Deployment update

[sajeetharan]

Pull request to fix the AZD deployment issues.

Changes

• Pull in latest from main branch
• Update azure.yaml
  • Update template names to match repository name (standard in AZD)
  • Add post-provision hooks to take the results of the Bicep deployment and automatically save them to local .NET user secrets store
• Removed legacy Azure Resource Manager (ARM) templates
• Updated infra folder
  • Updated core templates
    • Removed previous version folder (this can be found in GitHub history easily)
    • Enhanced Azure Cosmos DB for NoSQL core templates to support vector search
    • Fixed bug in OpenAI core template
    • Added S1 sku support to Azure App Service plan core template
    • Added user-assigned managed identity support to Azure App Service web app core template
  • Revamped application-specific templates to match the ARM deployment done at Build 2024
• Updated application code
  • Use DefaultAzureCredential for authentiation for all three clients
  • Implemented the semantic kernel-specific application settings
  • Run dotnet format to update application code styling
  • Stripped all references to service keys from classes and record types
  • Moved warning supression to .csproj file
  • Updated appsettings.json placeholders to match typical .NET reference documentation
• Ensured that passwordless authentication works for both the currently logged-in user and the user-assigned managed identity

Validation

I validated by following these steps

1. Cloned the repository to my local machine
2. Ran azd init and provided an environment name (used for resource group name)
3. Ran azd provision to deploy the infrastructure using Bicep
4. Used F5 in Visual Studio Code to debug the solution and validate it runs successfully
5. Ran azd deploy to deploy the application code to Azure App Service using Oryx
6. Browsed the Azure App Service web app to validate it ran successfully

Note

I also validated the solution using a second environment and just azd up.

Futher recommendations

Here's a list of recommendations for improving the solution:

• Implement network security so only the Azure App Service web app can communicate with the database and AI accounts using private endpoints.
• Implement credential storage using Azure Key Vault for the remaining credentials even though they don't have keys.
• Restructe the .NET solution to have a /src folder with only the .gitignore and .sln files. Then create a project folder for the project file.
• Re-enable the .NET validation script
• Don't expose the Azure App Service endpoint directly. Use a service like Azure Front Door.
• Consider adding a devcontainer configuration file with AZD pre-installed.
• Update the Blazor application to use loading indicators instead of locking the UI while running async tasks

Known issues

• Occasionally, the Bicep template deploying the Azure App Service plan throws an error stating that the Standard tier is not supported in the current region.