-
Notifications
You must be signed in to change notification settings - Fork 42
Expand file tree
/
Copy pathdocker-container-sampleagent-python.yml
More file actions
277 lines (243 loc) Β· 12.4 KB
/
docker-container-sampleagent-python.yml
File metadata and controls
277 lines (243 loc) Β· 12.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
name: Deploy Python Agent Framework to Azure Container Apps
on:
push:
branches:
- users/tirthdoshi/local-playground
paths:
- 'python/agent-framework/sample-agent/**'
- '.github/workflows/docker-container-sampleagent-python.yml'
pull_request:
branches:
- main
paths:
- 'python/agent-framework/sample-agent/**'
- '.github/workflows/docker-container-sampleagent-python.yml'
workflow_dispatch:
permissions:
id-token: write # Required for OIDC authentication
contents: read
pull-requests: write # Required to comment on PRs
env:
AZURE_RESOURCE_GROUP: agent365-samples-rg
ACR_NAME: agent365samplesacr
CONTAINER_APP_NAME: agent-framework-python
CONTAINER_APP_ENV: agent365-env
IMAGE_NAME: agent-framework-python
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Azure Login with Service Principal
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Create Resource Group if needed
run: |
if ! az group exists --name ${{ env.AZURE_RESOURCE_GROUP }} --output tsv | grep -q true; then
echo "Creating Resource Group..."
az group create --name ${{ env.AZURE_RESOURCE_GROUP }} --location eastus
fi
- name: Create ACR if needed
run: |
if ! az acr show --name ${{ env.ACR_NAME }} &> /dev/null; then
echo "Creating ACR..."
az acr create \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--name ${{ env.ACR_NAME }} \
--sku Basic \
--admin-enabled true
fi
- name: Login to Azure Container Registry
run: |
az acr login --name ${{ env.ACR_NAME }}
- name: Build Docker Image
run: |
docker build \
-t ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }} \
-t ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:latest \
-f python/agent-framework/sample-agent/Dockerfile \
python/agent-framework/sample-agent
- name: Push Docker Image to ACR
run: |
docker push ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }}
docker push ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:latest
- name: Create Container App Environment if needed
run: |
if ! az containerapp env show --name ${{ env.CONTAINER_APP_ENV }} --resource-group ${{ env.AZURE_RESOURCE_GROUP }} &> /dev/null; then
echo "Creating Container App Environment..."
az containerapp env create \
--name ${{ env.CONTAINER_APP_ENV }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--location eastus
fi
- name: Deploy to Azure Container App
run: |
if az containerapp show --name ${{ env.CONTAINER_APP_NAME }} --resource-group ${{ env.AZURE_RESOURCE_GROUP }} &> /dev/null; then
echo "Updating existing Container App..."
az containerapp update \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--image ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }} \
--set-env-vars \
PORT=3978 \
AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }} \
AZURE_OPENAI_DEPLOYMENT=${{ secrets.AZURE_OPENAI_DEPLOYMENT }} \
AZURE_OPENAI_API_VERSION=${{ secrets.AZURE_OPENAI_API_VERSION }} \
AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }} \
USE_AGENTIC_AUTH=true \
ENABLE_OBSERVABILITY=true \
ENABLE_OTEL=true \
ENABLE_SENSITIVE_DATA=true \
PYTHON_ENVIRONMENT=production \
ENABLE_APPLICATION_INSIGHTS=${{ secrets.ENABLE_APPLICATION_INSIGHTS || 'false' }} \
APPLICATIONINSIGHTS_CONNECTION_STRING=${{ secrets.APPLICATIONINSIGHTS_CONNECTION_STRING || '' }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTID=${{ secrets.SERVICE_CONNECTION_CLIENT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTSECRET=${{ secrets.SERVICE_CONNECTION_CLIENT_SECRET }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__TENANTID=${{ secrets.SERVICE_CONNECTION_TENANT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__SCOPES=${{ secrets.SERVICE_CONNECTION_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__TYPE=AgenticUserAuthorization \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__SCOPES=${{ secrets.AGENTIC_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__ALTERNATEBLUEPRINTCONNECTIONNAME=${{ secrets.AGENTIC_CONNECTION_NAME || 'https://graph.microsoft.com/.default' }} \
CONNECTIONSMAP_0_SERVICEURL='*' \
CONNECTIONSMAP_0_CONNECTION=SERVICE_CONNECTION
else
echo "Creating new Container App..."
az containerapp create \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--environment ${{ env.CONTAINER_APP_ENV }} \
--image ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }} \
--registry-server ${{ env.ACR_NAME }}.azurecr.io \
--target-port 3978 \
--ingress external \
--min-replicas 1 \
--max-replicas 3 \
--cpu 0.5 \
--memory 1.0Gi \
--env-vars \
PORT=3978 \
AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }} \
AZURE_OPENAI_DEPLOYMENT=${{ secrets.AZURE_OPENAI_DEPLOYMENT }} \
AZURE_OPENAI_API_VERSION=${{ secrets.AZURE_OPENAI_API_VERSION }} \
AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }} \
USE_AGENTIC_AUTH=true \
ENABLE_OBSERVABILITY=true \
ENABLE_OTEL=true \
ENABLE_SENSITIVE_DATA=true \
PYTHON_ENVIRONMENT=production \
ENABLE_APPLICATION_INSIGHTS=${{ secrets.ENABLE_APPLICATION_INSIGHTS || 'false' }} \
APPLICATIONINSIGHTS_CONNECTION_STRING=${{ secrets.APPLICATIONINSIGHTS_CONNECTION_STRING || '' }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTID=${{ secrets.SERVICE_CONNECTION_CLIENT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTSECRET=${{ secrets.SERVICE_CONNECTION_CLIENT_SECRET }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__TENANTID=${{ secrets.SERVICE_CONNECTION_TENANT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__SCOPES=${{ secrets.SERVICE_CONNECTION_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__TYPE=AgenticUserAuthorization \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__SCOPES=${{ secrets.AGENTIC_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__ALTERNATEBLUEPRINTCONNECTIONNAME=${{ secrets.AGENTIC_CONNECTION_NAME || 'https://graph.microsoft.com/.default' }} \
CONNECTIONSMAP_0_SERVICEURL='*' \
CONNECTIONSMAP_0_CONNECTION=SERVICE_CONNECTION
fi
- name: Get Container App URL
id: get-url
run: |
FQDN=$(az containerapp show \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--query properties.configuration.ingress.fqdn \
--output tsv)
echo "π Container App deployed successfully!"
echo "π URL: https://$FQDN"
echo "π Health: https://$FQDN/api/health"
echo "π¨ Messages: https://$FQDN/api/messages"
echo "app_url=https://$FQDN" >> $GITHUB_OUTPUT
echo "health_url=https://$FQDN/api/health" >> $GITHUB_OUTPUT
echo "messages_url=https://$FQDN/api/messages" >> $GITHUB_OUTPUT
- name: View Container App Logs
run: |
echo "π Fetching recent logs..."
az containerapp logs show \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--tail 50 \
--follow false
- name: Comment on PR with Deployment URL
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
script: |
const appUrl = '${{ steps.get-url.outputs.app_url }}';
const healthUrl = '${{ steps.get-url.outputs.health_url }}';
const messagesUrl = '${{ steps.get-url.outputs.messages_url }}';
const sha = '${{ github.sha }}';
const body = `## π Deployment Successful!
Your Python Agent Framework has been deployed to Azure Container Apps.
### π Deployment Links
- **App URL**: ${appUrl}
- **Health Endpoint**: ${healthUrl}
- **Messages Endpoint**: ${messagesUrl}
### π¦ Deployment Details
- **Container App**: \`${{ env.CONTAINER_APP_NAME }}\`
- **Resource Group**: \`${{ env.AZURE_RESOURCE_GROUP }}\`
- **Image Tag**: \`${sha.substring(0, 7)}\`
- **Commit**: ${sha}
### π§ͺ Testing with Agents Playground
#### Option 1: Direct Testing (Simple)
\`\`\`bash
# Check health
curl ${healthUrl}
# Send a test message (requires authentication)
curl -X POST ${messagesUrl} \\
-H "Content-Type: application/json" \\
-d '{"type":"message","text":"Hello Agent!"}'
\`\`\`
#### Option 2: Test with Agents Playground (Interactive)
1. **Install and authenticate ngrok:**
\`\`\`bash
# Download ngrok from https://ngrok.com/download
# Authenticate with your token
ngrok authtoken YOUR_NGROK_TOKEN
\`\`\`
2. **Start ngrok tunnel:**
\`\`\`bash
ngrok http 2000
\`\`\`
Copy the HTTPS forwarding URL (e.g., \`https://abc123.ngrok.io\`)
3. **Launch Agents Playground:**
\`\`\`bash
agentsplayground -p 2000 -e ${messagesUrl} --su 'YOUR_NGROK_URL/_connector'
\`\`\`
Replace \`YOUR_NGROK_URL\` with the ngrok URL from step 2.
4. **Test your agent** in the playground UI at http://localhost:2000
---
*Deployed from commit ${sha.substring(0, 7)} by @${{ github.actor }}*`;
// Find existing comment from this bot
const comments = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
});
const botComment = comments.data.find(comment =>
comment.user.type === 'Bot' &&
comment.body.includes('π Deployment Successful!')
);
if (botComment) {
// Update existing comment
await github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: botComment.id,
body: body
});
console.log('Updated existing comment');
} else {
// Create new comment
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
console.log('Created new comment');
}