inputs.build_docker_image == 'true' }}
+      cleanup_resources: ${{ github.event.inputs.cleanup_resources == 'true' }}
+      run_e2e_tests: ${{ github.event.inputs.run_e2e_tests || 'GoldenPath-Testing' }}
+      AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ github.event.inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID || '' }}
+      AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ github.event.inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID || '' }}
+      existing_webapp_url: ${{ github.event.inputs.existing_webapp_url || '' }}
+      trigger_type: ${{ github.event_name }}
+    secrets: inherit