Merge branch 'feature/avm' into feature-avm-bk

Author: brittneek

.devcontainer/devcontainer.json

@@ -41,7 +41,8 @@
                 "tamasfe.even-better-toml",
                 "yzhang.markdown-all-in-one",
                 "ms-azuretools.azure-dev",
-                "ms-vscode.azurecli"
+                "ms-vscode.azurecli",
+                "ms-azuretools.vscode-bicep"
             ]
         }
     },

azure.yaml

@@ -8,32 +8,21 @@ metadata:
   name: content-processinge@1.0
 
 hooks:
-  # preup:
-  #   windows:
-  #     shell: pwsh
-  #     run: ./scripts/set_conns_env_vars.ps1
-  #     interactive: true
-  #     continueOnError: false
-  #   posix:
-  #     shell: sh
-  #     run: sudo chmod u+r+x ./scripts/set_conns_env_vars.sh; ./scripts/set_conns_env_vars.sh
-  #     interactive: true
-  #     continueOnError: false
   preprovision:
     posix:
       shell: sh
-      run: sudo chmod u+r+x ./infra/scripts/validate_model_deployment_quotas.sh; sudo chmod u+r+x .infra/scripts/validate_model_quota.sh; .infra/scripts/validate_model_deployment_quotas.sh --subscription $AZURE_SUBSCRIPTION_ID --location $AZURE_LOCATION --models-parameter "aiModelDeployments; timestamp=$(date +"%Y%m%d-%H%M%S"); logFile="azd_preprovision_$timestamp.log"; sed -i 's/\r$//' ./infra/scripts/docker-build.sh; ./infra/scripts/docker-build.sh "$AZURE_SUBSCRIPTION_ID" "$AZURE_ENV_NAME" "$AZURE_LOCATION" "$AZURE_RESOURCE_GROUP" "$USE_LOCAL_BUILD" 2>&1 | tee "$logFile"
+      run: sudo chmod u+r+x ./infra/scripts/validate_model_deployment_quotas.sh; sudo chmod u+r+x ./infra/scripts/validate_model_quota.sh; .infra/scripts/validate_model_deployment_quotas.sh --subscription $AZURE_SUBSCRIPTION_ID --location $AZURE_LOCATION --models-parameter "aiModelDeployments; timestamp=$(date +"%Y%m%d-%H%M%S"); logFile="azd_preprovision_$timestamp.log"; sed -i 's/\r$//' ./infra/scripts/docker-build.sh; ./infra/scripts/docker-build.sh "$AZURE_SUBSCRIPTION_ID" "$AZURE_ENV_NAME" "$AZURE_LOCATION" "$AZURE_RESOURCE_GROUP" "$USE_LOCAL_BUILD" 2>&1 | tee "$logFile"
     windows:
       shell: pwsh
-      run: ./infra/scripts/validate_model_deployment_quotas.ps1 -Subscription $env:AZURE_SUBSCRIPTION_ID -Location $env:AZURE_LOCATION -ModelsParameter "aiModelDeployments" ;$timestamp = Get-Date -Format "yyyyMMdd-HHmmss"; $logFile = "azd_preprovision_$timestamp.log"; ./infra/scripts/docker-build.ps1 $env:AZURE_SUBSCRIPTION_ID $env:AZURE_ENV_NAME $env:AZURE_LOCATION $env:AZURE_RESOURCE_GROUP $env:USE_LOCAL_BUILD *>&1 | Tee-Object -FilePath $logFile
+      run: ./infra/scripts/validate_model_deployment_quotas.ps1 -Subscription $env:AZURE_SUBSCRIPTION_ID -Location $env:AZURE_LOCATION -ModelsParameter "aiModelDeployments" ;$timestamp = Get-Date -Format "yyyyMMdd-HHmmss"; $logFile = "azd_preprovision_$timestamp.log"; Tee-Object -FilePath $logFile
       interactive: true
       continueOnError: false
   postprovision:
     posix:
       shell: sh
-      run: sudo chmod u+r+x ./infra/scripts/validate_model_deployment_quotas.sh; sudo chmod u+r+x ./infra/scripts/validate_model_quota.sh; ./infra/scripts/validate_model_deployment_quotas.sh --subscription $AZURE_SUBSCRIPTION_ID --location $AZURE_LOCATION --models-parameter "aiModelDeployments"; sed -i 's/\r$//' ./infra/scripts/post_deployment.sh; ./infra/scripts/post_deployment.sh
+      run: sed -i 's/\r$//' ./infra/scripts/post_deployment.sh; ./infra/scripts/post_deployment.sh
       interactive: true
     windows:
       shell: pwsh
-      run: ./infra/scripts/post_deployment.ps1;./scripts/validate_model_deployment_quotas.ps1 -Subscription $env:AZURE_SUBSCRIPTION_ID -Location $env:AZURE_LOCATION -ModelsParameter "aiModelDeployments"
+      run: ./infra/scripts/post_deployment.ps1
       interactive: true

infra/ai-resources.json

@@ -0,0 +1,15 @@
+{
+    "aiModelDeployments": [
+        {
+            "name": "GPT-4o",
+            "model": {
+                "name": "gpt-4o",
+                "format": "openai"
+            },
+            "sku": {
+                "name": "GlobalStandard",
+                "capacity": 100
+            }
+        }
+    ]
+}

infra/main.bicep

@@ -106,17 +106,27 @@ module avmManagedIdentity './modules/managed-identity.bicep' = {
 }
 
 // Assign Owner role to the managed identity in the resource group
-module bicepOwnerRoleAssignment 'modules/role_assignment.bicep' = {
-  name: format(deployment_param.resource_name_format_string, 'rbac-owner')
+module avmRoleAssignment 'br/public:avm/ptn/authorization/resource-role-assignment:0.1.2' = {
+  name: format(deployment_param.resource_name_format_string, 'role-assignment-owner')
   params: {
-    managedIdentityResourceId: avmManagedIdentity.outputs.resourceId
-    managedIdentityPrincipalId: avmManagedIdentity.outputs.principalId
-    roleDefinitionId: subscriptionResourceId(
-      'Microsoft.Authorization/roleDefinitions',
-      '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
-    ) // Built-in role 'Owner'
+    resourceId: avmManagedIdentity.outputs.resourceId
+    principalId: avmManagedIdentity.outputs.principalId
+    roleDefinitionId: '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
   }
 }
+
+// Assign Owner role to the managed identity in the resource group
+// module bicepOwnerRoleAssignment 'modules/role_assignment.bicep' = {
+//   name: format(deployment_param.resource_name_format_string, 'rbac-owner')
+//   params: {
+//     managedIdentityResourceId: avmManagedIdentity.outputs.resourceId
+//     managedIdentityPrincipalId: avmManagedIdentity.outputs.principalId
+//     roleDefinitionId: subscriptionResourceId(
+//       'Microsoft.Authorization/roleDefinitions',
+//       '8e3af657-a8ff-443c-a75c-2fe8c4bcb635'
+//     ) // Built-in role 'Owner'
+//   }
+// }
 // module managedIdentityModule 'deploy_managed_identity.bicep' = {
 //   name: 'deploy_managed_identity'
 //   params: {