From ed5c7b7fd17bb79ab3f841d809ef9346760f0e1d Mon Sep 17 00:00:00 2001 From: Pamela Fox Date: Fri, 16 Jun 2023 08:20:39 -0700 Subject: [PATCH 1/4] Update pipeline --- .devcontainer/devcontainer.json | 9 +++++---- .github/workflows/azure-dev.yaml | 4 +++- infra/main.bicep | 5 ++++- infra/main.parameters.json | 3 +++ 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 90a0ef3..2c3babd 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -15,10 +15,11 @@ "customizations": { "vscode": { "extensions": [ - "ms-azuretools.azure-dev", - "ms-azuretools.vscode-bicep", - "ms-python.python" - ] + "ms-azuretools.azure-dev", + "ms-azuretools.vscode-bicep", + "ms-python.python", + "GitHub.vscode-github-actions" + ] } }, "postCreateCommand": "python3 -m pip install -r requirements-dev.txt", diff --git a/.github/workflows/azure-dev.yaml b/.github/workflows/azure-dev.yaml index b3b8ef6..2312884 100644 --- a/.github/workflows/azure-dev.yaml +++ b/.github/workflows/azure-dev.yaml @@ -53,7 +53,9 @@ jobs: AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} - name: Provision Infrastructure - run: azd provision --no-prompt + run: | + azd env set CREATE_ROLE_FOR_USER false + azd provision --no-prompt env: AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} diff --git a/infra/main.bicep b/infra/main.bicep index ad43eae..4700fa1 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -12,6 +12,9 @@ param location string @description('Id of the user or app to assign application roles') param principalId string = '' +@description('Flag to decide where to create OpenAI role for current user') +param createRoleForUser bool = true + param acaExists bool = false param openAiResourceName string = '' @@ -102,7 +105,7 @@ module aca 'aca.bicep' = { } -module openAiRoleUser 'core/security/role.bicep' = { +module openAiRoleUser 'core/security/role.bicep' = if (createRoleForUser) { scope: openAiResourceGroup name: 'openai-role-user' params: { diff --git a/infra/main.parameters.json b/infra/main.parameters.json index ba813b3..4ee3f90 100644 --- a/infra/main.parameters.json +++ b/infra/main.parameters.json @@ -23,6 +23,9 @@ "openAiSkuName": { "value": "${AZURE_OPENAI_SKU_NAME}" }, + "createRoleForUser": { + "value": "${CREATE_ROLE_FOR_USER=true}" + }, "acaExists": { "value": "${SERVICE_ACA_RESOURCE_EXISTS=false}" } From b5f0a0e91445a9c51b5ec28ab5644538e3d505c2 Mon Sep 17 00:00:00 2001 From: Pamela Fox Date: Fri, 16 Jun 2023 08:25:44 -0700 Subject: [PATCH 2/4] Try no prompt --- .github/workflows/azure-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/azure-dev.yaml b/.github/workflows/azure-dev.yaml index 2312884..a00911a 100644 --- a/.github/workflows/azure-dev.yaml +++ b/.github/workflows/azure-dev.yaml @@ -54,7 +54,7 @@ jobs: - name: Provision Infrastructure run: | - azd env set CREATE_ROLE_FOR_USER false + azd env set CREATE_ROLE_FOR_USER false --no-prompt azd provision --no-prompt env: AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} From 07dc6de3cc704a27dfba78dcf918c669a109bb13 Mon Sep 17 00:00:00 2001 From: Pamela Fox Date: Fri, 16 Jun 2023 08:36:30 -0700 Subject: [PATCH 3/4] Fix tabs to spaces --- .devcontainer/devcontainer.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 2c3babd..1e81b28 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -15,11 +15,11 @@ "customizations": { "vscode": { "extensions": [ - "ms-azuretools.azure-dev", - "ms-azuretools.vscode-bicep", - "ms-python.python", - "GitHub.vscode-github-actions" - ] + "ms-azuretools.azure-dev", + "ms-azuretools.vscode-bicep", + "ms-python.python", + "GitHub.vscode-github-actions" + ] } }, "postCreateCommand": "python3 -m pip install -r requirements-dev.txt", From de3215eeb0efc64f90de38b161ed5d78e0883c92 Mon Sep 17 00:00:00 2001 From: Pamela Fox Date: Fri, 16 Jun 2023 09:11:58 -0700 Subject: [PATCH 4/4] Describe CI/CD in readme --- README.md | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 77d1034..34105b8 100644 --- a/README.md +++ b/README.md @@ -30,17 +30,17 @@ If you're not using one of those options for opening the project, then you'll ne pre-commit install ``` -### Deployment +## Deployment This repo is set up for deployment on Azure Container Apps using the configuration files in the `infra` folder. -#### Prerequisites for deployment +### Prerequisites for deployment 1. Sign up for a [free Azure account](https://azure.microsoft.com/free/) and create an Azure Subscription. 2. Request access to Azure OpenAI Service by completing the form at [https://aka.ms/oai/access](https://aka.ms/oai/access) and awaiting approval. 2. Install the [Azure Developer CLI](https://learn.microsoft.com/azure/developer/azure-developer-cli/install-azd). (If you open this repository in Codespaces or with the VS Code Dev Containers extension, that part will be done for you.) -#### Deployment from scratch +### Deployment from scratch 1. Login to Azure: @@ -62,7 +62,7 @@ This repo is set up for deployment on Azure Container Apps using the configurati azd deploy ``` -#### Deployment with existing resources +### Deployment with existing resources If you already have an OpenAI resource and would like to re-use it, first follow these steps. @@ -77,6 +77,16 @@ If you already have an OpenAI resource and would like to re-use it, first follow ``` 3. Then follow the steps for deployment above. +### CI/CD pipeline + +This project includes a Github workflow for deploying the resources to Azure +on every push to main. That workflow requires several Azure-related authentication secrets +to be stored as Github action secrets. To set that up, run: + +```shell +azd pipeline config +``` + ### Costs Pricing varies per region and usage, so it isn't possible to predict exact costs for your usage.