Merge pull request #587 from microsoft/dev

feat: using ai search tool for ChatWithCallTranscript Kernel function, use existing ai foundry project, integrating deployment and test automation pipeline

Author: Harsh-Microsoft

.github/workflows/CAdeploy.yml

@@ -11,9 +11,14 @@ on:
   schedule:
       - cron: '0 13 * * *'  # Runs at 1 PM UTC 
   workflow_dispatch:
+  workflow_call: 
+    inputs:
+      CA_WEB_URL:
+        required: true
+        type: string
 
 env:
-    url: ${{ vars.CLIENT_ADVISOR_URL }}
+    url: ${{ inputs.CA_WEB_URL }}
     accelerator_name: "Client Advisor"
 
 jobs:
@@ -36,6 +41,42 @@ jobs:
       - name: Ensure browsers are installed
         run: python -m playwright install --with-deps chromium
 
+
+      - name: Validate URL
+        run: |
+          if [ -z "${{ env.url }}" ]; then
+            echo "ERROR: No URL provided for testing"
+            exit 1
+  
+          fi
+
+          echo "Testing URL: ${{ env.url }}"
+
+
+      - name: Wait for Application to be Ready
+        run: |
+          echo "Waiting for application to be ready at ${{ env.url }} "
+          max_attempts=10
+          attempt=1
+          
+          while [ $attempt -le $max_attempts ]; do
+            echo "Attempt $attempt: Checking if application is ready..."
+            if curl -f -s "${{ env.url }}" > /dev/null; then
+              echo "Application is ready!"
+              break
+
+            fi
+            
+            if [ $attempt -eq $max_attempts ]; then
+              echo "Application is not ready after $max_attempts attempts"
+              exit 1
+            fi
+            
+            echo "Application not ready, waiting 30 seconds..."
+            sleep 30
+            attempt=$((attempt + 1))
+          done
+
       - name: Run tests(1)
         id: test1
         run: |
@@ -108,4 +149,4 @@ jobs:
           # Send the notification
           curl -X POST "${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA}}" \
             -H "Content-Type: application/json" \
-            -d "$EMAIL_BODY" || echo "Failed to send notification"
+            -d "$EMAIL_BODY" || echo "Failed to send notification"

.github/workflows/test_automation.yml

@@ -21,6 +21,7 @@ By default this template will use the environment name as the prefix to prevent
 | `AZURE_ENV_OPENAI_LOCATION`       | string  | `eastus2`    | Location of the Azure OpenAI resource. Choose from (allowed values: `swedencentral`, `australiaeast`).   |
 | `AZURE_LOCATION`            | string  | `japaneast`         | Sets the Azure region for resource deployment.  |
 | `AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID`            | string  | `<Existing Workspace Id>`         | Reuses an existing Log Analytics Workspace instead of provisioning a new one.   |
+| `RESOURCE_GROUP_NAME_FOUNDRY`            | string  | `<Existing AI Foundry Project>`         | Reuses an existing AI Foundry Project instead of provisioning a new one.   |
 
 ## How to Set a Parameter
 To customize any of the above values, run the following command **before** `azd up`:

docs/CustomizingAzdParameters.md

@@ -119,6 +119,7 @@ When you start the deployment, most parameters will have **default values**, but
 | **Azure OpenAI API Version**         | Set the API version for OpenAI model deployments.                                                  | `2025-04-01-preview`     |
 | **AZURE\_LOCATION**                  | Sets the Azure region for resource deployment. | `japaneast`              |
 | **Existing Log Analytics Workspace** | To reuse an existing Log Analytics Workspace ID instead of creating a new one.                     | *(empty)*                |
+| **Existing AI Foundry Project Resource ID** | To reuse an existing AI Foundry Project Resource ID instead of creating a new one.                     | *(empty)*                |
 
 
 

docs/DeploymentGuide.md

@@ -9,6 +9,7 @@ param gptDeploymentCapacity int
 param embeddingModel string
 param embeddingDeploymentCapacity int
 param existingLogAnalyticsWorkspaceId string = ''
+param azureExistingAIProjectResourceId string = ''
 
 // Load the abbrevations file required to name the azure resources.
 var abbrs = loadJsonContent('./abbreviations.json')
@@ -52,6 +53,31 @@ var existingLawSubscription = useExisting ? split(existingLogAnalyticsWorkspaceI
 var existingLawResourceGroup = useExisting ? split(existingLogAnalyticsWorkspaceId, '/')[4] : ''
 var existingLawName = useExisting ? split(existingLogAnalyticsWorkspaceId, '/')[8] : ''
 
+var existingOpenAIEndpoint = !empty(azureExistingAIProjectResourceId)
+  ? format('https://{0}.openai.azure.com/', split(azureExistingAIProjectResourceId, '/')[8])
+  : ''
+var existingProjEndpoint = !empty(azureExistingAIProjectResourceId)
+  ? format(
+      'https://{0}.services.ai.azure.com/api/projects/{1}',
+      split(azureExistingAIProjectResourceId, '/')[8],
+      split(azureExistingAIProjectResourceId, '/')[10]
+    )
+  : ''
+var existingAIFoundryName = !empty(azureExistingAIProjectResourceId)
+  ? split(azureExistingAIProjectResourceId, '/')[8]
+  : ''
+var existingAIProjectName = !empty(azureExistingAIProjectResourceId)
+  ? split(azureExistingAIProjectResourceId, '/')[10]
+  : ''
+var existingAIServiceSubscription = !empty(azureExistingAIProjectResourceId)
+  ? split(azureExistingAIProjectResourceId, '/')[2]
+  : ''
+var existingAIServiceResourceGroup = !empty(azureExistingAIProjectResourceId)
+  ? split(azureExistingAIProjectResourceId, '/')[4]
+  : ''
+var aiSearchConnectionName = 'foundry-search-connection-${solutionName}'
+var aiAppInsightConnectionName = 'foundry-app-insights-connection-${solutionName}'
+
 resource existingLogAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' existing = if (useExisting) {
   name: existingLawName
   scope: resourceGroup(existingLawSubscription, existingLawResourceGroup)
@@ -69,25 +95,6 @@ resource logAnalytics 'Microsoft.OperationalInsights/workspaces@2023-09-01' = if
   }
 }
 
-// resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
-//   name: applicationInsightsName
-//   location: location
-//   kind: 'web'
-//   properties: {
-//     Application_Type: 'web'
-//     DisableIpMasking: false
-//     DisableLocalAuth: false
-//     Flow_Type: 'Bluefield'
-//     ForceCustomerStorageForProfiler: false
-//     ImmediatePurgeDataOn30Days: true
-//     IngestionMode: 'ApplicationInsights'
-//     publicNetworkAccessForIngestion: 'Enabled'
-//     publicNetworkAccessForQuery: 'Disabled'
-//     Request_Source: 'rest'
-//     WorkspaceResourceId: logAnalytics.id
-//   }
-// }
-
 resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
   name: applicationInsightsName
   location: location
@@ -100,7 +107,7 @@ resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
   }
 }
 
-resource aiFoundry 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = {
+resource aiFoundry 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = if (empty(azureExistingAIProjectResourceId)) {
   name: aiFoundryName
   location: location
   sku: {
@@ -123,7 +130,7 @@ resource aiFoundry 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = {
   }
 }
 
-resource aiFoundryProject 'Microsoft.CognitiveServices/accounts/projects@2025-04-01-preview' = {
+resource aiFoundryProject 'Microsoft.CognitiveServices/accounts/projects@2025-04-01-preview' = if (empty(azureExistingAIProjectResourceId)) {
   parent: aiFoundry
   name: aiProjectName
   location: location
@@ -138,7 +145,7 @@ resource aiFoundryProject 'Microsoft.CognitiveServices/accounts/projects@2025-04
 
 @batchSize(1)
 resource aiFModelDeployments 'Microsoft.CognitiveServices/accounts/deployments@2023-05-01' = [
-  for aiModeldeployment in aiModelDeployments: {
+  for aiModeldeployment in aiModelDeployments: if (empty(azureExistingAIProjectResourceId)) {
     parent: aiFoundry
     name: aiModeldeployment.name
     properties: {
@@ -185,8 +192,8 @@ resource aiSearch 'Microsoft.Search/searchServices@2025-02-01-preview' = {
   }
 }
 
-resource aiSearchFoundryConnection 'Microsoft.CognitiveServices/accounts/connections@2025-04-01-preview' ={
-  name: 'foundry-search-connection'
+resource aiSearchFoundryConnection 'Microsoft.CognitiveServices/accounts/connections@2025-04-01-preview' = if (empty(azureExistingAIProjectResourceId)) {
+  name: aiSearchConnectionName
   parent: aiFoundry
   properties: {
     category: 'CognitiveSearch'
@@ -201,18 +208,56 @@ resource aiSearchFoundryConnection 'Microsoft.CognitiveServices/accounts/connect
   }
 }
 
+module existing_AIProject_SearchConnectionModule 'deploy_aifp_aisearch_connection.bicep' = if (!empty(azureExistingAIProjectResourceId)) {
+  name: 'aiProjectSearchConnectionDeployment'
+  scope: resourceGroup(existingAIServiceSubscription, existingAIServiceResourceGroup)
+  params: {
+    existingAIProjectName: existingAIProjectName
+    existingAIFoundryName: existingAIFoundryName
+    aiSearchName: aiSearchName
+    aiSearchResourceId: aiSearch.id
+    aiSearchLocation: aiSearch.location
+    aiSearchConnectionName: aiSearchConnectionName
+  }
+}
+
+resource cognitiveServicesOpenAIUser 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
+  name: '5e0bd9bd-7b93-4f28-af87-19fc36ad61bd'
+}
+
+module assignOpenAIRoleToAISearch 'deploy_foundry_role_assignment.bicep' = {
+  name: 'assignOpenAIRoleToAISearch'
+  scope: resourceGroup(existingAIServiceSubscription, existingAIServiceResourceGroup)
+  params: {
+    roleDefinitionId: cognitiveServicesOpenAIUser.id
+    roleAssignmentName: guid(resourceGroup().id, aiSearch.id, cognitiveServicesOpenAIUser.id, 'openai-foundry')
+    aiFoundryName: !empty(azureExistingAIProjectResourceId) ? existingAIFoundryName : aiFoundryName
+    aiProjectName: !empty(azureExistingAIProjectResourceId) ? existingAIProjectName : aiProjectName
+    principalId: aiSearch.identity.principalId
+  }
+}
+
 @description('This is the built-in Search Index Data Reader role.')
 resource searchIndexDataReaderRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
   scope: aiSearch
   name: '1407120a-92aa-4202-b7e9-c0e197c71c8f'
 }
 
-resource searchIndexDataReaderRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  name: guid(aiSearch.id, aiFoundry.id, searchIndexDataReaderRoleDefinition.id)
+resource searchIndexDataReaderRoleAssignmentToAIFP 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (empty(azureExistingAIProjectResourceId)) {
+  name: guid(aiSearch.id, aiFoundryProject.id, searchIndexDataReaderRoleDefinition.id)
   scope: aiSearch
   properties: {
     roleDefinitionId: searchIndexDataReaderRoleDefinition.id
-    principalId: aiFoundry.identity.principalId
+    principalId: aiFoundryProject.identity.principalId
+    principalType: 'ServicePrincipal'
+  }
+}
+resource assignSearchIndexDataReaderToExistingAiProject 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (!empty(azureExistingAIProjectResourceId)) {
+  name: guid(resourceGroup().id, existingAIProjectName, searchIndexDataReaderRoleDefinition.id, 'Existing')
+  scope: aiSearch
+  properties: {
+    roleDefinitionId: searchIndexDataReaderRoleDefinition.id
+    principalId: assignOpenAIRoleToAISearch.outputs.aiProjectPrincipalId
     principalType: 'ServicePrincipal'
   }
 }
@@ -223,18 +268,28 @@ resource searchServiceContributorRoleDefinition 'Microsoft.Authorization/roleDef
   name: '7ca78c08-252a-4471-8644-bb5ff32d4ba0'
 }
 
-resource searchServiceContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  name: guid(aiSearch.id, aiFoundry.id, searchServiceContributorRoleDefinition.id)
+resource searchServiceContributorRoleAssignmentToAIFP 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (empty(azureExistingAIProjectResourceId)) {
+  name: guid(aiSearch.id, aiFoundryProject.id, searchServiceContributorRoleDefinition.id)
   scope: aiSearch
   properties: {
     roleDefinitionId: searchServiceContributorRoleDefinition.id
-    principalId: aiFoundry.identity.principalId
+    principalId: aiFoundryProject.identity.principalId
     principalType: 'ServicePrincipal'
   }
 }
 
-resource appInsightsFoundryConnection 'Microsoft.CognitiveServices/accounts/connections@2025-04-01-preview' = {
-  name: 'foundry-app-insights-connection'
+resource searchServiceContributorRoleAssignmentExisting 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (!empty(azureExistingAIProjectResourceId)) {
+  name: guid(resourceGroup().id, existingAIProjectName, searchServiceContributorRoleDefinition.id, 'Existing')
+  scope: aiSearch
+  properties: {
+    roleDefinitionId: searchServiceContributorRoleDefinition.id
+    principalId: assignOpenAIRoleToAISearch.outputs.aiProjectPrincipalId
+    principalType: 'ServicePrincipal'
+  }
+}
+
+resource appInsightsFoundryConnection 'Microsoft.CognitiveServices/accounts/connections@2025-04-01-preview' = if (empty(azureExistingAIProjectResourceId)) {
+  name: aiAppInsightConnectionName
   parent: aiFoundry
   properties: {
     category: 'AppInsights'
@@ -251,14 +306,6 @@ resource appInsightsFoundryConnection 'Microsoft.CognitiveServices/accounts/conn
   }
 }
 
-// resource azureOpenAIApiKeyEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
-//   parent: keyVault
-//   name: 'AZURE-OPENAI-KEY'
-//   properties: {
-//     value: aiFoundry.listKeys().key1 //aiServices_m.listKeys().key1
-//   }
-// }
-
 resource azureOpenAIApiVersionEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
   name: 'AZURE-OPENAI-PREVIEW-API-VERSION'
@@ -271,7 +318,10 @@ resource azureOpenAIEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-
   parent: keyVault
   name: 'AZURE-OPENAI-ENDPOINT'
   properties: {
-    value: aiFoundry.properties.endpoints['OpenAI Language Model Instance API'] //aiServices_m.properties.endpoint
+    // value: aiFoundry.properties.endpoints['OpenAI Language Model Instance API'] //aiServices_m.properties.endpoint
+    value: !empty(existingOpenAIEndpoint)
+      ? existingOpenAIEndpoint
+      : aiFoundry.properties.endpoints['OpenAI Language Model Instance API']
   }
 }
 
@@ -283,14 +333,6 @@ resource azureOpenAIEmbeddingModelEntry 'Microsoft.KeyVault/vaults/secrets@2021-
   }
 }
 
-// resource azureSearchAdminKeyEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
-//   parent: keyVault
-//   name: 'AZURE-SEARCH-KEY'
-//   properties: {
-//     value: aiSearch.listAdminKeys().primaryKey
-//   }
-// }
-
 resource azureSearchServiceEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
   name: 'AZURE-SEARCH-ENDPOINT'
@@ -310,21 +352,27 @@ resource azureSearchIndexEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-pre
 output keyvaultName string = keyvaultName
 output keyvaultId string = keyVault.id
 
-output aiFoundryProjectEndpoint string = aiFoundryProject.properties.endpoints['AI Foundry API']
-output aiServicesTarget string = aiFoundry.properties.endpoint //aiServices_m.properties.endpoint
-output aoaiEndpoint string = aiFoundry.properties.endpoints['OpenAI Language Model Instance API'] //aiServices_m.properties.endpoint
-output aiFoundryName string = aiFoundryName //aiServicesName_m
-output aiFoundryId string = aiFoundry.id //aiServices_m.id
+output resourceGroupNameFoundry string = !empty(existingAIServiceResourceGroup)
+  ? existingAIServiceResourceGroup
+  : resourceGroup().name
+output aiFoundryProjectEndpoint string = !empty(existingProjEndpoint)
+  ? existingProjEndpoint
+  : aiFoundryProject.properties.endpoints['AI Foundry API']
+output aoaiEndpoint string = !empty(existingOpenAIEndpoint)
+  ? existingOpenAIEndpoint
+  : aiFoundry.properties.endpoints['OpenAI Language Model Instance API'] //aiServices_m.properties.endpoint
+output aiFoundryName string = !empty(existingAIFoundryName) ? existingAIFoundryName : aiFoundryName //aiServicesName_m
 
 output aiSearchName string = aiSearchName
 output aiSearchId string = aiSearch.id
 output aiSearchTarget string = 'https://${aiSearch.name}.search.windows.net'
 output aiSearchService string = aiSearch.name
-output aiFoundryProjectName string = aiFoundryProject.name
+output aiFoundryProjectName string = !empty(existingAIProjectName) ? existingAIProjectName : aiFoundryProject.name
 
 output applicationInsightsId string = applicationInsights.id
 output logAnalyticsWorkspaceResourceName string = useExisting ? existingLogAnalyticsWorkspace.name : logAnalytics.name
 output logAnalyticsWorkspaceResourceGroup string = useExisting ? existingLawResourceGroup : resourceGroup().name
 
-
 output applicationInsightsConnectionString string = applicationInsights.properties.ConnectionString
+
+output aiSearchFoundryConnectionName string = aiSearchConnectionName

infra/deploy_ai_foundry.bicep

@@ -0,0 +1,21 @@
+param existingAIProjectName string
+param existingAIFoundryName string
+param aiSearchName string
+param aiSearchResourceId string
+param aiSearchLocation string
+param aiSearchConnectionName string
+
+resource projectAISearchConnection 'Microsoft.CognitiveServices/accounts/projects/connections@2025-04-01-preview' = {
+  name: '${existingAIFoundryName}/${existingAIProjectName}/${aiSearchConnectionName}'
+  properties: {
+    category: 'CognitiveSearch'
+    target: 'https://${aiSearchName}.search.windows.net'
+    authType: 'AAD'
+    isSharedToAll: true
+    metadata: {
+      ApiType: 'Azure'
+      ResourceId: aiSearchResourceId
+      location: aiSearchLocation
+    }
+  }
+}