Bangarraju-Microsoft
diff --git a/‎.flake8‎
Lines changed: 1 addition & 1 deletion b/‎.flake8‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/azure-dev.yml‎
Lines changed: 9 additions & 59 deletions b/‎.github/workflows/azure-dev.yml‎
Lines changed: 9 additions & 59 deletions
diff --git a/‎.github/workflows/deploy.yml‎
Lines changed: 0 additions & 28 deletions b/‎.github/workflows/deploy.yml‎
Lines changed: 0 additions & 28 deletions
diff --git a/‎.github/workflows/docker-build-and-push.yml‎
Lines changed: 33 additions & 22 deletions b/‎.github/workflows/docker-build-and-push.yml‎
Lines changed: 33 additions & 22 deletions
diff --git a/‎infra/deploy_ai_foundry.bicep‎
Lines changed: 14 additions & 4 deletions b/‎infra/deploy_ai_foundry.bicep‎
Lines changed: 14 additions & 4 deletions
diff --git a/‎infra/main.bicep‎
Lines changed: 2 additions & 2 deletions b/‎infra/main.bicep‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎infra/main.json‎
Lines changed: 27 additions & 17 deletions b/‎infra/main.json‎
Lines changed: 27 additions & 17 deletions
@@ -1,5 +1,5 @@
 [flake8]
 max-line-length = 88
 extend-ignore = E501
-exclude = .venv, frontend
+exclude = .venv, frontend, src/backend/tests
 ignore = E203, W503, G004, G200, E402
@@ -15,69 +15,19 @@ permissions:
 jobs:
   template_validation_job:
     runs-on: ubuntu-latest
-    name: Template validation
+    name: template validation
     steps:
-      # Step 1: Checkout the code from your repository
-      - name: Checkout code
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-      # Step 2: Set up Python
-      - name: Set up Python
-        uses: actions/setup-python@v4
-        with:
-          python-version: "3.9"
-
-      # Step 3: Create and populate the virtual environment
-      - name: Create virtual environment and install dependencies
-        run: |
-          python -m venv .venv
-          source .venv/bin/activate
-          python -m pip install --upgrade pip
-          pip install azure-mgmt-resource azure-identity azure-core azure-mgmt-subscription azure-cli-core
-          # Install any other dependencies that might be needed
-          pip freeze > requirements-installed.txt
-          echo "Virtual environment created with these packages:"
-          cat requirements-installed.txt
-
-      # Step 4: Create azd directory if it doesn't exist
-      - name: Create azd directory
-        run: |
-          mkdir -p ./.azd || true
-          touch ./.azd/.env || true
-
-      # Step 5: Validate the Azure template
-      - name: Validate Azure Template
-        uses: microsoft/template-validation-action@v0.3.5
+      - uses: microsoft/template-validation-action@Latest
         id: validation
         env:
-          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
-          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
-          AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
+          AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
+          AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
+          AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+          AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+          AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      # Step 6: Debug output in case of failure
-      - name: Debug on failure
-        if: failure()
-        run: |
-          echo "Validation failed. Checking environment:"
-          ls -la
-          if [ -d ".venv" ]; then
-            echo ".venv directory exists"
-            ls -la .venv/bin/
-          else
-            echo ".venv directory does not exist"
-          fi
-          if [ -d "tva_*" ]; then
-            echo "TVA directory exists:"
-            find . -name "tva_*" -type d
-            ls -la $(find . -name "tva_*" -type d)
-          else
-            echo "No TVA directory found"
-          fi
-
-      # Step 7: Print the result of the validation
-      - name: Print result
-        if: success()
+      - name: print result
         run: cat ${{ steps.validation.outputs.resultFile }}
@@ -168,34 +168,6 @@ jobs:
             echo "Azure Container Registry name: ${acr_name}"
           fi
 
-      
-      - name: Build the image and update the container app
-        id: build-and-update
-        run: |
-
-          set -e
-          # Define variables for acr and container app names
-          acr_name="${{ env.ACR_NAME }}"
-          echo "ACR name: {$acr_name}"
-          backend_container_app_name="macae-backend"
-          backend_build_image_tag="backend:latest"
-
-          echo "Building the container image..."
-          # Build the image
-          az acr build -r ${acr_name} -t ${backend_build_image_tag} ./src/backend
-          echo "Backend image build completed successfully."
-
-          frontend_container_app_name="${{ env.APP_SERVICE_NAME }}"
-          frontend_build_image_tag="frontend:latest"
-
-          echo "Building the container image..."
-          # Build the image
-          az acr build -r ${acr_name} -t ${frontend_build_image_tag} ./src/frontend
-          echo "Frontend image build completed successfully."
-
-          # Add the new container to the website
-          az webapp config container set --resource-group ${{ env.RESOURCE_GROUP_NAME }} --name ${frontend_container_app_name} --container-image-name ${acr_name}.azurecr.io/frontend:latest --container-registry-url https://${acr_name}.azurecr.io
-                  
           
       - name: Delete Bicep Deployment
         if: success()
 
@@ -18,7 +18,7 @@ on:
       - dev
       - demo
       - hotfix
-  workflow_dispatch: 
+  workflow_dispatch:
 
 jobs:
   build-and-push:
@@ -32,14 +32,19 @@ jobs:
         uses: docker/setup-buildx-action@v1
 
       - name: Log in to Azure Container Registry
-        if: ${{ (github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix') }}
+        if: ${{ github.ref_name == 'main' || github.ref_name == 'dev' || github.ref_name == 'demo' || github.ref_name == 'hotfix' }}
         uses: azure/docker-login@v2
         with:
           login-server: ${{ secrets.ACR_LOGIN_SERVER }}
           username: ${{ secrets.ACR_USERNAME }}
           password: ${{ secrets.ACR_PASSWORD }}
 
-      - name: Set Docker image tag
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
+
+      - name: Determine Tag Name Based on Branch
+        id: determine_tag
         run: |
           if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
             echo "TAG=latest" >> $GITHUB_ENV
@@ -52,24 +57,30 @@ jobs:
           else
             echo "TAG=pullrequest-ignore" >> $GITHUB_ENV
           fi
-          
-      - name: Build and push Docker images optionally
+
+      - name: Set Historical Tag
         run: |
-          cd src/backend
-          docker build -t ${{ secrets.ACR_LOGIN_SERVER }}/macaebackend:${{ env.TAG }} -f Dockerfile . && \
-          if [[ "${{ env.TAG }}" == "latest" || "${{ env.TAG }}" == "dev" || "${{ env.TAG }}" == "demo" || "${{ env.TAG }}" == "hotfix"  ]]; then
-            docker push ${{ secrets.ACR_LOGIN_SERVER }}/macaebackend:${{ env.TAG }} && \
-            echo "Backend image built and pushed successfully."
-          else
-            echo "Skipping Docker push for backend with tag: ${{ env.TAG }}"
-          fi
-          cd ../frontend
-          docker build -t ${{ secrets.ACR_LOGIN_SERVER }}/macaefrontend:${{ env.TAG }} -f Dockerfile . && \
-          if [[ "${{ env.TAG }}" == "latest" || "${{ env.TAG }}" == "dev" || "${{ env.TAG }}" == "demo" || "${{ env.TAG }}" == "hotfix"  ]]; then
-            docker push ${{ secrets.ACR_LOGIN_SERVER }}/macaefrontend:${{ env.TAG }} && \
-            echo "Frontend image built and pushed successfully."
-          else
-            echo "Skipping Docker push for frontend with tag: ${{ env.TAG }}"
-          fi
+          DATE_TAG=$(date +'%Y-%m-%d')
+          RUN_ID=${{ github.run_number }}
+          # Create historical tag using TAG, DATE_TAG, and RUN_ID
+          echo "HISTORICAL_TAG=${{ env.TAG }}_${DATE_TAG}_${RUN_ID}" >> $GITHUB_ENV
 
-          
+      - name: Build and optionally push Backend Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: ./src/backend
+          file: ./src/backend/Dockerfile
+          push: ${{ env.TAG != 'pullrequest-ignore' }}
+          tags: |
+            ${{ secrets.ACR_LOGIN_SERVER }}/macaebackend:${{ env.TAG }}
+            ${{ secrets.ACR_LOGIN_SERVER }}/macaebackend:${{ env.HISTORICAL_TAG }}
+  
+      - name: Build and optionally push Frontend Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: ./src/frontend
+          file: ./src/frontend/Dockerfile
+          push: ${{ env.TAG != 'pullrequest-ignore' }}
+          tags: |
+            ${{ secrets.ACR_LOGIN_SERVER }}/macaefrontend:${{ env.TAG }}
+            ${{ secrets.ACR_LOGIN_SERVER }}/macaefrontend:${{ env.HISTORICAL_TAG }}
@@ -136,11 +136,8 @@ resource aiHub 'Microsoft.MachineLearningServices/workspaces@2023-08-01-preview'
     properties: {
       category: 'AIServices'
       target: aiServicesEndpoint
-      authType: 'ApiKey'
+      authType: 'AAD'
       isSharedToAll: true
-      credentials: {
-        key: aiServicesKey
-      }
       metadata: {
         ApiType: 'Azure'
         ResourceId: aiServicesId
@@ -162,6 +159,19 @@ resource aiHubProject 'Microsoft.MachineLearningServices/workspaces@2024-01-01-p
   }
 }
 
+resource aiDeveloper 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
+  name: '64702f94-c441-49e6-a78b-ef80e0188fee'
+}
+
+resource aiDevelopertoAIProject 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(aiHubProject.id, aiDeveloper.id)
+  scope: resourceGroup()
+  properties: {
+    roleDefinitionId: aiDeveloper.id
+    principalId: aiHubProject.identity.principalId
+  }
+}
+
 resource tenantIdEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
   name: 'TENANT-ID'
 
@@ -128,7 +128,7 @@ resource aiServices 'Microsoft.CognitiveServices/accounts@2024-04-01-preview' =
     apiProperties: {
       //statisticsEnabled: false
     }
-    //disableLocalAuth: true
+    disableLocalAuth: true
   }
 }
 
@@ -210,7 +210,7 @@ resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2024-05-15' = {
       }
     ]
     capabilities: [{ name: 'EnableServerless' }]
-    //disableLocalAuth: true
+    disableLocalAuth: true
   }
 
   resource contributorRoleDefinition 'sqlRoleDefinitions' existing = {
 
@@ -5,14 +5,13 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.34.44.8038",
-      "templateHash": "17550717161725705246"
+      "version": "0.35.1.17967",
+      "templateHash": "4208201882676728802"
     }
   },
   "parameters": {
     "azureOpenAILocation": {
       "type": "string",
-      "defaultValue": "eastus2",
       "allowedValues": [
         "australiaeast",
         "brazilsouth",
@@ -454,7 +453,8 @@
       "kind": "AIServices",
       "properties": {
         "customSubDomainName": "[variables('aiServicesName')]",
-        "apiProperties": {}
+        "apiProperties": {},
+        "disableLocalAuth": true
       }
     },
     "aiServicesDeployments": {
@@ -522,7 +522,8 @@
           {
             "name": "EnableServerless"
           }
-        ]
+        ],
+        "disableLocalAuth": true
       }
     },
     "pullIdentity": {
@@ -543,7 +544,7 @@
           "destination": "log-analytics",
           "logAnalyticsConfiguration": {
             "customerId": "[reference('logAnalytics').customerId]",
-            "sharedKey": "[listKeys(resourceId('Microsoft.OperationalInsights/workspaces', format('{0}{1}', variables('abbrs').managementGovernance.logAnalyticsWorkspace, variables('solutionPrefix'))), '2023-09-01').primarySharedKey]"
+            "sharedKey": "[listKeys('logAnalytics', '2023-09-01').primarySharedKey]"
           }
         }
       },
@@ -808,8 +809,8 @@
           "metadata": {
             "_generator": {
               "name": "bicep",
-              "version": "0.34.44.8038",
-              "templateHash": "6018596764344872545"
+              "version": "0.35.1.17967",
+              "templateHash": "4587248441449388111"
             }
           },
           "parameters": {
@@ -928,7 +929,7 @@
             "value": "[reference('aiServices').endpoint]"
           },
           "aiServicesKey": {
-            "value": "[listKeys(resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName')), '2024-04-01-preview').key1]"
+            "value": "[listKeys('aiServices', '2024-04-01-preview').key1]"
           },
           "aiServicesId": {
             "value": "[resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName'))]"
@@ -940,8 +941,8 @@
           "metadata": {
             "_generator": {
               "name": "bicep",
-              "version": "0.34.44.8038",
-              "templateHash": "4169059378107378993"
+              "version": "0.35.1.17967",
+              "templateHash": "13047093698365252995"
             }
           },
           "parameters": {
@@ -1223,11 +1224,8 @@
               "properties": {
                 "category": "AIServices",
                 "target": "[parameters('aiServicesEndpoint')]",
-                "authType": "ApiKey",
+                "authType": "AAD",
                 "isSharedToAll": true,
-                "credentials": {
-                  "key": "[parameters('aiServicesKey')]"
-                },
                 "metadata": {
                   "ApiType": "Azure",
                   "ResourceId": "[parameters('aiServicesId')]"
@@ -1353,6 +1351,18 @@
                 "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiHubName'))]"
               ]
             },
+            {
+              "type": "Microsoft.Authorization/roleAssignments",
+              "apiVersion": "2022-04-01",
+              "name": "[guid(resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiProjectName')), resourceId('Microsoft.Authorization/roleDefinitions', '64702f94-c441-49e6-a78b-ef80e0188fee'))]",
+              "properties": {
+                "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', '64702f94-c441-49e6-a78b-ef80e0188fee')]",
+                "principalId": "[reference(resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiProjectName')), '2024-01-01-preview', 'full').identity.principalId]"
+              },
+              "dependsOn": [
+                "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiProjectName'))]"
+              ]
+            },
             {
               "type": "Microsoft.KeyVault/vaults/secrets",
               "apiVersion": "2021-11-01-preview",
@@ -1561,8 +1571,8 @@
           "metadata": {
             "_generator": {
               "name": "bicep",
-              "version": "0.34.44.8038",
-              "templateHash": "225360114294826340"
+              "version": "0.35.1.17967",
+              "templateHash": "14769217536017297821"
             }
           },
           "parameters": {
Original file line number	Diff line number	Diff line change
`@@ -128,7 +128,7 @@ resource aiServices 'Microsoft.CognitiveServices/accounts@2024-04-01-preview' =`
`128`	`128`	`apiProperties: {`
`129`	`129`	`//statisticsEnabled: false`
`130`	`130`	`}`
`131`		`- //disableLocalAuth: true`
	`131`	`+ disableLocalAuth: true`
`132`	`132`	`}`
`133`	`133`	`}`
`134`	`134`
`@@ -210,7 +210,7 @@ resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2024-05-15' = {`
`210`	`210`	`}`
`211`	`211`	`]`
`212`	`212`	`capabilities: [{ name: 'EnableServerless' }]`
`213`		`- //disableLocalAuth: true`
	`213`	`+ disableLocalAuth: true`
`214`	`214`	`}`
`215`	`215`
`216`	`216`	`resource contributorRoleDefinition 'sqlRoleDefinitions' existing = {`