Skip to content

Commit d67227f

Browse files
Merge pull request #214 from microsoft/vee-pipeline-fixes
fix: Code Mod | Azure Template Validation & Deploy-Test-Cleanup Pipeline fix
2 parents f0dabb5 + 9bb82c9 commit d67227f

File tree

4 files changed

+36
-20
lines changed

4 files changed

+36
-20
lines changed

.github/workflows/azure-dev-validation.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ jobs:
1919
uses: actions/checkout@v4
2020
# Step 2: Validate the Azure template using microsoft/template-validation-action
2121
- name: Validate Azure Template
22-
uses: microsoft/template-validation-action@Latest
22+
uses: microsoft/template-validation-action@Latest
2323
id: validation
2424
env:
2525
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
@@ -31,4 +31,4 @@ jobs:
3131
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
3232
# Step 3: Print the result of the validation
3333
- name: Print result
34-
run: cat ${{ steps.validation.outputs.resultFile }}
34+
run: cat ${{ steps.validation.outputs.resultFile }}

.github/workflows/deploy.yml

Lines changed: 25 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,11 @@ jobs:
7272
- name: Fail Pipeline if Quota Check Fails
7373
if: env.QUOTA_FAILED == 'true'
7474
run: exit 1
75+
76+
- name: Set Deployment Region
77+
run: |
78+
echo "Selected Region: $VALID_REGION"
79+
echo "AZURE_LOCATION=$VALID_REGION" >> $GITHUB_ENV
7580
7681
- name: Install Bicep CLI
7782
run: az bicep install
@@ -135,8 +140,7 @@ jobs:
135140
--template-file infra/main.bicep \
136141
--parameters \
137142
solutionName="${{ env.SOLUTION_PREFIX }}" \
138-
aiDeploymentsLocation="eastus" \
139-
useWafAlignedArchitecture=false \
143+
aiDeploymentsLocation='${{ env.AZURE_LOCATION }}' \
140144
capacity=${{ env.GPT_MIN_CAPACITY }} \
141145
imageVersion="${IMAGE_TAG}" \
142146
createdBy="Pipeline" \
@@ -191,6 +195,24 @@ jobs:
191195
- name: Login to Azure
192196
run: |
193197
az login --service-principal -u ${{ secrets.AZURE_CLIENT_ID }} -p ${{ secrets.AZURE_CLIENT_SECRET }} --tenant ${{ secrets.AZURE_TENANT_ID }}
198+
199+
- name: Assign Contributor role to Service Principal
200+
if: always()
201+
run: |
202+
echo "Assigning Contributor role to SPN for RG: ${{ env.RESOURCE_GROUP_NAME }}"
203+
az role assignment create \
204+
--assignee ${{ secrets.AZURE_CLIENT_ID }} \
205+
--role "Contributor" \
206+
--scope /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/${{ env.RESOURCE_GROUP_NAME }}
207+
208+
echo "Assigning Log Analytics Contributor role for Log Analytics workspace access at RG level..."
209+
az role assignment create \
210+
--assignee ${{ secrets.AZURE_CLIENT_ID }} \
211+
--role "Log Analytics Contributor" \
212+
--scope /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/${{ env.RESOURCE_GROUP_NAME }} || echo "Log Analytics Contributor role assignment failed (may already exist)"
213+
214+
echo "Waiting for role assignment propagation..."
215+
sleep 30
194216
195217
- name: Get Log Analytics Workspace and OpenAI from Resource Group
196218
if: always()
@@ -417,4 +439,4 @@ jobs:
417439
if: always()
418440
run: |
419441
az logout
420-
echo "Logged out from Azure."
442+
echo "Logged out from Azure."

.github/workflows/test.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -103,4 +103,4 @@ jobs:
103103
- name: Skip Backend Tests
104104
if: env.skip_backend_tests == 'true'
105105
run: |
106-
echo "Skipping backend tests because no test files were found."
106+
echo "Skipping backend tests because no test files were found."

infra/main.json

Lines changed: 8 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -6,18 +6,12 @@
66
"_generator": {
77
"name": "bicep",
88
"version": "0.37.4.10188",
9-
"templateHash": "4708808767614470236"
9+
"templateHash": "10857935115773987076"
1010
},
1111
"name": "Modernize Your Code Solution Accelerator",
12-
"description": "CSA CTO Gold Standard Solution Accelerator for Modernize Your Code. \n"
12+
"description": "CSA CTO Gold Standard Solution Accelerator for Modernize Your Code. \r\n"
1313
},
1414
"parameters": {
15-
"useWafAlignedArchitecture": {
16-
"type": "bool",
17-
"metadata": {
18-
"description": "Set to true if you want to deploy WAF-aligned infrastructure."
19-
}
20-
},
2115
"solutionName": {
2216
"type": "string",
2317
"minLength": 3,
@@ -79,14 +73,14 @@
7973
},
8074
"enableMonitoring": {
8175
"type": "bool",
82-
"defaultValue": "[if(parameters('useWafAlignedArchitecture'), true(), false())]",
76+
"defaultValue": false,
8377
"metadata": {
8478
"description": "Optional. Enable monitoring for the resources. This will enable Application Insights and Log Analytics. Defaults to false."
8579
}
8680
},
8781
"enableScaling": {
8882
"type": "bool",
89-
"defaultValue": "[if(parameters('useWafAlignedArchitecture'), true(), false())]",
83+
"defaultValue": false,
9084
"metadata": {
9185
"description": "Optional. Enable scaling for the container apps. Defaults to false."
9286
}
@@ -107,7 +101,7 @@
107101
},
108102
"enablePrivateNetworking": {
109103
"type": "bool",
110-
"defaultValue": "[if(parameters('useWafAlignedArchitecture'), true(), false())]",
104+
"defaultValue": false,
111105
"metadata": {
112106
"description": "Optional. Enable private networking for the resources. Set to true to enable private networking. Defaults to false."
113107
}
@@ -192,9 +186,9 @@
192186
},
193187
"createdBy": {
194188
"type": "string",
195-
"defaultValue": "[if(empty(deployer().userPrincipalName), '', split(deployer().userPrincipalName, '@')[0])]",
189+
"defaultValue": "[if(contains(deployer(), 'userPrincipalName'), split(deployer().userPrincipalName, '@')[0], deployer().objectId)]",
196190
"metadata": {
197-
"description": "Optional created by user name"
191+
"description": "Tag, Created by user name"
198192
}
199193
}
200194
},
@@ -457,7 +451,7 @@
457451
"apiVersion": "2021-04-01",
458452
"name": "default",
459453
"properties": {
460-
"tags": "[shallowMerge(createArray(variables('allTags'), createObject('TemplateName', 'Code Modernization', 'CreatedBy', parameters('createdBy'))))]"
454+
"tags": "[shallowMerge(createArray(variables('allTags'), createObject('TemplateName', 'Code Modernization', 'Type', if(parameters('enablePrivateNetworking'), 'WAF', 'Non-WAF'), 'CreatedBy', parameters('createdBy'))))]"
461455
}
462456
},
463457
"avmTelemetry": {

0 commit comments

Comments
 (0)