microsoft
diff --git a/‎.devcontainer/Dockerfile‎
Lines changed: 3 additions & 1 deletion b/‎.devcontainer/Dockerfile‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎.devcontainer/setupEnv.sh‎
Lines changed: 2 additions & 1 deletion b/‎.devcontainer/setupEnv.sh‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎.github/workflows/azd-template-validation.yml‎
Lines changed: 40 additions & 0 deletions b/‎.github/workflows/azd-template-validation.yml‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎.github/workflows/azure-dev.yaml‎
Lines changed: 46 additions & 27 deletions b/‎.github/workflows/azure-dev.yaml‎
Lines changed: 46 additions & 27 deletions
diff --git a/‎.github/workflows/build-docker-image.yml‎
Lines changed: 11 additions & 8 deletions b/‎.github/workflows/build-docker-image.yml‎
Lines changed: 11 additions & 8 deletions
diff --git a/‎.github/workflows/deploy-orchestrator.yml‎
Lines changed: 22 additions & 23 deletions b/‎.github/workflows/deploy-orchestrator.yml‎
Lines changed: 22 additions & 23 deletions
@@ -7,6 +7,8 @@ FROM ghcr.io/astral-sh/uv:$UV_VERSION AS uv
 # Use Debian-based VS Code Dev Container as base
 FROM mcr.microsoft.com/vscode/devcontainers/base:$DEBIAN_VERSION
 
+ENV COREPACK_ENABLE_DOWNLOAD_PROMPT=0
+
 # Install dependencies and Node.js 20+ from NodeSource
 RUN apt-get update \
     && apt-get install -y --no-install-recommends \
@@ -22,7 +24,7 @@ RUN apt-get update \
 COPY --from=uv --chown=vscode: /uv /uvx /bin/
 
 # Install global NPM packages
-RUN npm install -g tslint-to-eslint-config typescript yarn react-app-rewired
+RUN npm install -g tslint-to-eslint-config typescript react-app-rewired pnpm@10.28.2
 
 # Set default shell
 SHELL ["/bin/bash", "-c"]
@@ -18,7 +18,8 @@ cd ../../
 
 echo "Installing dependencies for ContentProcessorWeb..."
 cd ./src/ContentProcessorWeb
-yarn install
+export HOME="${HOME:-/home/vscode}"
+pnpm install --store-dir "$HOME/.local/share/pnpm/store"
 
 cd ../../
 
 
@@ -0,0 +1,40 @@
+name: AZD Template Validation
+on:
+  schedule:
+    - cron: '30 1 * * 4' # Every Thursday at 7:00 AM IST (1:30 AM UTC)
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+  pull-requests: write
+
+jobs:
+  template_validation:
+    runs-on: ubuntu-latest
+    name: azd template validation
+    environment: production
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set timestamp
+        run: echo "HHMM=$(date -u +'%H%M')" >> $GITHUB_ENV
+
+      - uses: microsoft/template-validation-action@v0.4.3
+        with:
+          validateAzd: ${{ vars.TEMPLATE_VALIDATE_AZD }}
+          validateTests: ${{ vars.TEMPLATE_VALIDATE_TESTS }}
+          useDevContainer: ${{ vars.TEMPLATE_USE_DEV_CONTAINER }}
+        id: validation
+        env:
+          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          AZURE_ENV_NAME: azd-${{ vars.AZURE_ENV_NAME }}-${{ env.HHMM }}
+          AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+          AZURE_ENV_AI_SERVICE_LOCATION: ${{ vars.AZURE_LOCATION }}
+          AZURE_ENV_MODEL_CAPACITY: 1 # keep low to avoid potential quota issues
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: print result
+        run: cat ${{ steps.validation.outputs.resultFile }}
@@ -1,38 +1,57 @@
-name: Azure Template Validation
+name: Azure Dev Deploy
+
 on:
   workflow_dispatch:
 
 permissions:
   contents: read
   id-token: write
-  pull-requests: write
 
 jobs:
-  template_validation_job:
-    environment: production
+  deploy:
     runs-on: ubuntu-latest
-    name: Template validation
-
+    environment: production
+    env:
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+      AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+      AZURE_ENV_MODEL_CAPACITY: 1 # keep low to avoid potential quota issues
+      AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
     steps:
-      # Step 1: Checkout the code from your repository
-      - name: Checkout code
-        uses: actions/checkout@v5
-
-      # Step 2: Validate the Azure template using microsoft/template-validation-action
-      - name: Validate Azure Template
-        uses: microsoft/template-validation-action@v0.4.3
-        id: validation
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set timestamp and env name
+        run: |
+          HHMM=$(date -u +'%H%M')
+          echo "AZURE_ENV_NAME=azd-${{ vars.AZURE_ENV_NAME }}-${HHMM}" >> $GITHUB_ENV
+
+      - name: Install azd
+        uses: Azure/setup-azd@v2
+
+      - name: Login to Azure
+        uses: azure/login@v2
         with:
-          useDevContainer: false
-        env:
-          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
-          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
-          AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
-
-      # Step 3: Print the result of the validation
-      - name: Print result
-        run: cat ${{ steps.validation.outputs.resultFile }}
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Login to AZD
+        shell: bash
+        run: |
+          azd auth login \
+            --client-id "$AZURE_CLIENT_ID" \
+            --federated-credential-provider "github" \
+            --tenant-id "$AZURE_TENANT_ID"
+
+      - name: Provision and Deploy
+        shell: bash
+        run: |
+          if ! azd env select "$AZURE_ENV_NAME"; then
+            azd env new "$AZURE_ENV_NAME" --subscription "$AZURE_SUBSCRIPTION_ID" --location "$AZURE_LOCATION" --no-prompt
+          fi
+          azd config set defaults.subscription "$AZURE_SUBSCRIPTION_ID"
+          azd env set AZURE_ENV_AI_SERVICE_LOCATION="$AZURE_LOCATION"
+          azd up --no-prompt
@@ -48,14 +48,14 @@ on:
 permissions:
   contents: read
   actions: read
+  id-token: write
 
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
+    environment: production
     env:
       ACR_LOGIN_SERVER: ${{ secrets.ACR_LOGIN_SERVER }}
-      ACR_USERNAME: ${{ secrets.ACR_USERNAME }}
-      ACR_PASSWORD: ${{ secrets.ACR_PASSWORD }}
 
     steps:
       - name: Checkout repository
@@ -68,13 +68,17 @@ jobs:
         id: date
         run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
 
-      - name: Log in to Azure Container Registry
+      - name: Login to Azure
         if: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' || github.ref_name == 'dependabotchanges' }}
-        uses: azure/docker-login@v2
+        uses: azure/login@v2
         with:
-          login-server: ${{ env.ACR_LOGIN_SERVER }}
-          username: ${{ env.ACR_USERNAME }}
-          password: ${{ env.ACR_PASSWORD }}
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Log in to Azure Container Registry
+        if: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' || github.ref_name == 'dependabotchanges' }}
+        run: az acr login --name ${{ env.ACR_LOGIN_SERVER }}
 
       - name: Get registry
         id: registry
@@ -97,7 +101,6 @@ jobs:
             BASE_TAG="hotfix"
           elif [[ "$BRANCH" == "dependabotchanges" ]]; then
             BASE_TAG="dependabotchanges"
-            
           else
             BASE_TAG="pullrequest-ignore"
           fi
 
@@ -42,8 +42,8 @@ on:
         required: false
         default: 'GoldenPath-Testing'
         type: string
-      AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
-        description: 'Log Analytics Workspace ID (Optional)'
+      AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID:
+        description: 'Log Analytics Workspace Resource ID (Optional)'
         required: false
         default: ''
         type: string
@@ -64,9 +64,7 @@ on:
 
 env:
   AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
-permissions:
-  contents: read
-  actions: read
+
 jobs:
   docker-build:
     uses: ./.github/workflows/job-docker-build.yml
@@ -88,7 +86,7 @@ jobs:
       EXP: ${{ inputs.EXP }}
       build_docker_image: ${{ inputs.build_docker_image }}
       existing_webapp_url: ${{ inputs.existing_webapp_url }}
-      AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
+      AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID: ${{ inputs.AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID }}
       AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}
       docker_image_tag: ${{ needs.docker-build.outputs.IMAGE_TAG }}
       run_e2e_tests: ${{ inputs.run_e2e_tests }}
@@ -104,9 +102,25 @@ jobs:
       TEST_SUITE: ${{ inputs.trigger_type == 'workflow_dispatch' && inputs.run_e2e_tests || 'GoldenPath-Testing' }}
     secrets: inherit
 
+  cleanup-deployment:
+    if: "!cancelled() && needs.deploy.result == 'success' && needs.deploy.outputs.RESOURCE_GROUP_NAME != '' && inputs.existing_webapp_url == '' && (inputs.trigger_type != 'workflow_dispatch' || inputs.cleanup_resources)"    
+    needs: [docker-build, deploy, e2e-test]
+    uses: ./.github/workflows/job-cleanup-deployment.yml
+    with:
+      runner_os: ${{ inputs.runner_os }}
+      trigger_type: ${{ inputs.trigger_type }}
+      cleanup_resources: ${{ inputs.cleanup_resources }}
+      existing_webapp_url: ${{ inputs.existing_webapp_url }}
+      RESOURCE_GROUP_NAME: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
+      AZURE_LOCATION: ${{ needs.deploy.outputs.AZURE_LOCATION }}
+      AZURE_ENV_OPENAI_LOCATION: ${{ needs.deploy.outputs.AZURE_ENV_OPENAI_LOCATION }}
+      ENV_NAME: ${{ needs.deploy.outputs.ENV_NAME }}
+      IMAGE_TAG: ${{ needs.deploy.outputs.IMAGE_TAG }}
+    secrets: inherit
+
   send-notification:
     if: "!cancelled()"
-    needs: [docker-build, deploy, e2e-test]
+    needs: [docker-build, deploy, e2e-test, cleanup-deployment]
     uses: ./.github/workflows/job-send-notification.yml
     with:
       trigger_type: ${{ inputs.trigger_type }}
@@ -116,25 +130,10 @@ jobs:
       existing_webapp_url: ${{ inputs.existing_webapp_url }}
       deploy_result: ${{ needs.deploy.result }}
       e2e_test_result: ${{ needs.e2e-test.result }}
+      cleanup_result: ${{ needs.cleanup-deployment.result }}
       CONTAINER_WEB_APPURL: ${{ needs.deploy.outputs.CONTAINER_WEB_APPURL }}
       RESOURCE_GROUP_NAME: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
       QUOTA_FAILED: ${{ needs.deploy.outputs.QUOTA_FAILED }}
       TEST_SUCCESS: ${{ needs.e2e-test.outputs.TEST_SUCCESS }}
       TEST_REPORT_URL: ${{ needs.e2e-test.outputs.TEST_REPORT_URL }}
     secrets: inherit
-
-  cleanup-deployment:
-    if: "!cancelled() && needs.deploy.result == 'success' && needs.deploy.outputs.RESOURCE_GROUP_NAME != '' && inputs.existing_webapp_url == '' && (inputs.trigger_type != 'workflow_dispatch' || inputs.cleanup_resources)"    
-    needs: [docker-build, deploy, e2e-test]
-    uses: ./.github/workflows/job-cleanup-deployment.yml
-    with:
-      runner_os: ${{ inputs.runner_os }}
-      trigger_type: ${{ inputs.trigger_type }}
-      cleanup_resources: ${{ inputs.cleanup_resources }}
-      existing_webapp_url: ${{ inputs.existing_webapp_url }}
-      RESOURCE_GROUP_NAME: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
-      AZURE_LOCATION: ${{ needs.deploy.outputs.AZURE_LOCATION }}
-      AZURE_ENV_OPENAI_LOCATION: ${{ needs.deploy.outputs.AZURE_ENV_OPENAI_LOCATION }}
-      ENV_NAME: ${{ needs.deploy.outputs.ENV_NAME }}
-      IMAGE_TAG: ${{ needs.deploy.outputs.IMAGE_TAG }}
-    secrets: inherit