Skip to content

Trigger workflow run #26

Trigger workflow run

Trigger workflow run #26

name: Deploy Python Agent Framework to Azure Container Apps
on:
push:
branches:
- users/tirthdoshi/local-playground
paths:
- 'python/agent-framework/sample-agent/**'
- '.github/workflows/docker-container-sampleagent-python.yml'
workflow_dispatch:
permissions:
id-token: write # Required for OIDC authentication
contents: read
env:
AZURE_RESOURCE_GROUP: agent365-samples-rg
ACR_NAME: agent365samplesacr
CONTAINER_APP_NAME: agent-framework-python
CONTAINER_APP_ENV: agent365-env
IMAGE_NAME: agent-framework-python
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Azure Login with Service Principal
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Create Resource Group if needed
run: |
if ! az group exists --name ${{ env.AZURE_RESOURCE_GROUP }} --output tsv | grep -q true; then
echo "Creating Resource Group..."
az group create --name ${{ env.AZURE_RESOURCE_GROUP }} --location eastus
fi
- name: Create ACR if needed
run: |
if ! az acr show --name ${{ env.ACR_NAME }} &> /dev/null; then
echo "Creating ACR..."
az acr create \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--name ${{ env.ACR_NAME }} \
--sku Basic \
--admin-enabled true
fi
- name: List files
run: |
pwd
ls -R .
- name: Login to Azure Container Registry
run: |
az acr login --name ${{ env.ACR_NAME }}
- name: Build Docker Image
run: |
docker build \
-t ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }} \
-t ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:latest \
-f python/agent-framework/sample-agent/Dockerfile \
python/agent-framework/sample-agent
- name: Push Docker Image to ACR
run: |
docker push ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }}
docker push ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:latest
- name: Create Container App Environment if needed
run: |
if ! az containerapp env show --name ${{ env.CONTAINER_APP_ENV }} --resource-group ${{ env.AZURE_RESOURCE_GROUP }} &> /dev/null; then
echo "Creating Container App Environment..."
az containerapp env create \
--name ${{ env.CONTAINER_APP_ENV }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--location eastus
fi
- name: Deploy to Azure Container App
run: |
if az containerapp show --name ${{ env.CONTAINER_APP_NAME }} --resource-group ${{ env.AZURE_RESOURCE_GROUP }} &> /dev/null; then
echo "Updating existing Container App..."
az containerapp update \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--image ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }} \
--set-env-vars \
PORT=3978 \
AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }} \
AZURE_OPENAI_DEPLOYMENT=${{ secrets.AZURE_OPENAI_DEPLOYMENT }} \
AZURE_OPENAI_API_VERSION=${{ secrets.AZURE_OPENAI_API_VERSION }} \
AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }} \
USE_AGENTIC_AUTH=true \
ENABLE_OBSERVABILITY=true \
ENABLE_OTEL=true \
ENABLE_SENSITIVE_DATA=true \
PYTHON_ENVIRONMENT=production \
ENABLE_APPLICATION_INSIGHTS=${{ secrets.ENABLE_APPLICATION_INSIGHTS || 'false' }} \
APPLICATIONINSIGHTS_CONNECTION_STRING=${{ secrets.APPLICATIONINSIGHTS_CONNECTION_STRING || '' }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTID=${{ secrets.SERVICE_CONNECTION_CLIENT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTSECRET=${{ secrets.SERVICE_CONNECTION_CLIENT_SECRET }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__TENANTID=${{ secrets.SERVICE_CONNECTION_TENANT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__SCOPES=${{ secrets.SERVICE_CONNECTION_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__TYPE=AgenticUserAuthorization \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__SCOPES=${{ secrets.AGENTIC_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__ALTERNATEBLUEPRINTCONNECTIONNAME=${{ secrets.AGENTIC_CONNECTION_NAME || 'https://graph.microsoft.com/.default' }} \
CONNECTIONSMAP_0_SERVICEURL='*' \
CONNECTIONSMAP_0_CONNECTION=SERVICE_CONNECTION
else
echo "Creating new Container App..."
az containerapp create \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--environment ${{ env.CONTAINER_APP_ENV }} \
--image ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ github.sha }} \
--registry-server ${{ env.ACR_NAME }}.azurecr.io \
--target-port 3978 \
--ingress external \
--min-replicas 1 \
--max-replicas 3 \
--cpu 0.5 \
--memory 1.0Gi \
--env-vars \
PORT=3978 \
AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }} \
AZURE_OPENAI_DEPLOYMENT=${{ secrets.AZURE_OPENAI_DEPLOYMENT }} \
AZURE_OPENAI_API_VERSION=${{ secrets.AZURE_OPENAI_API_VERSION }} \
AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }} \
USE_AGENTIC_AUTH=true \
ENABLE_OBSERVABILITY=true \
ENABLE_OTEL=true \
ENABLE_SENSITIVE_DATA=true \
PYTHON_ENVIRONMENT=production \
ENABLE_APPLICATION_INSIGHTS=${{ secrets.ENABLE_APPLICATION_INSIGHTS || 'false' }} \
APPLICATIONINSIGHTS_CONNECTION_STRING=${{ secrets.APPLICATIONINSIGHTS_CONNECTION_STRING || '' }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTID=${{ secrets.SERVICE_CONNECTION_CLIENT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__CLIENTSECRET=${{ secrets.SERVICE_CONNECTION_CLIENT_SECRET }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__TENANTID=${{ secrets.SERVICE_CONNECTION_TENANT_ID }} \
CONNECTIONS__SERVICE_CONNECTION__SETTINGS__SCOPES=${{ secrets.SERVICE_CONNECTION_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__TYPE=AgenticUserAuthorization \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__SCOPES=${{ secrets.AGENTIC_SCOPES || 'https://graph.microsoft.com/.default' }} \
AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__AGENTIC__SETTINGS__ALTERNATEBLUEPRINTCONNECTIONNAME=${{ secrets.AGENTIC_CONNECTION_NAME || 'https://graph.microsoft.com/.default' }} \
CONNECTIONSMAP_0_SERVICEURL='*' \
CONNECTIONSMAP_0_CONNECTION=SERVICE_CONNECTION
fi
- name: Get Container App URL
run: |
FQDN=$(az containerapp show \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--query properties.configuration.ingress.fqdn \
--output tsv)
echo "πŸš€ Container App deployed successfully!"
echo "🌐 URL: https://$FQDN"
echo "πŸ“ Health: https://$FQDN/api/health"
echo "πŸ“¨ Messages: https://$FQDN/api/messages"
- name: View Container App Logs
run: |
echo "πŸ“‹ Fetching recent logs..."
az containerapp logs show \
--name ${{ env.CONTAINER_APP_NAME }} \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--tail 50 \
--follow false