diff --git a/.github/workflows/group_dependabot_security_updates.yml b/.github/workflows/group_dependabot_security_updates.yml index d284f03eb..23e83f405 100644 --- a/.github/workflows/group_dependabot_security_updates.yml +++ b/.github/workflows/group_dependabot_security_updates.yml @@ -65,9 +65,10 @@ jobs: git config --global user.email "github-actions@github.com" - name: Install required tools - uses: awalsh128/cache-apt-pkgs-action@v1.3.1 - with: - packages: "jq gh" + run: | + sudo apt-get update + sudo apt-get install -y jq gh + shell: bash - name: Enable strict error handling shell: bash diff --git a/code/backend/pages/01_Ingest_Data.py b/code/backend/pages/01_Ingest_Data.py index b652c5cc7..24336f38c 100644 --- a/code/backend/pages/01_Ingest_Data.py +++ b/code/backend/pages/01_Ingest_Data.py @@ -55,7 +55,10 @@ def reprocess_all(): def add_urls(): urls = st.session_state["urls"].split("\n") - add_url_embeddings(urls) + result = add_url_embeddings(urls) + # If URLs are valid and processed, clear the textarea + if result: + st.session_state["urls"] = "" def sanitize_metadata_value(value): @@ -67,7 +70,7 @@ def add_url_embeddings(urls: list[str]): has_valid_url = bool(list(filter(str.strip, urls))) if not has_valid_url: st.error("Please enter at least one valid URL.") - return + return False params = {} if env_helper.FUNCTION_KEY is not None: @@ -80,9 +83,11 @@ def add_url_embeddings(urls: list[str]): ) r = requests.post(url=backend_url, params=params, json=body) if not r.ok: - raise ValueError(f"Error {r.status_code}: {r.text}") + st.error(f"Error {r.status_code}: {r.text}") + return False else: st.success(f"Embeddings added successfully for {url}") + return True try: diff --git a/docs/LOCAL_DEPLOYMENT.md b/docs/LOCAL_DEPLOYMENT.md index 2bcd1c0d8..51e05a861 100644 --- a/docs/LOCAL_DEPLOYMENT.md +++ b/docs/LOCAL_DEPLOYMENT.md @@ -32,6 +32,45 @@ azd env set USE_KEY_VAULT false Also please refer to the section on [setting up RBAC auth](#authenticate-using-rbac). +## Deployment Options & Steps + +### Sandbox or WAF Aligned Deployment Options + +The [`infra`](../infra) folder of the Chat With Your Data Solution Accelerator contains the [`main.bicep`](../infra/main.bicep) Bicep script, which defines all Azure infrastructure components for this solution. + +By default, the `azd up` command uses the [`main.parameters.json`](../infra/main.parameters.json) file to deploy the solution. This file is pre-configured for a **sandbox environment** — ideal for development and proof-of-concept scenarios, with minimal security and cost controls for rapid iteration. + +For **production deployments**, the repository also provides [`main.waf.parameters.json`](../infra/main.waf.parameters.json), which applies a [Well-Architected Framework (WAF) aligned](https://learn.microsoft.com/en-us/azure/well-architected/) configuration. This option enables additional Azure best practices for reliability, security, cost optimization, operational excellence, and performance efficiency, such as: + + - Enhanced network security (e.g., Network protection with private endpoints) + - Stricter access controls and managed identities + - Logging, monitoring, and diagnostics enabled by default + - Resource tagging and cost management recommendations + +**How to choose your deployment configuration:** + +* Use the default `main.parameters.json` file for a **sandbox/dev environment** +* For a **WAF-aligned, production-ready deployment**, copy the contents of `main.waf.parameters.json` into `main.parameters.json` before running `azd up` + +--- + +### VM Credentials Configuration + +By default, the solution sets the VM administrator username and password from environment variables. + +To set your own VM credentials before deployment, use: + +```sh +azd env set AZURE_ENV_VM_ADMIN_USERNAME +azd env set AZURE_ENV_VM_ADMIN_PASSWORD +``` + +> [!TIP] +> Always review and adjust parameter values (such as region, capacity, security settings and log analytics workspace configuration) to match your organization's requirements before deploying. For production, ensure you have sufficient quota and follow the principle of least privilege for all identities and role assignments. + +> [!IMPORTANT] +> The WAF-aligned configuration is under active development. More Azure Well-Architected recommendations will be added in future updates. + ## Detailed Development Container setup instructions The solution contains a [development container](https://code.visualstudio.com/docs/remote/containers) with all the required tooling to develop and deploy the accelerator. To deploy the Chat With Your Data accelerator using the provided development container you will also need: @@ -175,56 +214,90 @@ Execute the above [shell command](#L81) to run the function locally. You may nee | App Setting | Value | Note | | --- | --- | ------------- | -|AZURE_SEARCH_SERVICE||The URL of your Azure AI Search resource. e.g. https://.search.windows.net| -|AZURE_SEARCH_INDEX||The name of your Azure AI Search Index| -|AZURE_SEARCH_KEY||An **admin key** for your Azure AI Search resource| -|AZURE_SEARCH_USE_SEMANTIC_SEARCH|False|Whether or not to use semantic search| -|AZURE_SEARCH_SEMANTIC_SEARCH_CONFIG|default|The name of the semantic search configuration to use if using semantic search.| -|AZURE_SEARCH_TOP_K|5|The number of documents to retrieve from Azure AI Search.| -|AZURE_SEARCH_ENABLE_IN_DOMAIN|True|Limits responses to only queries relating to your data.| +|ADVANCED_IMAGE_PROCESSING_MAX_IMAGES | 1 | The maximum number of images to pass to the vision model in a single request| +|APPLICATIONINSIGHTS_CONNECTION_STRING||The Application Insights connection string to store the application logs| +|APP_ENV | Prod | Application Environment (Prod, Dev, etc.)| +|AZURE_AUTH_TYPE | keys | The default is to use API keys. Change the value to 'rbac' to authenticate using Role Based Access Control. For more information refer to section [Authenticate using RBAC](#authenticate-using-rbac)| +|AZURE_BLOB_ACCOUNT_KEY||The key of the Azure Blob Storage for storing the original documents to be processed| +|AZURE_BLOB_ACCOUNT_NAME||The name of the Azure Blob Storage for storing the original documents to be processed| +|AZURE_BLOB_CONTAINER_NAME||The name of the Container in the Azure Blob Storage for storing the original documents to be processed| +|AZURE_CLIENT_ID | | Client ID for Azure authentication (required for LangChain AzureSearch vector store)| +|AZURE_COMPUTER_VISION_ENDPOINT | | The endpoint of the Azure Computer Vision service (if useAdvancedImageProcessing=true)| +|AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION | 2024-02-01 | The API version for Azure Computer Vision Vectorize Image| +|AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_MODEL_VERSION | 2023-04-15 | The model version for Azure Computer Vision Vectorize Image| +|AZURE_CONTENT_SAFETY_ENDPOINT | | The endpoint of the Azure AI Content Safety service| +|AZURE_CONTENT_SAFETY_KEY | | The key of the Azure AI Content Safety service| +|AZURE_COSMOSDB_ACCOUNT_NAME | | The name of the Azure Cosmos DB account (when using CosmosDB)| +|AZURE_COSMOSDB_CONVERSATIONS_CONTAINER_NAME | | The name of the Azure Cosmos DB conversations container (when using CosmosDB)| +|AZURE_COSMOSDB_DATABASE_NAME | | The name of the Azure Cosmos DB database (when using CosmosDB)| +|AZURE_COSMOSDB_ENABLE_FEEDBACK | true | Whether to enable feedback functionality in Cosmos DB| +|AZURE_FORM_RECOGNIZER_ENDPOINT||The name of the Azure Form Recognizer for extracting the text from the documents| +|AZURE_FORM_RECOGNIZER_KEY||The key of the Azure Form Recognizer for extracting the text from the documents| +|AZURE_KEY_VAULT_ENDPOINT | | The endpoint of the Azure Key Vault for storing secrets| +|AZURE_OPENAI_API_KEY||One of the API keys of your Azure OpenAI resource| +|AZURE_OPENAI_API_VERSION|2024-02-01|API version when using Azure OpenAI on your data| +|AZURE_OPENAI_EMBEDDING_MODEL|text-embedding-ada-002|The name of your Azure OpenAI embeddings model deployment| +|AZURE_OPENAI_EMBEDDING_MODEL_NAME|text-embedding-ada-002|The name of the embeddings model (can be found in Azure AI Foundry)| +|AZURE_OPENAI_EMBEDDING_MODEL_VERSION|2|The version of the embeddings model to use (can be found in Azure AI Foundry)| +|AZURE_OPENAI_MAX_TOKENS|1000|The maximum number of tokens allowed for the generated answer.| +|AZURE_OPENAI_MODEL||The name of your model deployment| +|AZURE_OPENAI_MODEL_NAME|gpt-4.1|The name of the model| +|AZURE_OPENAI_MODEL_VERSION|2024-05-13|The version of the model to use| +|AZURE_OPENAI_RESOURCE||the name of your Azure OpenAI resource| +|AZURE_OPENAI_STOP_SEQUENCE||Up to 4 sequences where the API will stop generating further tokens. Represent these as a string joined with "|", e.g. `"stop1|stop2|stop3"`| +|AZURE_OPENAI_STREAM | true | Whether or not to stream responses from Azure OpenAI| +|AZURE_OPENAI_SYSTEM_MESSAGE|You are an AI assistant that helps people find information.|A brief description of the role and tone the model should use| +|AZURE_OPENAI_TEMPERATURE|0|What sampling temperature to use, between 0 and 2. Higher values like 0.8 will make the output more random, while lower values like 0.2 will make it more focused and deterministic. A value of 0 is recommended when using your data.| +|AZURE_OPENAI_TOP_P|1.0|An alternative to sampling with temperature, called nucleus sampling, where the model considers the results of the tokens with top_p probability mass. We recommend setting this to 1.0 when using your data.| +|AZURE_POSTGRESQL_DATABASE_NAME | postgres | The name of the Azure PostgreSQL database (when using PostgreSQL)| +|AZURE_POSTGRESQL_HOST_NAME | | The hostname of the Azure PostgreSQL server (when using PostgreSQL)| +|AZURE_POSTGRESQL_USER | | The username for Azure PostgreSQL authentication (when using PostgreSQL)| +|AZURE_SEARCH_CHUNK_COLUMN | chunk | Field from your Azure AI Search index that contains chunk information| |AZURE_SEARCH_CONTENT_COLUMN||List of fields in your Azure AI Search index that contains the text content of your documents to use when formulating a bot response. Represent these as a string joined with "|", e.g. `"product_description|product_manual"`| |AZURE_SEARCH_CONTENT_VECTOR_COLUMN||Field from your Azure AI Search index for storing the content's Vector embeddings| +|AZURE_SEARCH_CONVERSATIONS_LOG_INDEX | conversations | The name of the Azure AI Search conversations log index| +|AZURE_SEARCH_DATASOURCE_NAME | | The name of the Azure AI Search datasource| |AZURE_SEARCH_DIMENSIONS|1536| Azure OpenAI Embeddings dimensions. 1536 for `text-embedding-ada-002`. A full list of dimensions can be found [here](https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models#embeddings-models). | +|AZURE_SEARCH_ENABLE_IN_DOMAIN|True|Limits responses to only queries relating to your data.| |AZURE_SEARCH_FIELDS_ID|id|`AZURE_SEARCH_FIELDS_ID`: Field from your Azure AI Search index that gives a unique idenitfier of the document chunk. `id` if you don't have a specific requirement.| +|AZURE_SEARCH_FIELDS_METADATA|metadata|Field from your Azure AI Search index that contains metadata for the document. `metadata` if you don't have a specific requirement.| +|AZURE_SEARCH_FIELDS_TAG|tag|Field from your Azure AI Search index that contains tags for the document. `tag` if you don't have a specific requirement.| |AZURE_SEARCH_FILENAME_COLUMN||`AZURE_SEARCH_FILENAME_COLUMN`: Field from your Azure AI Search index that gives a unique idenitfier of the source of your data to display in the UI.| -|AZURE_SEARCH_TITLE_COLUMN||Field from your Azure AI Search index that gives a relevant title or header for your data content to display in the UI.| +|AZURE_SEARCH_FILTER||Filter to apply to search queries.| +|AZURE_SEARCH_INDEX||The name of your Azure AI Search Index| +|AZURE_SEARCH_INDEXER_NAME | | The name of the Azure AI Search indexer| +|AZURE_SEARCH_INDEX_IS_PRECHUNKED | false | Whether the search index is prechunked| +|AZURE_SEARCH_KEY||An **admin key** for your Azure AI Search resource| +|AZURE_SEARCH_LAYOUT_TEXT_COLUMN|layoutText|Field from your Azure AI Search index that contains the layout-aware text content of your documents. `layoutText` if you don't have a specific requirement.| +|AZURE_SEARCH_OFFSET_COLUMN | offset | Field from your Azure AI Search index that contains offset information| +|AZURE_SEARCH_SEMANTIC_SEARCH_CONFIG|default|The name of the semantic search configuration to use if using semantic search.| +|AZURE_SEARCH_SERVICE||The URL of your Azure AI Search resource. e.g. https://.search.windows.net| |AZURE_SEARCH_SOURCE_COLUMN|source|Field from your Azure AI Search index that identifies the source of your data. `source` if you don't have a specific requirement.| |AZURE_SEARCH_TEXT_COLUMN|text|Field from your Azure AI Search index that contains the main text content of your documents. `text` if you don't have a specific requirement.| -|AZURE_SEARCH_LAYOUT_TEXT_COLUMN|layoutText|Field from your Azure AI Search index that contains the layout-aware text content of your documents. `layoutText` if you don't have a specific requirement.| +|AZURE_SEARCH_TITLE_COLUMN||Field from your Azure AI Search index that gives a relevant title or header for your data content to display in the UI.| +|AZURE_SEARCH_TOP_K|5|The number of documents to retrieve from Azure AI Search.| |AZURE_SEARCH_URL_COLUMN||Field from your Azure AI Search index that contains a URL for the document, e.g. an Azure Blob Storage URI. This value is not currently used.| -|AZURE_SEARCH_FIELDS_TAG|tag|Field from your Azure AI Search index that contains tags for the document. `tag` if you don't have a specific requirement.| -|AZURE_SEARCH_FIELDS_METADATA|metadata|Field from your Azure AI Search index that contains metadata for the document. `metadata` if you don't have a specific requirement.| -|AZURE_SEARCH_FILTER||Filter to apply to search queries.| |AZURE_SEARCH_USE_INTEGRATED_VECTORIZATION ||Whether to use [Integrated Vectorization](https://learn.microsoft.com/en-us/azure/search/vector-search-integrated-vectorization)| -|AZURE_OPENAI_RESOURCE||the name of your Azure OpenAI resource| -|AZURE_OPENAI_MODEL||The name of your model deployment| -|AZURE_OPENAI_MODEL_NAME|gpt-4.1|The name of the model| -|AZURE_OPENAI_MODEL_VERSION|2024-05-13|The version of the model to use| -|AZURE_OPENAI_API_KEY||One of the API keys of your Azure OpenAI resource| -|AZURE_OPENAI_EMBEDDING_MODEL|text-embedding-ada-002|The name of your Azure OpenAI embeddings model deployment| -|AZURE_OPENAI_EMBEDDING_MODEL_NAME|text-embedding-ada-002|The name of the embeddings model (can be found in Azure AI Foundry)| -|AZURE_OPENAI_EMBEDDING_MODEL_VERSION|2|The version of the embeddings model to use (can be found in Azure AI Foundry)| -|AZURE_OPENAI_TEMPERATURE|0|What sampling temperature to use, between 0 and 2. Higher values like 0.8 will make the output more random, while lower values like 0.2 will make it more focused and deterministic. A value of 0 is recommended when using your data.| -|AZURE_OPENAI_TOP_P|1.0|An alternative to sampling with temperature, called nucleus sampling, where the model considers the results of the tokens with top_p probability mass. We recommend setting this to 1.0 when using your data.| -|AZURE_OPENAI_MAX_TOKENS|1000|The maximum number of tokens allowed for the generated answer.| -|AZURE_OPENAI_STOP_SEQUENCE||Up to 4 sequences where the API will stop generating further tokens. Represent these as a string joined with "|", e.g. `"stop1|stop2|stop3"`| -|AZURE_OPENAI_SYSTEM_MESSAGE|You are an AI assistant that helps people find information.|A brief description of the role and tone the model should use| -|AZURE_OPENAI_API_VERSION|2024-02-01|API version when using Azure OpenAI on your data| +|AZURE_SEARCH_USE_SEMANTIC_SEARCH|False|Whether or not to use semantic search| +|AZURE_SPEECH_RECOGNIZER_LANGUAGES | en-US,fr-FR,de-DE,it-IT | Comma-separated list of languages to recognize from speech input| +|AZURE_SPEECH_REGION_ENDPOINT | | The regional endpoint of the Azure Speech service| +|AZURE_SPEECH_SERVICE_KEY | | The key of the Azure Speech service| +|AZURE_SPEECH_SERVICE_NAME | | The name of the Azure Speech service| +|AZURE_SPEECH_SERVICE_REGION | | The region (location) of the Azure Speech service| |AzureWebJobsStorage||The connection string to the Azure Blob Storage for the Azure Functions Batch processing| |BACKEND_URL||The URL for the Backend Batch Azure Function. Use http://localhost:7071 for local execution| +|CONVERSATION_FLOW | custom | Chat conversation type: custom or byod (Bring Your Own Data)| +|DATABASE_TYPE | PostgreSQL | The type of database to deploy (cosmos or postgres)| |DOCUMENT_PROCESSING_QUEUE_NAME|doc-processing|The name of the Azure Queue to handle the Batch processing| -|AZURE_BLOB_ACCOUNT_NAME||The name of the Azure Blob Storage for storing the original documents to be processed| -|AZURE_BLOB_ACCOUNT_KEY||The key of the Azure Blob Storage for storing the original documents to be processed| -|AZURE_BLOB_CONTAINER_NAME||The name of the Container in the Azure Blob Storage for storing the original documents to be processed| -|AZURE_FORM_RECOGNIZER_ENDPOINT||The name of the Azure Form Recognizer for extracting the text from the documents| -|AZURE_FORM_RECOGNIZER_KEY||The key of the Azure Form Recognizer for extracting the text from the documents| -|APPLICATIONINSIGHTS_CONNECTION_STRING||The Application Insights connection string to store the application logs| +|FUNCTION_KEY | | The function key for accessing the backend Azure Function| +|LOGLEVEL | INFO | The log level for application logging (CRITICAL, ERROR, WARN, INFO, DEBUG)| +|MANAGED_IDENTITY_CLIENT_ID | | The client ID of the user-assigned managed identity| +|MANAGED_IDENTITY_RESOURCE_ID | | The resource ID of the user-assigned managed identity| +|OPEN_AI_FUNCTIONS_SYSTEM_PROMPT | | System prompt for OpenAI functions orchestration| |ORCHESTRATION_STRATEGY | openai_function | Orchestration strategy. Use Azure OpenAI Functions (openai_function), Semantic Kernel (semantic_kernel), LangChain (langchain) or Prompt Flow (prompt_flow) for messages orchestration. If you are using a new model version 0613 select any strategy, if you are using a 0314 model version select "langchain". Note that both `openai_function` and `semantic_kernel` use OpenAI function calling. Prompt Flow option is still in development and does not support RBAC or integrated vectorization as of yet.| -|AZURE_CONTENT_SAFETY_ENDPOINT | | The endpoint of the Azure AI Content Safety service | -|AZURE_CONTENT_SAFETY_KEY | | The key of the Azure AI Content Safety service| -|AZURE_SPEECH_SERVICE_KEY | | The key of the Azure Speech service| -|AZURE_SPEECH_SERVICE_REGION | | The region (location) of the Azure Speech service| -|AZURE_AUTH_TYPE | keys | The default is to use API keys. Change the value to 'rbac' to authenticate using Role Based Access Control. For more information refer to section [Authenticate using RBAC](#authenticate-using-rbac) +|SEMANTIC_KERNEL_SYSTEM_PROMPT | | System prompt used by the Semantic Kernel orchestration| +|USE_ADVANCED_IMAGE_PROCESSING | false | Whether to enable the use of a vision LLM and Computer Vision for embedding images| +|USE_KEY_VAULT | true | Whether to use Azure Key Vault for storing secrets| ## Bicep diff --git a/docs/teams_extension.md b/docs/teams_extension.md index 9eca2938d..13bcf5ba3 100644 --- a/docs/teams_extension.md +++ b/docs/teams_extension.md @@ -16,7 +16,7 @@ This extension enables users to experience Chat with your data within Teams, wit ### Pre-requisites - [Visual Studio Code](https://code.visualstudio.com/) - Extensions - - [Teams Toolkit](https://marketplace.visualstudio.com/items?itemName=TeamsDevApp.ms-teams-vscode-extension) (optional: Teams extension only) + - [Microsoft 365 Agents Toolkit](https://marketplace.visualstudio.com/items?itemName=TeamsDevApp.ms-teams-vscode-extension) (optional: Teams extension only) - Install [Node.js](https://nodejs.org/en) - Install the LTS version (Recommended for Most Users) - [Enable custom Teams apps and turn on custom app uploading](https://learn.microsoft.com/en-us/microsoftteams/platform/concepts/build-and-test/prepare-your-o365-tenant#enable-custom-teams-apps-and-turn-on-custom-app-uploading) (optional: Teams extension only) @@ -33,18 +33,18 @@ This extension enables users to experience Chat with your data within Teams, wit ![ENV](images/teams-1.png) 4. Locate the environment variable _AZURE_FUNCTION_URL_. -5. Replace the `` and `` with the name of your Function App resource and its clientKey (created in previous section) +5. Replace the `` and `` with your actual Function App name and function key ```env - AZURE_FUNCTION_URL=https://backend-.azurewebsites.net/api/GetConversationResponse?code=&clientId=clientKey + AZURE_FUNCTION_URL=https://.azurewebsites.net/api/GetConversationResponse?code= ``` ![Env](images/teams-deploy-env.png) 6. Save the file. 7. Select Teams Toolkit from the navigation panel. -![Teams Toolkit in VS Code](images/teams-2.png) +![Microsoft 365 Agents Toolkit in VS Code](images/teams-2.png) -8. Within the Teams Toolkit panel, login to the following accounts: +8. Within the Microsoft 365 Agents Toolkit panel, login to the following accounts: **Sign in to Microsoft 365**: Use your Microsoft 365 work or school account with a valid E5 subscription for building your app. If you don't have a valid account, you can join [Microsoft 365 developer program](https://developer.microsoft.com/microsoft-365/dev-program) to get a free account before you start. diff --git a/extensions/teams/config.ts b/extensions/teams/config.ts index 6d99139a1..8330fc537 100644 --- a/extensions/teams/config.ts +++ b/extensions/teams/config.ts @@ -2,6 +2,7 @@ const config = { botId: process.env.BOT_ID, botPassword: process.env.BOT_PASSWORD, azureFunctionUrl: process.env.AZURE_FUNCTION_URL, + tenantId: process.env.TEAMS_APP_TENANT_ID, }; export default config; diff --git a/extensions/teams/index.ts b/extensions/teams/index.ts index 555a979b2..3eae007b8 100644 --- a/extensions/teams/index.ts +++ b/extensions/teams/index.ts @@ -19,7 +19,8 @@ import config from "./config"; const credentialsFactory = new ConfigurationServiceClientCredentialFactory({ MicrosoftAppId: config.botId, MicrosoftAppPassword: config.botPassword, - MicrosoftAppType: "MultiTenant", + MicrosoftAppType: "SingleTenant", + MicrosoftAppTenantId: config.tenantId }); const botFrameworkAuthentication = new ConfigurationBotFrameworkAuthentication( diff --git a/extensions/teams/infra/azure.bicep b/extensions/teams/infra/azure.bicep index 8c706f330..b5b57237f 100644 --- a/extensions/teams/infra/azure.bicep +++ b/extensions/teams/infra/azure.bicep @@ -1,4 +1,4 @@ -@maxLength(20) +@maxLength(25) @minLength(4) @description('Used to generate names for all resources in this file') param resourceBaseName string @@ -6,6 +6,9 @@ param resourceBaseName string @description('Required when create Azure Bot service') param botAadAppClientId string +@description('Required when using SingleTenant or UserAssignedMSI app type') +param botAadAppTenantId string + @secure() @description('Required by Bot Framework package in your bot project') param botAadAppClientSecret string @@ -69,6 +72,10 @@ resource webApp 'Microsoft.Web/sites@2021-02-01' = { name: 'AZURE_FUNCTION_URL' value: azureFunctionURL } + { + name: 'TEAMS_APP_TENANT_ID' + value: botAadAppTenantId + } ] ftpsState: 'FtpsOnly' } @@ -81,6 +88,7 @@ module azureBotRegistration './botRegistration/azurebot.bicep' = { params: { resourceBaseName: resourceBaseName botAadAppClientId: botAadAppClientId + botAadAppTenantId: botAadAppTenantId botAppDomain: webApp.properties.defaultHostName botDisplayName: botDisplayName } diff --git a/extensions/teams/infra/azure.parameters.json b/extensions/teams/infra/azure.parameters.json index 2d8bb37da..c342ec592 100644 --- a/extensions/teams/infra/azure.parameters.json +++ b/extensions/teams/infra/azure.parameters.json @@ -8,6 +8,9 @@ "botAadAppClientId": { "value": "${{BOT_ID}}" }, + "botAadAppTenantId": { + "value": "${{TEAMS_APP_TENANT_ID}}" + }, "botAadAppClientSecret": { "value": "${{SECRET_BOT_PASSWORD}}" }, diff --git a/extensions/teams/infra/botRegistration/azurebot.bicep b/extensions/teams/infra/botRegistration/azurebot.bicep index ab67c7a56..2251c96b4 100644 --- a/extensions/teams/infra/botRegistration/azurebot.bicep +++ b/extensions/teams/infra/botRegistration/azurebot.bicep @@ -1,4 +1,4 @@ -@maxLength(20) +@maxLength(25) // Changed from 20 to 25 to match parent template @minLength(4) @description('Used to generate names for all resources in this file') param resourceBaseName string @@ -10,9 +10,10 @@ param botServiceName string = resourceBaseName param botServiceSku string = 'F0' param botAadAppClientId string param botAppDomain string +param botAadAppTenantId string // Register your web service as a bot with the Bot Framework -resource botService 'Microsoft.BotService/botServices@2021-03-01' = { +resource botService 'Microsoft.BotService/botServices@2023-09-15-preview' = { kind: 'azurebot' location: 'global' name: botServiceName @@ -20,6 +21,8 @@ resource botService 'Microsoft.BotService/botServices@2021-03-01' = { displayName: botDisplayName endpoint: 'https://${botAppDomain}/api/messages' msaAppId: botAadAppClientId + msaAppType: 'SingleTenant' + msaAppTenantId: botAadAppTenantId } sku: { name: botServiceSku @@ -27,7 +30,7 @@ resource botService 'Microsoft.BotService/botServices@2021-03-01' = { } // Connect the bot service to Microsoft Teams -resource botServiceMsTeamsChannel 'Microsoft.BotService/botServices/channels@2021-03-01' = { +resource botServiceMsTeamsChannel 'Microsoft.BotService/botServices/channels@2023-09-15-preview' = { parent: botService location: 'global' name: 'MsTeamsChannel' diff --git a/extensions/teams/package.json b/extensions/teams/package.json index 72aa6557a..92fc66b2d 100644 --- a/extensions/teams/package.json +++ b/extensions/teams/package.json @@ -16,7 +16,8 @@ "build": "tsc --build", "start": "node ./lib/index.js", "watch": "nodemon --exec \"npm run start\"", - "test": "echo \"Error: no test specified\" && exit 1" + "test": "echo \"Error: no test specified\" && exit 1", + "enable-sp": "node ./scripts/enable-service-principal.js" }, "repository": { "type": "git", diff --git a/extensions/teams/scripts/enable-service-principal.js b/extensions/teams/scripts/enable-service-principal.js new file mode 100644 index 000000000..303a7509c --- /dev/null +++ b/extensions/teams/scripts/enable-service-principal.js @@ -0,0 +1,46 @@ +// Script to create a service principal for the Microsoft Entra application +const { exec } = require('child_process'); +const util = require('util'); +const execPromise = util.promisify(exec); + +async function createServicePrincipal() { + const appId = process.env.BOT_ID; + + if (!appId) { + console.error('Error: BOT_ID environment variable is not set'); + process.exit(1); + } + + try { + // Check if Azure CLI is installed and logged in + await execPromise('az account show'); + + // Check if service principal already exists + const checkCmd = `az ad sp list --filter "appId eq '${appId}'"`; + const { stdout } = await execPromise(checkCmd); + + const existingSpList = JSON.parse(stdout); + if (existingSpList && existingSpList.length > 0) { + console.log(`Service principal for application ID ${appId} already exists. Skipping creation.`); + process.exit(0); + } + + // Create service principal + const createCmd = `az ad sp create --id "${appId}"`; + await execPromise(createCmd); + + console.log('Service principal created successfully.'); + } catch (error) { + console.error('Error:', error.message); + if (error.message.includes('az: not found') || error.message.includes('not recognized as an internal or external command')) { + console.error('Azure CLI is not installed or not in PATH. Please install it first.'); + } else if (error.message.includes('Please run az login')) { + console.error('You are not logged into Azure. Please run az login first.'); + } else { + console.error('Failed to create service principal. Please ensure you have the right permissions.'); + } + process.exit(1); + } +} + +createServicePrincipal(); diff --git a/extensions/teams/teamsapp.yml b/extensions/teams/teamsapp.yml index 4c7018462..c4000bd75 100644 --- a/extensions/teams/teamsapp.yml +++ b/extensions/teams/teamsapp.yml @@ -27,6 +27,14 @@ provision: botId: BOT_ID # The Microsoft Entra application's client secret created for bot. botPassword: SECRET_BOT_PASSWORD + + # Create service principal for the Microsoft Entra application + - uses: cli/runNpmCommand + name: Enable Service Principal + with: + args: run enable-sp + env: + BOT_ID: ${{BOT_ID}} - uses: arm/deploy # Deploy given ARM templates parallelly. with: diff --git a/extensions/teams/tsconfig.json b/extensions/teams/tsconfig.json index 523f4a057..0d39545cd 100644 --- a/extensions/teams/tsconfig.json +++ b/extensions/teams/tsconfig.json @@ -2,7 +2,8 @@ "compilerOptions": { "declaration": true, "target": "es2021", - "module": "commonjs", + "module": "node16", + "moduleResolution": "node16", "outDir": "./lib", "rootDir": "./", "sourceMap": true, diff --git a/infra/main.bicep b/infra/main.bicep index 5f2e4dd03..2412b4a07 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -1344,6 +1344,7 @@ module function 'modules/app/function.bicep' = { DATABASE_TYPE: databaseType MANAGED_IDENTITY_CLIENT_ID: managedIdentityModule.outputs.clientId MANAGED_IDENTITY_RESOURCE_ID: managedIdentityModule.outputs.resourceId + AZURE_CLIENT_ID: managedIdentityModule.outputs.clientId // Required so LangChain AzureSearch vector store authenticates with this user-assigned managed identity APP_ENV: appEnvironment }, databaseType == 'CosmosDB' diff --git a/infra/main.json b/infra/main.json index 3ce48a0b3..53b7a01b9 100644 --- a/infra/main.json +++ b/infra/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.37.4.10188", - "templateHash": "6266543668417059167" + "templateHash": "4457227352279942075" } }, "parameters": { @@ -39568,7 +39568,7 @@ "value": "Enabled" }, "appSettings": { - "value": "[union(createObject('AZURE_BLOB_ACCOUNT_NAME', variables('storageAccountName'), 'AZURE_BLOB_CONTAINER_NAME', variables('blobContainerName'), 'AZURE_FORM_RECOGNIZER_ENDPOINT', reference('formrecognizer').outputs.endpoint.value, 'AZURE_COMPUTER_VISION_ENDPOINT', if(parameters('useAdvancedImageProcessing'), reference('computerVision').outputs.endpoint.value, ''), 'AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION', parameters('computerVisionVectorizeImageApiVersion'), 'AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_MODEL_VERSION', parameters('computerVisionVectorizeImageModelVersion'), 'AZURE_CONTENT_SAFETY_ENDPOINT', reference('contentsafety').outputs.endpoint.value, 'AZURE_KEY_VAULT_ENDPOINT', reference('keyvault').outputs.uri.value, 'AZURE_OPENAI_MODEL', parameters('azureOpenAIModel'), 'AZURE_OPENAI_MODEL_NAME', parameters('azureOpenAIModelName'), 'AZURE_OPENAI_MODEL_VERSION', parameters('azureOpenAIModelVersion'), 'AZURE_OPENAI_EMBEDDING_MODEL', parameters('azureOpenAIEmbeddingModel'), 'AZURE_OPENAI_EMBEDDING_MODEL_NAME', parameters('azureOpenAIEmbeddingModelName'), 'AZURE_OPENAI_EMBEDDING_MODEL_VERSION', parameters('azureOpenAIEmbeddingModelVersion'), 'AZURE_OPENAI_RESOURCE', variables('azureOpenAIResourceName'), 'AZURE_OPENAI_API_VERSION', parameters('azureOpenAIApiVersion'), 'USE_ADVANCED_IMAGE_PROCESSING', if(parameters('useAdvancedImageProcessing'), 'true', 'false'), 'DOCUMENT_PROCESSING_QUEUE_NAME', variables('queueName'), 'ORCHESTRATION_STRATEGY', parameters('orchestrationStrategy'), 'LOGLEVEL', parameters('logLevel'), 'AZURE_OPENAI_SYSTEM_MESSAGE', parameters('azureOpenAISystemMessage'), 'DATABASE_TYPE', parameters('databaseType'), 'MANAGED_IDENTITY_CLIENT_ID', reference('managedIdentityModule').outputs.clientId.value, 'MANAGED_IDENTITY_RESOURCE_ID', reference('managedIdentityModule').outputs.resourceId.value, 'APP_ENV', parameters('appEnvironment')), if(equals(parameters('databaseType'), 'CosmosDB'), createObject('AZURE_SEARCH_INDEX', variables('azureSearchIndex'), 'AZURE_SEARCH_SERVICE', format('https://{0}.search.windows.net', variables('azureAISearchName')), 'AZURE_SEARCH_DATASOURCE_NAME', variables('azureSearchDatasource'), 'AZURE_SEARCH_INDEXER_NAME', variables('azureSearchIndexer'), 'AZURE_SEARCH_USE_INTEGRATED_VECTORIZATION', if(parameters('azureSearchUseIntegratedVectorization'), 'true', 'false'), 'AZURE_SEARCH_FIELDS_ID', parameters('azureSearchFieldId'), 'AZURE_SEARCH_CONTENT_COLUMN', parameters('azureSearchContentColumn'), 'AZURE_SEARCH_CONTENT_VECTOR_COLUMN', parameters('azureSearchVectorColumn'), 'AZURE_SEARCH_TITLE_COLUMN', parameters('azureSearchTitleColumn'), 'AZURE_SEARCH_FIELDS_METADATA', parameters('azureSearchFieldsMetadata'), 'AZURE_SEARCH_SOURCE_COLUMN', parameters('azureSearchSourceColumn'), 'AZURE_SEARCH_TEXT_COLUMN', if(parameters('azureSearchUseIntegratedVectorization'), parameters('azureSearchTextColumn'), ''), 'AZURE_SEARCH_LAYOUT_TEXT_COLUMN', if(parameters('azureSearchUseIntegratedVectorization'), parameters('azureSearchLayoutTextColumn'), ''), 'AZURE_SEARCH_CHUNK_COLUMN', parameters('azureSearchChunkColumn'), 'AZURE_SEARCH_OFFSET_COLUMN', parameters('azureSearchOffsetColumn'), 'AZURE_SEARCH_TOP_K', parameters('azureSearchTopK')), if(equals(parameters('databaseType'), 'PostgreSQL'), createObject('AZURE_POSTGRESQL_HOST_NAME', variables('postgresDBFqdn'), 'AZURE_POSTGRESQL_DATABASE_NAME', variables('postgresDBName'), 'AZURE_POSTGRESQL_USER', reference('managedIdentityModule').outputs.name.value), createObject())))]" + "value": "[union(createObject('AZURE_BLOB_ACCOUNT_NAME', variables('storageAccountName'), 'AZURE_BLOB_CONTAINER_NAME', variables('blobContainerName'), 'AZURE_FORM_RECOGNIZER_ENDPOINT', reference('formrecognizer').outputs.endpoint.value, 'AZURE_COMPUTER_VISION_ENDPOINT', if(parameters('useAdvancedImageProcessing'), reference('computerVision').outputs.endpoint.value, ''), 'AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION', parameters('computerVisionVectorizeImageApiVersion'), 'AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_MODEL_VERSION', parameters('computerVisionVectorizeImageModelVersion'), 'AZURE_CONTENT_SAFETY_ENDPOINT', reference('contentsafety').outputs.endpoint.value, 'AZURE_KEY_VAULT_ENDPOINT', reference('keyvault').outputs.uri.value, 'AZURE_OPENAI_MODEL', parameters('azureOpenAIModel'), 'AZURE_OPENAI_MODEL_NAME', parameters('azureOpenAIModelName'), 'AZURE_OPENAI_MODEL_VERSION', parameters('azureOpenAIModelVersion'), 'AZURE_OPENAI_EMBEDDING_MODEL', parameters('azureOpenAIEmbeddingModel'), 'AZURE_OPENAI_EMBEDDING_MODEL_NAME', parameters('azureOpenAIEmbeddingModelName'), 'AZURE_OPENAI_EMBEDDING_MODEL_VERSION', parameters('azureOpenAIEmbeddingModelVersion'), 'AZURE_OPENAI_RESOURCE', variables('azureOpenAIResourceName'), 'AZURE_OPENAI_API_VERSION', parameters('azureOpenAIApiVersion'), 'USE_ADVANCED_IMAGE_PROCESSING', if(parameters('useAdvancedImageProcessing'), 'true', 'false'), 'DOCUMENT_PROCESSING_QUEUE_NAME', variables('queueName'), 'ORCHESTRATION_STRATEGY', parameters('orchestrationStrategy'), 'LOGLEVEL', parameters('logLevel'), 'AZURE_OPENAI_SYSTEM_MESSAGE', parameters('azureOpenAISystemMessage'), 'DATABASE_TYPE', parameters('databaseType'), 'MANAGED_IDENTITY_CLIENT_ID', reference('managedIdentityModule').outputs.clientId.value, 'MANAGED_IDENTITY_RESOURCE_ID', reference('managedIdentityModule').outputs.resourceId.value, 'AZURE_CLIENT_ID', reference('managedIdentityModule').outputs.clientId.value, 'APP_ENV', parameters('appEnvironment')), if(equals(parameters('databaseType'), 'CosmosDB'), createObject('AZURE_SEARCH_INDEX', variables('azureSearchIndex'), 'AZURE_SEARCH_SERVICE', format('https://{0}.search.windows.net', variables('azureAISearchName')), 'AZURE_SEARCH_DATASOURCE_NAME', variables('azureSearchDatasource'), 'AZURE_SEARCH_INDEXER_NAME', variables('azureSearchIndexer'), 'AZURE_SEARCH_USE_INTEGRATED_VECTORIZATION', if(parameters('azureSearchUseIntegratedVectorization'), 'true', 'false'), 'AZURE_SEARCH_FIELDS_ID', parameters('azureSearchFieldId'), 'AZURE_SEARCH_CONTENT_COLUMN', parameters('azureSearchContentColumn'), 'AZURE_SEARCH_CONTENT_VECTOR_COLUMN', parameters('azureSearchVectorColumn'), 'AZURE_SEARCH_TITLE_COLUMN', parameters('azureSearchTitleColumn'), 'AZURE_SEARCH_FIELDS_METADATA', parameters('azureSearchFieldsMetadata'), 'AZURE_SEARCH_SOURCE_COLUMN', parameters('azureSearchSourceColumn'), 'AZURE_SEARCH_TEXT_COLUMN', if(parameters('azureSearchUseIntegratedVectorization'), parameters('azureSearchTextColumn'), ''), 'AZURE_SEARCH_LAYOUT_TEXT_COLUMN', if(parameters('azureSearchUseIntegratedVectorization'), parameters('azureSearchLayoutTextColumn'), ''), 'AZURE_SEARCH_CHUNK_COLUMN', parameters('azureSearchChunkColumn'), 'AZURE_SEARCH_OFFSET_COLUMN', parameters('azureSearchOffsetColumn'), 'AZURE_SEARCH_TOP_K', parameters('azureSearchTopK')), if(equals(parameters('databaseType'), 'PostgreSQL'), createObject('AZURE_POSTGRESQL_HOST_NAME', variables('postgresDBFqdn'), 'AZURE_POSTGRESQL_DATABASE_NAME', variables('postgresDBName'), 'AZURE_POSTGRESQL_USER', reference('managedIdentityModule').outputs.name.value), createObject())))]" } }, "template": { @@ -56365,9 +56365,9 @@ } }, "dependsOn": [ + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').storageQueue)]", "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').storageBlob)]", "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').storageFile)]", - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').storageQueue)]", "managedIdentityModule", "network" ] @@ -56422,7 +56422,7 @@ "_generator": { "name": "bicep", "version": "0.37.4.10188", - "templateHash": "68114798306146084" + "templateHash": "15145535415197431472" } }, "parameters": { @@ -56461,7 +56461,7 @@ } }, "variables": { - "wookbookContents": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":\"@{json=# Chat With Your Data Monitoring}\",\"name\":\"Heading\"},{\"type\":9,\"content\":\"@{version=KqlParameterItem/1.0; crossComponentResources=System.Object[]; parameters=System.Object[]; style=pills; queryType=1; resourceType=microsoft.resourcegraph/resources}\",\"conditionalVisibility\":\"@{parameterName=never; comparison=isEqualTo; value=show}\",\"name\":\"Resource Parameters\"},{\"type\":9,\"content\":\"@{version=KqlParameterItem/1.0; crossComponentResources=System.Object[]; parameters=System.Object[]; style=pills; queryType=1; resourceType=microsoft.resourcegraph/resources}\",\"name\":\"Time Picker\"},{\"type\":11,\"content\":\"@{version=LinkItem/1.0; style=tabs; links=System.Object[]}\",\"name\":\"links - 4\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Operations}\",\"name\":\"Operations Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Resources}\",\"name\":\"Resources Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Open AI}\",\"name\":\"Open AI Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=AI Search}\",\"name\":\"Search Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Storage}\",\"name\":\"Storage Group\"}],\"fallbackResourceIds\":[\"azure monitor\"],\"styleSettings\":{\"paddingStyle\":\"narrow\",\"spacingStyle\":\"narrow\"},\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\r\n", + "wookbookContents": "{\"version\":\"Notebook/1.0\",\"items\":[{\"type\":1,\"content\":\"@{json=# Chat With Your Data Monitoring}\",\"name\":\"Heading\"},{\"type\":9,\"content\":\"@{version=KqlParameterItem/1.0; crossComponentResources=System.Object[]; parameters=System.Object[]; style=pills; queryType=1; resourceType=microsoft.resourcegraph/resources}\",\"conditionalVisibility\":\"@{parameterName=never; comparison=isEqualTo; value=show}\",\"name\":\"Resource Parameters\"},{\"type\":9,\"content\":\"@{version=KqlParameterItem/1.0; crossComponentResources=System.Object[]; parameters=System.Object[]; style=pills; queryType=1; resourceType=microsoft.resourcegraph/resources}\",\"name\":\"Time Picker\"},{\"type\":11,\"content\":\"@{version=LinkItem/1.0; style=tabs; links=System.Object[]}\",\"name\":\"links - 4\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Operations}\",\"name\":\"Operations Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Resources}\",\"name\":\"Resources Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Open AI}\",\"name\":\"Open AI Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=AI Search}\",\"name\":\"Search Group\"},{\"type\":12,\"content\":\"@{version=NotebookGroup/1.0; groupType=editable; items=System.Object[]}\",\"conditionalVisibility\":\"@{parameterName=selTab; comparison=isEqualTo; value=Storage}\",\"name\":\"Storage Group\"}],\"fallbackResourceIds\":[\"azure monitor\"],\"styleSettings\":{\"paddingStyle\":\"narrow\",\"spacingStyle\":\"narrow\"},\"$schema\":\"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"}\n", "wookbookContentsSubReplaced": "[replace(variables('wookbookContents'), '{subscription-id}', subscription().id)]", "wookbookContentsRGReplaced": "[replace(variables('wookbookContentsSubReplaced'), '{resource-group}', resourceGroup().name)]", "wookbookContentsAppServicePlanReplaced": "[replace(variables('wookbookContentsRGReplaced'), '{app-service-plan}', parameters('hostingPlanName'))]", diff --git a/infra/main.parameters.json b/infra/main.parameters.json index 493a0f3ff..3f8af81ce 100644 --- a/infra/main.parameters.json +++ b/infra/main.parameters.json @@ -17,8 +17,11 @@ "hostingModel": { "value": "${AZURE_APP_SERVICE_HOSTING_MODEL=code}" }, + "hostingPlanSku": { + "value": "${HOSTING_PLAN_SKU=B3}" + }, "databaseType": { - "value": "${DATABASE_TYPE}" + "value": "${DATABASE_TYPE=PostgreSQL}" }, "azureSearchUseIntegratedVectorization": { "value": "${AZURE_SEARCH_USE_INTEGRATED_VECTORIZATION=false}" @@ -26,6 +29,30 @@ "azureSearchUseSemanticSearch": { "value": "${AZURE_SEARCH_USE_SEMANTIC_SEARCH=false}" }, + "azureSearchSemanticSearchConfig": { + "value": "${AZURE_SEARCH_SEMANTIC_SEARCH_CONFIG=default}" + }, + "azureSearchIndexIsPrechunked": { + "value": "${AZURE_SEARCH_INDEX_IS_PRECHUNKED=false}" + }, + "azureSearchSku": { + "value": "${AZURE_SEARCH_SKU=standard}" + }, + "azureSearchEnableInDomain": { + "value": "${AZURE_SEARCH_ENABLE_IN_DOMAIN=true}" + }, + "azureSearchFilenameColumn": { + "value": "${AZURE_SEARCH_FILENAME_COLUMN=filename}" + }, + "azureSearchFilter": { + "value": "${AZURE_SEARCH_FILTER}" + }, + "azureSearchUrlColumn": { + "value": "${AZURE_SEARCH_URL_COLUMN=url}" + }, + "azureSearchConversationLogIndex": { + "value": "${AZURE_SEARCH_CONVERSATION_LOG_INDEX=conversations}" + }, "orchestrationStrategy": { "value": "${ORCHESTRATION_STRATEGY=openai_function}" }, @@ -83,6 +110,12 @@ "azureOpenAIModelCapacity": { "value": "${AZURE_OPENAI_MODEL_CAPACITY=30}" }, + "azureOpenAISkuName": { + "value": "${AZURE_OPENAI_SKU_NAME=S0}" + }, + "azureOpenAIStream": { + "value": "${AZURE_OPENAI_STREAM=true}" + }, "useAdvancedImageProcessing": { "value": "${USE_ADVANCED_IMAGE_PROCESSING=false}" }, @@ -134,6 +167,9 @@ "computerVisionLocation": { "value": "${AZURE_COMPUTER_VISION_LOCATION}" }, + "computerVisionSkuName": { + "value": "${COMPUTER_VISION_SKU_NAME=S1}" + }, "computerVisionVectorizeImageApiVersion": { "value": "${AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION=2024-02-01}" }, diff --git a/infra/main.waf.parameters.json b/infra/main.waf.parameters.json index ae59da140..ab9fb2fc1 100644 --- a/infra/main.waf.parameters.json +++ b/infra/main.waf.parameters.json @@ -17,12 +17,42 @@ "hostingModel": { "value": "${AZURE_APP_SERVICE_HOSTING_MODEL=code}" }, + "hostingPlanSku": { + "value": "${HOSTING_PLAN_SKU=B3}" + }, + "databaseType": { + "value": "${DATABASE_TYPE=PostgreSQL}" + }, "azureSearchUseIntegratedVectorization": { "value": "${AZURE_SEARCH_USE_INTEGRATED_VECTORIZATION=false}" }, "azureSearchUseSemanticSearch": { "value": "${AZURE_SEARCH_USE_SEMANTIC_SEARCH=false}" }, + "azureSearchSemanticSearchConfig": { + "value": "${AZURE_SEARCH_SEMANTIC_SEARCH_CONFIG=default}" + }, + "azureSearchIndexIsPrechunked": { + "value": "${AZURE_SEARCH_INDEX_IS_PRECHUNKED=false}" + }, + "azureSearchSku": { + "value": "${AZURE_SEARCH_SKU=standard}" + }, + "azureSearchEnableInDomain": { + "value": "${AZURE_SEARCH_ENABLE_IN_DOMAIN=true}" + }, + "azureSearchFilenameColumn": { + "value": "${AZURE_SEARCH_FILENAME_COLUMN=filename}" + }, + "azureSearchFilter": { + "value": "${AZURE_SEARCH_FILTER}" + }, + "azureSearchUrlColumn": { + "value": "${AZURE_SEARCH_URL_COLUMN=url}" + }, + "azureSearchConversationLogIndex": { + "value": "${AZURE_SEARCH_CONVERSATION_LOG_INDEX=conversations}" + }, "orchestrationStrategy": { "value": "${ORCHESTRATION_STRATEGY=openai_function}" }, @@ -80,6 +110,12 @@ "azureOpenAIModelCapacity": { "value": "${AZURE_OPENAI_MODEL_CAPACITY=30}" }, + "azureOpenAISkuName": { + "value": "${AZURE_OPENAI_SKU_NAME=S0}" + }, + "azureOpenAIStream": { + "value": "${AZURE_OPENAI_STREAM=true}" + }, "useAdvancedImageProcessing": { "value": "${USE_ADVANCED_IMAGE_PROCESSING=false}" }, @@ -131,6 +167,9 @@ "computerVisionLocation": { "value": "${AZURE_COMPUTER_VISION_LOCATION}" }, + "computerVisionSkuName": { + "value": "${COMPUTER_VISION_SKU_NAME=S1}" + }, "computerVisionVectorizeImageApiVersion": { "value": "${AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION=2024-02-01}" }, @@ -148,6 +187,18 @@ }, "enableScalability": { "value": true + }, + "enableRedundancy": { + "value": "${ENABLE_REDUNDANCY=false}" + }, + "enablePurgeProtection": { + "value": "${ENABLE_PURGE_PROTECTION=false}" + }, + "enableTelemetry": { + "value": "${ENABLE_TELEMETRY=true}" + }, + "tags": { + "value": {} }, "vmSize": { "value": "${AZURE_ENV_JUMPBOX_SIZE}"