Skip to content

fix: WAF aligned changes merge from dev to main #1894

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 118 commits into from
Sep 24, 2025
Merged

fix: WAF aligned changes merge from dev to main #1894

merged 118 commits into from
Sep 24, 2025

Conversation

@Roopan-Microsoft
Copy link
Contributor

@Roopan-Microsoft Roopan-Microsoft commented Sep 8, 2025
edited by Prajwal-Microsoft
Loading

Purpose

This pull request introduces several improvements to authentication and environment configuration for Azure services in the backend batch utilities. The main theme is the consistent use of managed identity credentials (via MANAGED_IDENTITY_CLIENT_ID and MANAGED_IDENTITY_RESOURCE_ID) for secure, centralized authentication, replacing direct credential usage. Additionally, there are updates to workflow files and environment variable handling to support these changes.

Authentication and Managed Identity Improvements:

  • Updated all Azure service clients (CosmosDB, Blob Storage, Form Recognizer, Computer Vision, Azure Search, MLClient, PostgreSQL, etc.) to use get_azure_credential(self.env_helper.MANAGED_IDENTITY_CLIENT_ID) for authentication, ensuring consistent use of managed identity across the codebase. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11]
  • Added support for user-assigned managed identity in Azure Search Data Source and Index creation, using SearchIndexerDataUserAssignedIdentity and MANAGED_IDENTITY_RESOURCE_ID, except in the dev environment. [1] [2] [3]

Environment Configuration and Secret Management:

  • Enhanced EnvHelper to load MANAGED_IDENTITY_CLIENT_ID, MANAGED_IDENTITY_RESOURCE_ID, and APP_ENV from environment variables, and improved secret retrieval for FUNCTION_KEY using Key Vault. Also added validation for Key Vault endpoint presence when enabled. [1] [2] [3] [4] [5]

Workflow and CI/CD Updates:

  • Changed Docker image tags and cache references in workflow files to use latest_waf instead of latest for main branch builds, and improved tagging consistency. [1] [2]
  • Updated package installation in the group_dependabot_security_updates.yml workflow to use manual apt-get commands instead of the cache action.

Other Backend Utility Changes:

  • Modified PostgreSQL connection logic to use SSL as a boolean and include sslmode=require in connection strings for enhanced security. [1] [2]
  • Refactored PostgresConversationClient to use EnvHelper for managed identity client ID retrieval. [1] [2] [3]

These changes strengthen security, centralize credential management, and improve maintainability for Azure service integrations.hunk://#diff-81b1c856302e9d3a8a9a8a1e5e23cae887bf7c060168ad67fe31409c4abdb6ceR31-R38)

Build Configuration

  • Updated TypeScript configuration to use Node 16 module and resolution settings for compatibility with newer Node.js features.

Does this introduce a breaking change?

  • Yes
  • No

How to Test

  • Get the code
git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install
  • Test the code

What to Check

Verify that the following are valid

  • Verify end to end functionality from deployment to functional testing.

Other Information

Roopan-Microsoft and others added 30 commits November 25, 2024 16:02
@Roopan-Microsoft
ci: Updated workflow to handle main, dev and demo branch | Dependabot…
2dbb0b1 
… changes (#1509)
@Roopan-Microsoft
fix: SFI Fixes & scope reverted to subscription (#1513)
97ced9f
@Roopan-Microsoft
ci: workflow updated for build docker (#1514)
903c259
@Roopan-Microsoft
ci: build docker updated for dev (#1522)
4cf2972
@Roopan-Microsoft
ci: workflow branch code updated (#1525)
9158819
@AjitPadhi-Microsoft
updated comment
4545a48
@AjitPadhi-Microsoft
updated workflow
84a33b5
@AjitPadhi-Microsoft
updated workflow
f8c1c8f
@AjitPadhi-Microsoft
updated workflow
e31a661
@AjitPadhi-Microsoft
updated bicep for registry
847ce7e
@AjitPadhi-Microsoft
fixed bicep
8f8cc98
@AjitPadhi-Microsoft @Roopan-Microsoft
fix: bicep updated (#1527)
15b948c 
Co-authored-by: Roopan P M <[email protected]>
@Roopan-Microsoft
Merge branch 'main' into dev
1645e43
@Roopan-Microsoft
Merge branch 'dev' of https://github.com/Azure-Samples/chat-with-your…
8df387a 
…-data-solution-accelerator into dev
@AjitPadhi-Microsoft
fix: Container issue fix for multiple branch (#1539)
e4dd5f2
@AjitPadhi-Microsoft @Roopan-Microsoft
fix: Updated workflow (#1540)
88d06dc 
Co-authored-by: Roopan P M <[email protected]>
@Roopan-Microsoft @AjitPadhi-Microsoft
ci: Psl container fix for checkout code from head branch (#1541)
e5cf4dd 
Co-authored-by: Ajit Padhi <[email protected]>
@AjitPadhi-Microsoft @Roopan-Microsoft
fix: multiple container tag issue fix (#1552)
02d0056 
Co-authored-by: Roopan-Microsoft <[email protected]>
@AjitPadhi-Microsoft @Roopan-Microsoft
fix: Workflow issue fix on docker image (#1554)
90e1040 
Co-authored-by: Roopan-Microsoft <[email protected]>
@Pavan-Microsoft @Roopan-Microsoft
@ross-p-smith @gpickett @Fr4nc3 @Prajwal-Microsoft
fix: Downmerge dev (#1566)
8a5a1cb 
Co-authored-by: Roopan-Microsoft <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: gpickett <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Prajwal D C <[email protected]>
@Harmanpreet-Microsoft
fix: CWYD Citation Links to Documents Break After Specific Timeframe (#…
131c323 
…1569)
@UtkarshMishra-Microsoft
fix: Commit changes bug (#1568)
93b84ed
@Pavan-Microsoft
fix: Post-Deployment Script for Managing Bicep Outputs in .env File a…
0875b92 
…nd Update Conversation flow based on template selection (#1567)

Co-authored-by: Pavan Kumar <v-kupavan.microsoft.com>
@Pavan-Microsoft
fix: import error in env_helper.py (#1571)
76190b3
@Priyanka-Microsoft
fix: add conversation flow in environment variable for adminweb app (#…
c65bf01 
…1572)
@Prasanjeet-Microsoft
fix: Update Hosting Model Configuration in ARM/Bicep Template (#1570)
1f326d9
@Priyanka-Microsoft
fix: Update main.json for changes conversation flow changes in bicep (#…
fc688c2 
…1574)
@Roopan-Microsoft
Merge branch 'main' into dev
56adb59
@Roopan-Microsoft @dependabot @Pavan-Microsoft
build: Dependabotchanges merge to Dev branch (#1602)
afaabdc 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pavan-Microsoft <[email protected]>
@Pavan-Microsoft
feat: Configurable System Prompts for Flexibility and Maintenance - C…
03f52b3 
…WYD (#1603)
Rohini-Microsoft and others added 4 commits September 22, 2025 10:07
@Rohini-Microsoft
feat: On click of button teatarea should be clear (#1904)
9d86faa
@Prajwal-Microsoft @Pavan-Microsoft
@Roopan-Microsoft @AjitPadhi-Microsoft @ross-p-smith @gpickett @Fr4nc3 @Harmanpreet-Microsoft @UtkarshMishra-Microsoft @Priyanka-Microsoft @Prasanjeet-Microsoft @dependabot @Kiran-Siluveru-Microsoft @Prashant-Microsoft @Rohini-Microsoft @Avijit-Microsoft @RaviKiran-Microsoft @Somesh-Microsoft @pradeepjha-microsoft @Bangarraju-Microsoft @Harsh-Microsoft @Kanchan-Microsoft @cristofima @Vamshi-Microsoft @Thanusree-Microsoft @NirajC-Microsoft
feat: WAF implementation for CWYD (#1916)
aa7a26f 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Pavan-Microsoft <[email protected]>
Co-authored-by: Roopan-Microsoft <[email protected]>
Co-authored-by: Ajit Padhi <[email protected]>
Co-authored-by: Roopan P M <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: gpickett <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Harmanpreet-Microsoft <[email protected]>
Co-authored-by: UtkarshMishra-Microsoft <[email protected]>
Co-authored-by: Priyanka-Microsoft <[email protected]>
Co-authored-by: Prasanjeet-Microsoft <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kiran-Siluveru-Microsoft <[email protected]>
Co-authored-by: Prashant-Microsoft <[email protected]>
Co-authored-by: Rohini-Microsoft <[email protected]>
Co-authored-by: Avijit-Microsoft <[email protected]>
Co-authored-by: RaviKiran-Microsoft <[email protected]>
Co-authored-by: Somesh Joshi <[email protected]>
Co-authored-by: Himanshi Agrawal <[email protected]>
Co-authored-by: pradeepjha-microsoft <[email protected]>
Co-authored-by: Harmanpreet Kaur <[email protected]>
Co-authored-by: Bangarraju-Microsoft <[email protected]>
Co-authored-by: Harsh-Microsoft <[email protected]>
Co-authored-by: Kanchan-Microsoft <[email protected]>
Co-authored-by: Cristopher Coronado <[email protected]>
Co-authored-by: Cristopher Coronado Moreira <[email protected]>
Co-authored-by: Vamshi-Microsoft <[email protected]>
Co-authored-by: Thanusree-Microsoft <[email protected]>
Co-authored-by: Niraj Chaudhari (Persistent Systems Inc) <[email protected]>
Co-authored-by: Rohini-Microsoft <[email protected]>
@Pavan-Microsoft @Roopan-Microsoft
@AjitPadhi-Microsoft @ross-p-smith @gpickett @Fr4nc3 @Prajwal-Microsoft @Harmanpreet-Microsoft @UtkarshMishra-Microsoft @Priyanka-Microsoft @Prasanjeet-Microsoft @dependabot @Kiran-Siluveru-Microsoft @Prashant-Microsoft @Rohini-Microsoft @Avijit-Microsoft @RaviKiran-Microsoft @Somesh-Microsoft @pradeepjha-microsoft @Bangarraju-Microsoft @Harsh-Microsoft @Kanchan-Microsoft @cristofima @Vamshi-Microsoft @Thanusree-Microsoft @NirajC-Microsoft
fix: fix unit testcases (#1918)
52ea704 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Roopan-Microsoft <[email protected]>
Co-authored-by: Ajit Padhi <[email protected]>
Co-authored-by: Roopan P M <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: gpickett <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Prajwal D C <[email protected]>
Co-authored-by: Harmanpreet-Microsoft <[email protected]>
Co-authored-by: UtkarshMishra-Microsoft <[email protected]>
Co-authored-by: Priyanka-Microsoft <[email protected]>
Co-authored-by: Prasanjeet-Microsoft <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kiran-Siluveru-Microsoft <[email protected]>
Co-authored-by: Prashant-Microsoft <[email protected]>
Co-authored-by: Rohini-Microsoft <[email protected]>
Co-authored-by: Avijit-Microsoft <[email protected]>
Co-authored-by: RaviKiran-Microsoft <[email protected]>
Co-authored-by: Somesh Joshi <[email protected]>
Co-authored-by: Himanshi Agrawal <[email protected]>
Co-authored-by: pradeepjha-microsoft <[email protected]>
Co-authored-by: Harmanpreet Kaur <[email protected]>
Co-authored-by: Bangarraju-Microsoft <[email protected]>
Co-authored-by: Harsh-Microsoft <[email protected]>
Co-authored-by: Kanchan-Microsoft <[email protected]>
Co-authored-by: Cristopher Coronado <[email protected]>
Co-authored-by: Cristopher Coronado Moreira <[email protected]>
Co-authored-by: Vamshi-Microsoft <[email protected]>
Co-authored-by: Thanusree-Microsoft <[email protected]>
Co-authored-by: Niraj Chaudhari (Persistent Systems Inc) <[email protected]>
Co-authored-by: Rohini-Microsoft <[email protected]>
@Harsh-Microsoft
ci: update image tags to use 'latest_waf' for Docker builds and deplo…
4925b3b 
…yments (#1917)
@Prajwal-Microsoft Prajwal-Microsoft changed the title fix: merging dev changes to main branch fix: WAF aligned changes merge from dev to main Sep 24, 2025
@Prajwal-Microsoft @Pavan-Microsoft
@Roopan-Microsoft @AjitPadhi-Microsoft @ross-p-smith @gpickett @Fr4nc3 @Harmanpreet-Microsoft @UtkarshMishra-Microsoft @Priyanka-Microsoft @Prasanjeet-Microsoft @dependabot @Kiran-Siluveru-Microsoft @Prashant-Microsoft @Rohini-Microsoft @Avijit-Microsoft @RaviKiran-Microsoft @Somesh-Microsoft @pradeepjha-microsoft @Bangarraju-Microsoft @Harsh-Microsoft @Kanchan-Microsoft @cristofima @Vamshi-Microsoft @Thanusree-Microsoft @NirajC-Microsoft
fix: Pipeline issue for deploy & build (#1919)
2b28e45 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Pavan-Microsoft <[email protected]>
Co-authored-by: Roopan-Microsoft <[email protected]>
Co-authored-by: Ajit Padhi <[email protected]>
Co-authored-by: Roopan P M <[email protected]>
Co-authored-by: Ross Smith <[email protected]>
Co-authored-by: gpickett <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Francia Riesco <[email protected]>
Co-authored-by: Harmanpreet-Microsoft <[email protected]>
Co-authored-by: UtkarshMishra-Microsoft <[email protected]>
Co-authored-by: Priyanka-Microsoft <[email protected]>
Co-authored-by: Prasanjeet-Microsoft <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kiran-Siluveru-Microsoft <[email protected]>
Co-authored-by: Prashant-Microsoft <[email protected]>
Co-authored-by: Rohini-Microsoft <[email protected]>
Co-authored-by: Avijit-Microsoft <[email protected]>
Co-authored-by: RaviKiran-Microsoft <[email protected]>
Co-authored-by: Somesh Joshi <[email protected]>
Co-authored-by: Himanshi Agrawal <[email protected]>
Co-authored-by: pradeepjha-microsoft <[email protected]>
Co-authored-by: Harmanpreet Kaur <[email protected]>
Co-authored-by: Bangarraju-Microsoft <[email protected]>
Co-authored-by: Harsh-Microsoft <[email protected]>
Co-authored-by: Kanchan-Microsoft <[email protected]>
Co-authored-by: Cristopher Coronado <[email protected]>
Co-authored-by: Cristopher Coronado Moreira <[email protected]>
Co-authored-by: Vamshi-Microsoft <[email protected]>
Co-authored-by: Thanusree-Microsoft <[email protected]>
Co-authored-by: Niraj Chaudhari (Persistent Systems Inc) <[email protected]>
Co-authored-by: Rohini-Microsoft <[email protected]>
@Prajwal-Microsoft Prajwal-Microsoft dismissed stale reviews from Vinay-Microsoft and themself via de608a2 September 24, 2025 17:02
@Roopan-Microsoft Roopan-Microsoft added this pull request to the merge queue Sep 24, 2025
Merged via the queue into main with commit 3c3e4d9 Sep 24, 2025
17 checks passed
@github-actions
Copy link

github-actions bot commented Oct 6, 2025

🎉 This PR is included in version 1.16.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Vinay-Microsoft Vinay-Microsoft Vinay-Microsoft approved these changes

@Prajwal-Microsoft Prajwal-Microsoft Prajwal-Microsoft left review comments

@Avijit-Microsoft Avijit-Microsoft Awaiting requested review from Avijit-Microsoft Avijit-Microsoft is a code owner

@Fr4nc3 Fr4nc3 Awaiting requested review from Fr4nc3 Fr4nc3 is a code owner

@aniaroramsft aniaroramsft Awaiting requested review from aniaroramsft aniaroramsft is a code owner

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.