Merge pull request #700 from microsoft/psl-postdeploymentscript

docs: post deployment script changes

Author: Prajwal-Microsoft

docs/AVMPostDeploymentGuide.md

@@ -0,0 +1,30 @@
+# AVM Post Deployment Guide
+This document provides guidance on post-deployment steps after deploying the Build Your Own Copilot Accelerator from the [AVM (Azure Verified Modules) repository](https://github.com/Azure/bicep-registry-modules/tree/main/avm/ptn/sa/build-your-own-copilot).
+
+## Post Deployment Steps
+1. Clone the Repository
+    First, clone this repository to access the post-deployment scripts:
+    ```bash
+    git clone https://github.com/microsoft/Build-your-own-copilot-Solution-Accelerator.git
+    ```
+    ```bash
+    cd Build-your-own-copilot-Solution-Accelerator
+    ```
+
+2. Import Sample Data -Run bash command printed in the terminal. The bash command will look like the following:
+
+    ```bash 
+    ./infra/scripts/process_sample_data.sh <resourceGroupName> 
+    ```
+    If the deployment does not exist or has been deleted – The script will prompt you to manually enter the required values
+
+3. Add Authentication Provider
+
+    Follow steps in [App Authentication](https://github.com/microsoft/Build-your-own-copilot-Solution-Accelerator/blob/main/docs/AppAuthentication.md) to configure authentication in app service. 
+    >Note that Authentication changes can take up to 10 minutes.
+
+4. Deleting Resources After a Failed Deployment
+
+    Follow steps in [Delete Resource Group](https://github.com/microsoft/Build-your-own-copilot-Solution-Accelerator/blob/main/docs/DeleteResourceGroup.md) if your deployment fails and/or you need to clean up the resources.
+
+By following these steps, you’ll ensure a smooth transition from deployment to hands-on usage.

infra/main.bicep

@@ -272,6 +272,7 @@ resource resourceGroupTags 'Microsoft.Resources/tags@2021-04-01' = {
       TemplateName: 'Client Advisor'
       Type: enablePrivateNetworking ? 'WAF' : 'Non-WAF'
       CreatedBy: createdBy
+      DeploymentName: deployment().name
     }
   }
 }
@@ -1381,5 +1382,3 @@ output USE_AI_PROJECT_CLIENT string = useAIProjectClientFlag
 @description('Indicates whether the internal stream should be used.')
 output USE_INTERNAL_STREAM string = useInternalStream
 
-@description('The client ID of the managed identity.')
-output AZURE_CLIENT_ID string = userAssignedIdentity.outputs.clientId

infra/scripts/process_sample_data.sh

@@ -2,16 +2,6 @@
 
 	# Variables
 	resourceGroupName="$1"
-	cosmosDbAccountName="$2"
-	storageAccount="$3"
-	fileSystem="$4"
-	keyvaultName="$5"
-	sqlServerName="$6"
-	SqlDatabaseName="$7"
-	sqlManagedIdentityClientId="$8"
-	sqlManagedIdentityDisplayName="$9"
-	aiSearchName="${10}"
-	aif_resource_id="${11}"
 
 	# Global variables to track original network access states
 	original_storage_public_access=""
@@ -20,6 +10,7 @@
 	aif_resource_group=""
 	aif_account_resource_id=""
 	# Add global variable for SQL Server public access
+
 	original_sql_public_access=""
 	created_sql_allow_all_firewall_rule="false"
 	original_full_range_rule_present="false"
@@ -289,55 +280,90 @@
 	# Set up trap to ensure cleanup happens on exit
 	trap cleanup_on_exit EXIT INT TERM
 
-	# get parameters from azd env, if not provided
-	if [ -z "$resourceGroupName" ]; then
-		resourceGroupName=$(azd env get-value RESOURCE_GROUP_NAME)
+	if az account show &> /dev/null; then
+    echo "Already authenticated with Azure."
+	else
+		echo "Authenticating with Azure CLI..."
+		az login
+		echo "Authenticated with Azure CLI."
 	fi
 
+	# fetch all variables from deployment outputs
 
-	if [ -z "$cosmosDbAccountName" ]; then
-		cosmosDbAccountName=$(azd env get-value COSMOSDB_ACCOUNT_NAME)
-	fi
-
-	if [ -z "$storageAccount" ]; then
-		storageAccount=$(azd env get-value STORAGE_ACCOUNT_NAME)
-	fi
+	deploymentName=$(az group show --name "$resourceGroupName" --query "tags.DeploymentName" -o tsv) 
+	echo "Deployment Name (from tag): $deploymentName"
 
-	if [ -z "$fileSystem" ]; then
-		fileSystem=$(azd env get-value STORAGE_CONTAINER_NAME)
-	fi
+if az deployment group show --resource-group "$resourceGroupName" --name "$deploymentName" &>/dev/null; then
+		cosmosDbAccountName=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.cosmosdB_ACCOUNT_NAME.value" -o tsv)
+		echo "Cosmos DB Account Name (from outputs): $cosmosDbAccountName"
 
-	if [ -z "$keyvaultName" ]; then
-		keyvaultName=$(azd env get-value KEY_VAULT_NAME)
-	fi
+		storageAccount=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.storagE_ACCOUNT_NAME.value" -o tsv)
+		echo "Storage Account Name (from outputs): $storageAccount"
 
-	if [ -z "$sqlServerName" ]; then
-		sqlServerName=$(azd env get-value SQLDB_SERVER_NAME)
-	fi
+		fileSystem=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.storagE_CONTAINER_NAME.value" -o tsv)
+		echo "Storage Container Name (from outputs): $fileSystem"
 
-	if [ -z "$SqlDatabaseName" ]; then
-		SqlDatabaseName=$(azd env get-value SQLDB_DATABASE)
-	fi
+		keyvaultName=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.keY_VAULT_NAME.value" -o tsv)
+		echo "Key Vault Name (from outputs): $keyvaultName"
 
-	if [ -z "$sqlManagedIdentityClientId" ]; then
-		# Use the SQL-specific managed identity for database operations with limited permissions
-		sqlManagedIdentityClientId=$(azd env get-value MANAGEDIDENTITY_SQL_CLIENTID)
-	fi
+		sqlServerName=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.sqldB_SERVER_NAME.value" -o tsv)
+		echo "SQL Server Name (from outputs): $sqlServerName"
 
-	if [ -z "$sqlManagedIdentityDisplayName" ]; then
-		# Use the SQL-specific managed identity for database operations with limited permissions
-		sqlManagedIdentityDisplayName=$(azd env get-value MANAGEDIDENTITY_SQL_NAME)
-	fi
+		webAppManagedIdentityDisplayName=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.managedidentitY_WEBAPP_NAME.value" -o tsv)
+		echo "Web App Managed Identity Display Name (from outputs): $webAppManagedIdentityDisplayName"
 
-	if [ -z "$aiSearchName" ]; then
-		aiSearchName=$(azd env get-value AI_SEARCH_SERVICE_NAME)
-	fi
+		aiSearchName=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.aI_SEARCH_SERVICE_NAME.value" -o tsv)
+		echo "AI Search Service Name (from outputs): $aiSearchName"
 
-	if [ -z "$aif_resource_id" ]; then
-		aif_resource_id=$(azd env get-value AI_FOUNDRY_RESOURCE_ID)
-	fi
+		aif_resource_id=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.aI_FOUNDRY_RESOURCE_ID.value" -o tsv)
+		echo "AI Foundry Resource ID (from outputs): $aif_resource_id"
 
-	azSubscriptionId=$(azd env get-value AZURE_SUBSCRIPTION_ID)
+		azSubscriptionId=$(az deployment group show \
+			--name "$deploymentName" \
+			--resource-group "$resourceGroupName" \
+			--query "properties.outputs.azurE_SUBSCRIPTION_ID.value" -o tsv)
+
+		echo "Azure Subscription ID (from outputs): $azSubscriptionId"
+else
+    echo "Deployment does NOT exist in resource group $resourceGroupName."
+    echo "Please enter required values manually."
+
+    read -rp "Enter Cosmos DB Account Name: " cosmosDbAccountName
+    read -rp "Enter Storage Account Name: " storageAccount
+    read -rp "Enter Storage Container/File System Name: " fileSystem
+	read -rp "Enter SQL Server Name: " sqlServerName
+	read -rp "Enter SQL Database Name: " SqlDatabaseName
+    read -rp "Enter Key Vault Name: " keyvaultName
+	read -rp "Enter Web App Managed Identity Display Name: " webAppManagedIdentityDisplayName
+	read -rp "Enter Web App Managed Identity Client ID: " webAppManagedIdentityClientId
+    read -rp "Enter AI Search Service Name: " aiSearchName
+    read -rp "Enter AI Foundry Resource ID: " aif_resource_id
+    read -rp "Enter Azure Subscription ID: " azSubscriptionId
+fi  
 
 	# Check if all required arguments are provided
 	if  [ -z "$resourceGroupName" ] || [ -z "$cosmosDbAccountName" ] || [ -z "$storageAccount" ] || [ -z "$fileSystem" ] || [ -z "$keyvaultName" ] || [ -z "$sqlServerName" ] || [ -z "$SqlDatabaseName" ] || [ -z "$sqlManagedIdentityClientId" ] || [ -z "$sqlManagedIdentityDisplayName" ] || [ -z "$aiSearchName" ] || [ -z "$aif_resource_id" ]; then