Skip to content

Commit

Permalink
Merge branch 'aca' into aks
Browse files Browse the repository at this point in the history
  • Loading branch information
dminkovski authored Mar 19, 2024
2 parents ea85be1 + 02fcaec commit 520cd7a
Show file tree
Hide file tree
Showing 14 changed files with 16 additions and 6 deletions.
5 changes: 5 additions & 0 deletions .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,11 @@
"ghcr.io/devcontainers-contrib/features/typescript:2": {},
"ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {
"version": "1.1.8"
},
"docker-in-docker": {
"version": "latest",
"moby": true,
"dockerDashComposeVersion": "v1"
}
},
"customizations": {
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ What this demo application does:
![Chat screen](docs/chatscreen.png)


## Solution Architecture and deployment Options
## Solution Architecture and deployment options

![Microservice RAG Architecture](docs/aks/aks-hla.png)

Expand Down
1 change: 1 addition & 0 deletions deploy/aca/infra/app/api.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ module app '../../../shared/host/container-app-upsert.bicep' = {
containerCpuCoreCount: '1.0'
containerMemory: '2.0Gi'
targetPort: 8080
external:false
env: union(env, [
{
name: 'AZURE_CLIENT_ID'
Expand Down
1 change: 1 addition & 0 deletions deploy/aca/infra/app/indexer.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ module app '../../../shared/host/container-app-upsert.bicep' = {
containerCpuCoreCount: '1.0'
containerMemory: '2.0Gi'
targetPort: 8080
external:false
env: union(env, [
{
name: 'AZURE_CLIENT_ID'
Expand Down
Empty file modified deploy/aca/scripts/prepdocs.sh
100644 → 100755
Empty file.
Empty file modified deploy/aca/scripts/roles.sh
100644 → 100755
Empty file.
Empty file modified deploy/aca/scripts/set-env.sh
100644 → 100755
Empty file.
4 changes: 2 additions & 2 deletions deploy/app-service/azure.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@ services:
prepackage:
windows:
shell: pwsh
run: cd ../frontend;npm install;npm run build; cp -r ./build/* ../backend/src/main/resources/static
run: cd ../frontend;npm install;npm run build; New-Item -ItemType Directory -Path "../backend/src/main/resources/static" -ErrorAction SilentlyContinue; Copy-Item ".\build\*" "..\backend\src\main\resources\static" -Recurse -Force
interactive: true
continueOnError: false
posix:
shell: sh
run: cd ../frontend;npm install;npm run build; cp -r ./build/* ../backend/src/main/resources/static
run: cd ../frontend;npm install;npm run build; mkdir -p ../backend/src/main/resources/static; cp -r ./build/* ../backend/src/main/resources/static
interactive: true
continueOnError: false

Expand Down
Empty file modified deploy/app-service/scripts/prepdocs.sh
100644 → 100755
Empty file.
Empty file modified deploy/app-service/scripts/roles.sh
100644 → 100755
Empty file.
Empty file modified deploy/app-service/scripts/set-env.sh
100644 → 100755
Empty file.
4 changes: 2 additions & 2 deletions docs/aca/README-ACA.md
Original file line number Diff line number Diff line change
Expand Up @@ -268,8 +268,8 @@ To see any exceptions and server errors, navigate to the "Investigate -> Failure

### Enabling authentication

By default, the deployed apps on ACA will have no authentication or access restrictions enabled, meaning anyone with routable network access to the web app can chat with your indexed data.You can require authentication to your Microsoft Entra by following the [Add app authentication](https://learn.microsoft.com/en-us/azure/container-apps/authentication) tutorial and set it up against the deployed web and api apps.
Furthermore in order to let Web app to access the Api app be sure to configure native client access with [user_impersonation ](https://learn.microsoft.com/en-us/azure/container-apps/authentication-azure-active-directory#native-client-application)
By default, the web app on ACA will have no authentication or access restrictions enabled, meaning anyone with routable network access to the web app can chat with your indexed data.You can require authentication to your Microsoft Entra by following the [Add app authentication](https://learn.microsoft.com/en-us/azure/container-apps/authentication) tutorial and set it up against the deployed web app.


To then limit access to a specific set of users or groups, you can follow the steps from [Restrict your Microsoft Entra app to a set of users](https://learn.microsoft.com/entra/identity-platform/howto-restrict-your-app-to-a-set-of-users) by changing "Assignment Required?" option under the Enterprise Application, and then assigning users/groups access. Users not granted explicit access will receive the error message -AADSTS50105: Your administrator has configured the application <app_name> to block users

Expand Down
3 changes: 3 additions & 0 deletions docs/aks/README-AKS.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,9 @@ For detailed instructions, see [Getting Started](#getting-started) below.

> **IMPORTANT:** In order to deploy and run this example, you'll need an **Azure subscription with access enabled for the Azure OpenAI Service**. You can request access [here](https://aka.ms/oaiapply). You can also visit [here](https://azure.microsoft.com/free/) to get some free Azure credits to get you started.
> [!CAUTION]
> At time of writing AZD has introduced a bug in AKS deployment since 1.6.1. version.Monitor this [issue](https://github.com/Azure/azure-dev/issues/3486) to check in which version it will be fixed. In the meantime consider to use azd 1.5.1 to run the aks deployment. You can download it from [here](https://github.com/Azure/azure-dev/releases/download/azure-dev-cli_1.5.1/azd-windows-amd64.msi) or visit the azd [release page](https://github.com/Azure/azure-dev/releases) to download specific os bundle
### Run in GitHub Codespaces or VS Code Dev Containers

You can run this repo virtually by using GitHub Codespaces or VS Code Dev Containers. Click on one of the buttons below to open this repo in one of those options.
Expand Down
2 changes: 1 addition & 1 deletion docs/app-service/README-App-Service.md
Original file line number Diff line number Diff line change
Expand Up @@ -436,7 +436,7 @@ Here are the most common failure scenarios and solutions:
7. After running `./app/start.ps1` or `./app/start.sh` you get `"Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.10.1:compile (default-compile) on project myproject: Fatal error compiling: invalid target release: 17"`. It means you are not using JDK 17 but a previous version. Be sure to set the `JAVA_HOME` env variable to your Java 17 installation directory and update your `PATH` env variable to have the Java 17 bin folder as the first occurrence amongst the listed directories. More info [here](https://learn.microsoft.com/en-us/java/openjdk/install)
8. While running `azd up` in VS Code Dev Containers you got this error `".. Maven: failed finding mvnw in repository path: exec: /azure-search-openai-demo-java/app/backend/mvnw: permission denied "`. Run `chmod +x ./azure-search-openai-demo-javaapp/backend/mvnw` to fix it and rerun `azd up`.
8. While running `azd up` in VS Code Dev Containers you got this error `".. Maven: failed finding mvnw in repository path: exec: /azure-search-openai-demo-java/app/backend/mvnw: permission denied "`. Run `chmod +x ./azure-search-openai-demo-java/app/backend/mvnw` to fix it and rerun `azd up`.
9. Github App CI pipeline might fail in some scenarios where the provisioned App Service instance doesn't have "Basic Auth Publishing Credentials" enabled in your subscription. To fix it, you can go to your App Service instance in Azure Portal, click on "Settings/Configuration(Panel)->General Settins (Tab)" and flag to ON the "Basic Auth Publishing Credentials" checkbox group. Or you can run the following azd cli commands:

```
Expand Down

0 comments on commit 520cd7a

Please sign in to comment.