From 0b89236e02d4d0bbdd3deda01a6bdaec01b61cd0 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 02:12:20 +0000 Subject: [PATCH 01/30] updating names --- .../{main.json => azuredeploy.json} | 0 .../infrastructure-setup-bicep/40-basic-agent-setup/README.md | 4 ++-- .../{basic-setup.json => azuredeploy.json} | 0 ...asic-setup.parameters.json => azuredeploy.parameters.json} | 0 .../40-basic-agent-setup/{basic-setup.bicep => main.bicep} | 0 .../42-basic-agent-setup-with-customization/README.md | 2 +- .../{main.json => azuredeploy.json} | 0 .../{main.parameters.json => azuredeploy.parameters.json} | 0 8 files changed, 3 insertions(+), 3 deletions(-) rename infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/{main.json => azuredeploy.json} (100%) rename infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/{basic-setup.json => azuredeploy.json} (100%) rename infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/{basic-setup.parameters.json => azuredeploy.parameters.json} (100%) rename infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/{basic-setup.bicep => main.bicep} (100%) rename infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/{main.json => azuredeploy.json} (100%) rename infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/{main.parameters.json => azuredeploy.parameters.json} (100%) diff --git a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/main.json b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/azuredeploy.json similarity index 100% rename from infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/main.json rename to infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/azuredeploy.json diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/README.md b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/README.md index 1488de6a2..a62fbf75c 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/README.md +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/README.md @@ -19,7 +19,7 @@ For more information, [see the getting started guide.](https://learn.microsoft.c 1. To deploy this template, click the "Deploy to Azure" button or you can run one of the following commands: -[![Deploy To Azure](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazure.svg?sanitize=true)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fazure-ai-foundry%2Ffoundry-samples%2Frefs%2Fheads%2Fmain%2Finfrastructure%2Finfrastructure-setup-bicep%2F40-basic-agent-setup%2Fbasic-setup.json) +[![Deploy To Azure](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazure.svg?sanitize=true)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fazure-ai-foundry%2Ffoundry-samples%2Frefs%2Fheads%2Fmain%2Finfrastructure%2Finfrastructure-setup-bicep%2F40-basic-agent-setup%2Fazuredeploy.json) * Create new (or use existing) resource group: @@ -31,5 +31,5 @@ For more information, [see the getting started guide.](https://learn.microsoft.c * Deploy the template ```bash - az deployment group create --resource-group --template-file basic-setup.bicep + az deployment group create --resource-group --template-file main.bicep ``` diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/basic-setup.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json similarity index 100% rename from infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/basic-setup.json rename to infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/basic-setup.parameters.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.parameters.json similarity index 100% rename from infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/basic-setup.parameters.json rename to infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.parameters.json diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/basic-setup.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep similarity index 100% rename from infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/basic-setup.bicep rename to infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep diff --git a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/README.md b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/README.md index 425609716..ff298adee 100644 --- a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/README.md +++ b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/README.md @@ -25,7 +25,7 @@ Below are two supported approaches. ### 1 — Deploy from the Azure portal (one-click) -[![Deploy To Azure](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazure.svg?sanitize=true)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fazure-ai-foundry%2Ffoundry-samples%2Frefs%2Fheads%2Fmain%2Finfrastructure%2Finfrastructure-setup-bicep%2F42-basic-agent-setup-with-customization%2Fmain.json) +[![Deploy To Azure](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazure.svg?sanitize=true)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fazure-ai-foundry%2Ffoundry-samples%2Frefs%2Fheads%2Fmain%2Finfrastructure%2Finfrastructure-setup-bicep%2F42-basic-agent-setup-with-customization%2Fazuredeploy.json) Click the button, then complete the portal wizard. Replace **existingAoaiResourceId** with the resource id of your Azure OpenAI resource. diff --git a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.json b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.json similarity index 100% rename from infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.json rename to infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.json diff --git a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.parameters.json b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.parameters.json similarity index 100% rename from infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.parameters.json rename to infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.parameters.json From 60833b1f7acf71f036fa2a03d43cdf0ee05c2ffa Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 02:13:33 +0000 Subject: [PATCH 02/30] compile bicep --- .github/workflows/run-setup.yml | 228 ++++++++++++++++++++++++++++++++ 1 file changed, 228 insertions(+) create mode 100644 .github/workflows/run-setup.yml diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml new file mode 100644 index 000000000..eb4917572 --- /dev/null +++ b/.github/workflows/run-setup.yml @@ -0,0 +1,228 @@ +name: Run Setup +# This action can be run on-demand against a branch. +# It attempts to auto-fix some errors in the most recently updated sample in the branch: +# Builds main.bicep -> azuredeploy.json +# Attempts some fixes with the metadata + +# To run/debug locally, try https://github.com/nektos/act +# Actions documentation: https://docs.github.com/en/actions/reference + +on: + push: + branches: + - main + paths: + - infrastructure/infrastructure-setup-bicep** + pull_request: + branches: + - main + workflow_dispatch: + +permissions: + contents: read + +jobs: + check-if-external: + runs-on: ubuntu-latest + outputs: + environment: ${{ steps.set-environment.outputs.result }} + steps: + - uses: actions/github-script@v7 + id: set-environment + with: + script: | + const actionInitiator = context.payload.sender.login; + const org = "microsoft-foundry"; + let isPublicMember = true; + + // Check if initiator is a public member of the org + try { + await github.rest.orgs.checkPublicMembershipForUser({ + org, + username: actionInitiator + }); + } catch (error) { + if (error.status != 404) { + throw new Error("Unknown error", {cause: error}); + } + + console.debug([ + `User is not a public member of the organization "${org}"`, + "", + `If you are a Microsoft employee, you can join the "${org}" org and set your org membership visibility to public: https://docs.github.com/en/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership#changing-the-visibility-of-your-organization-membership` + ].join("\n")); + + isPublicMember = false; + } + + + const isPullRequestEvent = ["pull_request", "pull_request_target"].includes(context.eventName); + + if (!(isPublicMember && isPullRequestEvent)) { + return "external-contribution"; + } + return ""; + result-encoding: string + main: + permissions: + contents: write # for git push + name: Run Setup + runs-on: ubuntu-latest + needs: check-if-external + # environment: ${{ needs.check-if-external.outputs.environment }} + env: + # don't print dotnet logo + DOTNET_NOLOGO: true + + # disable telemetry (reduces dotnet tool output in logs) + DOTNET_CLI_TELEMETRY_OPTOUT: true + + steps: + - name: Setup .NET Core + uses: actions/setup-dotnet@v1.8.0 + + - name: Install Bicep + run: | + # See https://github.com/Azure/bicep/blob/main/docs/installing.md#windows-installer + + # Create the install folder + INSTALL_PATH="$RUNNER_TEMP/bicep" + BICEP_PATH="$RUNNER_TEMP/bicep/bicep" + mkdir -p $INSTALL_PATH + + # Fetch the latest Bicep CLI binary + curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep $INSTALL_PATH + echo Using bicep at $BICEP_PATH: + $BICEP_PATH --version + + echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV + + - name: Install PowerShell + run: | + # Update the list of packages + sudo apt-get update + # Install pre-requisite packages. + sudo apt-get install -y wget apt-transport-https software-properties-common + # Download the Microsoft repository GPG keys + wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb + # Register the Microsoft repository GPG keys + sudo dpkg -i packages-microsoft-prod.deb + # Update the list of packages after we added packages.microsoft.com + sudo apt-get update + # Install PowerShell + sudo apt-get install -y powershell + + - name: Sync main + uses: actions/checkout@v2.3.4 + with: + ref: main + fetch-depth: 0 # avoid shallow clone so nbgv can do its work. + + - uses: actions/checkout@v2.3.4 + with: + fetch-depth: 0 # avoid shallow clone so nbgv can do its work. + + - name: Find and scan Bicep files + run: | + git status + pwd + cd $GITHUB_WORKSPACE + pwd + + # Get all modified files in the last 100 commits, filtering out .github + MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") + + if [ -z "$MODIFIED_FILES" ]; then + echo "No modified files found." + exit 1 + fi + + echo "Modified files:" + echo "$MODIFIED_FILES" + + # Convert MODIFIED_FILES into an array + IFS=$'\n' read -r -a MODIFIED_FILES_ARRAY <<< "$MODIFIED_FILES" + + # Initialize arrays for environment variables + MAINBICEP_PATHS=() + AZDEPLOYJSON_PATHS=() + + for FILE in "${MODIFIED_FILES_ARRAY[@]}"; do + echo "Processing: $FILE" + + TESTFOLDER_PATH=$(dirname "$FILE") + FOUNDBICEP_PATH="" + FOUNDJSON_PATH="" + + # Traverse up the directory structure to find main.bicep and azuredeploy.json + while [ "$TESTFOLDER_PATH" != "." ]; do + echo "Looking in: $TESTFOLDER_PATH" + ls -l "$TESTFOLDER_PATH" + if [ -z "$FOUNDBICEP_PATH" ] && [ -f "$TESTFOLDER_PATH/main.bicep" ]; then + FOUNDBICEP_PATH="$TESTFOLDER_PATH/main.bicep" + echo "Found main.bicep: $FOUNDBICEP_PATH" + fi + + if [ -z "$FOUNDJSON_PATH" ] && [ -f "$TESTFOLDER_PATH/azuredeploy.json" ]; then + FOUNDJSON_PATH="$TESTFOLDER_PATH/azuredeploy.json" + echo "Found azuredeploy.json: $FOUNDJSON_PATH" + fi + + # If both files are found, stop searching + if [ -n "$FOUNDBICEP_PATH" ] && [ -n "$FOUNDJSON_PATH" ]; then + break + fi + + TESTFOLDER_PATH=$(dirname "$TESTFOLDER_PATH") + done + + if [ -n "$FOUNDBICEP_PATH" ]; then + MAINBICEP_PATHS+=("$FOUNDBICEP_PATH") + fi + + if [ -n "$FOUNDJSON_PATH" ]; then + AZDEPLOYJSON_PATHS+=("$FOUNDJSON_PATH") + fi + done + + # Store paths as space-separated strings in GitHub environment variables + echo "MAINBICEP_PATHS=${MAINBICEP_PATHS[*]}" >> $GITHUB_ENV + echo "AZDEPLOYJSON_PATHS=${AZDEPLOYJSON_PATHS[*]}" >> $GITHUB_ENV + + - name: Build Bicep files + run: | + # Convert space-separated environment variables back to arrays + IFS=' ' read -ra MAINBICEP_PATHS_ARRAY <<< "$MAINBICEP_PATHS" + IFS=' ' read -ra AZDEPLOYJSON_PATHS_ARRAY <<< "$AZDEPLOYJSON_PATHS" + + # Ensure the number of Bicep files and JSON paths match + if [ ${#MAINBICEP_PATHS_ARRAY[@]} -ne ${#AZDEPLOYJSON_PATHS_ARRAY[@]} ]; then + echo "Error: Mismatch in number of Bicep files and output JSON paths." + exit 1 + fi + for i in "${!MAINBICEP_PATHS_ARRAY[@]}"; do + MAINBICEP_FILE="${MAINBICEP_PATHS_ARRAY[$i]}" + AZDEPLOYJSON_FILE="${AZDEPLOYJSON_PATHS_ARRAY[$i]}" + + if [ -f "$MAINBICEP_FILE" ]; then + echo "Building: $MAINBICEP_FILE -> $AZDEPLOYJSON_FILE" + $BICEP_PATH build "$MAINBICEP_FILE" --outfile "$AZDEPLOYJSON_FILE" + else + echo "Warning: Bicep file not found: $MAINBICEP_FILE" + fi + done + + - name: Commit changes + if: always() + run: | + git config --global user.email "azureai-samples@noreply.github.com" + git config --global user.name "azureai-sample Automation" + + git add . + + if ! git diff-index --quiet HEAD --; then + git commit -m "Automatic fixes" + git push + fi \ No newline at end of file From 882dc85521e307592e2fdcb4ad31b6b53e8d9dda Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 02:17:34 +0000 Subject: [PATCH 03/30] updating model --- .../40-basic-agent-setup/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index 6b15a10de..2c2cbaa7a 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -47,13 +47,13 @@ var accountName = toLower('${aiServicesName}${uniqueSuffix}') param location string = 'westus' @description('The name of the OpenAI model you want to deploy') -param modelName string = 'gpt-4o' +param modelName string = 'gpt-5.2' @description('The model format of the model you want to deploy. Example: OpenAI') param modelFormat string = 'OpenAI' @description('The version of the model you want to deploy. Example: 2024-11-20') -param modelVersion string = '2024-11-20' +param modelVersion string = '2025-12-11' @description('The SKU name for the model deployment. Example: GlobalStandard') param modelSkuName string = 'GlobalStandard' From 76dea7900d885ac7948afd510e9447e78f10cc35 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 18:25:42 -0800 Subject: [PATCH 04/30] Update run-setup.yml --- .github/workflows/run-setup.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index eb4917572..97a039e1d 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -217,12 +217,12 @@ jobs: - name: Commit changes if: always() run: | - git config --global user.email "azureai-samples@noreply.github.com" - git config --global user.name "azureai-sample Automation" + git config --global user.email "foundry-samples@noreply.github.com" + git config --global user.name "foundry-samples Automation" git add . if ! git diff-index --quiet HEAD --; then git commit -m "Automatic fixes" - git push - fi \ No newline at end of file + git push origin HEAD:${GITHUB_REF##*/} + fi From cd270ee054033edf74a07a047184ca7820237e7f Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 18:27:58 -0800 Subject: [PATCH 05/30] Change git push reference to use GITHUB_REF_NAME --- .github/workflows/run-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index 97a039e1d..22c79aa42 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -224,5 +224,5 @@ jobs: if ! git diff-index --quiet HEAD --; then git commit -m "Automatic fixes" - git push origin HEAD:${GITHUB_REF##*/} + git push origin HEAD:refs/heads/${GITHUB_REF_NAME} fi From 65ed9c6750de2343c06f6b530c11a192f990f0cd Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 02:35:23 +0000 Subject: [PATCH 06/30] adding model --- .../41-standard-agent-setup/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep index 978346c1a..4dfee171a 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep @@ -44,13 +44,13 @@ param displayName string = 'project' // Model deployment parameters @description('The name of the model you want to deploy') -param modelName string = 'gpt-4o' +param modelName string = 'gpt-5.2' @description('The provider of your model') param modelFormat string = 'OpenAI' @description('The version of your model') -param modelVersion string = '2024-11-20' +param modelVersion string = '2025-12-11' @description('The sku of your model deployment') param modelSkuName string = 'GlobalStandard' From 24ecf78dfbdec88ccde0e8d7b66f18378ab06b45 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 18:47:57 -0800 Subject: [PATCH 07/30] Refactor GitHub Actions workflow for Bicep processing Updated GitHub Actions workflow to improve structure and permissions. Added steps for Bicep file processing and automatic commits. --- .github/workflows/run-setup.yml | 267 ++++++++++++-------------------- 1 file changed, 95 insertions(+), 172 deletions(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index 22c79aa42..bc498da11 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -8,221 +8,144 @@ name: Run Setup # Actions documentation: https://docs.github.com/en/actions/reference on: - push: - branches: - - main - paths: - - infrastructure/infrastructure-setup-bicep** - pull_request: - branches: - - main - workflow_dispatch: + push: + branches: + - main + paths: + - infrastructure/infrastructure-setup-bicep/** + pull_request: + branches: + - main + workflow_dispatch: permissions: - contents: read + contents: write jobs: - check-if-external: - runs-on: ubuntu-latest - outputs: - environment: ${{ steps.set-environment.outputs.result }} - steps: - - uses: actions/github-script@v7 - id: set-environment - with: - script: | - const actionInitiator = context.payload.sender.login; - const org = "microsoft-foundry"; - let isPublicMember = true; - - // Check if initiator is a public member of the org - try { - await github.rest.orgs.checkPublicMembershipForUser({ - org, - username: actionInitiator - }); - } catch (error) { - if (error.status != 404) { - throw new Error("Unknown error", {cause: error}); - } - - console.debug([ - `User is not a public member of the organization "${org}"`, - "", - `If you are a Microsoft employee, you can join the "${org}" org and set your org membership visibility to public: https://docs.github.com/en/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership#changing-the-visibility-of-your-organization-membership` - ].join("\n")); - - isPublicMember = false; - } - - - const isPullRequestEvent = ["pull_request", "pull_request_target"].includes(context.eventName); - - if (!(isPublicMember && isPullRequestEvent)) { - return "external-contribution"; - } - return ""; - result-encoding: string main: - permissions: - contents: write # for git push - name: Run Setup runs-on: ubuntu-latest - needs: check-if-external - # environment: ${{ needs.check-if-external.outputs.environment }} - env: - # don't print dotnet logo - DOTNET_NOLOGO: true + steps: - # disable telemetry (reduces dotnet tool output in logs) - DOTNET_CLI_TELEMETRY_OPTOUT: true + # Checkout the PR branch (or main for pushes) + - name: Checkout source branch + uses: actions/checkout@v3 + with: + ref: ${{ github.head_ref || github.ref_name }} + fetch-depth: 0 - steps: + # Setup .NET Core - name: Setup .NET Core uses: actions/setup-dotnet@v1.8.0 + # Install Bicep CLI - name: Install Bicep run: | - # See https://github.com/Azure/bicep/blob/main/docs/installing.md#windows-installer - - # Create the install folder INSTALL_PATH="$RUNNER_TEMP/bicep" BICEP_PATH="$RUNNER_TEMP/bicep/bicep" mkdir -p $INSTALL_PATH - - # Fetch the latest Bicep CLI binary curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 chmod +x ./bicep sudo mv ./bicep $INSTALL_PATH - echo Using bicep at $BICEP_PATH: - $BICEP_PATH --version - echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV + $BICEP_PATH --version + # Install PowerShell - name: Install PowerShell run: | - # Update the list of packages sudo apt-get update - # Install pre-requisite packages. sudo apt-get install -y wget apt-transport-https software-properties-common - # Download the Microsoft repository GPG keys wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb - # Register the Microsoft repository GPG keys sudo dpkg -i packages-microsoft-prod.deb - # Update the list of packages after we added packages.microsoft.com sudo apt-get update - # Install PowerShell sudo apt-get install -y powershell - - name: Sync main - uses: actions/checkout@v2.3.4 - with: - ref: main - fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - - - uses: actions/checkout@v2.3.4 - with: - fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - + # Your build steps here - name: Find and scan Bicep files run: | - git status - pwd - cd $GITHUB_WORKSPACE - pwd + git status + pwd + cd $GITHUB_WORKSPACE + pwd - # Get all modified files in the last 100 commits, filtering out .github - MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") + MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") - if [ -z "$MODIFIED_FILES" ]; then + if [ -z "$MODIFIED_FILES" ]; then echo "No modified files found." exit 1 - fi - - echo "Modified files:" - echo "$MODIFIED_FILES" - - # Convert MODIFIED_FILES into an array - IFS=$'\n' read -r -a MODIFIED_FILES_ARRAY <<< "$MODIFIED_FILES" - - # Initialize arrays for environment variables - MAINBICEP_PATHS=() - AZDEPLOYJSON_PATHS=() - - for FILE in "${MODIFIED_FILES_ARRAY[@]}"; do - echo "Processing: $FILE" - - TESTFOLDER_PATH=$(dirname "$FILE") - FOUNDBICEP_PATH="" - FOUNDJSON_PATH="" - - # Traverse up the directory structure to find main.bicep and azuredeploy.json - while [ "$TESTFOLDER_PATH" != "." ]; do - echo "Looking in: $TESTFOLDER_PATH" - ls -l "$TESTFOLDER_PATH" - if [ -z "$FOUNDBICEP_PATH" ] && [ -f "$TESTFOLDER_PATH/main.bicep" ]; then - FOUNDBICEP_PATH="$TESTFOLDER_PATH/main.bicep" - echo "Found main.bicep: $FOUNDBICEP_PATH" - fi - - if [ -z "$FOUNDJSON_PATH" ] && [ -f "$TESTFOLDER_PATH/azuredeploy.json" ]; then - FOUNDJSON_PATH="$TESTFOLDER_PATH/azuredeploy.json" - echo "Found azuredeploy.json: $FOUNDJSON_PATH" - fi - - # If both files are found, stop searching - if [ -n "$FOUNDBICEP_PATH" ] && [ -n "$FOUNDJSON_PATH" ]; then - break - fi - - TESTFOLDER_PATH=$(dirname "$TESTFOLDER_PATH") - done - - if [ -n "$FOUNDBICEP_PATH" ]; then - MAINBICEP_PATHS+=("$FOUNDBICEP_PATH") - fi - - if [ -n "$FOUNDJSON_PATH" ]; then - AZDEPLOYJSON_PATHS+=("$FOUNDJSON_PATH") - fi - done + fi - # Store paths as space-separated strings in GitHub environment variables - echo "MAINBICEP_PATHS=${MAINBICEP_PATHS[*]}" >> $GITHUB_ENV - echo "AZDEPLOYJSON_PATHS=${AZDEPLOYJSON_PATHS[*]}" >> $GITHUB_ENV + echo "Modified files:" + echo "$MODIFIED_FILES" + + IFS=$'\n' read -r -a MODIFIED_FILES_ARRAY <<< "$MODIFIED_FILES" + + MAINBICEP_PATHS=() + AZDEPLOYJSON_PATHS=() + + for FILE in "${MODIFIED_FILES_ARRAY[@]}"; do + echo "Processing: $FILE" + TESTFOLDER_PATH=$(dirname "$FILE") + FOUNDBICEP_PATH="" + FOUNDJSON_PATH="" + while [ "$TESTFOLDER_PATH" != "." ]; do + echo "Looking in: $TESTFOLDER_PATH" + ls -l "$TESTFOLDER_PATH" + if [ -z "$FOUNDBICEP_PATH" ] && [ -f "$TESTFOLDER_PATH/main.bicep" ]; then + FOUNDBICEP_PATH="$TESTFOLDER_PATH/main.bicep" + echo "Found main.bicep: $FOUNDBICEP_PATH" + fi + if [ -z "$FOUNDJSON_PATH" ] && [ -f "$TESTFOLDER_PATH/azuredeploy.json" ]; then + FOUNDJSON_PATH="$TESTFOLDER_PATH/azuredeploy.json" + echo "Found azuredeploy.json: $FOUNDJSON_PATH" + fi + if [ -n "$FOUNDBICEP_PATH" ] && [ -n "$FOUNDJSON_PATH" ]; then + break + fi + TESTFOLDER_PATH=$(dirname "$TESTFOLDER_PATH") + done + if [ -n "$FOUNDBICEP_PATH" ]; then + MAINBICEP_PATHS+=("$FOUNDBICEP_PATH") + fi + if [ -n "$FOUNDJSON_PATH" ]; then + AZDEPLOYJSON_PATHS+=("$FOUNDJSON_PATH") + fi + done + + echo "MAINBICEP_PATHS=${MAINBICEP_PATHS[*]}" >> $GITHUB_ENV + echo "AZDEPLOYJSON_PATHS=${AZDEPLOYJSON_PATHS[*]}" >> $GITHUB_ENV - name: Build Bicep files run: | - # Convert space-separated environment variables back to arrays - IFS=' ' read -ra MAINBICEP_PATHS_ARRAY <<< "$MAINBICEP_PATHS" - IFS=' ' read -ra AZDEPLOYJSON_PATHS_ARRAY <<< "$AZDEPLOYJSON_PATHS" - - # Ensure the number of Bicep files and JSON paths match - if [ ${#MAINBICEP_PATHS_ARRAY[@]} -ne ${#AZDEPLOYJSON_PATHS_ARRAY[@]} ]; then - echo "Error: Mismatch in number of Bicep files and output JSON paths." - exit 1 - fi - for i in "${!MAINBICEP_PATHS_ARRAY[@]}"; do - MAINBICEP_FILE="${MAINBICEP_PATHS_ARRAY[$i]}" - AZDEPLOYJSON_FILE="${AZDEPLOYJSON_PATHS_ARRAY[$i]}" - - if [ -f "$MAINBICEP_FILE" ]; then - echo "Building: $MAINBICEP_FILE -> $AZDEPLOYJSON_FILE" - $BICEP_PATH build "$MAINBICEP_FILE" --outfile "$AZDEPLOYJSON_FILE" - else - echo "Warning: Bicep file not found: $MAINBICEP_FILE" - fi - done - - - name: Commit changes + IFS=' ' read -ra MAINBICEP_PATHS_ARRAY <<< "$MAINBICEP_PATHS" + IFS=' ' read -ra AZDEPLOYJSON_PATHS_ARRAY <<< "$AZDEPLOYJSON_PATHS" + + if [ ${#MAINBICEP_PATHS_ARRAY[@]} -ne ${#AZDEPLOYJSON_PATHS_ARRAY[@]} ]; then + echo "Error: Mismatch in number of Bicep files and output JSON paths." + exit 1 + fi + + for i in "${!MAINBICEP_PATHS_ARRAY[@]}"; do + MAINBICEP_FILE="${MAINBICEP_PATHS_ARRAY[$i]}" + AZDEPLOYJSON_FILE="${AZDEPLOYJSON_PATHS_ARRAY[$i]}" + if [ -f "$MAINBICEP_FILE" ]; then + echo "Building: $MAINBICEP_FILE -> $AZDEPLOYJSON_FILE" + $BICEP_PATH build "$MAINBICEP_FILE" --outfile "$AZDEPLOYJSON_FILE" + else + echo "Warning: Bicep file not found: $MAINBICEP_FILE" + fi + done + + # Auto-commit and push changes to branch (works for PR and main) + - name: Auto-commit and push if needed if: always() run: | git config --global user.email "foundry-samples@noreply.github.com" - git config --global user.name "foundry-samples Automation" - - git add . - + git config --global user.name "foundry-samples automation" + git add azuredeploy.json || true if ! git diff-index --quiet HEAD --; then git commit -m "Automatic fixes" - git push origin HEAD:refs/heads/${GITHUB_REF_NAME} + BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME:-${GITHUB_REF##*/}}}" + git push origin HEAD:refs/heads/"$BRANCH_NAME" + else + echo "No changes to commit." fi From 17fa81acf90586832cbe09d1d1734703471aa1af Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 18:50:07 -0800 Subject: [PATCH 08/30] Update run-setup.yml --- .github/workflows/run-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index bc498da11..8b11f5949 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -141,7 +141,7 @@ jobs: run: | git config --global user.email "foundry-samples@noreply.github.com" git config --global user.name "foundry-samples automation" - git add azuredeploy.json || true + git add * || true if ! git diff-index --quiet HEAD --; then git commit -m "Automatic fixes" BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME:-${GITHUB_REF##*/}}}" From 6a8327cfea3179025998b8f20a07360c28cd9f46 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 18:50:37 -0800 Subject: [PATCH 09/30] Change git add command to add all files --- .github/workflows/run-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index 8b11f5949..00d2de8d3 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -141,7 +141,7 @@ jobs: run: | git config --global user.email "foundry-samples@noreply.github.com" git config --global user.name "foundry-samples automation" - git add * || true + git add . || true if ! git diff-index --quiet HEAD --; then git commit -m "Automatic fixes" BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME:-${GITHUB_REF##*/}}}" From 36253b0e532d918f7b394e3b7c96447d0e69a3b7 Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 02:51:10 +0000 Subject: [PATCH 10/30] Automatic fixes --- .../41-standard-agent-setup/azuredeploy.json | 10 +++++----- packages-microsoft-prod.deb | Bin 0 -> 2438 bytes 2 files changed, 5 insertions(+), 5 deletions(-) create mode 100644 packages-microsoft-prod.deb diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json index 1724f7bcb..8bcf66198 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "7659596839548579132" + "templateHash": "3215924381065900811" } }, "parameters": { @@ -73,7 +73,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-4o", + "defaultValue": "gpt-5.2", "metadata": { "description": "The name of the model you want to deploy" } @@ -87,7 +87,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2024-11-20", + "defaultValue": "2025-12-11", "metadata": { "description": "The version of your model" } @@ -1337,7 +1337,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "17187611271934567223" + "templateHash": "16291470712974205281" } }, "parameters": { @@ -1359,7 +1359,7 @@ }, "variables": { "roleDefinitionId": "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosAccountName'), '00000000-0000-0000-0000-000000000002')]", - "accountScope": "[format('/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.DocumentDB/databaseAccounts/{2}/dbs/enterprise_memory', subscription().subscriptionId, resourceGroup().name, parameters('cosmosAccountName'))]" + "accountScope": "[format('/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.DocumentDB/databaseAccounts/{2}', subscription().subscriptionId, resourceGroup().name, parameters('cosmosAccountName'))]" }, "resources": [ { diff --git a/packages-microsoft-prod.deb b/packages-microsoft-prod.deb new file mode 100644 index 0000000000000000000000000000000000000000..11c020d27ed08bd03571399fa1de81f2f5ba63a6 GIT binary patch literal 2438 zcmai$cQhM{7snGLH6Njs#&EqN{iO06;+8gX6;eq zS&eE{QL`0_;(1ie{QBPS{eJ(x&$;K`bI(2BKR@SO30)KpKXT{&XH>Zd{v>uTecHq_(i;ORMKMV|pWi+oBj0-nlN+Dnu~d|j z$NX^DpYlDFa(kBao`5|xcrCqdh5NQOEC0YW!)ilLUbH5CZ#}r!)7P~hYn45+ms`;a z5QPERG5H_?--->RuTWTQNg|>WL5XOgM-|M^(Jv^c;hD(u^ef(U2T0aUPeP(VJvUgQ zHhGKtBX`L%&w7C8M|db?(LzW#)knD*X*vO2tv_p|a;(jy)A!`A5v8eKrs4Q45!p&I z{Al9G;vx{TPKzI6uLFsFsom;8*=_qx?7Hz9e;KHOlkmJkn}~i z%|wji^Eg%AT0!w;DO}HMwcy+!Q}t8o?(~#tR5KPkk%yEVU9+{9q-MADmdn*bNH_$e z;)8Hhn(u?eCBy(t(0`1nDaHgpG!628$(j)&=_Cy0H@4{?Hbb=Xe{(SL_q?TM^|FPi zfkgW5Om;X#)L=ClRNlk~AGix1yKC0Ha(lNZ#k z0M!7;?;1GD;;0aI;8aF*+-`U^k41_Su2QAFIP0|8kA$pqqteUYxX=e~(5<@%)tf}S zU}ouflbhv!TwvC(VCgGQtt(6d`KJY&?SKa(p8m63d%yzc4ObNBe4d^iXf7YC(|Oj( zr2mv6WWDt{@^B5-e^gU=@4^mF|u*D(x??$x|G}3J-mSO#xm-aVS93lK;b286LTV&gG24(W+a8x zbdEpu^9gd7V}9ZWC%-;I)+aZrY1M_dJ^aDB@nmGrK#;yto@3CgWgJ+mKU0--j)_%) zGv-pq7Gpf5mi^g6LR=`h9PfA1G5u+60-N|{R@D60tXU-lCGl+=dhd)GVeB~! z23-TSOFqkpd?l(fz+K7wQk-Gr%LBi6GPP;Rumi@$wp@dtsst(?dGVaNBSGE&Gd3r& zhlloCQP9njN~E-Xb_{+Ze$#alpHNbcFwoZWp)_&GOiGQ1kX$aPFwt80LJWOejR%lu zq~E)APvvl2zs9iUGoai3Y&Rsd@J{>OOd3D?@L8AF?L_A7Q_N-E2=j^>$r_QWEHHOR zJS%0Dp7_4*3>@S0qG0=5Bg5hj+p4gYJ!<5RdI6x*#W`yIx_{}|D@U=6GY{?G$ffGs zZ_}vG**I5Zs1B20b=Np;vT!Q)NBw^AAo$SuH@`g4;lvbtr7Q{~#X?zI*i!e9&FdA; zlltlSX&44Tz+F7pnK>2)o6^?Um zYmV)Nc9b_Dzwhu-^zhFC?*FQAmEC$a?ueXMGcnRQd0dAk_&*0-d zNTfKJQpQ|&?fV_(7j0+Vp7`dWuQ=&=NTredHS1=Br|NXOHbe?D&E`3FEG<_X2DSst zTQ8m-h_6#5v}~~fbc{nX(jA5dvxP~ z|B7v_I>_WhRcCZMUm>?iiu>shI7Yys(%Uvc;-b!wluu!!aB`EMV1)w((#iPAVh z@jjVJt@W{Ztk=uI~wFri9QsQ8-vINkf--om5zHB3i6 zb^d%TtpwbbHn@Ma$V<`k`(6`VL9?+ANmUpyt#2JQ+_Eh_9ZlpbMXww}7l!*g1*oNp zpNW-OB9&{?wFfK9Ob+8$Bl-b93hXf=lSG5+7d9CY;S3akT)NF@1Ajy>(Y%MOm-qP* zHCQ1uMm*SkbZ$&m$fBkwrN&=@rUmOGx!n=@V4sGxAfx+K?IQd4uL%8Qrpc&ZN?Z=H zxzQjFw2jsE++FtKf?rulsCl)vWivORzL@bj5k@xGcz!Mtpt+4Y)5kq3R-m| z+HRZiLdi^oS*Og4RGC+mOO#}&H!w+|&3Hy{W61@JErZ0^ACmcN_L_Z3 zf_&0N4qZ=~v)FNMCIa!5(07f#VdbnXEk~ZFMm=v!pkMY6ZxEX8QX7hKG#R^y#<<)w zOuRe$hw|ti{x_CPPm}!e{B6PU^QK3FA1sYW48USu#+d*b+xMz36(Om2S3Gzs*vZ`A zi#QkjH;Z)wXB(~2>(2FzZs|4Ju->`rzc;5QgUWbKc38FZhX4L<7HyM;0KgLVyEXs- SM<;kiPn9!`;jatO$@xF}^m~s0 literal 0 HcmV?d00001 From 773f789cb068c254813f1d2e0e429b0db76bc6ac Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 02:56:40 +0000 Subject: [PATCH 11/30] updates --- .../40-basic-agent-setup/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index 2c2cbaa7a..5f30e2953 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -47,13 +47,13 @@ var accountName = toLower('${aiServicesName}${uniqueSuffix}') param location string = 'westus' @description('The name of the OpenAI model you want to deploy') -param modelName string = 'gpt-5.2' +param modelName string = 'gpt-5' @description('The model format of the model you want to deploy. Example: OpenAI') param modelFormat string = 'OpenAI' @description('The version of the model you want to deploy. Example: 2024-11-20') -param modelVersion string = '2025-12-11' +param modelVersion string = '2025-08-07' @description('The SKU name for the model deployment. Example: GlobalStandard') param modelSkuName string = 'GlobalStandard' From c2ba65ca3d40b7c0184c72ee495656620e770242 Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 02:58:02 +0000 Subject: [PATCH 12/30] Automatic fixes --- .../40-basic-agent-setup/azuredeploy.json | 8 ++++---- packages-microsoft-prod.deb.1 | Bin 0 -> 2438 bytes 2 files changed, 4 insertions(+), 4 deletions(-) create mode 100644 packages-microsoft-prod.deb.1 diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json index 19ec0d9a8..8ddeea102 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.37.4.10188", - "templateHash": "3205552327656911185" + "version": "0.39.26.7824", + "templateHash": "2321778474547119034" } }, "parameters": { @@ -77,7 +77,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-4o", + "defaultValue": "gpt-5", "metadata": { "description": "The name of the OpenAI model you want to deploy" } @@ -91,7 +91,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2024-11-20", + "defaultValue": "2025-08-07", "metadata": { "description": "The version of the model you want to deploy. Example: 2024-11-20" } diff --git a/packages-microsoft-prod.deb.1 b/packages-microsoft-prod.deb.1 new file mode 100644 index 0000000000000000000000000000000000000000..11c020d27ed08bd03571399fa1de81f2f5ba63a6 GIT binary patch literal 2438 zcmai$cQhM{7snGLH6Njs#&EqN{iO06;+8gX6;eq zS&eE{QL`0_;(1ie{QBPS{eJ(x&$;K`bI(2BKR@SO30)KpKXT{&XH>Zd{v>uTecHq_(i;ORMKMV|pWi+oBj0-nlN+Dnu~d|j z$NX^DpYlDFa(kBao`5|xcrCqdh5NQOEC0YW!)ilLUbH5CZ#}r!)7P~hYn45+ms`;a z5QPERG5H_?--->RuTWTQNg|>WL5XOgM-|M^(Jv^c;hD(u^ef(U2T0aUPeP(VJvUgQ zHhGKtBX`L%&w7C8M|db?(LzW#)knD*X*vO2tv_p|a;(jy)A!`A5v8eKrs4Q45!p&I z{Al9G;vx{TPKzI6uLFsFsom;8*=_qx?7Hz9e;KHOlkmJkn}~i z%|wji^Eg%AT0!w;DO}HMwcy+!Q}t8o?(~#tR5KPkk%yEVU9+{9q-MADmdn*bNH_$e z;)8Hhn(u?eCBy(t(0`1nDaHgpG!628$(j)&=_Cy0H@4{?Hbb=Xe{(SL_q?TM^|FPi zfkgW5Om;X#)L=ClRNlk~AGix1yKC0Ha(lNZ#k z0M!7;?;1GD;;0aI;8aF*+-`U^k41_Su2QAFIP0|8kA$pqqteUYxX=e~(5<@%)tf}S zU}ouflbhv!TwvC(VCgGQtt(6d`KJY&?SKa(p8m63d%yzc4ObNBe4d^iXf7YC(|Oj( zr2mv6WWDt{@^B5-e^gU=@4^mF|u*D(x??$x|G}3J-mSO#xm-aVS93lK;b286LTV&gG24(W+a8x zbdEpu^9gd7V}9ZWC%-;I)+aZrY1M_dJ^aDB@nmGrK#;yto@3CgWgJ+mKU0--j)_%) zGv-pq7Gpf5mi^g6LR=`h9PfA1G5u+60-N|{R@D60tXU-lCGl+=dhd)GVeB~! z23-TSOFqkpd?l(fz+K7wQk-Gr%LBi6GPP;Rumi@$wp@dtsst(?dGVaNBSGE&Gd3r& zhlloCQP9njN~E-Xb_{+Ze$#alpHNbcFwoZWp)_&GOiGQ1kX$aPFwt80LJWOejR%lu zq~E)APvvl2zs9iUGoai3Y&Rsd@J{>OOd3D?@L8AF?L_A7Q_N-E2=j^>$r_QWEHHOR zJS%0Dp7_4*3>@S0qG0=5Bg5hj+p4gYJ!<5RdI6x*#W`yIx_{}|D@U=6GY{?G$ffGs zZ_}vG**I5Zs1B20b=Np;vT!Q)NBw^AAo$SuH@`g4;lvbtr7Q{~#X?zI*i!e9&FdA; zlltlSX&44Tz+F7pnK>2)o6^?Um zYmV)Nc9b_Dzwhu-^zhFC?*FQAmEC$a?ueXMGcnRQd0dAk_&*0-d zNTfKJQpQ|&?fV_(7j0+Vp7`dWuQ=&=NTredHS1=Br|NXOHbe?D&E`3FEG<_X2DSst zTQ8m-h_6#5v}~~fbc{nX(jA5dvxP~ z|B7v_I>_WhRcCZMUm>?iiu>shI7Yys(%Uvc;-b!wluu!!aB`EMV1)w((#iPAVh z@jjVJt@W{Ztk=uI~wFri9QsQ8-vINkf--om5zHB3i6 zb^d%TtpwbbHn@Ma$V<`k`(6`VL9?+ANmUpyt#2JQ+_Eh_9ZlpbMXww}7l!*g1*oNp zpNW-OB9&{?wFfK9Ob+8$Bl-b93hXf=lSG5+7d9CY;S3akT)NF@1Ajy>(Y%MOm-qP* zHCQ1uMm*SkbZ$&m$fBkwrN&=@rUmOGx!n=@V4sGxAfx+K?IQd4uL%8Qrpc&ZN?Z=H zxzQjFw2jsE++FtKf?rulsCl)vWivORzL@bj5k@xGcz!Mtpt+4Y)5kq3R-m| z+HRZiLdi^oS*Og4RGC+mOO#}&H!w+|&3Hy{W61@JErZ0^ACmcN_L_Z3 zf_&0N4qZ=~v)FNMCIa!5(07f#VdbnXEk~ZFMm=v!pkMY6ZxEX8QX7hKG#R^y#<<)w zOuRe$hw|ti{x_CPPm}!e{B6PU^QK3FA1sYW48USu#+d*b+xMz36(Om2S3Gzs*vZ`A zi#QkjH;Z)wXB(~2>(2FzZs|4Ju->`rzc;5QgUWbKc38FZhX4L<7HyM;0KgLVyEXs- SM<;kiPn9!`;jatO$@xF}^m~s0 literal 0 HcmV?d00001 From 1522ef4b590f421a416e522a5b4c2499ee5be2ee Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 18:59:36 -0800 Subject: [PATCH 13/30] Update run-setup.yml --- .github/workflows/run-setup.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index 00d2de8d3..bdceb5967 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -58,6 +58,7 @@ jobs: sudo dpkg -i packages-microsoft-prod.deb sudo apt-get update sudo apt-get install -y powershell + rm -f packages-microsoft-prod.deb # <--- clean up after install! # Your build steps here - name: Find and scan Bicep files From 952d9b58507b41f28743869776f6c8054a0d24f4 Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 03:00:18 +0000 Subject: [PATCH 14/30] Automatic fixes --- ...rosoft-prod.deb => packages-microsoft-prod.deb.2 | Bin 1 file changed, 0 insertions(+), 0 deletions(-) rename packages-microsoft-prod.deb => packages-microsoft-prod.deb.2 (100%) diff --git a/packages-microsoft-prod.deb b/packages-microsoft-prod.deb.2 similarity index 100% rename from packages-microsoft-prod.deb rename to packages-microsoft-prod.deb.2 From f97781d5eca19d0ee9b22b3c851d668bfec26b6c Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 03:03:46 +0000 Subject: [PATCH 15/30] updating file --- .github/workflows/run-setup.yml | 2 +- packages-microsoft-prod.deb.1 | Bin 2438 -> 0 bytes packages-microsoft-prod.deb.2 | Bin 2438 -> 0 bytes 3 files changed, 1 insertion(+), 1 deletion(-) delete mode 100644 packages-microsoft-prod.deb.1 delete mode 100644 packages-microsoft-prod.deb.2 diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index bdceb5967..cc9e4d2fa 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -58,7 +58,7 @@ jobs: sudo dpkg -i packages-microsoft-prod.deb sudo apt-get update sudo apt-get install -y powershell - rm -f packages-microsoft-prod.deb # <--- clean up after install! + rm -f packages-microsoft-prod.deb* # Your build steps here - name: Find and scan Bicep files diff --git a/packages-microsoft-prod.deb.1 b/packages-microsoft-prod.deb.1 deleted file mode 100644 index 11c020d27ed08bd03571399fa1de81f2f5ba63a6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2438 zcmai$cQhM{7snGLH6Njs#&EqN{iO06;+8gX6;eq zS&eE{QL`0_;(1ie{QBPS{eJ(x&$;K`bI(2BKR@SO30)KpKXT{&XH>Zd{v>uTecHq_(i;ORMKMV|pWi+oBj0-nlN+Dnu~d|j z$NX^DpYlDFa(kBao`5|xcrCqdh5NQOEC0YW!)ilLUbH5CZ#}r!)7P~hYn45+ms`;a z5QPERG5H_?--->RuTWTQNg|>WL5XOgM-|M^(Jv^c;hD(u^ef(U2T0aUPeP(VJvUgQ zHhGKtBX`L%&w7C8M|db?(LzW#)knD*X*vO2tv_p|a;(jy)A!`A5v8eKrs4Q45!p&I z{Al9G;vx{TPKzI6uLFsFsom;8*=_qx?7Hz9e;KHOlkmJkn}~i z%|wji^Eg%AT0!w;DO}HMwcy+!Q}t8o?(~#tR5KPkk%yEVU9+{9q-MADmdn*bNH_$e z;)8Hhn(u?eCBy(t(0`1nDaHgpG!628$(j)&=_Cy0H@4{?Hbb=Xe{(SL_q?TM^|FPi zfkgW5Om;X#)L=ClRNlk~AGix1yKC0Ha(lNZ#k z0M!7;?;1GD;;0aI;8aF*+-`U^k41_Su2QAFIP0|8kA$pqqteUYxX=e~(5<@%)tf}S zU}ouflbhv!TwvC(VCgGQtt(6d`KJY&?SKa(p8m63d%yzc4ObNBe4d^iXf7YC(|Oj( zr2mv6WWDt{@^B5-e^gU=@4^mF|u*D(x??$x|G}3J-mSO#xm-aVS93lK;b286LTV&gG24(W+a8x zbdEpu^9gd7V}9ZWC%-;I)+aZrY1M_dJ^aDB@nmGrK#;yto@3CgWgJ+mKU0--j)_%) zGv-pq7Gpf5mi^g6LR=`h9PfA1G5u+60-N|{R@D60tXU-lCGl+=dhd)GVeB~! z23-TSOFqkpd?l(fz+K7wQk-Gr%LBi6GPP;Rumi@$wp@dtsst(?dGVaNBSGE&Gd3r& zhlloCQP9njN~E-Xb_{+Ze$#alpHNbcFwoZWp)_&GOiGQ1kX$aPFwt80LJWOejR%lu zq~E)APvvl2zs9iUGoai3Y&Rsd@J{>OOd3D?@L8AF?L_A7Q_N-E2=j^>$r_QWEHHOR zJS%0Dp7_4*3>@S0qG0=5Bg5hj+p4gYJ!<5RdI6x*#W`yIx_{}|D@U=6GY{?G$ffGs zZ_}vG**I5Zs1B20b=Np;vT!Q)NBw^AAo$SuH@`g4;lvbtr7Q{~#X?zI*i!e9&FdA; zlltlSX&44Tz+F7pnK>2)o6^?Um zYmV)Nc9b_Dzwhu-^zhFC?*FQAmEC$a?ueXMGcnRQd0dAk_&*0-d zNTfKJQpQ|&?fV_(7j0+Vp7`dWuQ=&=NTredHS1=Br|NXOHbe?D&E`3FEG<_X2DSst zTQ8m-h_6#5v}~~fbc{nX(jA5dvxP~ z|B7v_I>_WhRcCZMUm>?iiu>shI7Yys(%Uvc;-b!wluu!!aB`EMV1)w((#iPAVh z@jjVJt@W{Ztk=uI~wFri9QsQ8-vINkf--om5zHB3i6 zb^d%TtpwbbHn@Ma$V<`k`(6`VL9?+ANmUpyt#2JQ+_Eh_9ZlpbMXww}7l!*g1*oNp zpNW-OB9&{?wFfK9Ob+8$Bl-b93hXf=lSG5+7d9CY;S3akT)NF@1Ajy>(Y%MOm-qP* zHCQ1uMm*SkbZ$&m$fBkwrN&=@rUmOGx!n=@V4sGxAfx+K?IQd4uL%8Qrpc&ZN?Z=H zxzQjFw2jsE++FtKf?rulsCl)vWivORzL@bj5k@xGcz!Mtpt+4Y)5kq3R-m| z+HRZiLdi^oS*Og4RGC+mOO#}&H!w+|&3Hy{W61@JErZ0^ACmcN_L_Z3 zf_&0N4qZ=~v)FNMCIa!5(07f#VdbnXEk~ZFMm=v!pkMY6ZxEX8QX7hKG#R^y#<<)w zOuRe$hw|ti{x_CPPm}!e{B6PU^QK3FA1sYW48USu#+d*b+xMz36(Om2S3Gzs*vZ`A zi#QkjH;Z)wXB(~2>(2FzZs|4Ju->`rzc;5QgUWbKc38FZhX4L<7HyM;0KgLVyEXs- SM<;kiPn9!`;jatO$@xF}^m~s0 diff --git a/packages-microsoft-prod.deb.2 b/packages-microsoft-prod.deb.2 deleted file mode 100644 index 11c020d27ed08bd03571399fa1de81f2f5ba63a6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2438 zcmai$cQhM{7snGLH6Njs#&EqN{iO06;+8gX6;eq zS&eE{QL`0_;(1ie{QBPS{eJ(x&$;K`bI(2BKR@SO30)KpKXT{&XH>Zd{v>uTecHq_(i;ORMKMV|pWi+oBj0-nlN+Dnu~d|j z$NX^DpYlDFa(kBao`5|xcrCqdh5NQOEC0YW!)ilLUbH5CZ#}r!)7P~hYn45+ms`;a z5QPERG5H_?--->RuTWTQNg|>WL5XOgM-|M^(Jv^c;hD(u^ef(U2T0aUPeP(VJvUgQ zHhGKtBX`L%&w7C8M|db?(LzW#)knD*X*vO2tv_p|a;(jy)A!`A5v8eKrs4Q45!p&I z{Al9G;vx{TPKzI6uLFsFsom;8*=_qx?7Hz9e;KHOlkmJkn}~i z%|wji^Eg%AT0!w;DO}HMwcy+!Q}t8o?(~#tR5KPkk%yEVU9+{9q-MADmdn*bNH_$e z;)8Hhn(u?eCBy(t(0`1nDaHgpG!628$(j)&=_Cy0H@4{?Hbb=Xe{(SL_q?TM^|FPi zfkgW5Om;X#)L=ClRNlk~AGix1yKC0Ha(lNZ#k z0M!7;?;1GD;;0aI;8aF*+-`U^k41_Su2QAFIP0|8kA$pqqteUYxX=e~(5<@%)tf}S zU}ouflbhv!TwvC(VCgGQtt(6d`KJY&?SKa(p8m63d%yzc4ObNBe4d^iXf7YC(|Oj( zr2mv6WWDt{@^B5-e^gU=@4^mF|u*D(x??$x|G}3J-mSO#xm-aVS93lK;b286LTV&gG24(W+a8x zbdEpu^9gd7V}9ZWC%-;I)+aZrY1M_dJ^aDB@nmGrK#;yto@3CgWgJ+mKU0--j)_%) zGv-pq7Gpf5mi^g6LR=`h9PfA1G5u+60-N|{R@D60tXU-lCGl+=dhd)GVeB~! z23-TSOFqkpd?l(fz+K7wQk-Gr%LBi6GPP;Rumi@$wp@dtsst(?dGVaNBSGE&Gd3r& zhlloCQP9njN~E-Xb_{+Ze$#alpHNbcFwoZWp)_&GOiGQ1kX$aPFwt80LJWOejR%lu zq~E)APvvl2zs9iUGoai3Y&Rsd@J{>OOd3D?@L8AF?L_A7Q_N-E2=j^>$r_QWEHHOR zJS%0Dp7_4*3>@S0qG0=5Bg5hj+p4gYJ!<5RdI6x*#W`yIx_{}|D@U=6GY{?G$ffGs zZ_}vG**I5Zs1B20b=Np;vT!Q)NBw^AAo$SuH@`g4;lvbtr7Q{~#X?zI*i!e9&FdA; zlltlSX&44Tz+F7pnK>2)o6^?Um zYmV)Nc9b_Dzwhu-^zhFC?*FQAmEC$a?ueXMGcnRQd0dAk_&*0-d zNTfKJQpQ|&?fV_(7j0+Vp7`dWuQ=&=NTredHS1=Br|NXOHbe?D&E`3FEG<_X2DSst zTQ8m-h_6#5v}~~fbc{nX(jA5dvxP~ z|B7v_I>_WhRcCZMUm>?iiu>shI7Yys(%Uvc;-b!wluu!!aB`EMV1)w((#iPAVh z@jjVJt@W{Ztk=uI~wFri9QsQ8-vINkf--om5zHB3i6 zb^d%TtpwbbHn@Ma$V<`k`(6`VL9?+ANmUpyt#2JQ+_Eh_9ZlpbMXww}7l!*g1*oNp zpNW-OB9&{?wFfK9Ob+8$Bl-b93hXf=lSG5+7d9CY;S3akT)NF@1Ajy>(Y%MOm-qP* zHCQ1uMm*SkbZ$&m$fBkwrN&=@rUmOGx!n=@V4sGxAfx+K?IQd4uL%8Qrpc&ZN?Z=H zxzQjFw2jsE++FtKf?rulsCl)vWivORzL@bj5k@xGcz!Mtpt+4Y)5kq3R-m| z+HRZiLdi^oS*Og4RGC+mOO#}&H!w+|&3Hy{W61@JErZ0^ACmcN_L_Z3 zf_&0N4qZ=~v)FNMCIa!5(07f#VdbnXEk~ZFMm=v!pkMY6ZxEX8QX7hKG#R^y#<<)w zOuRe$hw|ti{x_CPPm}!e{B6PU^QK3FA1sYW48USu#+d*b+xMz36(Om2S3Gzs*vZ`A zi#QkjH;Z)wXB(~2>(2FzZs|4Ju->`rzc;5QgUWbKc38FZhX4L<7HyM;0KgLVyEXs- SM<;kiPn9!`;jatO$@xF}^m~s0 From 7e64537550d932e53d1bef6072b7d488e30b9eec Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 03:04:39 +0000 Subject: [PATCH 16/30] template --- .../41-standard-agent-setup/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep index 4dfee171a..6c3751411 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep @@ -44,13 +44,13 @@ param displayName string = 'project' // Model deployment parameters @description('The name of the model you want to deploy') -param modelName string = 'gpt-5.2' +param modelName string = 'gpt-5' @description('The provider of your model') param modelFormat string = 'OpenAI' @description('The version of your model') -param modelVersion string = '2025-12-11' +param modelVersion string = '2025-08-07' @description('The sku of your model deployment') param modelSkuName string = 'GlobalStandard' From 50ea96af1d5cae368113487ce7b8c5a55b864b2c Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 03:05:23 +0000 Subject: [PATCH 17/30] Automatic fixes --- .../41-standard-agent-setup/azuredeploy.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json index 8bcf66198..b1d4edf8b 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "3215924381065900811" + "templateHash": "7000366004712356804" } }, "parameters": { @@ -73,7 +73,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-5.2", + "defaultValue": "gpt-5", "metadata": { "description": "The name of the model you want to deploy" } @@ -87,7 +87,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2025-12-11", + "defaultValue": "2025-08-07", "metadata": { "description": "The version of your model" } From 215bfd74db18553bdd710a0740358a3cb535f524 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 03:08:44 +0000 Subject: [PATCH 18/30] updating model --- .../45-basic-agent-bing/main.bicep | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep b/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep index a38607662..a7bffbe0d 100644 --- a/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep @@ -4,11 +4,11 @@ param description string = 'some description' param display_name string = 'project_display_name' param location string = 'eastus' -param modelName string = 'gpt-4o' +param modelName string = 'gpt-5' param modelFormat string = 'OpenAI' -param modelVersion string = '2024-05-13' +param modelVersion string = '2025-08-07' param modelSkuName string = 'GlobalStandard' -param modelCapacity int = 1 +param modelCapacity int = 30 // Create a short, unique suffix, that will be unique to each resource group // var uniqueSuffix = substring(uniqueString(resourceGroup().id), 0, 4) From 11d8aa41b50cb20749d32cc16f9a66e336b65505 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 03:28:38 +0000 Subject: [PATCH 19/30] updating basic setup --- .github/workflows/run-setup.yml | 17 ++++++++++++++++- .../40-basic-agent-setup/main.bicep | 2 +- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index cc9e4d2fa..957b16a3d 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -70,11 +70,26 @@ jobs: MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") + # Determine diff range based on event type + if [ "${{ github.event_name }}" = "pull_request" ]; then + BASE="${{ github.event.pull_request.base.sha }}" + HEAD="${{ github.event.pull_request.head.sha }}" + else + BASE="${{ github.event.before }}" + HEAD="${{ github.sha }}" + fi + echo "Diff range: $BASE..$HEAD" + + MODIFIED_FILES=$(git diff --name-only "$BASE" "$HEAD" \ + | fgrep -v ".github" || true) + + # If nothing changed in the relevant paths, exit successfully (not as a failure) if [ -z "$MODIFIED_FILES" ]; then echo "No modified files found." - exit 1 + exit 0 fi + echo "Modified files:" echo "$MODIFIED_FILES" diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index 5f30e2953..f564ae274 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -59,7 +59,7 @@ param modelVersion string = '2025-08-07' param modelSkuName string = 'GlobalStandard' @description('The capacity of the model deployment in TPM.') -param modelCapacity int = 30 +param modelCapacity int = 50 #disable-next-line BCP081 resource account 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = { From d1f015415c42bfbd4e76c83459a77cfb29dd2a8b Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 03:41:04 +0000 Subject: [PATCH 20/30] update2 --- .github/workflows/run-setup.yml | 198 ++++++++---------- .../40-basic-agent-setup/main.bicep | 2 +- 2 files changed, 84 insertions(+), 116 deletions(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index 957b16a3d..64d57bac4 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -1,167 +1,135 @@ name: Run Setup -# This action can be run on-demand against a branch. -# It attempts to auto-fix some errors in the most recently updated sample in the branch: -# Builds main.bicep -> azuredeploy.json -# Attempts some fixes with the metadata - -# To run/debug locally, try https://github.com/nektos/act -# Actions documentation: https://docs.github.com/en/actions/reference on: push: - branches: - - main + branches: [main] paths: - infrastructure/infrastructure-setup-bicep/** pull_request: - branches: - - main + branches: [main] + paths: + - infrastructure/infrastructure-setup-bicep/** workflow_dispatch: permissions: contents: write jobs: - main: + run-setup: runs-on: ubuntu-latest - steps: - # Checkout the PR branch (or main for pushes) + steps: - name: Checkout source branch uses: actions/checkout@v3 with: + # PR: checks out the PR branch, Push: checks out main, Dispatch: checks out default branch ref: ${{ github.head_ref || github.ref_name }} fetch-depth: 0 - # Setup .NET Core - - name: Setup .NET Core - uses: actions/setup-dotnet@v1.8.0 - - # Install Bicep CLI - name: Install Bicep run: | INSTALL_PATH="$RUNNER_TEMP/bicep" BICEP_PATH="$RUNNER_TEMP/bicep/bicep" - mkdir -p $INSTALL_PATH + mkdir -p "$INSTALL_PATH" curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 chmod +x ./bicep - sudo mv ./bicep $INSTALL_PATH + sudo mv ./bicep "$INSTALL_PATH" echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV $BICEP_PATH --version - # Install PowerShell - - name: Install PowerShell - run: | - sudo apt-get update - sudo apt-get install -y wget apt-transport-https software-properties-common - wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb - sudo dpkg -i packages-microsoft-prod.deb - sudo apt-get update - sudo apt-get install -y powershell - rm -f packages-microsoft-prod.deb* - - # Your build steps here - - name: Find and scan Bicep files + - name: Determine changed main.bicep files + id: changes run: | - git status - pwd - cd $GITHUB_WORKSPACE - pwd + set -e + cd "$GITHUB_WORKSPACE" - MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") + EVENT="${{ github.event_name }}" + echo "Event: $EVENT" - # Determine diff range based on event type - if [ "${{ github.event_name }}" = "pull_request" ]; then + if [ "$EVENT" = "pull_request" ]; then BASE="${{ github.event.pull_request.base.sha }}" HEAD="${{ github.event.pull_request.head.sha }}" - else + elif [ "$EVENT" = "push" ]; then BASE="${{ github.event.before }}" HEAD="${{ github.sha }}" - fi - echo "Diff range: $BASE..$HEAD" + else + # workflow_dispatch: use last commit as best-effort + BASE="$(git rev-parse HEAD~1 || echo '')" + HEAD="$(git rev-parse HEAD)" + fi - MODIFIED_FILES=$(git diff --name-only "$BASE" "$HEAD" \ - | fgrep -v ".github" || true) + echo "Diff range: ${BASE}..${HEAD}" + + # Only rebuild when main.bicep changes + if [ -n "$BASE" ]; then + MODIFIED=$(git diff --name-only "$BASE" "$HEAD" \ + | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) + else + MODIFIED=$(git show --name-only --pretty="" -1 \ + | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) + fi - # If nothing changed in the relevant paths, exit successfully (not as a failure) - if [ -z "$MODIFIED_FILES" ]; then - echo "No modified files found." + if [ -z "$MODIFIED" ]; then + echo "No relevant Bicep changes detected." + echo "files=" >> $GITHUB_OUTPUT exit 0 fi + echo "Changed main.bicep files:" + echo "$MODIFIED" - echo "Modified files:" - echo "$MODIFIED_FILES" - - IFS=$'\n' read -r -a MODIFIED_FILES_ARRAY <<< "$MODIFIED_FILES" - - MAINBICEP_PATHS=() - AZDEPLOYJSON_PATHS=() - - for FILE in "${MODIFIED_FILES_ARRAY[@]}"; do - echo "Processing: $FILE" - TESTFOLDER_PATH=$(dirname "$FILE") - FOUNDBICEP_PATH="" - FOUNDJSON_PATH="" - while [ "$TESTFOLDER_PATH" != "." ]; do - echo "Looking in: $TESTFOLDER_PATH" - ls -l "$TESTFOLDER_PATH" - if [ -z "$FOUNDBICEP_PATH" ] && [ -f "$TESTFOLDER_PATH/main.bicep" ]; then - FOUNDBICEP_PATH="$TESTFOLDER_PATH/main.bicep" - echo "Found main.bicep: $FOUNDBICEP_PATH" - fi - if [ -z "$FOUNDJSON_PATH" ] && [ -f "$TESTFOLDER_PATH/azuredeploy.json" ]; then - FOUNDJSON_PATH="$TESTFOLDER_PATH/azuredeploy.json" - echo "Found azuredeploy.json: $FOUNDJSON_PATH" - fi - if [ -n "$FOUNDBICEP_PATH" ] && [ -n "$FOUNDJSON_PATH" ]; then - break - fi - TESTFOLDER_PATH=$(dirname "$TESTFOLDER_PATH") - done - if [ -n "$FOUNDBICEP_PATH" ]; then - MAINBICEP_PATHS+=("$FOUNDBICEP_PATH") - fi - if [ -n "$FOUNDJSON_PATH" ]; then - AZDEPLOYJSON_PATHS+=("$FOUNDJSON_PATH") - fi - done - - echo "MAINBICEP_PATHS=${MAINBICEP_PATHS[*]}" >> $GITHUB_ENV - echo "AZDEPLOYJSON_PATHS=${AZDEPLOYJSON_PATHS[*]}" >> $GITHUB_ENV - - - name: Build Bicep files + # Output as newline-delimited list + { + echo "files<> $GITHUB_OUTPUT + + - name: Build changed Bicep files -> azuredeploy.json + if: steps.changes.outputs.files != '' run: | - IFS=' ' read -ra MAINBICEP_PATHS_ARRAY <<< "$MAINBICEP_PATHS" - IFS=' ' read -ra AZDEPLOYJSON_PATHS_ARRAY <<< "$AZDEPLOYJSON_PATHS" + set -e + cd "$GITHUB_WORKSPACE" - if [ ${#MAINBICEP_PATHS_ARRAY[@]} -ne ${#AZDEPLOYJSON_PATHS_ARRAY[@]} ]; then - echo "Error: Mismatch in number of Bicep files and output JSON paths." - exit 1 - fi + while IFS= read -r BICEP_FILE; do + OUTFILE="$(dirname "$BICEP_FILE")/azuredeploy.json" + echo "Building: $BICEP_FILE -> $OUTFILE" + $BICEP_PATH build "$BICEP_FILE" --outfile "$OUTFILE" + done <<< "${{ steps.changes.outputs.files }}" - for i in "${!MAINBICEP_PATHS_ARRAY[@]}"; do - MAINBICEP_FILE="${MAINBICEP_PATHS_ARRAY[$i]}" - AZDEPLOYJSON_FILE="${AZDEPLOYJSON_PATHS_ARRAY[$i]}" - if [ -f "$MAINBICEP_FILE" ]; then - echo "Building: $MAINBICEP_FILE -> $AZDEPLOYJSON_FILE" - $BICEP_PATH build "$MAINBICEP_FILE" --outfile "$AZDEPLOYJSON_FILE" - else - echo "Warning: Bicep file not found: $MAINBICEP_FILE" - fi - done - - # Auto-commit and push changes to branch (works for PR and main) - - name: Auto-commit and push if needed + - name: Commit + push changes back to branch (PR) or main (push) if: always() run: | + set -e + cd "$GITHUB_WORKSPACE" + git config --global user.email "foundry-samples@noreply.github.com" git config --global user.name "foundry-samples automation" - git add . || true - if ! git diff-index --quiet HEAD --; then - git commit -m "Automatic fixes" - BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF_NAME:-${GITHUB_REF##*/}}}" - git push origin HEAD:refs/heads/"$BRANCH_NAME" - else + + git add -A + + if git diff-index --quiet HEAD --; then echo "No changes to commit." + exit 0 fi + + git commit -m "Automatic fixes" + + EVENT="${{ github.event_name }}" + + # If PR is from a fork, pushing will be rejected. Detect and skip. + if [ "$EVENT" = "pull_request" ]; then + if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then + echo "PR is from a fork; cannot push changes back to fork branch. Skipping push." + exit 0 + fi + BRANCH="${{ github.head_ref }}" + echo "Pushing fixes to PR branch: $BRANCH" + git push origin "HEAD:refs/heads/$BRANCH" + exit 0 + fi + + # push / workflow_dispatch + BRANCH="${{ github.ref_name }}" + echo "Pushing fixes to branch: $BRANCH" + git push origin "HEAD:refs/heads/$BRANCH" diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index f564ae274..a0d581041 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -59,7 +59,7 @@ param modelVersion string = '2025-08-07' param modelSkuName string = 'GlobalStandard' @description('The capacity of the model deployment in TPM.') -param modelCapacity int = 50 +param modelCapacity int = 40 #disable-next-line BCP081 resource account 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = { From 914fceccd53fbdb2db5e5ccf28d55a6379a1f72e Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 03:41:22 +0000 Subject: [PATCH 21/30] Automatic fixes --- .../40-basic-agent-setup/azuredeploy.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json index 8ddeea102..cc6db7e6e 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "2321778474547119034" + "templateHash": "15695923539491954879" } }, "parameters": { @@ -105,7 +105,7 @@ }, "modelCapacity": { "type": "int", - "defaultValue": 30, + "defaultValue": 40, "metadata": { "description": "The capacity of the model deployment in TPM." } From 175832a0478d5eff50d62dbaa07ef9b102deff93 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Mon, 12 Jan 2026 19:48:23 -0800 Subject: [PATCH 22/30] Add GitHub Actions workflow for Bicep setup This workflow automates the setup of Bicep files and commits changes back to the branch after building them. --- .github/workflows/run-infra.yml | 135 ++++++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100644 .github/workflows/run-infra.yml diff --git a/.github/workflows/run-infra.yml b/.github/workflows/run-infra.yml new file mode 100644 index 000000000..64d57bac4 --- /dev/null +++ b/.github/workflows/run-infra.yml @@ -0,0 +1,135 @@ +name: Run Setup + +on: + push: + branches: [main] + paths: + - infrastructure/infrastructure-setup-bicep/** + pull_request: + branches: [main] + paths: + - infrastructure/infrastructure-setup-bicep/** + workflow_dispatch: + +permissions: + contents: write + +jobs: + run-setup: + runs-on: ubuntu-latest + + steps: + - name: Checkout source branch + uses: actions/checkout@v3 + with: + # PR: checks out the PR branch, Push: checks out main, Dispatch: checks out default branch + ref: ${{ github.head_ref || github.ref_name }} + fetch-depth: 0 + + - name: Install Bicep + run: | + INSTALL_PATH="$RUNNER_TEMP/bicep" + BICEP_PATH="$RUNNER_TEMP/bicep/bicep" + mkdir -p "$INSTALL_PATH" + curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep "$INSTALL_PATH" + echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV + $BICEP_PATH --version + + - name: Determine changed main.bicep files + id: changes + run: | + set -e + cd "$GITHUB_WORKSPACE" + + EVENT="${{ github.event_name }}" + echo "Event: $EVENT" + + if [ "$EVENT" = "pull_request" ]; then + BASE="${{ github.event.pull_request.base.sha }}" + HEAD="${{ github.event.pull_request.head.sha }}" + elif [ "$EVENT" = "push" ]; then + BASE="${{ github.event.before }}" + HEAD="${{ github.sha }}" + else + # workflow_dispatch: use last commit as best-effort + BASE="$(git rev-parse HEAD~1 || echo '')" + HEAD="$(git rev-parse HEAD)" + fi + + echo "Diff range: ${BASE}..${HEAD}" + + # Only rebuild when main.bicep changes + if [ -n "$BASE" ]; then + MODIFIED=$(git diff --name-only "$BASE" "$HEAD" \ + | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) + else + MODIFIED=$(git show --name-only --pretty="" -1 \ + | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) + fi + + if [ -z "$MODIFIED" ]; then + echo "No relevant Bicep changes detected." + echo "files=" >> $GITHUB_OUTPUT + exit 0 + fi + + echo "Changed main.bicep files:" + echo "$MODIFIED" + + # Output as newline-delimited list + { + echo "files<> $GITHUB_OUTPUT + + - name: Build changed Bicep files -> azuredeploy.json + if: steps.changes.outputs.files != '' + run: | + set -e + cd "$GITHUB_WORKSPACE" + + while IFS= read -r BICEP_FILE; do + OUTFILE="$(dirname "$BICEP_FILE")/azuredeploy.json" + echo "Building: $BICEP_FILE -> $OUTFILE" + $BICEP_PATH build "$BICEP_FILE" --outfile "$OUTFILE" + done <<< "${{ steps.changes.outputs.files }}" + + - name: Commit + push changes back to branch (PR) or main (push) + if: always() + run: | + set -e + cd "$GITHUB_WORKSPACE" + + git config --global user.email "foundry-samples@noreply.github.com" + git config --global user.name "foundry-samples automation" + + git add -A + + if git diff-index --quiet HEAD --; then + echo "No changes to commit." + exit 0 + fi + + git commit -m "Automatic fixes" + + EVENT="${{ github.event_name }}" + + # If PR is from a fork, pushing will be rejected. Detect and skip. + if [ "$EVENT" = "pull_request" ]; then + if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then + echo "PR is from a fork; cannot push changes back to fork branch. Skipping push." + exit 0 + fi + BRANCH="${{ github.head_ref }}" + echo "Pushing fixes to PR branch: $BRANCH" + git push origin "HEAD:refs/heads/$BRANCH" + exit 0 + fi + + # push / workflow_dispatch + BRANCH="${{ github.ref_name }}" + echo "Pushing fixes to branch: $BRANCH" + git push origin "HEAD:refs/heads/$BRANCH" From c3b495babb2e2221d1cfb4f36ceca18f5f5a734d Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 19:09:54 +0000 Subject: [PATCH 23/30] updates templates rbac --- .../azuredeploy.json | 8 +- .../main.bicep | 6 +- .../cosmos-container-role-assignments.bicep | 2 +- .../azuredeploy.json | 8 +- .../main.bicep | 6 +- .../cosmos-container-role-assignments.bicep | 2 +- .../azuredeploy.json | 8 +- .../main.bicep | 6 +- .../cosmos-container-role-assignments.bicep | 2 +- .../azuredeploy.json | 4 +- .../main.bicep | 2 +- .../cosmos-container-role-assignments.bicep | 2 +- .../40-basic-agent-setup/azuredeploy.json | 8 +- .../40-basic-agent-setup/main.bicep | 9 +- .../41-standard-agent-setup/azuredeploy.json | 12 +- .../41-standard-agent-setup/main.bicep | 6 +- .../cosmos-container-role-assignments.bicep | 2 +- .../azuredeploy.json | 6 +- .../main.bicep | 2 +- .../azuredeploy.json | 4 +- .../main.bicep | 2 +- .../cosmos-container-role-assignments.bicep | 2 +- .../45-basic-agent-bing/azuredeploy.json | 358 ++++++++++++++++++ .../45-basic-agent-bing/main.bicep | 4 +- 24 files changed, 413 insertions(+), 58 deletions(-) create mode 100644 infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/azuredeploy.json diff --git a/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/azuredeploy.json index 460001bba..fd1247d0f 100644 --- a/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/azuredeploy.json @@ -5,13 +5,13 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "3024624923779287280" + "templateHash": "16616047834738415823" } }, "parameters": { "location": { "type": "string", - "defaultValue": "eastus2", + "defaultValue": "eastus", "allowedValues": [ "westus", "eastus", @@ -50,7 +50,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-4o", + "defaultValue": "gpt-4.1", "metadata": { "description": "The name of the model you want to deploy" } @@ -64,7 +64,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2024-11-20", + "defaultValue": "2025-04-14", "metadata": { "description": "The version of your model" } diff --git a/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/main.bicep index 5f4312314..05c1d593d 100644 --- a/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/main.bicep @@ -30,18 +30,18 @@ Standard Setup Network Secured Steps for main.bicep 'switzerlandnorth' 'norwayeast' ]) -param location string = 'eastus2' +param location string = 'eastus' @description('Name for your AI Services resource.') param aiServices string = 'aiservices' // Model deployment parameters @description('The name of the model you want to deploy') -param modelName string = 'gpt-4o' +param modelName string = 'gpt-4.1' @description('The provider of your model') param modelFormat string = 'OpenAI' @description('The version of your model') -param modelVersion string = '2024-11-20' +param modelVersion string = '2025-04-14' @description('The sku of your model deployment') param modelSkuName string = 'GlobalStandard' @description('The tokens per minute (TPM) of your model deployment') diff --git a/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep b/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep index a196cf80e..bfac1da34 100644 --- a/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep +++ b/infrastructure/infrastructure-setup-bicep/15-private-network-standard-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep @@ -19,7 +19,7 @@ var roleDefinitionId = resourceId( '00000000-0000-0000-0000-000000000002' ) -var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}' +var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}/dbs/enterprise_memory' resource containerRoleAssignmentUserContainer 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = { parent: cosmosAccount diff --git a/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/azuredeploy.json index 04447a3ed..3e10f19fa 100644 --- a/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/azuredeploy.json @@ -5,13 +5,13 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "12031247753870237603" + "templateHash": "13929636312670904506" } }, "parameters": { "location": { "type": "string", - "defaultValue": "eastus2", + "defaultValue": "eastus", "allowedValues": [ "westus", "eastus", @@ -50,7 +50,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-4o", + "defaultValue": "gpt-4.1", "metadata": { "description": "The name of the model you want to deploy" } @@ -64,7 +64,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2024-11-20", + "defaultValue": "2025-04-14", "metadata": { "description": "The version of your model" } diff --git a/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/main.bicep b/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/main.bicep index 4d2231729..d98370eb6 100644 --- a/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/main.bicep @@ -30,18 +30,18 @@ Standard Setup Network Secured Steps for main.bicep 'switzerlandnorth' 'norwayeast' ]) -param location string = 'eastus2' +param location string = 'eastus' @description('Name for your AI Services resource.') param aiServices string = 'aiservices' // Model deployment parameters @description('The name of the model you want to deploy') -param modelName string = 'gpt-4o' +param modelName string = 'gpt-4.1' @description('The provider of your model') param modelFormat string = 'OpenAI' @description('The version of your model') -param modelVersion string = '2024-11-20' +param modelVersion string = '2025-04-14' @description('The sku of your model deployment') param modelSkuName string = 'GlobalStandard' @description('The tokens per minute (TPM) of your model deployment') diff --git a/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/modules-network-secured/cosmos-container-role-assignments.bicep b/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/modules-network-secured/cosmos-container-role-assignments.bicep index a196cf80e..bfac1da34 100644 --- a/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/modules-network-secured/cosmos-container-role-assignments.bicep +++ b/infrastructure/infrastructure-setup-bicep/16-private-network-standard-agent-apim-setup-preview/modules-network-secured/cosmos-container-role-assignments.bicep @@ -19,7 +19,7 @@ var roleDefinitionId = resourceId( '00000000-0000-0000-0000-000000000002' ) -var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}' +var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}/dbs/enterprise_memory' resource containerRoleAssignmentUserContainer 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = { parent: cosmosAccount diff --git a/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/azuredeploy.json index b1705fb17..96525e295 100644 --- a/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/azuredeploy.json @@ -5,13 +5,13 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "290789416224749131" + "templateHash": "9271946558272429054" } }, "parameters": { "location": { "type": "string", - "defaultValue": "eastus2", + "defaultValue": "eastus", "allowedValues": [ "westus", "eastus", @@ -50,7 +50,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-4o", + "defaultValue": "gpt-4.1", "metadata": { "description": "The name of the model you want to deploy" } @@ -64,7 +64,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2024-11-20", + "defaultValue": "2025-04-14", "metadata": { "description": "The version of your model" } diff --git a/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/main.bicep index 0045ed900..212c5f554 100644 --- a/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/main.bicep @@ -30,18 +30,18 @@ Standard Setup Network Secured Steps for main.bicep 'switzerlandnorth' 'norwayeast' ]) -param location string = 'eastus2' +param location string = 'eastus' @description('Name for your AI Services resource.') param aiServices string = 'aiservices' // Model deployment parameters @description('The name of the model you want to deploy') -param modelName string = 'gpt-4o' +param modelName string = 'gpt-4.1' @description('The provider of your model') param modelFormat string = 'OpenAI' @description('The version of your model') -param modelVersion string = '2024-11-20' +param modelVersion string = '2025-04-14' @description('The sku of your model deployment') param modelSkuName string = 'GlobalStandard' @description('The tokens per minute (TPM) of your model deployment') diff --git a/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep b/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep index a196cf80e..bfac1da34 100644 --- a/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep +++ b/infrastructure/infrastructure-setup-bicep/17-private-network-standard-user-assigned-identity-agent-setup/modules-network-secured/cosmos-container-role-assignments.bicep @@ -19,7 +19,7 @@ var roleDefinitionId = resourceId( '00000000-0000-0000-0000-000000000002' ) -var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}' +var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}/dbs/enterprise_memory' resource containerRoleAssignmentUserContainer 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = { parent: cosmosAccount diff --git a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/azuredeploy.json index a4ece07e9..80fece3fc 100644 --- a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/azuredeploy.json @@ -5,13 +5,13 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "9028717141391138763" + "templateHash": "6166861745321957187" } }, "parameters": { "location": { "type": "string", - "defaultValue": "eastus2", + "defaultValue": "eastus", "metadata": { "description": "The region to deploy your AI Services resource and project" } diff --git a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/main.bicep b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/main.bicep index d5a49d44d..9bfa9d05f 100644 --- a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/main.bicep @@ -1,7 +1,7 @@ // Standard agent setup @description('The region to deploy your AI Services resource and project') -param location string = 'eastus2' +param location string = 'eastus' @description('Name for your AI Services resource.') param aiFoundryName string = 'aifstdcmk4' diff --git a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/modules-standard/cosmos-container-role-assignments.bicep b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/modules-standard/cosmos-container-role-assignments.bicep index 83f0a1716..993be3770 100644 --- a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/modules-standard/cosmos-container-role-assignments.bicep +++ b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/modules-standard/cosmos-container-role-assignments.bicep @@ -17,7 +17,7 @@ var roleDefinitionId = resourceId( '00000000-0000-0000-0000-000000000002' ) -var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}' +var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}/dbs/enterprise_memory' resource containerRoleAssignmentUserContainer 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = { parent: cosmosAccount diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json index cc6db7e6e..8d7b06f37 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "15695923539491954879" + "templateHash": "17632891943305566295" } }, "parameters": { @@ -44,7 +44,7 @@ }, "location": { "type": "string", - "defaultValue": "westus", + "defaultValue": "eastus", "allowedValues": [ "australiaeast", "canadaeast", @@ -77,7 +77,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-5", + "defaultValue": "gpt-4.1", "metadata": { "description": "The name of the OpenAI model you want to deploy" } @@ -91,7 +91,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2025-08-07", + "defaultValue": "2025-04-14", "metadata": { "description": "The version of the model you want to deploy. Example: 2024-11-20" } diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index a0d581041..5b58e40cd 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -44,16 +44,16 @@ var accountName = toLower('${aiServicesName}${uniqueSuffix}') 'southcentralus' ]) @description('The Azure region where your AI Foundry resource and project will be created.') -param location string = 'westus' +param location string = 'eastus' @description('The name of the OpenAI model you want to deploy') -param modelName string = 'gpt-5' +param modelName string = 'gpt-4.1' @description('The model format of the model you want to deploy. Example: OpenAI') param modelFormat string = 'OpenAI' @description('The version of the model you want to deploy. Example: 2024-11-20') -param modelVersion string = '2025-08-07' +param modelVersion string = '2025-04-14' @description('The SKU name for the model deployment. Example: GlobalStandard') param modelSkuName string = 'GlobalStandard' @@ -61,7 +61,6 @@ param modelSkuName string = 'GlobalStandard' @description('The capacity of the model deployment in TPM.') param modelCapacity int = 40 -#disable-next-line BCP081 resource account 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = { name: accountName location: location @@ -97,7 +96,6 @@ resource account 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = { Step 3: Create a Cognitive Services Project */ -#disable-next-line BCP081 resource project 'Microsoft.CognitiveServices/accounts/projects@2025-04-01-preview' = { parent: account name: projectName @@ -111,7 +109,6 @@ resource project 'Microsoft.CognitiveServices/accounts/projects@2025-04-01-previ } } -#disable-next-line BCP081 resource modelDeployment 'Microsoft.CognitiveServices/accounts/deployments@2024-10-01'= { parent: account name: modelName diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json index b1d4edf8b..2134a31b4 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "7000366004712356804" + "templateHash": "4258565578737893898" } }, "parameters": { @@ -73,7 +73,7 @@ }, "modelName": { "type": "string", - "defaultValue": "gpt-5", + "defaultValue": "gpt-4.1", "metadata": { "description": "The name of the model you want to deploy" } @@ -87,7 +87,7 @@ }, "modelVersion": { "type": "string", - "defaultValue": "2025-08-07", + "defaultValue": "2025-04-14", "metadata": { "description": "The version of your model" } @@ -101,7 +101,7 @@ }, "modelCapacity": { "type": "int", - "defaultValue": 1, + "defaultValue": 30, "metadata": { "description": "The tokens per minute (TPM) of your model deployment" } @@ -1337,7 +1337,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "16291470712974205281" + "templateHash": "17187611271934567223" } }, "parameters": { @@ -1359,7 +1359,7 @@ }, "variables": { "roleDefinitionId": "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosAccountName'), '00000000-0000-0000-0000-000000000002')]", - "accountScope": "[format('/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.DocumentDB/databaseAccounts/{2}', subscription().subscriptionId, resourceGroup().name, parameters('cosmosAccountName'))]" + "accountScope": "[format('/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.DocumentDB/databaseAccounts/{2}/dbs/enterprise_memory', subscription().subscriptionId, resourceGroup().name, parameters('cosmosAccountName'))]" }, "resources": [ { diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep index 6c3751411..1982e0408 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep @@ -44,19 +44,19 @@ param displayName string = 'project' // Model deployment parameters @description('The name of the model you want to deploy') -param modelName string = 'gpt-5' +param modelName string = 'gpt-4.1' @description('The provider of your model') param modelFormat string = 'OpenAI' @description('The version of your model') -param modelVersion string = '2025-08-07' +param modelVersion string = '2025-04-14' @description('The sku of your model deployment') param modelSkuName string = 'GlobalStandard' @description('The tokens per minute (TPM) of your model deployment') -param modelCapacity int = 1 +param modelCapacity int = 30 // Optionally bring existing resources @description('The AI Search Service full ARM Resource ID. This is an optional field, and if not provided, the resource will be created.') diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/modules-standard/cosmos-container-role-assignments.bicep b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/modules-standard/cosmos-container-role-assignments.bicep index db68fc207..a5fbbf70d 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/modules-standard/cosmos-container-role-assignments.bicep +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/modules-standard/cosmos-container-role-assignments.bicep @@ -19,7 +19,7 @@ var roleDefinitionId = resourceId( '00000000-0000-0000-0000-000000000002' ) -var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}' +var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}/dbs/enterprise_memory' resource containerRoleAssignmentUserContainer 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = { parent: cosmosAccount diff --git a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.json index fe57e568e..3d2f2bd45 100644 --- a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/azuredeploy.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.37.4.10188", - "templateHash": "12701869582839072315" + "version": "0.39.26.7824", + "templateHash": "14667354563602935622" } }, "parameters": { @@ -45,7 +45,7 @@ }, "location": { "type": "string", - "defaultValue": "westus", + "defaultValue": "eastus", "allowedValues": [ "australiaeast", "canadaeast", diff --git a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.bicep b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.bicep index 10df4f411..8c3660f56 100644 --- a/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/42-basic-agent-setup-with-customization/main.bicep @@ -42,7 +42,7 @@ param projectDisplayName string = 'project_display_name' 'southcentralus' ]) @description('The Azure region where your AI Foundry resource and project will be created.') -param location string = 'westus' +param location string = 'eastus' // TO DO: Update the resource ID to point to an existing Azure OpenAI resource in your subscription @description('The resource ID of the existing Azure OpenAI resource.') diff --git a/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/azuredeploy.json index ad1b427e4..4ab72e331 100644 --- a/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/azuredeploy.json @@ -5,13 +5,13 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "2016609521519507582" + "templateHash": "12453864151003563685" } }, "parameters": { "location": { "type": "string", - "defaultValue": "westus", + "defaultValue": "eastus", "allowedValues": [ "australiaeast", "canadaeast", diff --git a/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/main.bicep b/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/main.bicep index be6a3ff73..067b737df 100644 --- a/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/main.bicep @@ -27,7 +27,7 @@ 'southcentralus' ]) @description('The Azure region where your AI Foundry resource and project will be created.') -param location string = 'westus' +param location string = 'eastus' @maxLength(9) @description('The name of the Azure AI Foundry resource.') diff --git a/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/modules-standard/cosmos-container-role-assignments.bicep b/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/modules-standard/cosmos-container-role-assignments.bicep index 7da79fc07..87797e98c 100644 --- a/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/modules-standard/cosmos-container-role-assignments.bicep +++ b/infrastructure/infrastructure-setup-bicep/43-standard-agent-setup-with-customization/modules-standard/cosmos-container-role-assignments.bicep @@ -19,7 +19,7 @@ var roleDefinitionId = resourceId( '00000000-0000-0000-0000-000000000002' ) -var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}' +var accountScope = '/subscriptions/${subscription().subscriptionId}/resourceGroups/${resourceGroup().name}/providers/Microsoft.DocumentDB/databaseAccounts/${cosmosAccountName}/dbs/enterprise_memory' resource containerRoleAssignmentUserContainer 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = { parent: cosmosAccount diff --git a/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/azuredeploy.json new file mode 100644 index 000000000..9c5a0bde1 --- /dev/null +++ b/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/azuredeploy.json @@ -0,0 +1,358 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.39.26.7824", + "templateHash": "7778551102092775636" + } + }, + "parameters": { + "ai_services": { + "type": "string", + "defaultValue": "aiServices" + }, + "project_name": { + "type": "string", + "defaultValue": "project" + }, + "description": { + "type": "string", + "defaultValue": "some description" + }, + "display_name": { + "type": "string", + "defaultValue": "project_display_name" + }, + "location": { + "type": "string", + "defaultValue": "eastus" + }, + "modelName": { + "type": "string", + "defaultValue": "gpt-4.1" + }, + "modelFormat": { + "type": "string", + "defaultValue": "OpenAI" + }, + "modelVersion": { + "type": "string", + "defaultValue": "2025-04-14" + }, + "modelSkuName": { + "type": "string", + "defaultValue": "GlobalStandard" + }, + "modelCapacity": { + "type": "int", + "defaultValue": 30 + }, + "deploymentTimestamp": { + "type": "string", + "defaultValue": "[utcNow('yyyyMMddHHmmss')]" + } + }, + "variables": { + "uniqueSuffix": "[substring(uniqueString(format('{0}-{1}', resourceGroup().id, parameters('deploymentTimestamp'))), 0, 4)]", + "account_name": "[toLower(format('{0}{1}', parameters('ai_services'), variables('uniqueSuffix')))]" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2025-04-01", + "name": "[format('ai-{0}-{1}-deployment', variables('account_name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "account_name": { + "value": "[variables('account_name')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "modelName": { + "value": "[parameters('modelName')]" + }, + "modelFormat": { + "value": "[parameters('modelFormat')]" + }, + "modelVersion": { + "value": "[parameters('modelVersion')]" + }, + "modelSkuName": { + "value": "[parameters('modelSkuName')]" + }, + "modelCapacity": { + "value": "[parameters('modelCapacity')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.39.26.7824", + "templateHash": "18028369509636259517" + } + }, + "parameters": { + "account_name": { + "type": "string" + }, + "location": { + "type": "string" + }, + "modelName": { + "type": "string" + }, + "modelFormat": { + "type": "string" + }, + "modelVersion": { + "type": "string" + }, + "modelSkuName": { + "type": "string" + }, + "modelCapacity": { + "type": "int" + } + }, + "resources": [ + { + "type": "Microsoft.CognitiveServices/accounts", + "apiVersion": "2025-04-01-preview", + "name": "[parameters('account_name')]", + "location": "[parameters('location')]", + "sku": { + "name": "S0" + }, + "kind": "AIServices", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "allowProjectManagement": true, + "customSubDomainName": "[parameters('account_name')]", + "networkAcls": { + "defaultAction": "Allow", + "virtualNetworkRules": [], + "ipRules": [] + }, + "publicNetworkAccess": "Enabled", + "disableLocalAuth": false + } + }, + { + "type": "Microsoft.CognitiveServices/accounts/deployments", + "apiVersion": "2024-10-01", + "name": "[format('{0}/{1}', parameters('account_name'), parameters('modelName'))]", + "sku": { + "capacity": "[parameters('modelCapacity')]", + "name": "[parameters('modelSkuName')]" + }, + "properties": { + "model": { + "name": "[parameters('modelName')]", + "format": "[parameters('modelFormat')]", + "version": "[parameters('modelVersion')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.CognitiveServices/accounts', parameters('account_name'))]" + ] + } + ], + "outputs": { + "account_name": { + "type": "string", + "value": "[parameters('account_name')]" + }, + "account_name_id": { + "type": "string", + "value": "[resourceId('Microsoft.CognitiveServices/accounts', parameters('account_name'))]" + }, + "aiServicesTarget": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts', parameters('account_name')), '2025-04-01-preview').endpoint]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2025-04-01", + "name": "[format('ai-{0}-{1}-deployment', parameters('project_name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "project_name": { + "value": "[parameters('project_name')]" + }, + "description": { + "value": "[parameters('description')]" + }, + "display_name": { + "value": "[parameters('display_name')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "account_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('ai-{0}-{1}-deployment', variables('account_name'), variables('uniqueSuffix'))), '2025-04-01').outputs.account_name.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.39.26.7824", + "templateHash": "9956949102179771191" + } + }, + "parameters": { + "account_name": { + "type": "string" + }, + "location": { + "type": "string" + }, + "project_name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "display_name": { + "type": "string" + } + }, + "resources": [ + { + "type": "Microsoft.CognitiveServices/accounts/projects", + "apiVersion": "2025-04-01-preview", + "name": "[format('{0}/{1}', parameters('account_name'), parameters('project_name'))]", + "location": "[parameters('location')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "description": "[parameters('description')]", + "displayName": "[parameters('display_name')]" + } + } + ], + "outputs": { + "project_name": { + "type": "string", + "value": "[parameters('project_name')]" + }, + "project_id": { + "type": "string", + "value": "[resourceId('Microsoft.CognitiveServices/accounts/projects', parameters('account_name'), parameters('project_name'))]" + }, + "projectPrincipalId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts/projects', parameters('account_name'), parameters('project_name')), '2025-04-01-preview', 'full').identity.principalId]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('ai-{0}-{1}-deployment', variables('account_name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2025-04-01", + "name": "[format('ai-{0}-{1}-bing-connection', parameters('project_name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "account_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('ai-{0}-{1}-deployment', variables('account_name'), variables('uniqueSuffix'))), '2025-04-01').outputs.account_name.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.39.26.7824", + "templateHash": "1420647491421234827" + } + }, + "parameters": { + "account_name": { + "type": "string", + "defaultValue": "aiservicesy4si" + }, + "bingSearchName": { + "type": "string", + "defaultValue": "[format('bingsearch-{0}', parameters('account_name'))]" + } + }, + "resources": [ + { + "type": "Microsoft.Bing/accounts", + "apiVersion": "2020-06-10", + "name": "[parameters('bingSearchName')]", + "location": "global", + "sku": { + "name": "G1" + }, + "kind": "Bing.Grounding" + }, + { + "type": "Microsoft.CognitiveServices/accounts/connections", + "apiVersion": "2025-04-01-preview", + "name": "[format('{0}/{1}', parameters('account_name'), format('{0}-bingsearchconnection', parameters('account_name')))]", + "properties": { + "category": "ApiKey", + "target": "https://api.bing.microsoft.com/", + "authType": "ApiKey", + "credentials": { + "key": "[format('{0}', listKeys(resourceId('Microsoft.Bing/accounts', parameters('bingSearchName')), '2020-06-10').key1)]" + }, + "isSharedToAll": true, + "metadata": { + "ApiType": "Azure", + "Location": "[reference(resourceId('Microsoft.Bing/accounts', parameters('bingSearchName')), '2020-06-10', 'full').location]", + "ResourceId": "[resourceId('Microsoft.Bing/accounts', parameters('bingSearchName'))]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Bing/accounts', parameters('bingSearchName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('ai-{0}-{1}-deployment', variables('account_name'), variables('uniqueSuffix')))]" + ] + } + ], + "outputs": { + "ENDPOINT": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('ai-{0}-{1}-deployment', variables('account_name'), variables('uniqueSuffix'))), '2025-04-01').outputs.aiServicesTarget.value]" + } + } +} \ No newline at end of file diff --git a/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep b/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep index a7bffbe0d..4e74d283e 100644 --- a/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/45-basic-agent-bing/main.bicep @@ -4,9 +4,9 @@ param description string = 'some description' param display_name string = 'project_display_name' param location string = 'eastus' -param modelName string = 'gpt-5' +param modelName string = 'gpt-4.1' param modelFormat string = 'OpenAI' -param modelVersion string = '2025-08-07' +param modelVersion string = '2025-04-14' param modelSkuName string = 'GlobalStandard' param modelCapacity int = 30 From 1180caf60046cd638430cd264add540dc38e4dcb Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 19:24:53 +0000 Subject: [PATCH 24/30] updating templates --- .../40-basic-agent-setup/azuredeploy.json | 4 ++-- .../40-basic-agent-setup/main.bicep | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json index 8d7b06f37..74bd9a5b0 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "17632891943305566295" + "templateHash": "17893100590503866979" } }, "parameters": { @@ -105,7 +105,7 @@ }, "modelCapacity": { "type": "int", - "defaultValue": 40, + "defaultValue": 30, "metadata": { "description": "The capacity of the model deployment in TPM." } diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index 5b58e40cd..fc44c47a3 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -59,7 +59,7 @@ param modelVersion string = '2025-04-14' param modelSkuName string = 'GlobalStandard' @description('The capacity of the model deployment in TPM.') -param modelCapacity int = 40 +param modelCapacity int = 30 resource account 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = { name: accountName From ff7f972e732dd8ef6a6a84782e143ac0456d7f90 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 19:26:26 +0000 Subject: [PATCH 25/30] updating templates --- .github/workflows/run-infra.yml | 135 -------------- .github/workflows/run-setup.yml | 303 +++++++++++++++++++++----------- 2 files changed, 198 insertions(+), 240 deletions(-) delete mode 100644 .github/workflows/run-infra.yml diff --git a/.github/workflows/run-infra.yml b/.github/workflows/run-infra.yml deleted file mode 100644 index 64d57bac4..000000000 --- a/.github/workflows/run-infra.yml +++ /dev/null @@ -1,135 +0,0 @@ -name: Run Setup - -on: - push: - branches: [main] - paths: - - infrastructure/infrastructure-setup-bicep/** - pull_request: - branches: [main] - paths: - - infrastructure/infrastructure-setup-bicep/** - workflow_dispatch: - -permissions: - contents: write - -jobs: - run-setup: - runs-on: ubuntu-latest - - steps: - - name: Checkout source branch - uses: actions/checkout@v3 - with: - # PR: checks out the PR branch, Push: checks out main, Dispatch: checks out default branch - ref: ${{ github.head_ref || github.ref_name }} - fetch-depth: 0 - - - name: Install Bicep - run: | - INSTALL_PATH="$RUNNER_TEMP/bicep" - BICEP_PATH="$RUNNER_TEMP/bicep/bicep" - mkdir -p "$INSTALL_PATH" - curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 - chmod +x ./bicep - sudo mv ./bicep "$INSTALL_PATH" - echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV - $BICEP_PATH --version - - - name: Determine changed main.bicep files - id: changes - run: | - set -e - cd "$GITHUB_WORKSPACE" - - EVENT="${{ github.event_name }}" - echo "Event: $EVENT" - - if [ "$EVENT" = "pull_request" ]; then - BASE="${{ github.event.pull_request.base.sha }}" - HEAD="${{ github.event.pull_request.head.sha }}" - elif [ "$EVENT" = "push" ]; then - BASE="${{ github.event.before }}" - HEAD="${{ github.sha }}" - else - # workflow_dispatch: use last commit as best-effort - BASE="$(git rev-parse HEAD~1 || echo '')" - HEAD="$(git rev-parse HEAD)" - fi - - echo "Diff range: ${BASE}..${HEAD}" - - # Only rebuild when main.bicep changes - if [ -n "$BASE" ]; then - MODIFIED=$(git diff --name-only "$BASE" "$HEAD" \ - | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) - else - MODIFIED=$(git show --name-only --pretty="" -1 \ - | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) - fi - - if [ -z "$MODIFIED" ]; then - echo "No relevant Bicep changes detected." - echo "files=" >> $GITHUB_OUTPUT - exit 0 - fi - - echo "Changed main.bicep files:" - echo "$MODIFIED" - - # Output as newline-delimited list - { - echo "files<> $GITHUB_OUTPUT - - - name: Build changed Bicep files -> azuredeploy.json - if: steps.changes.outputs.files != '' - run: | - set -e - cd "$GITHUB_WORKSPACE" - - while IFS= read -r BICEP_FILE; do - OUTFILE="$(dirname "$BICEP_FILE")/azuredeploy.json" - echo "Building: $BICEP_FILE -> $OUTFILE" - $BICEP_PATH build "$BICEP_FILE" --outfile "$OUTFILE" - done <<< "${{ steps.changes.outputs.files }}" - - - name: Commit + push changes back to branch (PR) or main (push) - if: always() - run: | - set -e - cd "$GITHUB_WORKSPACE" - - git config --global user.email "foundry-samples@noreply.github.com" - git config --global user.name "foundry-samples automation" - - git add -A - - if git diff-index --quiet HEAD --; then - echo "No changes to commit." - exit 0 - fi - - git commit -m "Automatic fixes" - - EVENT="${{ github.event_name }}" - - # If PR is from a fork, pushing will be rejected. Detect and skip. - if [ "$EVENT" = "pull_request" ]; then - if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then - echo "PR is from a fork; cannot push changes back to fork branch. Skipping push." - exit 0 - fi - BRANCH="${{ github.head_ref }}" - echo "Pushing fixes to PR branch: $BRANCH" - git push origin "HEAD:refs/heads/$BRANCH" - exit 0 - fi - - # push / workflow_dispatch - BRANCH="${{ github.ref_name }}" - echo "Pushing fixes to branch: $BRANCH" - git push origin "HEAD:refs/heads/$BRANCH" diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index 64d57bac4..eb4917572 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -1,135 +1,228 @@ name: Run Setup +# This action can be run on-demand against a branch. +# It attempts to auto-fix some errors in the most recently updated sample in the branch: +# Builds main.bicep -> azuredeploy.json +# Attempts some fixes with the metadata + +# To run/debug locally, try https://github.com/nektos/act +# Actions documentation: https://docs.github.com/en/actions/reference on: - push: - branches: [main] - paths: - - infrastructure/infrastructure-setup-bicep/** - pull_request: - branches: [main] - paths: - - infrastructure/infrastructure-setup-bicep/** - workflow_dispatch: + push: + branches: + - main + paths: + - infrastructure/infrastructure-setup-bicep** + pull_request: + branches: + - main + workflow_dispatch: permissions: - contents: write + contents: read jobs: - run-setup: + check-if-external: runs-on: ubuntu-latest - + outputs: + environment: ${{ steps.set-environment.outputs.result }} steps: - - name: Checkout source branch - uses: actions/checkout@v3 + - uses: actions/github-script@v7 + id: set-environment with: - # PR: checks out the PR branch, Push: checks out main, Dispatch: checks out default branch - ref: ${{ github.head_ref || github.ref_name }} - fetch-depth: 0 + script: | + const actionInitiator = context.payload.sender.login; + const org = "microsoft-foundry"; + let isPublicMember = true; + + // Check if initiator is a public member of the org + try { + await github.rest.orgs.checkPublicMembershipForUser({ + org, + username: actionInitiator + }); + } catch (error) { + if (error.status != 404) { + throw new Error("Unknown error", {cause: error}); + } + + console.debug([ + `User is not a public member of the organization "${org}"`, + "", + `If you are a Microsoft employee, you can join the "${org}" org and set your org membership visibility to public: https://docs.github.com/en/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership#changing-the-visibility-of-your-organization-membership` + ].join("\n")); + + isPublicMember = false; + } + + + const isPullRequestEvent = ["pull_request", "pull_request_target"].includes(context.eventName); + + if (!(isPublicMember && isPullRequestEvent)) { + return "external-contribution"; + } + return ""; + result-encoding: string + main: + permissions: + contents: write # for git push + name: Run Setup + runs-on: ubuntu-latest + needs: check-if-external + # environment: ${{ needs.check-if-external.outputs.environment }} + env: + # don't print dotnet logo + DOTNET_NOLOGO: true + + # disable telemetry (reduces dotnet tool output in logs) + DOTNET_CLI_TELEMETRY_OPTOUT: true + + steps: + - name: Setup .NET Core + uses: actions/setup-dotnet@v1.8.0 - name: Install Bicep run: | + # See https://github.com/Azure/bicep/blob/main/docs/installing.md#windows-installer + + # Create the install folder INSTALL_PATH="$RUNNER_TEMP/bicep" BICEP_PATH="$RUNNER_TEMP/bicep/bicep" - mkdir -p "$INSTALL_PATH" + mkdir -p $INSTALL_PATH + + # Fetch the latest Bicep CLI binary curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 chmod +x ./bicep - sudo mv ./bicep "$INSTALL_PATH" - echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV + sudo mv ./bicep $INSTALL_PATH + echo Using bicep at $BICEP_PATH: $BICEP_PATH --version - - name: Determine changed main.bicep files - id: changes - run: | - set -e - cd "$GITHUB_WORKSPACE" - - EVENT="${{ github.event_name }}" - echo "Event: $EVENT" - - if [ "$EVENT" = "pull_request" ]; then - BASE="${{ github.event.pull_request.base.sha }}" - HEAD="${{ github.event.pull_request.head.sha }}" - elif [ "$EVENT" = "push" ]; then - BASE="${{ github.event.before }}" - HEAD="${{ github.sha }}" - else - # workflow_dispatch: use last commit as best-effort - BASE="$(git rev-parse HEAD~1 || echo '')" - HEAD="$(git rev-parse HEAD)" - fi - - echo "Diff range: ${BASE}..${HEAD}" - - # Only rebuild when main.bicep changes - if [ -n "$BASE" ]; then - MODIFIED=$(git diff --name-only "$BASE" "$HEAD" \ - | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) - else - MODIFIED=$(git show --name-only --pretty="" -1 \ - | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) - fi - - if [ -z "$MODIFIED" ]; then - echo "No relevant Bicep changes detected." - echo "files=" >> $GITHUB_OUTPUT - exit 0 - fi - - echo "Changed main.bicep files:" - echo "$MODIFIED" - - # Output as newline-delimited list - { - echo "files<> $GITHUB_OUTPUT - - - name: Build changed Bicep files -> azuredeploy.json - if: steps.changes.outputs.files != '' + echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV + + - name: Install PowerShell run: | - set -e - cd "$GITHUB_WORKSPACE" + # Update the list of packages + sudo apt-get update + # Install pre-requisite packages. + sudo apt-get install -y wget apt-transport-https software-properties-common + # Download the Microsoft repository GPG keys + wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb + # Register the Microsoft repository GPG keys + sudo dpkg -i packages-microsoft-prod.deb + # Update the list of packages after we added packages.microsoft.com + sudo apt-get update + # Install PowerShell + sudo apt-get install -y powershell + + - name: Sync main + uses: actions/checkout@v2.3.4 + with: + ref: main + fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - while IFS= read -r BICEP_FILE; do - OUTFILE="$(dirname "$BICEP_FILE")/azuredeploy.json" - echo "Building: $BICEP_FILE -> $OUTFILE" - $BICEP_PATH build "$BICEP_FILE" --outfile "$OUTFILE" - done <<< "${{ steps.changes.outputs.files }}" + - uses: actions/checkout@v2.3.4 + with: + fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - - name: Commit + push changes back to branch (PR) or main (push) - if: always() + - name: Find and scan Bicep files run: | - set -e - cd "$GITHUB_WORKSPACE" + git status + pwd + cd $GITHUB_WORKSPACE + pwd - git config --global user.email "foundry-samples@noreply.github.com" - git config --global user.name "foundry-samples automation" + # Get all modified files in the last 100 commits, filtering out .github + MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") - git add -A + if [ -z "$MODIFIED_FILES" ]; then + echo "No modified files found." + exit 1 + fi + + echo "Modified files:" + echo "$MODIFIED_FILES" + + # Convert MODIFIED_FILES into an array + IFS=$'\n' read -r -a MODIFIED_FILES_ARRAY <<< "$MODIFIED_FILES" + + # Initialize arrays for environment variables + MAINBICEP_PATHS=() + AZDEPLOYJSON_PATHS=() + + for FILE in "${MODIFIED_FILES_ARRAY[@]}"; do + echo "Processing: $FILE" + + TESTFOLDER_PATH=$(dirname "$FILE") + FOUNDBICEP_PATH="" + FOUNDJSON_PATH="" + + # Traverse up the directory structure to find main.bicep and azuredeploy.json + while [ "$TESTFOLDER_PATH" != "." ]; do + echo "Looking in: $TESTFOLDER_PATH" + ls -l "$TESTFOLDER_PATH" + if [ -z "$FOUNDBICEP_PATH" ] && [ -f "$TESTFOLDER_PATH/main.bicep" ]; then + FOUNDBICEP_PATH="$TESTFOLDER_PATH/main.bicep" + echo "Found main.bicep: $FOUNDBICEP_PATH" + fi + + if [ -z "$FOUNDJSON_PATH" ] && [ -f "$TESTFOLDER_PATH/azuredeploy.json" ]; then + FOUNDJSON_PATH="$TESTFOLDER_PATH/azuredeploy.json" + echo "Found azuredeploy.json: $FOUNDJSON_PATH" + fi - if git diff-index --quiet HEAD --; then - echo "No changes to commit." - exit 0 - fi + # If both files are found, stop searching + if [ -n "$FOUNDBICEP_PATH" ] && [ -n "$FOUNDJSON_PATH" ]; then + break + fi - git commit -m "Automatic fixes" + TESTFOLDER_PATH=$(dirname "$TESTFOLDER_PATH") + done - EVENT="${{ github.event_name }}" + if [ -n "$FOUNDBICEP_PATH" ]; then + MAINBICEP_PATHS+=("$FOUNDBICEP_PATH") + fi - # If PR is from a fork, pushing will be rejected. Detect and skip. - if [ "$EVENT" = "pull_request" ]; then - if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then - echo "PR is from a fork; cannot push changes back to fork branch. Skipping push." - exit 0 + if [ -n "$FOUNDJSON_PATH" ]; then + AZDEPLOYJSON_PATHS+=("$FOUNDJSON_PATH") + fi + done + + # Store paths as space-separated strings in GitHub environment variables + echo "MAINBICEP_PATHS=${MAINBICEP_PATHS[*]}" >> $GITHUB_ENV + echo "AZDEPLOYJSON_PATHS=${AZDEPLOYJSON_PATHS[*]}" >> $GITHUB_ENV + + - name: Build Bicep files + run: | + # Convert space-separated environment variables back to arrays + IFS=' ' read -ra MAINBICEP_PATHS_ARRAY <<< "$MAINBICEP_PATHS" + IFS=' ' read -ra AZDEPLOYJSON_PATHS_ARRAY <<< "$AZDEPLOYJSON_PATHS" + + # Ensure the number of Bicep files and JSON paths match + if [ ${#MAINBICEP_PATHS_ARRAY[@]} -ne ${#AZDEPLOYJSON_PATHS_ARRAY[@]} ]; then + echo "Error: Mismatch in number of Bicep files and output JSON paths." + exit 1 fi - BRANCH="${{ github.head_ref }}" - echo "Pushing fixes to PR branch: $BRANCH" - git push origin "HEAD:refs/heads/$BRANCH" - exit 0 - fi - - # push / workflow_dispatch - BRANCH="${{ github.ref_name }}" - echo "Pushing fixes to branch: $BRANCH" - git push origin "HEAD:refs/heads/$BRANCH" + for i in "${!MAINBICEP_PATHS_ARRAY[@]}"; do + MAINBICEP_FILE="${MAINBICEP_PATHS_ARRAY[$i]}" + AZDEPLOYJSON_FILE="${AZDEPLOYJSON_PATHS_ARRAY[$i]}" + + if [ -f "$MAINBICEP_FILE" ]; then + echo "Building: $MAINBICEP_FILE -> $AZDEPLOYJSON_FILE" + $BICEP_PATH build "$MAINBICEP_FILE" --outfile "$AZDEPLOYJSON_FILE" + else + echo "Warning: Bicep file not found: $MAINBICEP_FILE" + fi + done + + - name: Commit changes + if: always() + run: | + git config --global user.email "azureai-samples@noreply.github.com" + git config --global user.name "azureai-sample Automation" + + git add . + + if ! git diff-index --quiet HEAD --; then + git commit -m "Automatic fixes" + git push + fi \ No newline at end of file From 3962258ee7fca4e32a8688293358222dba5b3f92 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 19:29:32 +0000 Subject: [PATCH 26/30] updating workflow --- .github/workflows/run-setup.yml | 303 +++++++++++--------------------- 1 file changed, 105 insertions(+), 198 deletions(-) diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml index eb4917572..f045900a1 100644 --- a/.github/workflows/run-setup.yml +++ b/.github/workflows/run-setup.yml @@ -1,228 +1,135 @@ name: Run Setup -# This action can be run on-demand against a branch. -# It attempts to auto-fix some errors in the most recently updated sample in the branch: -# Builds main.bicep -> azuredeploy.json -# Attempts some fixes with the metadata - -# To run/debug locally, try https://github.com/nektos/act -# Actions documentation: https://docs.github.com/en/actions/reference on: - push: - branches: - - main - paths: - - infrastructure/infrastructure-setup-bicep** - pull_request: - branches: - - main - workflow_dispatch: + push: + branches: [main] + paths: + - infrastructure/infrastructure-setup-bicep/** + pull_request: + branches: [main] + paths: + - infrastructure/infrastructure-setup-bicep/** + workflow_dispatch: permissions: - contents: read + contents: write jobs: - check-if-external: - runs-on: ubuntu-latest - outputs: - environment: ${{ steps.set-environment.outputs.result }} - steps: - - uses: actions/github-script@v7 - id: set-environment - with: - script: | - const actionInitiator = context.payload.sender.login; - const org = "microsoft-foundry"; - let isPublicMember = true; - - // Check if initiator is a public member of the org - try { - await github.rest.orgs.checkPublicMembershipForUser({ - org, - username: actionInitiator - }); - } catch (error) { - if (error.status != 404) { - throw new Error("Unknown error", {cause: error}); - } - - console.debug([ - `User is not a public member of the organization "${org}"`, - "", - `If you are a Microsoft employee, you can join the "${org}" org and set your org membership visibility to public: https://docs.github.com/en/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/publicizing-or-hiding-organization-membership#changing-the-visibility-of-your-organization-membership` - ].join("\n")); - - isPublicMember = false; - } - - - const isPullRequestEvent = ["pull_request", "pull_request_target"].includes(context.eventName); - - if (!(isPublicMember && isPullRequestEvent)) { - return "external-contribution"; - } - return ""; - result-encoding: string - main: - permissions: - contents: write # for git push - name: Run Setup + run-setup: runs-on: ubuntu-latest - needs: check-if-external - # environment: ${{ needs.check-if-external.outputs.environment }} - env: - # don't print dotnet logo - DOTNET_NOLOGO: true - - # disable telemetry (reduces dotnet tool output in logs) - DOTNET_CLI_TELEMETRY_OPTOUT: true steps: - - name: Setup .NET Core - uses: actions/setup-dotnet@v1.8.0 + - name: Checkout source branch + uses: actions/checkout@v3 + with: + # PR: checks out the PR branch, Push: checks out main, Dispatch: checks out default branch + ref: ${{ github.head_ref || github.ref_name }} + fetch-depth: 0 - name: Install Bicep run: | - # See https://github.com/Azure/bicep/blob/main/docs/installing.md#windows-installer - - # Create the install folder INSTALL_PATH="$RUNNER_TEMP/bicep" BICEP_PATH="$RUNNER_TEMP/bicep/bicep" - mkdir -p $INSTALL_PATH - - # Fetch the latest Bicep CLI binary + mkdir -p "$INSTALL_PATH" curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 chmod +x ./bicep - sudo mv ./bicep $INSTALL_PATH - echo Using bicep at $BICEP_PATH: - $BICEP_PATH --version - + sudo mv ./bicep "$INSTALL_PATH" echo "BICEP_PATH=$BICEP_PATH" >> $GITHUB_ENV + $BICEP_PATH --version - - name: Install PowerShell + - name: Determine changed main.bicep files + id: changes run: | - # Update the list of packages - sudo apt-get update - # Install pre-requisite packages. - sudo apt-get install -y wget apt-transport-https software-properties-common - # Download the Microsoft repository GPG keys - wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb - # Register the Microsoft repository GPG keys - sudo dpkg -i packages-microsoft-prod.deb - # Update the list of packages after we added packages.microsoft.com - sudo apt-get update - # Install PowerShell - sudo apt-get install -y powershell - - - name: Sync main - uses: actions/checkout@v2.3.4 - with: - ref: main - fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - - - uses: actions/checkout@v2.3.4 - with: - fetch-depth: 0 # avoid shallow clone so nbgv can do its work. - - - name: Find and scan Bicep files + set -e + cd "$GITHUB_WORKSPACE" + + EVENT="${{ github.event_name }}" + echo "Event: $EVENT" + + if [ "$EVENT" = "pull_request" ]; then + BASE="${{ github.event.pull_request.base.sha }}" + HEAD="${{ github.event.pull_request.head.sha }}" + elif [ "$EVENT" = "push" ]; then + BASE="${{ github.event.before }}" + HEAD="${{ github.sha }}" + else + # workflow_dispatch: use last commit as best-effort + BASE="$(git rev-parse HEAD~1 || echo '')" + HEAD="$(git rev-parse HEAD)" + fi + + echo "Diff range: ${BASE}..${HEAD}" + + # Only rebuild when main.bicep changes + if [ -n "$BASE" ]; then + MODIFIED=$(git diff --name-only "$BASE" "$HEAD" \ + | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) + else + MODIFIED=$(git show --name-only --pretty="" -1 \ + | grep -E "^infrastructure/infrastructure-setup-bicep/.*/main\.bicep$" || true) + fi + + if [ -z "$MODIFIED" ]; then + echo "No relevant Bicep changes detected." + echo "files=" >> $GITHUB_OUTPUT + exit 0 + fi + + echo "Changed main.bicep files:" + echo "$MODIFIED" + + # Output as newline-delimited list + { + echo "files<> $GITHUB_OUTPUT + + - name: Build changed Bicep files -> azuredeploy.json + if: steps.changes.outputs.files != '' run: | - git status - pwd - cd $GITHUB_WORKSPACE - pwd + set -e + cd "$GITHUB_WORKSPACE" - # Get all modified files in the last 100 commits, filtering out .github - MODIFIED_FILES=$(git log --pretty="" --name-only -n 100 origin/main... | fgrep -v ".github") + while IFS= read -r BICEP_FILE; do + OUTFILE="$(dirname "$BICEP_FILE")/azuredeploy.json" + echo "Building: $BICEP_FILE -> $OUTFILE" + $BICEP_PATH build "$BICEP_FILE" --outfile "$OUTFILE" + done <<< "${{ steps.changes.outputs.files }}" - if [ -z "$MODIFIED_FILES" ]; then - echo "No modified files found." - exit 1 - fi - - echo "Modified files:" - echo "$MODIFIED_FILES" - - # Convert MODIFIED_FILES into an array - IFS=$'\n' read -r -a MODIFIED_FILES_ARRAY <<< "$MODIFIED_FILES" - - # Initialize arrays for environment variables - MAINBICEP_PATHS=() - AZDEPLOYJSON_PATHS=() - - for FILE in "${MODIFIED_FILES_ARRAY[@]}"; do - echo "Processing: $FILE" - - TESTFOLDER_PATH=$(dirname "$FILE") - FOUNDBICEP_PATH="" - FOUNDJSON_PATH="" - - # Traverse up the directory structure to find main.bicep and azuredeploy.json - while [ "$TESTFOLDER_PATH" != "." ]; do - echo "Looking in: $TESTFOLDER_PATH" - ls -l "$TESTFOLDER_PATH" - if [ -z "$FOUNDBICEP_PATH" ] && [ -f "$TESTFOLDER_PATH/main.bicep" ]; then - FOUNDBICEP_PATH="$TESTFOLDER_PATH/main.bicep" - echo "Found main.bicep: $FOUNDBICEP_PATH" - fi - - if [ -z "$FOUNDJSON_PATH" ] && [ -f "$TESTFOLDER_PATH/azuredeploy.json" ]; then - FOUNDJSON_PATH="$TESTFOLDER_PATH/azuredeploy.json" - echo "Found azuredeploy.json: $FOUNDJSON_PATH" - fi + - name: Commit + push changes back to branch (PR) or main (push) + if: always() + run: | + set -e + cd "$GITHUB_WORKSPACE" - # If both files are found, stop searching - if [ -n "$FOUNDBICEP_PATH" ] && [ -n "$FOUNDJSON_PATH" ]; then - break - fi + git config --global user.email "foundry-samples@noreply.github.com" + git config --global user.name "foundry-samples automation" - TESTFOLDER_PATH=$(dirname "$TESTFOLDER_PATH") - done + git add -A - if [ -n "$FOUNDBICEP_PATH" ]; then - MAINBICEP_PATHS+=("$FOUNDBICEP_PATH") - fi + if git diff-index --quiet HEAD --; then + echo "No changes to commit." + exit 0 + fi - if [ -n "$FOUNDJSON_PATH" ]; then - AZDEPLOYJSON_PATHS+=("$FOUNDJSON_PATH") - fi - done + git commit -m "Automatic fixes" - # Store paths as space-separated strings in GitHub environment variables - echo "MAINBICEP_PATHS=${MAINBICEP_PATHS[*]}" >> $GITHUB_ENV - echo "AZDEPLOYJSON_PATHS=${AZDEPLOYJSON_PATHS[*]}" >> $GITHUB_ENV + EVENT="${{ github.event_name }}" - - name: Build Bicep files - run: | - # Convert space-separated environment variables back to arrays - IFS=' ' read -ra MAINBICEP_PATHS_ARRAY <<< "$MAINBICEP_PATHS" - IFS=' ' read -ra AZDEPLOYJSON_PATHS_ARRAY <<< "$AZDEPLOYJSON_PATHS" - - # Ensure the number of Bicep files and JSON paths match - if [ ${#MAINBICEP_PATHS_ARRAY[@]} -ne ${#AZDEPLOYJSON_PATHS_ARRAY[@]} ]; then - echo "Error: Mismatch in number of Bicep files and output JSON paths." - exit 1 + # If PR is from a fork, pushing will be rejected. Detect and skip. + if [ "$EVENT" = "pull_request" ]; then + if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then + echo "PR is from a fork; cannot push changes back to fork branch. Skipping push." + exit 0 fi - for i in "${!MAINBICEP_PATHS_ARRAY[@]}"; do - MAINBICEP_FILE="${MAINBICEP_PATHS_ARRAY[$i]}" - AZDEPLOYJSON_FILE="${AZDEPLOYJSON_PATHS_ARRAY[$i]}" - - if [ -f "$MAINBICEP_FILE" ]; then - echo "Building: $MAINBICEP_FILE -> $AZDEPLOYJSON_FILE" - $BICEP_PATH build "$MAINBICEP_FILE" --outfile "$AZDEPLOYJSON_FILE" - else - echo "Warning: Bicep file not found: $MAINBICEP_FILE" - fi - done - - - name: Commit changes - if: always() - run: | - git config --global user.email "azureai-samples@noreply.github.com" - git config --global user.name "azureai-sample Automation" - - git add . - - if ! git diff-index --quiet HEAD --; then - git commit -m "Automatic fixes" - git push - fi \ No newline at end of file + BRANCH="${{ github.head_ref }}" + echo "Pushing fixes to PR branch: $BRANCH" + git push origin "HEAD:refs/heads/$BRANCH" + exit 0 + fi + + # push / workflow_dispatch + BRANCH="${{ github.ref_name }}" + echo "Pushing fixes to branch: $BRANCH" + git push origin "HEAD:refs/heads/$BRANCH" \ No newline at end of file From c915cf5dab9d6efce005e56fa51554b95ac9eb80 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 19:39:41 +0000 Subject: [PATCH 27/30] updating model quota --- .../40-basic-agent-setup/azuredeploy.json | 2 +- .../infrastructure-setup-bicep/40-basic-agent-setup/main.bicep | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json index 74bd9a5b0..928d3f415 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json @@ -105,7 +105,7 @@ }, "modelCapacity": { "type": "int", - "defaultValue": 30, + "defaultValue": 40, "metadata": { "description": "The capacity of the model deployment in TPM." } diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep index fc44c47a3..5b58e40cd 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/main.bicep @@ -59,7 +59,7 @@ param modelVersion string = '2025-04-14' param modelSkuName string = 'GlobalStandard' @description('The capacity of the model deployment in TPM.') -param modelCapacity int = 30 +param modelCapacity int = 40 resource account 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = { name: accountName From 0fb26f866e63d14f746c1971acedd347a687514a Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 19:40:00 +0000 Subject: [PATCH 28/30] Automatic fixes --- .../40-basic-agent-setup/azuredeploy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json index 928d3f415..8d7b06f37 100644 --- a/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/40-basic-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "17893100590503866979" + "templateHash": "17632891943305566295" } }, "parameters": { From 6c90b5a14cc506055afdb56c6559507847f9aa67 Mon Sep 17 00:00:00 2001 From: Amanda Foster <29870948+fosteramanda@users.noreply.github.com> Date: Tue, 13 Jan 2026 19:41:21 +0000 Subject: [PATCH 29/30] updating model quota --- .../41-standard-agent-setup/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep index 1982e0408..ed4e40dfd 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/main.bicep @@ -56,7 +56,7 @@ param modelVersion string = '2025-04-14' param modelSkuName string = 'GlobalStandard' @description('The tokens per minute (TPM) of your model deployment') -param modelCapacity int = 30 +param modelCapacity int = 40 // Optionally bring existing resources @description('The AI Search Service full ARM Resource ID. This is an optional field, and if not provided, the resource will be created.') From 0bf7408a12ce679e9c4457b7905a185c14bc975b Mon Sep 17 00:00:00 2001 From: foundry-samples automation Date: Tue, 13 Jan 2026 19:42:06 +0000 Subject: [PATCH 30/30] Automatic fixes --- .../41-standard-agent-setup/azuredeploy.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json index 2134a31b4..3449d1659 100644 --- a/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json +++ b/infrastructure/infrastructure-setup-bicep/41-standard-agent-setup/azuredeploy.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.39.26.7824", - "templateHash": "4258565578737893898" + "templateHash": "17836798406056740836" } }, "parameters": { @@ -101,7 +101,7 @@ }, "modelCapacity": { "type": "int", - "defaultValue": 30, + "defaultValue": 40, "metadata": { "description": "The tokens per minute (TPM) of your model deployment" }