chore: main to dev downmerge

.github/workflows/azd-template-validation.yml

@@ -0,0 +1,43 @@
+name: AZD Template Validation
+on:
+  schedule:
+    - cron: '30 1 * * 4' # Every Thursday at 1:30 AM UTC
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+  pull-requests: write
+
+jobs:
+  template_validation:
+    runs-on: ubuntu-latest
+    name: azd template validation
+    environment: production
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Set timestamp
+        run: echo "HHMM=$(date -u +'%H%M')" >> $GITHUB_ENV
+
+      - name: Validate Azure Template
+        uses: microsoft/template-validation-action@v0.4.4
+        with:
+          validateAzd: ${{ vars.TEMPLATE_VALIDATE_AZD }}
+          validateTests: ${{ vars.TEMPLATE_VALIDATE_TESTS }}
+          useDevContainer: ${{ vars.TEMPLATE_USE_DEV_CONTAINER }}
+        id: validation
+        env:
+          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          AZURE_ENV_NAME: azd-${{ vars.AZURE_ENV_NAME }}-${{ env.HHMM }}
+          AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          AZURE_ENV_AI_DEPLOYMENTS_LOCATION: ${{ vars.AZURE_ENV_AI_DEPLOYMENTS_LOCATION }}
+          AZURE_ENV_USE_CASE: ${{ vars.AZURE_ENV_USE_CASE }}
+          DEPLOYING_USER_PRINCIPAL_TYPE: ServicePrincipal
+
+      - name: Print result
+        run: cat ${{ steps.validation.outputs.resultFile }}

.github/workflows/azure-dev.yml

@@ -1,39 +1,60 @@
-name: Azure Template Validation
+name: Azure Dev Deploy
+
 on:
   workflow_dispatch:
-  push: 
-    branches: 
-    - main 
 
 permissions:
   contents: read
   id-token: write
-  pull-requests: write
 
 jobs:
-  template_validation_job:
+  deploy:
     runs-on: ubuntu-latest
     environment: production
-    name: Template validation
-
+    env:
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+      AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
+      AZURE_ENV_AI_DEPLOYMENTS_LOCATION: ${{ vars.AZURE_ENV_AI_DEPLOYMENTS_LOCATION }}
+      AZURE_ENV_USE_CASE: ${{ vars.AZURE_ENV_USE_CASE }}
+      DEPLOYING_USER_PRINCIPAL_TYPE: ServicePrincipal
     steps:
-      # Step 1: Checkout the code from your repository
-      - name: Checkout code
+      - name: Checkout Code
         uses: actions/checkout@v5
+
+      - name: Set timestamp and env name
+        run: |
+          HHMM=$(date -u +'%H%M')
+          echo "AZURE_ENV_NAME=azd-${{ vars.AZURE_ENV_NAME }}-${HHMM}" >> $GITHUB_ENV
+
+      - name: Install azd
+        uses: Azure/setup-azd@v2
+
+      - name: Login to Azure
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
-      # Step 2: Validate the Azure template using microsoft/template-validation-action
-      - name: Validate Azure Template
-        uses: microsoft/template-validation-action@v0.4.4
-        id: validation
-        env:
-          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
-          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
-          AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          DEPLOYING_USER_PRINCIPAL_TYPE: ServicePrincipal
+      - name: Login to AZD
+        shell: bash
+        run: |
+          azd auth login \
+            --client-id "$AZURE_CLIENT_ID" \
+            --federated-credential-provider "github" \
+            --tenant-id "$AZURE_TENANT_ID"
 
-      # Step 3: Print the result of the validation
-      - name: Print result
-        run: cat ${{ steps.validation.outputs.resultFile }}
+      - name: Provision and Deploy
+        shell: bash
+        run: |
+          if ! azd env select "$AZURE_ENV_NAME"; then
+            azd env new "$AZURE_ENV_NAME" --subscription "$AZURE_SUBSCRIPTION_ID" --location "$AZURE_LOCATION" --no-prompt
+          fi
+          azd config set defaults.subscription "$AZURE_SUBSCRIPTION_ID"
+          azd env set AZURE_AI_SERVICE_LOCATION="$AZURE_LOCATION"
+          azd env set AZURE_ENV_AI_DEPLOYMENTS_LOCATION="$AZURE_ENV_AI_DEPLOYMENTS_LOCATION"
+          azd env set AZURE_ENV_USE_CASE="$AZURE_ENV_USE_CASE"
+          azd up --no-prompt

infra/deploy_ai_foundry.bicep

@@ -81,6 +81,7 @@ var aiModelDeployments = concat([
       name: 'GlobalStandard'
       capacity: embeddingDeploymentCapacity
     }
+    version: '1'
     raiPolicyName: 'Microsoft.Default'
   }
 ] : [])
@@ -188,13 +189,17 @@ resource aiServicesDeployments 'Microsoft.CognitiveServices/accounts/deployments
     model: {
       format: 'OpenAI'
       name: aiModeldeployment.model
+      version: !empty(aiModeldeployment.version) ? aiModeldeployment.version : null
     }
     raiPolicyName: aiModeldeployment.raiPolicyName
   }
   sku:{
     name: aiModeldeployment.sku.name
     capacity: aiModeldeployment.sku.capacity
   }
+  dependsOn: [
+    aiProject
+  ]
 }]
 
 resource aiSearch 'Microsoft.Search/searchServices@2024-06-01-preview' = if(isWorkshop) {