Merge branch 'dev' into rc-dependabotchanges

Author: Ragini-Microsoft

content-gen/.env.sample .env.samplecontent-gen/.env.sample renamed to .env.sample

@@ -16,34 +16,34 @@ USE_FOUNDRY=false
 # Format: https://<project-name>.services.ai.azure.com
 AZURE_AI_PROJECT_ENDPOINT=
 
-# Image model deployment name in Foundry (e.g., gpt-image-1)
-AZURE_AI_IMAGE_DEPLOYMENT=gpt-image-1
+# Image model deployment name in Foundry (e.g., gpt-image-1-mini)
+AZURE_AI_IMAGE_MODEL_DEPLOYMENT=gpt-image-1-mini
 
 # =============================================================================
 # Azure OpenAI Configuration
 # =============================================================================
 AI_FOUNDRY_RESOURCE_ID=/subscriptions/your-subscription-id/resourceGroups/your-resource-group/providers/Microsoft.CognitiveServices/accounts/your-aif-account
-AZURE_EXISTING_AI_PROJECT_RESOURCE_ID=/subscriptions/your-subscription-id/resourceGroups/your-resource-group/providers/Microsoft.CognitiveServices/accounts/your-aif-account/projects/your-project-name
+AZURE_EXISTING_AIPROJECT_RESOURCE_ID=/subscriptions/your-subscription-id/resourceGroups/your-resource-group/providers/Microsoft.CognitiveServices/accounts/your-aif-account/projects/your-project-name
 # Your Azure OpenAI endpoint (e.g., https://your-resource.openai.azure.com/)
 AZURE_OPENAI_ENDPOINT=https://your-openai.openai.azure.com/
 
 # Model deployments
-AZURE_OPENAI_GPT_MODEL=gpt-5.1
+AZURE_ENV_GPT_MODEL_NAME=gpt-5.1
 
 # Image Generation Model Configuration
-# Supported models: gpt-image-1 or gpt-image-1.5
-AZURE_OPENAI_IMAGE_MODEL=gpt-image-1
+# Supported models: gpt-image-1-mini or gpt-image-1.5
+AZURE_ENV_IMAGE_MODEL_NAME=gpt-image-1-mini
 
-# For gpt-image-1 or gpt-image-1.5, the endpoint is the same as the main OpenAI endpoint, but you can specify a different one if needed
+# For gpt-image-1-mini or gpt-image-1.5, the endpoint is the same as the main OpenAI endpoint, but you can specify a different one if needed
 AZURE_OPENAI_GPT_IMAGE_ENDPOINT=https://your-openai.openai.azure.com
 
 # Image generation settings
-# For gpt-image-1/1.5: sizes are 1024x1024, 1536x1024, 1024x1536, auto; quality is low, medium, high, auto
+# For gpt-image-1-mini/1.5: sizes are 1024x1024, 1536x1024, 1024x1536, auto; quality is low, medium, high, auto
 AZURE_OPENAI_IMAGE_SIZE=1024x1024
 AZURE_OPENAI_IMAGE_QUALITY=medium
 
 # API versions
-AZURE_OPENAI_API_VERSION=2024-06-01
+AZURE_ENV_OPENAI_API_VERSION=2024-06-01
 AZURE_OPENAI_PREVIEW_API_VERSION=2024-02-01
 
 # Generation parameters
@@ -53,6 +53,7 @@ AZURE_OPENAI_MAX_TOKENS=2000
 # =============================================================================
 # Azure Cosmos DB
 # =============================================================================
+COSMOSDB_ACCOUNT_NAME=your-cosmos-account
 AZURE_COSMOS_ENDPOINT=https://your-cosmos.documents.azure.com:443/
 AZURE_COSMOS_DATABASE_NAME=content-generation
 AZURE_COSMOS_PRODUCTS_CONTAINER=products
@@ -106,10 +107,21 @@ BRAND_REQUIRED_DISCLOSURES=
 # =============================================================================
 # Application Settings
 # =============================================================================
+RESOURCE_GROUP_NAME=your-resource-group
 # Server configuration
 PORT=5000
 WORKERS=4
 
 # Feature flags
 AUTH_ENABLED=false
 SANITIZE_ANSWER=false
+
+# =============================================================================
+# Logging Configuration
+# =============================================================================
+# Basic logging level (DEBUG, INFO, WARNING, ERROR)
+AZURE_BASIC_LOGGING_LEVEL=INFO
+# Logging level for Azure SDK and third-party packages (DEBUG, INFO, WARNING, ERROR)
+AZURE_PACKAGE_LOGGING_LEVEL=WARNING
+# Comma-separated list of Python logger names to apply package logging level to
+AZURE_LOGGING_PACKAGES=

archive-doc-gen/.github/CODEOWNERS .github/CODEOWNERSarchive-doc-gen/.github/CODEOWNERS renamed to .github/CODEOWNERS

@@ -2,5 +2,4 @@
 # Each line is a file pattern followed by one or more owners.
 
 # These owners will be the default owners for everything in the repo.
-* @toherman-msft @Avijit-Microsoft @Roopan-Microsoft @Prajwal-Microsoft @Vinay-Microsoft @malrose07 @aniaroramsft @nchandhi @dgp10801
-
+* @Avijit-Microsoft @Roopan-Microsoft @Prajwal-Microsoft @aniaroramsft @Vinay-Microsoft @malrose07 @toherman-msft @nchandhi

.github/dependabot.yml

@@ -18,9 +18,9 @@ updates:
   # Python (pip) dependencies - grouped
   - package-ecosystem: "pip"
     directories:
-      - "/content-gen/src/backend"
-      - "/content-gen/infra/vscode_web"
-      - "/content-gen/scripts"
+      - "/src/backend"
+      - "/infra/vscode_web"
+      - "/scripts"
     schedule:
       interval: "monthly"
     target-branch: "dependabotchanges"
@@ -35,8 +35,8 @@ updates:
   # npm dependencies - grouped
   - package-ecosystem: "npm"
     directories:
-      - "/content-gen/src/app/frontend"
-      - "/content-gen/src/app/frontend-server"
+      - "/src/app/frontend"
+      - "/src/app/frontend-server"
     schedule:
       interval: "monthly"
     target-branch: "dependabotchanges"

.github/workflows/azd-template-validation.yml

@@ -0,0 +1,43 @@
+name: AZD Template Validation
+on:
+  schedule:
+    - cron: '30 1 * * 4'  #  Every Thursday at 7:00 AM IST (1:30 AM UTC)
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+  pull-requests: write
+jobs:
+  template_validation:
+    runs-on: ubuntu-latest
+    environment: production
+    name: azd template validation
+    env:
+      GH_TOKEN: ${{ github.token }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set timestamp
+        shell: bash
+        run: echo "HHMM=$(date -u +'%H%M')" >> "$GITHUB_ENV"
+
+      - name: Validate Azure Template
+        uses: microsoft/template-validation-action@v0.4.3
+        with:
+          validateAzd: ${{ vars.TEMPLATE_VALIDATE_AZD }}
+          validateTests: ${{ vars.TEMPLATE_VALIDATE_TESTS }}
+          useDevContainer: ${{ vars.TEMPLATE_USE_DEV_CONTAINER }}
+        id: validation
+        env:
+          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}-${{ env.HHMM }}
+          AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
+          AZURE_ENV_AI_SERVICE_LOCATION: ${{ secrets.AZURE_ENV_AI_SERVICE_LOCATION }}
+          AZURE_AI_MODEL_CAPACITY: 1
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: print result
+        run: cat ${{ steps.validation.outputs.resultFile }}

.github/workflows/azure-dev.yml

@@ -1,36 +1,80 @@
-name: Azure Template Validation
+name: Azure Dev Deploy
 on:
   workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - 'infra/**'
+      - 'azure*.yaml'
+      - '.github/workflows/azure-dev.yml'
 
+ 
 permissions:
   contents: read
   id-token: write
-  pull-requests: write
-
+ 
 jobs:
-  template_validation_job:
+  deploy:
     runs-on: ubuntu-latest
-    name: Template validation
+    name: azd deploy
+    environment: production
+    env:
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
+      AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
+      AZURE_ENV_AI_SERVICE_LOCATION: ${{ secrets.AZURE_ENV_AI_SERVICE_LOCATION }}
+      AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID: ${{ secrets.AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID }}
+      AZURE_EXISTING_AIPROJECT_RESOURCE_ID: ${{ secrets.AZURE_EXISTING_AIPROJECT_RESOURCE_ID }}
+      AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
 
     steps:
-      # Step 1: Checkout the code from your repository
-      - name: Checkout code
+      - name: Checkout Code
         uses: actions/checkout@v6
 
-      # Step 2: Validate the Azure template using microsoft/template-validation-action
-      - name: Validate Azure Template
-        uses: microsoft/template-validation-action@v0.4.4
-        id: validation
+      - name: Set timestamp and env name
+        shell: bash
+        run: |
+          HHMM=$(date -u +'%H%M')
+          echo "AZURE_ENV_NAME=${AZURE_ENV_NAME}-${HHMM}" >> "$GITHUB_ENV"
+
+      - name: Install azd
+        uses: Azure/setup-azd@v2
+
+      - name: Login to Azure
+        uses: azure/login@v2
         with:
-          workingDirectory: ./content-gen
-        env:
-          AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
-          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-          AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
-          AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      # Step 3: Print the result of the validation
-      - name: Print result
-        run: cat ${{ steps.validation.outputs.resultFile }}
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Login to AZD
+        shell: bash
+        run: |
+          azd auth login \
+            --client-id "$AZURE_CLIENT_ID" \
+            --federated-credential-provider "github" \
+            --tenant-id "$AZURE_TENANT_ID"
+
+      - name: Provision and Deploy
+        shell: bash
+        run: |
+          if ! azd env select "$AZURE_ENV_NAME"; then
+            azd env new "$AZURE_ENV_NAME" --subscription "$AZURE_SUBSCRIPTION_ID" --location "$AZURE_LOCATION" --no-prompt
+          fi
+
+          azd config set defaults.subscription "$AZURE_SUBSCRIPTION_ID"
+          
+
+          if [[ -n "${AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID:-}" ]]; then
+            azd env set AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID "$AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID"
+          fi
+
+          if [[ -n "${AZURE_EXISTING_AIPROJECT_RESOURCE_ID:-}" ]]; then
+            azd env set AZURE_EXISTING_AIPROJECT_RESOURCE_ID "$AZURE_EXISTING_AIPROJECT_RESOURCE_ID"
+          fi
+
+          azd up --no-prompt
+

.github/workflows/codeql.yml

@@ -14,6 +14,10 @@ on:
   schedule:
     - cron: '17 11 * * 0'
 
+concurrency:
+  group: codeql-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   analyze:
     name: Analyze

.github/workflows/deploy-orchestrator.yml

@@ -4,7 +4,7 @@ on:
   workflow_call:
     inputs:
       runner_os:
-        description: 'Runner OS (ubuntu-latest, windows-latest, or devcontainer)'
+        description: 'Runner OS (ubuntu-latest or windows-latest)'
         required: true
         type: string
       azure_location:
@@ -42,12 +42,12 @@ on:
         required: false
         default: 'GoldenPath-Testing'
         type: string
-      AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
+      AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID:
         description: 'Log Analytics Workspace ID (Optional)'
         required: false
         default: ''
         type: string
-      AZURE_EXISTING_AI_PROJECT_RESOURCE_ID:
+      AZURE_EXISTING_AIPROJECT_RESOURCE_ID:
         description: 'AI Project Resource ID (Optional)'
         required: false
         default: ''
@@ -61,19 +61,15 @@ on:
         description: 'Trigger type (workflow_dispatch, pull_request, schedule)'
         required: true
         type: string
-      image_model_choice:
-        description: 'Image model to deploy (gpt-image-1, gpt-image-1.5, none)'
+      AZURE_ENV_IMAGE_MODEL_NAME:
+        description: 'Image model to deploy (gpt-image-1-mini, gpt-image-1.5, none)'
         required: false
-        default: 'gpt-image-1'
+        default: 'gpt-image-1-mini'
         type: string
 
 env:
   AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
-permissions:
-  contents: read
-  actions: read
-  packages: write  # Required by job-deploy → job-deploy-devcontainer to push devcontainer image to GHCR
-  
+
 jobs:
   docker-build:
     uses: ./.github/workflows/job-docker-build.yml
@@ -95,27 +91,42 @@ jobs:
       EXP: ${{ inputs.EXP }}
       build_docker_image: ${{ inputs.build_docker_image }}
       existing_webapp_url: ${{ inputs.existing_webapp_url }}
-      AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
-      AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}
-      docker_image_tag: ${{ needs.docker-build.outputs.IMAGE_TAG }}
+      AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID: ${{ inputs.AZURE_ENV_EXISTING_LOG_ANALYTICS_WORKSPACE_RID }}
+      AZURE_EXISTING_AIPROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AIPROJECT_RESOURCE_ID }}
+      docker_image_tag: ${{ needs.docker-build.outputs.AZURE_ENV_IMAGE_TAG }}
       run_e2e_tests: ${{ inputs.run_e2e_tests }}
       cleanup_resources: ${{ inputs.cleanup_resources }}
-      image_model_choice: ${{ inputs.image_model_choice }}
+      AZURE_ENV_IMAGE_MODEL_NAME: ${{ inputs.AZURE_ENV_IMAGE_MODEL_NAME }}
     secrets: inherit
 
   e2e-test:
-    # if: "!cancelled() && ((needs.deploy.result == 'success' && needs.deploy.outputs.WEB_APPURL != '') || (inputs.existing_webapp_url != '' && inputs.existing_webapp_url != null)) && (inputs.trigger_type != 'workflow_dispatch' || (inputs.run_e2e_tests != 'None' && inputs.run_e2e_tests != '' && inputs.run_e2e_tests != null))"
-    if: false # Temporarily disable E2E tests
+    if: "!cancelled() && ((needs.deploy.result == 'success' && needs.deploy.outputs.WEB_APPURL != '') || (inputs.existing_webapp_url != '' && inputs.existing_webapp_url != null)) && (inputs.trigger_type != 'workflow_dispatch' || (inputs.run_e2e_tests != 'None' && inputs.run_e2e_tests != '' && inputs.run_e2e_tests != null))"
     needs: [docker-build, deploy]
     uses: ./.github/workflows/test-automation-v2.yml
     with:
       DOCGEN_URL: ${{ needs.deploy.outputs.WEB_APPURL || inputs.existing_webapp_url }}
       TEST_SUITE: ${{ inputs.trigger_type == 'workflow_dispatch' && inputs.run_e2e_tests || 'GoldenPath-Testing' }}
     secrets: inherit
 
+  cleanup-deployment:
+    if: "!cancelled() && needs.deploy.outputs.RESOURCE_GROUP_NAME != '' && inputs.existing_webapp_url == '' && (inputs.trigger_type != 'workflow_dispatch' || inputs.cleanup_resources)"
+    needs: [docker-build, deploy, e2e-test]
+    uses: ./.github/workflows/job-cleanup-deployment.yml
+    with:
+      runner_os: ${{ inputs.runner_os }}
+      trigger_type: ${{ inputs.trigger_type }}
+      cleanup_resources: ${{ inputs.cleanup_resources }}
+      existing_webapp_url: ${{ inputs.existing_webapp_url }}
+      RESOURCE_GROUP_NAME: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
+      AZURE_LOCATION: ${{ needs.deploy.outputs.AZURE_LOCATION }}
+      AZURE_ENV_AI_SERVICE_LOCATION: ${{ needs.deploy.outputs.AZURE_ENV_AI_SERVICE_LOCATION }}
+      ENV_NAME: ${{ needs.deploy.outputs.ENV_NAME }}
+      AZURE_ENV_IMAGE_TAG: ${{ needs.deploy.outputs.AZURE_ENV_IMAGE_TAG }}
+    secrets: inherit
+
   send-notification:
     if: "!cancelled()"
-    needs: [docker-build, deploy, e2e-test]
+    needs: [docker-build, deploy, e2e-test, cleanup-deployment]
     uses: ./.github/workflows/job-send-notification.yml
     with:
       trigger_type: ${{ inputs.trigger_type }}
@@ -130,20 +141,5 @@ jobs:
       QUOTA_FAILED: ${{ needs.deploy.outputs.QUOTA_FAILED }}
       TEST_SUCCESS: ${{ needs.e2e-test.outputs.TEST_SUCCESS }}
       TEST_REPORT_URL: ${{ needs.e2e-test.outputs.TEST_REPORT_URL }}
-    secrets: inherit
-
-  cleanup-deployment:
-    if: "!cancelled() && needs.deploy.outputs.RESOURCE_GROUP_NAME != '' && inputs.existing_webapp_url == '' && (inputs.trigger_type != 'workflow_dispatch' || inputs.cleanup_resources)"
-    needs: [docker-build, deploy, e2e-test]
-    uses: ./.github/workflows/job-cleanup-deployment.yml
-    with:
-      runner_os: ${{ inputs.runner_os }}
-      trigger_type: ${{ inputs.trigger_type }}
-      cleanup_resources: ${{ inputs.cleanup_resources }}
-      existing_webapp_url: ${{ inputs.existing_webapp_url }}
-      RESOURCE_GROUP_NAME: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
-      AZURE_LOCATION: ${{ needs.deploy.outputs.AZURE_LOCATION }}
-      AZURE_ENV_OPENAI_LOCATION: ${{ needs.deploy.outputs.AZURE_ENV_OPENAI_LOCATION }}
-      ENV_NAME: ${{ needs.deploy.outputs.ENV_NAME }}
-      IMAGE_TAG: ${{ needs.deploy.outputs.IMAGE_TAG }}
+      cleanup_result: ${{ needs.cleanup-deployment.result }}
     secrets: inherit