config role for function (#216)

LittleLittleCloud · luisquintanilla · web-flow · commit afeccfdf68bd · 2023-11-06T20:27:07.000-05:00
## Purpose  * ... ## Does this introduce a breaking change?  ``` [ ] Yes [ ] No ``` fix #221 fix #220 ## Pull Request Type What kind of change does this Pull Request introduce?  ``` [ ] Bugfix [ ] Feature [ ] Code style update (formatting, local variables) [ ] Refactoring (no functional changes, no api changes) [ ] Documentation content changes [ ] Other... Please describe: ``` ## How to Test * Get the code ``` git clone [repo-address] cd [repo-name] git checkout [branch-name] npm install ``` * Test the code  ``` ``` ## What to Check Verify that the following are valid * ... ## Other Information  --------- Co-authored-by: Luis Quintanilla <46974588+luisquintanilla@users.noreply.github.com>
diff --git a/app/frontend/Services/ApiClient.cs b/app/frontend/Services/ApiClient.cs
@@ -35,8 +35,10 @@ public async Task<UploadDocumentsResponse> UploadDocumentsAsync(
 
             foreach (var file in files)
             {
+                // max allow size: 10mb
+                var max_size = maxAllowedSize * 1024 * 1024;
 #pragma warning disable CA2000 // Dispose objects before losing scope
-                var fileContent = new StreamContent(file.OpenReadStream());
+                var fileContent = new StreamContent(file.OpenReadStream(max_size));
 #pragma warning restore CA2000 // Dispose objects before losing scope
                 fileContent.Headers.ContentType = new MediaTypeHeaderValue(file.ContentType);
 
diff --git a/app/functions/EmbedFunctions/Program.cs b/app/functions/EmbedFunctions/Program.cs
@@ -42,7 +42,11 @@ uri is not null
                 GetUriFromEnvironment("AZURE_STORAGE_BLOB_ENDPOINT"),
                 credential);
 
-            return blobServiceClient.GetBlobContainerClient("corpus");
+            var containerClient = blobServiceClient.GetBlobContainerClient("corpus");
+
+            containerClient.CreateIfNotExists();
+
+            return containerClient;
         });
 
         services.AddSingleton<EmbedServiceFactory>();
diff --git a/app/prepdocs/PrepareDocs/Program.Clients.cs b/app/prepdocs/PrepareDocs/Program.Clients.cs
@@ -27,7 +27,7 @@ private static Task<AzureSearchEmbedService> GetAzureSearchEmbedService(AppOptio
             var searchIndexClient = await GetSearchIndexClientAsync(o);
             var searchClient = await GetSearchClientAsync(o);
             var documentClient = await GetFormRecognizerClientAsync(o);
-            var blobContainerClient = await GetBlobContainerClientAsync(o);
+            var blobContainerClient = await GetCorpusBlobContainerClientAsync(o);
             var openAIClient = await GetAzureOpenAIClientAsync(o);
             var embeddingModelName = o.EmbeddingModelName ?? throw new ArgumentNullException(nameof(o.EmbeddingModelName));
             var searchIndexName = o.SearchIndexName ?? throw new ArgumentNullException(nameof(o.SearchIndexName));
diff --git a/infra/core/host/container-app-upsert.bicep b/infra/core/host/container-app-upsert.bicep
@@ -64,7 +64,7 @@ param external bool = true
 param serviceBinds array = []
 
 @description('The target port for the container')
-param targetPort int = 8080
+param targetPort int = 80
 
 resource existingApp 'Microsoft.App/containerApps@2023-04-01-preview' existing = if (exists) {
   name: name
diff --git a/infra/core/host/container-app.bicep b/infra/core/host/container-app.bicep
@@ -68,7 +68,7 @@ param serviceBinds array = []
 param serviceType string = ''
 
 @description('The target port for the container')
-param targetPort int = 8080
+param targetPort int = 80
 
 resource userIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' existing = if (!empty(identityName)) {
   name: identityName
diff --git a/infra/main.bicep b/infra/main.bicep
@@ -140,9 +140,6 @@ param webIdentityName string = ''
 @description('Name of the web app image')
 param webImageName string = ''
 
-@description('Use Application Insights for monitoring and performance tracing')
-param useApplicationInsights bool = false
-
 var abbrs = loadJsonContent('./abbreviations.json')
 var resourceToken = toLower(uniqueString(subscription().id, environmentName, location))
 
@@ -302,7 +299,7 @@ module function './app/function.bicep' = {
       AZURE_SEARCH_SERVICE_ENDPOINT: searchService.outputs.endpoint
       AZURE_SEARCH_INDEX: searchIndexName
       AZURE_STORAGE_BLOB_ENDPOINT: storage.outputs.primaryEndpoints.blob
-      AZURE_OPENAI_EMBEDDING_DEPLOYMENT: embeddingModelName
+      AZURE_OPENAI_EMBEDDING_DEPLOYMENT: embeddingDeploymentName
       AZURE_OPENAI_ENDPOINT: openAi.outputs.endpoint      
     }
   }
@@ -316,7 +313,7 @@ module monitoring 'core/monitor/monitoring.bicep' = {
     location: location
     tags: updatedTags
     includeDashboard: false
-    includeApplicationInsights: useApplicationInsights
+    includeApplicationInsights: true
     logAnalyticsName: !empty(logAnalyticsName) ? logAnalyticsName : '${abbrs.operationalInsightsWorkspaces}${resourceToken}'
     applicationInsightsName: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}'
     applicationInsightsDashboardName: !empty(applicationInsightsDashboardName) ? applicationInsightsDashboardName : '${abbrs.portalDashboards}${resourceToken}'
@@ -495,69 +492,69 @@ module openAiRoleFunction 'core/security/role.bicep' = {
   scope: openAiResourceGroup
   name: 'openai-role-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: '5e0bd9bd-7b93-4f28-af87-19fc36ad61bd'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
 module formRecognizerRoleFunction 'core/security/role.bicep' = {
   scope: formRecognizerResourceGroup
   name: 'formrecognizer-role-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: 'a97b65f3-24c7-4388-baec-2e87135dc908'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
 module storageRoleFunction 'core/security/role.bicep' = {
   scope: storageResourceGroup
   name: 'storage-role-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: '2a2b9908-6ea1-4ae2-8e65-a410df84e7d1'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
 module storageContribRoleFunction 'core/security/role.bicep' = {
   scope: storageResourceGroup
   name: 'storage-contribrole-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
 module searchRoleFunction 'core/security/role.bicep' = {
   scope: searchServiceResourceGroup
   name: 'search-role-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: '1407120a-92aa-4202-b7e9-c0e197c71c8f'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
 module searchContribRoleFunction 'core/security/role.bicep' = {
   scope: searchServiceResourceGroup
   name: 'search-contrib-role-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: '8ebe5a00-799e-43f5-93ac-243d3dce84a7'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
 module searchSvcContribRoleFunction 'core/security/role.bicep' = {
   scope: searchServiceResourceGroup
   name: 'search-svccontrib-role-function'
   params: {
-    principalId: principalId
+    principalId: function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
     roleDefinitionId: '7ca78c08-252a-4471-8644-bb5ff32d4ba0'
-    principalType: principalType
+    principalType: 'ServicePrincipal'
   }
 }
 
@@ -634,3 +631,4 @@ output AZURE_STORAGE_RESOURCE_GROUP string = storageResourceGroup.name
 output AZURE_TENANT_ID string = tenant().tenantId
 output SERVICE_WEB_IDENTITY_NAME string = web.outputs.SERVICE_WEB_IDENTITY_NAME
 output SERVICE_WEB_NAME string = web.outputs.SERVICE_WEB_NAME
+output SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID string = function.outputs.SERVICE_FUNCTION_IDENTITY_PRINCIPAL_ID
diff --git a/infra/main.parameters.json b/infra/main.parameters.json
@@ -75,7 +75,7 @@
       "value": "${SERVICE_WEB_IDENTITY_NAME}"
     },
     "useApplicationInsights": {
-      "value": "${AZURE_USE_APPLICATION_INSIGHTS=false}"
+      "value": "${AZURE_USE_APPLICATION_INSIGHTS=true}"
     }
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -75,7 +75,7 @@`
`75`	`75`	`"value": "${SERVICE_WEB_IDENTITY_NAME}"`
`76`	`76`	`},`
`77`	`77`	`"useApplicationInsights": {`
`78`		`- "value": "${AZURE_USE_APPLICATION_INSIGHTS=false}"`
	`78`	`+ "value": "${AZURE_USE_APPLICATION_INSIGHTS=true}"`
`79`	`79`	`}`
`80`	`80`	`}`
`81`	`81`	`}`