diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 234c0643..ae893a9e 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,58 +1,63 @@ -{ - "name": "Multi-Project DevContainer", - "build": { - "dockerfile": "Dockerfile" - }, - "features": { - "ghcr.io/devcontainers/features/docker-in-docker:2": { - "version": "latest" - }, - "ghcr.io/va-h/devcontainers-features/uv:1": { - "shellautocompletion": true, - "version": "latest" - }, - "azure-cli": "latest" - }, - "customizations": { - "vscode": { - "extensions": [ - "ms-python.python", - "charliermarsh.ruff", - "exiasr.hadolint", - "kevinrose.vsc-python-indent", - "mosapride.zenkaku", - "ms-azuretools.vscode-docker", - "ms-python.python", - "njpwerner.autodocstring", - "redhat.vscode-yaml", - "shardulm94.trailing-spaces", - "tamasfe.even-better-toml", - "yzhang.markdown-all-in-one", - "ms-azuretools.azure-dev", - "charliermarsh.ruff", - "exiasr.hadolint", - "kevinrose.vsc-python-indent", - "mosapride.zenkaku", - "ms-azuretools.vscode-docker", - "ms-python.python", - "njpwerner.autodocstring", - "redhat.vscode-yaml", - "shardulm94.trailing-spaces", - "tamasfe.even-better-toml", - "yzhang.markdown-all-in-one", - "ms-azuretools.azure-dev", - "ms-vscode.azurecli" - ] - } - }, - "containerEnv": { - "DISPLAY": "dummy", - "PYTHONUNBUFFERED": "True", - "UV_LINK_MODE": "copy", - "UV_PROJECT_ENVIRONMENT": "/home/vscode/.venv" - }, - "postCreateCommand": "sed -i 's/\r$//' ./.devcontainer/setupEnv.sh && sh ./.devcontainer/setupEnv.sh", - "remoteEnv": { - "PYTHONPATH": "/home/vscode/.venv/bin" - } +{ + "name": "Multi-Project DevContainer", + "build": { + "dockerfile": "Dockerfile" + }, + "features": { + "ghcr.io/devcontainers/features/docker-in-docker:2": { + "version": "latest" + }, + "ghcr.io/va-h/devcontainers-features/uv:1": { + "shellautocompletion": true, + "version": "latest" + }, + "ghcr.io/devcontainers/features/azure-cli:1": { + "installBicep": true, + "version": "latest", + "bicepVersion": "latest" + }, + "azure-cli": "latest" + }, + "customizations": { + "vscode": { + "extensions": [ + "ms-python.python", + "charliermarsh.ruff", + "exiasr.hadolint", + "kevinrose.vsc-python-indent", + "mosapride.zenkaku", + "ms-azuretools.vscode-docker", + "ms-python.python", + "njpwerner.autodocstring", + "redhat.vscode-yaml", + "shardulm94.trailing-spaces", + "tamasfe.even-better-toml", + "yzhang.markdown-all-in-one", + "ms-azuretools.azure-dev", + "charliermarsh.ruff", + "exiasr.hadolint", + "kevinrose.vsc-python-indent", + "mosapride.zenkaku", + "ms-azuretools.vscode-docker", + "ms-python.python", + "njpwerner.autodocstring", + "redhat.vscode-yaml", + "shardulm94.trailing-spaces", + "tamasfe.even-better-toml", + "yzhang.markdown-all-in-one", + "ms-azuretools.azure-dev", + "ms-vscode.azurecli" + ] + } + }, + "containerEnv": { + "DISPLAY": "dummy", + "PYTHONUNBUFFERED": "True", + "UV_LINK_MODE": "copy", + "UV_PROJECT_ENVIRONMENT": "/home/vscode/.venv" + }, + "postCreateCommand": "sed -i 's/\r$//' ./.devcontainer/setupEnv.sh && sh ./.devcontainer/setupEnv.sh", + "remoteEnv": { + "PYTHONPATH": "/home/vscode/.venv/bin" + } } \ No newline at end of file diff --git a/infra/main.bicep b/infra/main.bicep index 06acdbf1..b06f22c5 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -250,7 +250,6 @@ module jumpboxVM 'br/public:avm/res/compute/virtual-machine:0.22.0' = if (enable maintenanceConfigurationResourceId: maintenanceConfiguration!.outputs.resourceId enableAutomaticUpdates: true encryptionAtHost: false - proximityPlacementGroupResourceId: proximityPlacementGroup!.outputs.resourceId availabilityZone: enableRedundancy ? 1 : -1 imageReference: { publisher: 'microsoft-dsvm' @@ -481,18 +480,6 @@ module windowsVmDataCollectionRules 'br/public:avm/res/insights/data-collection- } } -var proximityPlacementGroupResourceName = 'ppg-${solutionSuffix}' -module proximityPlacementGroup 'br/public:avm/res/compute/proximity-placement-group:0.4.1' = if (enablePrivateNetworking) { - name: take('avm.res.compute.proximity-placement-group.${proximityPlacementGroupResourceName}', 64) - params: { - name: proximityPlacementGroupResourceName - location: location - tags: tags - enableTelemetry: enableTelemetry - availabilityZone: enableRedundancy ? 1 : -1 - } -} - // ========== Private DNS Zones ========== // var privateDnsZones = [ 'privatelink.cognitiveservices.azure.com' diff --git a/infra/main.json b/infra/main.json index 40992d79..1c3e3e3e 100644 --- a/infra/main.json +++ b/infra/main.json @@ -6,7 +6,7 @@ "_generator": { "name": "bicep", "version": "0.42.1.51946", - "templateHash": "10724242613929339394" + "templateHash": "2184176346978633067" }, "name": "Content Processing Solution Accelerator", "description": "Bicep template to deploy the Content Processing Solution Accelerator with AVM compliance." @@ -255,7 +255,6 @@ "bastionHostName": "[format('bas-{0}', variables('solutionSuffix'))]", "jumpboxVmName": "[take(format('vm-{0}', variables('solutionSuffix')), 15)]", "dataCollectionRulesResourceName": "[format('dcr-{0}', variables('solutionSuffix'))]", - "proximityPlacementGroupResourceName": "[format('ppg-{0}', variables('solutionSuffix'))]", "privateDnsZones": [ "privatelink.cognitiveservices.azure.com", "privatelink.openai.azure.com", @@ -5043,9 +5042,6 @@ "encryptionAtHost": { "value": false }, - "proximityPlacementGroupResourceId": { - "value": "[reference('proximityPlacementGroup').outputs.resourceId.value]" - }, "availabilityZone": "[if(parameters('enableRedundancy'), createObject('value', 1), createObject('value', -1))]", "imageReference": { "value": { @@ -7489,13 +7485,6 @@ "description": "Optional. Storage account boot diagnostic base URI." } }, - "proximityPlacementGroupResourceId": { - "type": "string", - "defaultValue": "", - "metadata": { - "description": "Optional. Resource ID of a proximity placement group." - } - }, "virtualMachineScaleSetResourceId": { "type": "string", "defaultValue": "", @@ -8086,7 +8075,6 @@ }, "applicationProfile": "[if(not(empty(parameters('galleryApplications'))), createObject('galleryApplications', parameters('galleryApplications')), null())]", "availabilitySet": "[if(not(empty(parameters('availabilitySetResourceId'))), createObject('id', parameters('availabilitySetResourceId')), null())]", - "proximityPlacementGroup": "[if(not(empty(parameters('proximityPlacementGroupResourceId'))), createObject('id', parameters('proximityPlacementGroupResourceId')), null())]", "virtualMachineScaleSet": "[if(not(empty(parameters('virtualMachineScaleSetResourceId'))), createObject('id', parameters('virtualMachineScaleSetResourceId')), null())]", "priority": "[parameters('priority')]", "evictionPolicy": "[if(and(not(empty(parameters('priority'))), not(equals(parameters('priority'), 'Regular'))), parameters('evictionPolicy'), null())]", @@ -14115,7 +14103,6 @@ "dependsOn": [ "logAnalyticsWorkspace", "maintenanceConfiguration", - "proximityPlacementGroup", "virtualNetwork", "windowsVmDataCollectionRules" ] @@ -15869,370 +15856,6 @@ "logAnalyticsWorkspace" ] }, - "proximityPlacementGroup": { - "condition": "[parameters('enablePrivateNetworking')]", - "type": "Microsoft.Resources/deployments", - "apiVersion": "2025-04-01", - "name": "[take(format('avm.res.compute.proximity-placement-group.{0}', variables('proximityPlacementGroupResourceName')), 64)]", - "properties": { - "expressionEvaluationOptions": { - "scope": "inner" - }, - "mode": "Incremental", - "parameters": { - "name": { - "value": "[variables('proximityPlacementGroupResourceName')]" - }, - "location": { - "value": "[parameters('location')]" - }, - "tags": { - "value": "[parameters('tags')]" - }, - "enableTelemetry": { - "value": "[parameters('enableTelemetry')]" - }, - "availabilityZone": "[if(parameters('enableRedundancy'), createObject('value', 1), createObject('value', -1))]" - }, - "template": { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "languageVersion": "2.0", - "contentVersion": "1.0.0.0", - "metadata": { - "_generator": { - "name": "bicep", - "version": "0.37.4.10188", - "templateHash": "14590939924256334253" - }, - "name": "Proximity Placement Groups", - "description": "This module deploys a Proximity Placement Group." - }, - "definitions": { - "lockType": { - "type": "object", - "properties": { - "name": { - "type": "string", - "nullable": true, - "metadata": { - "description": "Optional. Specify the name of lock." - } - }, - "kind": { - "type": "string", - "allowedValues": [ - "CanNotDelete", - "None", - "ReadOnly" - ], - "nullable": true, - "metadata": { - "description": "Optional. Specify the type of lock." - } - }, - "notes": { - "type": "string", - "nullable": true, - "metadata": { - "description": "Optional. Specify the notes of the lock." - } - } - }, - "metadata": { - "description": "An AVM-aligned type for a lock.", - "__bicep_imported_from!": { - "sourceTemplate": "br:mcr.microsoft.com/bicep/avm/utl/types/avm-common-types:0.6.0" - } - } - }, - "roleAssignmentType": { - "type": "object", - "properties": { - "name": { - "type": "string", - "nullable": true, - "metadata": { - "description": "Optional. The name (as GUID) of the role assignment. If not provided, a GUID will be generated." - } - }, - "roleDefinitionIdOrName": { - "type": "string", - "metadata": { - "description": "Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." - } - }, - "principalId": { - "type": "string", - "metadata": { - "description": "Required. The principal ID of the principal (user/group/identity) to assign the role to." - } - }, - "principalType": { - "type": "string", - "allowedValues": [ - "Device", - "ForeignGroup", - "Group", - "ServicePrincipal", - "User" - ], - "nullable": true, - "metadata": { - "description": "Optional. The principal type of the assigned principal ID." - } - }, - "description": { - "type": "string", - "nullable": true, - "metadata": { - "description": "Optional. The description of the role assignment." - } - }, - "condition": { - "type": "string", - "nullable": true, - "metadata": { - "description": "Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase \"foo_storage_container\"." - } - }, - "conditionVersion": { - "type": "string", - "allowedValues": [ - "2.0" - ], - "nullable": true, - "metadata": { - "description": "Optional. Version of the condition." - } - }, - "delegatedManagedIdentityResourceId": { - "type": "string", - "nullable": true, - "metadata": { - "description": "Optional. The Resource Id of the delegated managed identity resource." - } - } - }, - "metadata": { - "description": "An AVM-aligned type for a role assignment.", - "__bicep_imported_from!": { - "sourceTemplate": "br:mcr.microsoft.com/bicep/avm/utl/types/avm-common-types:0.5.1" - } - } - } - }, - "parameters": { - "name": { - "type": "string", - "metadata": { - "description": "Required. The name of the proximity placement group that is being created." - } - }, - "type": { - "type": "string", - "defaultValue": "Standard", - "allowedValues": [ - "Standard", - "Ultra" - ], - "metadata": { - "description": "Optional. Specifies the type of the proximity placement group." - } - }, - "location": { - "type": "string", - "defaultValue": "[resourceGroup().location]", - "metadata": { - "description": "Optional. Resource location." - } - }, - "lock": { - "$ref": "#/definitions/lockType", - "nullable": true, - "metadata": { - "description": "Optional. The lock settings of the service." - } - }, - "roleAssignments": { - "type": "array", - "items": { - "$ref": "#/definitions/roleAssignmentType" - }, - "nullable": true, - "metadata": { - "description": "Optional. Array of role assignments to create." - } - }, - "tags": { - "type": "object", - "metadata": { - "__bicep_resource_derived_type!": { - "source": "Microsoft.Compute/proximityPlacementGroups@2024-11-01#properties/tags" - }, - "description": "Optional. Tags of the proximity placement group resource." - }, - "nullable": true - }, - "availabilityZone": { - "type": "int", - "allowedValues": [ - -1, - 1, - 2, - 3 - ], - "metadata": { - "description": "Required. Specifies the Availability Zone where virtual machine, virtual machine scale set or availability set associated with the proximity placement group can be created. If set to 1, 2 or 3, the availability zone is hardcoded to that value. If set to -1, no zone is defined. Note that the availability zone numbers here are the logical availability zone in your Azure subscription. Different subscriptions might have a different mapping of the physical zone and logical zone. To understand more, please refer to [Physical and logical availability zones](https://learn.microsoft.com/en-us/azure/reliability/availability-zones-overview?tabs=azure-cli#physical-and-logical-availability-zones)." - } - }, - "colocationStatus": { - "type": "object", - "metadata": { - "__bicep_resource_derived_type!": { - "source": "Microsoft.Compute/proximityPlacementGroups@2024-11-01#properties/properties/properties/colocationStatus" - }, - "description": "Optional. Describes colocation status of the Proximity Placement Group." - }, - "nullable": true - }, - "enableTelemetry": { - "type": "bool", - "defaultValue": true, - "metadata": { - "description": "Optional. Enable/Disable usage telemetry for module." - } - }, - "intent": { - "type": "object", - "metadata": { - "__bicep_resource_derived_type!": { - "source": "Microsoft.Compute/proximityPlacementGroups@2024-11-01#properties/properties/properties/intent" - }, - "description": "Optional. Specifies the user intent of the proximity placement group." - }, - "nullable": true - } - }, - "variables": { - "copy": [ - { - "name": "formattedRoleAssignments", - "count": "[length(coalesce(parameters('roleAssignments'), createArray()))]", - "input": "[union(coalesce(parameters('roleAssignments'), createArray())[copyIndex('formattedRoleAssignments')], createObject('roleDefinitionId', coalesce(tryGet(variables('builtInRoleNames'), coalesce(parameters('roleAssignments'), createArray())[copyIndex('formattedRoleAssignments')].roleDefinitionIdOrName), if(contains(coalesce(parameters('roleAssignments'), createArray())[copyIndex('formattedRoleAssignments')].roleDefinitionIdOrName, '/providers/Microsoft.Authorization/roleDefinitions/'), coalesce(parameters('roleAssignments'), createArray())[copyIndex('formattedRoleAssignments')].roleDefinitionIdOrName, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', coalesce(parameters('roleAssignments'), createArray())[copyIndex('formattedRoleAssignments')].roleDefinitionIdOrName)))))]" - } - ], - "builtInRoleNames": { - "Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]", - "Owner": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635')]", - "Reader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7')]", - "Role Based Access Control Administrator": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f58310d9-a9f6-439a-9e8d-f62e7b41a168')]", - "User Access Administrator": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9')]" - } - }, - "resources": { - "avmTelemetry": { - "condition": "[parameters('enableTelemetry')]", - "type": "Microsoft.Resources/deployments", - "apiVersion": "2024-03-01", - "name": "[format('46d3xbcp.res.compute-proximityplacementgroup.{0}.{1}', replace('0.4.1', '.', '-'), substring(uniqueString(deployment().name, parameters('location')), 0, 4))]", - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [], - "outputs": { - "telemetry": { - "type": "String", - "value": "For more information, see https://aka.ms/avm/TelemetryInfo" - } - } - } - } - }, - "proximityPlacementGroup": { - "type": "Microsoft.Compute/proximityPlacementGroups", - "apiVersion": "2022-08-01", - "name": "[parameters('name')]", - "location": "[parameters('location')]", - "tags": "[parameters('tags')]", - "zones": "[if(not(equals(parameters('availabilityZone'), -1)), array(string(parameters('availabilityZone'))), null())]", - "properties": { - "proximityPlacementGroupType": "[parameters('type')]", - "colocationStatus": "[parameters('colocationStatus')]", - "intent": "[parameters('intent')]" - } - }, - "proximityPlacementGroup_lock": { - "condition": "[and(not(empty(coalesce(parameters('lock'), createObject()))), not(equals(tryGet(parameters('lock'), 'kind'), 'None')))]", - "type": "Microsoft.Authorization/locks", - "apiVersion": "2020-05-01", - "scope": "[format('Microsoft.Compute/proximityPlacementGroups/{0}', parameters('name'))]", - "name": "[coalesce(tryGet(parameters('lock'), 'name'), format('lock-{0}', parameters('name')))]", - "properties": { - "level": "[coalesce(tryGet(parameters('lock'), 'kind'), '')]", - "notes": "[coalesce(tryGet(parameters('lock'), 'notes'), if(equals(tryGet(parameters('lock'), 'kind'), 'CanNotDelete'), 'Cannot delete resource or child resources.', 'Cannot delete or modify the resource or child resources.'))]" - }, - "dependsOn": [ - "proximityPlacementGroup" - ] - }, - "proximityPlacementGroup_roleAssignments": { - "copy": { - "name": "proximityPlacementGroup_roleAssignments", - "count": "[length(coalesce(variables('formattedRoleAssignments'), createArray()))]" - }, - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "2022-04-01", - "scope": "[format('Microsoft.Compute/proximityPlacementGroups/{0}', parameters('name'))]", - "name": "[coalesce(tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'name'), guid(resourceId('Microsoft.Compute/proximityPlacementGroups', parameters('name')), coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()].principalId, coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()].roleDefinitionId))]", - "properties": { - "roleDefinitionId": "[coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()].roleDefinitionId]", - "principalId": "[coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()].principalId]", - "description": "[tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'description')]", - "principalType": "[tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'principalType')]", - "condition": "[tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'condition')]", - "conditionVersion": "[if(not(empty(tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'condition'))), coalesce(tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'conditionVersion'), '2.0'), null())]", - "delegatedManagedIdentityResourceId": "[tryGet(coalesce(variables('formattedRoleAssignments'), createArray())[copyIndex()], 'delegatedManagedIdentityResourceId')]" - }, - "dependsOn": [ - "proximityPlacementGroup" - ] - } - }, - "outputs": { - "name": { - "type": "string", - "metadata": { - "description": "The name of the proximity placement group." - }, - "value": "[parameters('name')]" - }, - "resourceId": { - "type": "string", - "metadata": { - "description": "The resourceId the proximity placement group." - }, - "value": "[resourceId('Microsoft.Compute/proximityPlacementGroups', parameters('name'))]" - }, - "resourceGroupName": { - "type": "string", - "metadata": { - "description": "The resource group the proximity placement group was deployed into." - }, - "value": "[resourceGroup().name]" - }, - "location": { - "type": "string", - "metadata": { - "description": "The location the resource was deployed into." - }, - "value": "[reference('proximityPlacementGroup', '2022-08-01', 'full').location]" - } - } - } - } - }, "avmPrivateDnsZones": { "copy": { "name": "avmPrivateDnsZones", @@ -42853,9 +42476,9 @@ "dependsOn": [ "avmAiServices", "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').contentUnderstanding)]", - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').aiServices)]", "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').openAI)]", + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').aiServices)]", + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", "virtualNetwork" ] }, @@ -46056,9 +45679,9 @@ }, "dependsOn": [ "avmAiServices_cu", - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').aiServices)]", - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').contentUnderstanding)]", + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').aiServices)]", "virtualNetwork" ] }, diff --git a/infra/main_custom.bicep b/infra/main_custom.bicep index e96262a3..b63bbace 100644 --- a/infra/main_custom.bicep +++ b/infra/main_custom.bicep @@ -253,7 +253,6 @@ module jumpboxVM 'br/public:avm/res/compute/virtual-machine:0.22.0' = if (enable maintenanceConfigurationResourceId: maintenanceConfiguration!.outputs.resourceId enableAutomaticUpdates: true encryptionAtHost: false - proximityPlacementGroupResourceId: proximityPlacementGroup!.outputs.resourceId availabilityZone: enableRedundancy ? 1 : -1 imageReference: { publisher: 'microsoft-dsvm' @@ -484,18 +483,6 @@ module windowsVmDataCollectionRules 'br/public:avm/res/insights/data-collection- } } -var proximityPlacementGroupResourceName = 'ppg-${solutionSuffix}' -module proximityPlacementGroup 'br/public:avm/res/compute/proximity-placement-group:0.4.1' = if (enablePrivateNetworking) { - name: take('avm.res.compute.proximity-placement-group.${proximityPlacementGroupResourceName}', 64) - params: { - name: proximityPlacementGroupResourceName - location: location - tags: tags - enableTelemetry: enableTelemetry - availabilityZone: enableRedundancy ? 1 : -1 - } -} - // ========== Private DNS Zones ========== // var privateDnsZones = [ 'privatelink.cognitiveservices.azure.com' diff --git a/infra/modules/key-vault.bicep b/infra/modules/key-vault.bicep deleted file mode 100644 index dc61b127..00000000 --- a/infra/modules/key-vault.bicep +++ /dev/null @@ -1,100 +0,0 @@ -metadata name = 'Key Vault Module' -// ========== Key Vault Module ========== // -// param name string -// param location string -// param tags object -// param roleAssignments array = [] -// param enablePurgeProtection bool = false -// param enableSoftDelete bool = true -// param enableVaultForDiskEncryption bool = true -// param enableVaultForTemplateDeployment bool = true -// param publicNetworkAccess string = 'Enabled' -// param vaultsku string = 'standard' -// param softDeleteRetentionInDays int = 7 -// param enableRbacAuthorization bool = true -// param createMode string = 'default' -// param enableTelemetry bool = true - -@description('The name of the Key Vault') -param keyvaultName string - -@description('The location of the Key Vault') -param location string - -@description('Tags to be applied to the Key Vault') -param tags object - -@description('Role assignments for the Key Vault') -param roleAssignments array = [] - -@description('Enable purge protection for the Key Vault') -param enablePurgeProtection bool = false - -@description('Enable soft delete for the Key Vault') -param enableSoftDelete bool = true - -@description('Enable vault for disk encryption') -param enableVaultForDiskEncryption bool = true - -@description('Enable vault for template deployment') -param enableVaultForTemplateDeployment bool = true - -@description('Public network access setting for the Key Vault') -param publicNetworkAccess string = 'Enabled' - -@description('SKU of the Key Vault') -param keyvaultsku string = 'standard' - -@description('Soft delete retention period in days') -param softDeleteRetentionInDays int = 7 - -@description('Enable RBAC authorization for the Key Vault') -param enableRbacAuthorization bool = true - -@description('Create mode for the Key Vault') -param createMode string = 'default' - -@description('Enable telemetry for the Key Vault') -param enableTelemetry bool = true - -@description('Network ACLs for the Key Vault') -param networkAcls object = { - bypass: 'AzureServices' - defaultAction: 'Deny' -} - -// @description('Diagnostic settings for the Key Vault') -// param diagnosticSettings object = { -// enabled: true -// } - -@description('Log Analytics Workspace Resource ID for diagnostic settings') -@secure() -param logAnalyticsWorkspaceResourceId string = '' - -module avmKeyVault 'br/public:avm/res/key-vault/vault:0.13.3' = { - name: take('avm.res.key-vault.vault-${keyvaultName}', 64) - params: { - name: keyvaultName - location: location - tags: tags - roleAssignments: roleAssignments - enablePurgeProtection: enablePurgeProtection - enableSoftDelete: enableSoftDelete - enableVaultForDiskEncryption: enableVaultForDiskEncryption - enableVaultForTemplateDeployment: enableVaultForTemplateDeployment - publicNetworkAccess: publicNetworkAccess - sku: keyvaultsku - softDeleteRetentionInDays: softDeleteRetentionInDays - enableRbacAuthorization: enableRbacAuthorization - createMode: createMode - enableTelemetry: enableTelemetry - diagnosticSettings: empty(logAnalyticsWorkspaceResourceId) ? null : [{ workspaceResourceId: logAnalyticsWorkspaceResourceId }] - networkAcls: networkAcls - } -} - -// Adding additional resource deployment for WAF enabled - -output resourceId string = avmKeyVault.outputs.resourceId -output vaultUri string = avmKeyVault.outputs.uri diff --git a/src/ContentProcessorWorkflow/src/services/content_process_service.py b/src/ContentProcessorWorkflow/src/services/content_process_service.py index 4ddf49e0..2bf53131 100644 --- a/src/ContentProcessorWorkflow/src/services/content_process_service.py +++ b/src/ContentProcessorWorkflow/src/services/content_process_service.py @@ -297,7 +297,7 @@ async def poll_status( if on_poll is not None: poll_handler = on_poll(result) if inspect.isawaitable(poll_handler): - await poll_handler + _ = await poll_handler status = result.get("status", "processing") if status in ("Completed", "Error"): diff --git a/src/ContentProcessorWorkflow/src/utils/http_request.py b/src/ContentProcessorWorkflow/src/utils/http_request.py index a6b3c0d0..fb43d1ea 100644 --- a/src/ContentProcessorWorkflow/src/utils/http_request.py +++ b/src/ContentProcessorWorkflow/src/utils/http_request.py @@ -635,7 +635,7 @@ async def poll_until_done( if on_poll is not None: maybe_awaitable = on_poll(resp) if inspect.isawaitable(maybe_awaitable): - await maybe_awaitable + _ = await maybe_awaitable if resp.status in done: return resp diff --git a/src/tests/ContentProcessorAPI/libs/test_cosmos_db_helper.py b/src/tests/ContentProcessorAPI/libs/test_cosmos_db_helper.py index d9b42955..46e7cc22 100644 --- a/src/tests/ContentProcessorAPI/libs/test_cosmos_db_helper.py +++ b/src/tests/ContentProcessorAPI/libs/test_cosmos_db_helper.py @@ -120,7 +120,7 @@ def test_count_documents(mock_certifi, mock_mongo_client): result = helper.count_documents({"key": "value"}) assert result == 42 - result = helper.count_documents() + helper.count_documents() mock_container.count_documents.assert_called_with({}) diff --git a/src/tests/ContentProcessorWorkflow/conftest.py b/src/tests/ContentProcessorWorkflow/conftest.py index c8d2e564..920a27e2 100644 --- a/src/tests/ContentProcessorWorkflow/conftest.py +++ b/src/tests/ContentProcessorWorkflow/conftest.py @@ -9,10 +9,4 @@ if str(workflow_src_path) not in sys.path: sys.path.insert(0, str(workflow_src_path)) -# Import sitecustomize if available -try: - import sitecustomize # noqa: F401 -except Exception: - pass - pytest_plugins = ["pytest_mock"] diff --git a/src/tests/ContentProcessorWorkflow/libs/application/test_application_context_di.py b/src/tests/ContentProcessorWorkflow/libs/application/test_application_context_di.py index d8668eb6..3241ef22 100644 --- a/src/tests/ContentProcessorWorkflow/libs/application/test_application_context_di.py +++ b/src/tests/ContentProcessorWorkflow/libs/application/test_application_context_di.py @@ -33,7 +33,7 @@ def test_caches_instance(self) -> None: assert a is b def test_with_factory(self) -> None: - ctx = AppContext().add_singleton(_S1, lambda: _S1()) + ctx = AppContext().add_singleton(_S1, _S1) a = ctx.get_service(_S1) b = ctx.get_service(_S1) assert a is b diff --git a/src/tests/ContentProcessorWorkflow/steps/test_rai_executor.py b/src/tests/ContentProcessorWorkflow/steps/test_rai_executor.py index 8b682195..6169a3d9 100644 --- a/src/tests/ContentProcessorWorkflow/steps/test_rai_executor.py +++ b/src/tests/ContentProcessorWorkflow/steps/test_rai_executor.py @@ -11,7 +11,6 @@ from __future__ import annotations import asyncio -import sys from pathlib import Path from unittest.mock import AsyncMock, MagicMock, patch @@ -22,8 +21,6 @@ # The @handler decorator in agent_framework validates type annotations at # import time, which fails in the test environment. Patch it to a no-op # before importing the executor module. -_orig_handler = sys.modules.get("agent_framework", MagicMock()).handler # type: ignore[union-attr] - with patch("agent_framework.handler", lambda fn: fn): from steps.rai.executor.rai_executor import RAIExecutor