Revert "feat: Use agent operations with the Azure AI Search tool for ChatWithCallTranscripts"

Author: Pavan-Microsoft

.github/workflows/deploy-KMGeneric.yml

@@ -112,7 +112,7 @@ jobs:
           echo "Generated SOLUTION_PREFIX: ${UNIQUE_SOLUTION_PREFIX}" 
       - name: Determine Tag Name Based on Branch
         id: determine_tag
-        run: echo "tagname=${{ github.ref_name == 'main' && 'latest_fdp' || github.ref_name == 'dev' && 'dev' || github.ref_name == 'demo' && 'demo' || github.ref_name == 'dependabotchanges' && 'dependabotchanges' || github.head_ref || 'default' }}" >> $GITHUB_OUTPUT
+        run: echo "tagname=${{ github.ref_name == 'main' && 'latest' || github.ref_name == 'dev' && 'dev' || github.ref_name == 'demo' && 'demo' || github.ref_name == 'dependabotchanges' && 'dependabotchanges' || github.head_ref || 'default' }}" >> $GITHUB_OUTPUT
       - name: Deploy Bicep Template
         id: deploy
         run: |

infra/deploy_ai_foundry.bicep

@@ -24,7 +24,6 @@ var keyvaultName = '${abbrs.security.keyVault}${solutionName}'
 var location = solutionLocation //'eastus2'
 var aiProjectName = '${abbrs.ai.aiFoundryProject}${solutionName}'
 var aiSearchName = '${abbrs.ai.aiSearch}${solutionName}'
-var aiSearchConnectionName = 'myVectorStoreProjectConnectionName-${solutionName}'
 
 var aiModelDeployments = [
   {
@@ -57,8 +56,8 @@ var existingOpenAIEndpoint = !empty(azureExistingAIProjectResourceId) ? format('
 var existingProjEndpoint = !empty(azureExistingAIProjectResourceId) ? format('https://{0}.services.ai.azure.com/api/projects/{1}', split(azureExistingAIProjectResourceId, '/')[8], split(azureExistingAIProjectResourceId, '/')[10]) : ''
 var existingAIServicesName = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[8] : ''
 var existingAIProjectName = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[10] : ''
-var existingAIServiceSubscription = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[2] : subscription().subscriptionId
-var existingAIServiceResourceGroup = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[4] : resourceGroup().name
+var existingAIServiceSubscription = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[2] : ''
+var existingAIServiceResourceGroup = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[4] : ''
 
 resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
   name: keyVaultName
@@ -162,9 +161,6 @@ resource aiSearch 'Microsoft.Search/searchServices@2024-06-01-preview' = {
   sku: {
     name: 'basic'
   }
-  identity: {
-    type: 'SystemAssigned'
-  }
   properties: {
     replicaCount: 1
     partitionCount: 1
@@ -176,7 +172,10 @@ resource aiSearch 'Microsoft.Search/searchServices@2024-06-01-preview' = {
     encryptionWithCmk: {
       enforcement: 'Unspecified'
     }
-    disableLocalAuth: true
+    disableLocalAuth: false
+    authOptions: {
+      apiKeyOnly: {}
+    }
     semanticSearch: 'free'
   }
 }
@@ -193,7 +192,7 @@ resource aiProject 'Microsoft.CognitiveServices/accounts/projects@2025-04-01-pre
 }
 
 resource aiproject_aisearch_connection_new 'Microsoft.CognitiveServices/accounts/projects/connections@2025-04-01-preview' = if (empty(azureExistingAIProjectResourceId)) {
-  name: aiSearchConnectionName
+  name: 'myVectorStoreProjectConnectionName-${solutionName}'
   parent: aiProject
   properties: {
     category: 'CognitiveSearch'
@@ -217,121 +216,31 @@ module existing_AIProject_SearchConnectionModule 'deploy_aifp_aisearch_connectio
     aiSearchName: aiSearchName
     aiSearchResourceId: aiSearch.id
     aiSearchLocation: aiSearch.location
-    aiSearchConnectionName: aiSearchConnectionName
+    solutionName: solutionName
   }
 }
 
 resource aiUser 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
   name: '53ca6127-db72-4b80-b1b0-d745d6d5456d'
 }
 
-resource assignFoundryRoleToMI 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (empty(azureExistingAIProjectResourceId))  {
-  name: guid(resourceGroup().id, aiServices.id, aiUser.id)
-  scope: aiServices
+resource aiUserAccessFoundry 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(resourceGroup().id, managedIdentityObjectId, aiUser.id)
   properties: {
     principalId: managedIdentityObjectId
     roleDefinitionId: aiUser.id
-    principalType: 'ServicePrincipal'
+    principalType: 'ServicePrincipal' 
   }
 }
 
-module assignFoundryRoleToMIExisting 'deploy_foundry_role_assignment.bicep' = if (!empty(azureExistingAIProjectResourceId)) {
-  name: 'assignFoundryRoleToMI'
+module assignAiUserRoleToManagedIdentity 'deploy_foundry_role_assignment.bicep' = if(!empty(azureExistingAIProjectResourceId)) {
+  name: 'assignAiUserRoleToManagedIdentity'
   scope: resourceGroup(existingAIServiceSubscription, existingAIServiceResourceGroup)
   params: {
     roleDefinitionId: aiUser.id
-    roleAssignmentName: guid(resourceGroup().id, managedIdentityObjectId, aiUser.id, 'foundry')
-    aiServicesName: !empty(azureExistingAIProjectResourceId) ? existingAIServicesName : aiServicesName
-    aiProjectName: !empty(azureExistingAIProjectResourceId) ? existingAIProjectName : aiProjectName
-    principalId: managedIdentityObjectId
-  }
-}
-
-resource assignAiUserToAiFoundryCU 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  name: guid(resourceGroup().id, aiServices_CU.id, aiUser.id)
-  scope: aiServices_CU
-  properties: {
-    principalId: managedIdentityObjectId
-    roleDefinitionId: aiUser.id
-    principalType: 'ServicePrincipal'
-  }
-}
-
-resource cognitiveServicesOpenAIUser 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
-  name: '5e0bd9bd-7b93-4f28-af87-19fc36ad61bd'
-}
-
-module assignOpenAIRoleToAISearch 'deploy_foundry_role_assignment.bicep' = {
-  name: 'assignOpenAIRoleToAISearch'
-  scope: resourceGroup(existingAIServiceSubscription, existingAIServiceResourceGroup)
-  params: {
-    roleDefinitionId: cognitiveServicesOpenAIUser.id
-    roleAssignmentName: guid(resourceGroup().id, aiSearch.id, cognitiveServicesOpenAIUser.id, 'openai-foundry')
+    roleAssignmentName: guid(managedIdentityObjectId, aiServices.id, aiUser.id)
     aiServicesName: !empty(azureExistingAIProjectResourceId) ? existingAIServicesName : aiServicesName
-    aiProjectName: !empty(azureExistingAIProjectResourceId) ? existingAIProjectName : aiProjectName
-    principalId: aiSearch.identity.principalId
-  }
-}
-
-resource searchIndexDataReader 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
-  name: '1407120a-92aa-4202-b7e9-c0e197c71c8f'
-}
-
-resource assignSearchIndexDataReaderToAiProject 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (empty(azureExistingAIProjectResourceId)) {
-  name: guid(resourceGroup().id, aiProject.id, searchIndexDataReader.id)
-  scope: aiSearch
-  properties: {
-    principalId: aiProject.identity.principalId
-    roleDefinitionId: searchIndexDataReader.id
-    principalType: 'ServicePrincipal'
-  }
-}
-
-resource assignSearchIndexDataReaderToExistingAiProject 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (!empty(azureExistingAIProjectResourceId)) {
-  name: guid(resourceGroup().id, existingAIProjectName, searchIndexDataReader.id, 'Existing')
-  scope: aiSearch
-  properties: {
-    principalId: assignOpenAIRoleToAISearch.outputs.aiProjectPrincipalId
-    roleDefinitionId: searchIndexDataReader.id
-    principalType: 'ServicePrincipal'
-  }
-}
-
-resource searchServiceContributor 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
-  name: '7ca78c08-252a-4471-8644-bb5ff32d4ba0'
-}
-
-resource assignSearchServiceContributorToAiProject 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (empty(azureExistingAIProjectResourceId)) {
-  name: guid(resourceGroup().id, aiProject.id, searchServiceContributor.id)
-  scope: aiSearch
-  properties: {
-    principalId: aiProject.identity.principalId
-    roleDefinitionId: searchServiceContributor.id
-    principalType: 'ServicePrincipal'
-  }
-}
-
-resource assignSearchServiceContributorToExistingAiProject 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (!empty(azureExistingAIProjectResourceId)) {
-  name: guid(resourceGroup().id, existingAIProjectName, searchServiceContributor.id, 'Existing')
-  scope: aiSearch
-  properties: {
-    principalId: assignOpenAIRoleToAISearch.outputs.aiProjectPrincipalId
-    roleDefinitionId: searchServiceContributor.id
-    principalType: 'ServicePrincipal'
-  }
-}
-
-resource searchIndexDataContributor 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
-  name: '8ebe5a00-799e-43f5-93ac-243d3dce84a7'
-}
-
-resource assignSearchIndexDataContributorToMI 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  name: guid(resourceGroup().id, aiProject.id, searchIndexDataContributor.id)
-  scope: aiSearch
-  properties: {
-    principalId: managedIdentityObjectId
-    roleDefinitionId: searchIndexDataContributor.id
-    principalType: 'ServicePrincipal'
+    userassignedIdentityId: managedIdentityObjectId
   }
 }
 
@@ -383,14 +292,6 @@ resource azureOpenAIEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-
   }
 }
 
-resource azureOpenAIEmbeddingDeploymentModel 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
-  parent: keyVault
-  name: 'AZURE-OPENAI-EMBEDDING-MODEL'
-  properties: {
-    value: embeddingModel
-  }
-}
-
 resource azureOpenAICUEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
   name: 'AZURE-OPENAI-CU-ENDPOINT'
@@ -407,6 +308,14 @@ resource azureOpenAICUApiVersionEntry 'Microsoft.KeyVault/vaults/secrets@2021-11
   }
 }
 
+resource azureSearchAdminKeyEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+  parent: keyVault
+  name: 'AZURE-SEARCH-KEY'
+  properties: {
+    value: aiSearch.listAdminKeys().primaryKey
+  }
+}
+
 resource azureSearchServiceEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
   name: 'AZURE-SEARCH-ENDPOINT'
@@ -481,7 +390,6 @@ output aiSearchId string = aiSearch.id
 output aiSearchTarget string = 'https://${aiSearch.name}.search.windows.net'
 output aiSearchService string = aiSearch.name
 output aiProjectName string = !empty(existingAIProjectName) ? existingAIProjectName : aiProject.name
-output aiSearchConnectionName string = aiSearchConnectionName
 
 output applicationInsightsId string = applicationInsights.id
 output logAnalyticsWorkspaceResourceName string = useExisting ? existingLogAnalyticsWorkspace.name : logAnalytics.name

infra/deploy_aifp_aisearch_connection.bicep

@@ -3,10 +3,10 @@ param existingAIServicesName string
 param aiSearchName string
 param aiSearchResourceId string
 param aiSearchLocation string
-param aiSearchConnectionName string
+param solutionName string
 
 resource projectAISearchConnection 'Microsoft.CognitiveServices/accounts/projects/connections@2025-04-01-preview' = {
-  name: '${existingAIServicesName}/${existingAIProjectName}/${aiSearchConnectionName}'
+  name: '${existingAIServicesName}/${existingAIProjectName}/myVectorStoreProjectConnectionName-${solutionName}'
   properties: {
     category: 'CognitiveSearch'
     target: 'https://${aiSearchName}.search.windows.net'

infra/deploy_backend_docker.bicep

@@ -13,7 +13,6 @@ param keyVaultName string
 param aiServicesName string
 param useLocalBuild string
 param azureExistingAIProjectResourceId string = ''
-param aiSearchName string
 var existingAIServiceSubscription = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[2] : subscription().subscriptionId
 var existingAIServiceResourceGroup = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[4] : resourceGroup().name
 var existingAIServicesName = !empty(azureExistingAIProjectResourceId) ? split(azureExistingAIProjectResourceId, '/')[8] : ''
@@ -144,23 +143,6 @@ resource keyVaultSecretsUserAssignment 'Microsoft.Authorization/roleAssignments@
   }
 }
 
-resource aiSearch 'Microsoft.Search/searchServices@2024-06-01-preview' existing = {
-  name: aiSearchName
-}
-
-resource searchIndexDataReader 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
-  name: '1407120a-92aa-4202-b7e9-c0e197c71c8f'
-}
-
-resource searchIndexDataReaderAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  name: guid(appService.name, aiSearch.name, searchIndexDataReader.id)
-  scope: aiSearch
-  properties: {
-    roleDefinitionId: searchIndexDataReader.id
-    principalId: appService.outputs.identityPrincipalId
-  }
-}
-
 resource aiUser 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
   name: '53ca6127-db72-4b80-b1b0-d745d6d5456d'
 }

infra/deploy_foundry_role_assignment.bicep

@@ -2,18 +2,13 @@ param principalId string = ''
 param roleDefinitionId string
 param roleAssignmentName string = ''
 param aiServicesName string
-param aiProjectName string = ''
+param userassignedIdentityId string = ''
 
 resource aiServices 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' existing = {
   name: aiServicesName
 }
 
-resource aiProject 'Microsoft.CognitiveServices/accounts/projects@2025-04-01-preview' existing = if (!empty(aiProjectName)) {
-  name: aiProjectName
-  parent: aiServices
-}
-
-resource roleAssignmentToFoundry 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+resource roleAssignmentToFoundry 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (!empty(aiServicesName) && !empty(principalId)) {
   name: roleAssignmentName
   scope: aiServices
   properties: {
@@ -22,5 +17,12 @@ resource roleAssignmentToFoundry 'Microsoft.Authorization/roleAssignments@2022-0
   }
 }
 
-output aiServicesPrincipalId string = aiServices.identity.principalId
-output aiProjectPrincipalId string =  !empty(aiProjectName) ? aiProject.identity.principalId : ''
+resource roleAssignmentToManagedIdentity 'Microsoft.Authorization/roleAssignments@2022-04-01' = if (!empty(userassignedIdentityId)) {
+  name: roleAssignmentName
+  scope: aiServices
+  properties: {
+    roleDefinitionId: roleDefinitionId
+    principalId: userassignedIdentityId
+    principalType: 'ServicePrincipal'
+  }
+}

infra/main.bicep

@@ -60,7 +60,7 @@ param embeddingModel string = 'text-embedding-ada-002'
 @description('Capacity of the Embedding Model deployment')
 param embeddingDeploymentCapacity int = 80
 
-param imageTag string = 'latest_fdp'
+param imageTag string = 'latest'
 
 param AZURE_LOCATION string=''
 var solutionLocation = empty(AZURE_LOCATION) ? resourceGroup().location : AZURE_LOCATION
@@ -226,8 +226,7 @@ module backend_docker 'deploy_backend_docker.bicep' = {
     keyVaultName: kvault.outputs.keyvaultName
     aiServicesName: aifoundry.outputs.aiServicesName
     useLocalBuild: useLocalBuildLower
-    azureExistingAIProjectResourceId: azureExistingAIProjectResourceId
-    aiSearchName: aifoundry.outputs.aiSearchName 
+    azureExistingAIProjectResourceId: azureExistingAIProjectResourceId 
     appSettings: {
       AZURE_OPENAI_DEPLOYMENT_MODEL: gptModelName
       AZURE_OPENAI_ENDPOINT: aifoundry.outputs.aiServicesTarget
@@ -246,9 +245,9 @@ module backend_docker 'deploy_backend_docker.bicep' = {
       SQLDB_USER_MID: managedIdentityModule.outputs.managedIdentityBackendAppOutput.clientId
 
       AZURE_AI_SEARCH_ENDPOINT: aifoundry.outputs.aiSearchTarget
+      AZURE_AI_SEARCH_API_KEY: '@Microsoft.KeyVault(SecretUri=${kvault.outputs.keyvaultUri}secrets/AZURE-SEARCH-KEY/)'
       AZURE_AI_SEARCH_INDEX: 'call_transcripts_index'
-      AZURE_AI_SEARCH_CONNECTION_NAME: aifoundry.outputs.aiSearchConnectionName
-      USE_AI_PROJECT_CLIENT: 'True'
+      USE_AI_PROJECT_CLIENT: 'False'
       DISPLAY_CHART_DEFAULT: 'False'
       APPLICATIONINSIGHTS_CONNECTION_STRING: aifoundry.outputs.applicationInsightsConnectionString
       DUMMY_TEST: 'True'
@@ -286,7 +285,6 @@ output AZURE_AI_PROJECT_NAME string = aifoundry.outputs.aiProjectName
 output AZURE_AI_SEARCH_API_KEY string = ''
 output AZURE_AI_SEARCH_ENDPOINT string = aifoundry.outputs.aiSearchTarget
 output AZURE_AI_SEARCH_INDEX string = 'call_transcripts_index'
-output AZURE_AI_SEARCH_CONNECTION_NAME string = aifoundry.outputs.aiSearchConnectionName
 output AZURE_COSMOSDB_ACCOUNT string = cosmosDBModule.outputs.cosmosAccountName
 output AZURE_COSMOSDB_CONVERSATIONS_CONTAINER string = 'conversations'
 output AZURE_COSMOSDB_DATABASE string = 'db_conversation_history'