More workflows

Author: pamelafox

.devcontainer/devcontainer.json

@@ -1,7 +1,7 @@
 // For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
 // https://github.com/microsoft/vscode-dev-containers/tree/v0.245.0/containers/python-3
 {
-	"name": "RAG on database",
+	"name": "rag-postgres-openai-python",
 	"dockerComposeFile": "docker-compose.yaml",
 	"service": "app",
 	"workspaceFolder": "/workspace",

.github/workflows/tests.yaml renamed to .github/workflows/app-tests.yaml

@@ -1,4 +1,4 @@
-name: Python check
+name: App Tests
 
 on:
   push:
@@ -33,4 +33,11 @@ jobs:
             architecture: x64
         - name: Install dependencies
           run: |
-            python3 -m pip install -e src
+            python -m pip install -r requirements-dev.txt
+        - name: Install app as editable app
+          run: |
+            python -m pip install -e src
+        - name: Setup local database with seed data
+            cp .env.sample .env
+            python ./src/fastapi_app/setup_postgres_database.py
+            python ./src/fastapi_app/setup_postgres_seeddata.py

.github/workflows/bicep-audit.yaml

@@ -1,4 +1,4 @@
-name: Validate AZD template
+name: Bicep Security Scan
 on:
   push:
     branches: [ main ]
@@ -10,7 +10,6 @@ on:
       - "infra/**"
   workflow_dispatch:
 
-
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -21,19 +20,19 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Build Bicep for linting
-        uses: azure/CLI@v1
+        uses: azure/CLI@v2
         with:
           inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f infra/main.bicep --stdout
 
       - name: Run Microsoft Security DevOps Analysis
-        uses: microsoft/security-devops-action@v1
+        uses: microsoft/security-devops-action@preview
         id: msdo
         continue-on-error: true
         with:
           tools: templateanalyzer
 
       - name: Upload alerts to Security tab
         uses: github/codeql-action/upload-sarif@v3
-        if: github.repository == 'Azure-Samples/langfuse-on-azure'
+        if: github.repository == 'Azure-Samples/azure-search-openai-demo'
         with:
           sarif_file: ${{ steps.msdo.outputs.sarifFile }}

.github/workflows/bicep-validation.yaml renamed to .github/workflows/bicep-security-scan.yaml

@@ -0,0 +1,25 @@
+name: Python code quality
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+        - uses: actions/checkout@v4
+        - name: Set up Python 3
+          uses: actions/setup-python@v5
+          with:
+            python-version: "3.12"
+        - name: Install dependencies
+          run: |
+            python -m pip install --upgrade pip
+            pip install -r requirements-dev.txt
+        - name: Lint with ruff
+          run: ruff .
+        - name: Check formatting with black
+          run: black . --check --verbose

.github/workflows/python-code-quality.yaml

@@ -1,4 +1,4 @@
-# Contributing to [project-title]
+# Contributing
 
 This project welcomes contributions and suggestions.  Most contributions require you to agree to a
 Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
@@ -15,7 +15,9 @@ contact [[email protected]](mailto:[email protected]) with any additio
  - [Code of Conduct](#coc)
  - [Issues and Bugs](#issue)
  - [Feature Requests](#feature)
- - [Submission Guidelines](#submit)
+ - [Submitting a PR](#submit-pr)
+ - [Running Tests](#tests)
+ - [Code Style](#style)
 
 ## <a name="coc"></a> Code of Conduct
 Help us keep this project open and inclusive. Please read and follow our [Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
@@ -51,26 +53,64 @@ chances of your issue being dealt with quickly:
 * **Suggest a Fix** - if you can't fix the bug yourself, perhaps you can point to what might be
   causing the problem (line of code or commit)
 
-You can file new issues by providing the above information at the corresponding repository's issues link: https://github.com/Azure-Samples/rag-postgres-openai-python/issues/new].
+You can file new issues by providing the above information at the corresponding repository's issues link: https://github.com/Azure-samples/rag-postgres-openai-python/issues/new].
 
 ### <a name="submit-pr"></a> Submitting a Pull Request (PR)
 Before you submit your Pull Request (PR) consider the following guidelines:
 
-* Search the repository (https://github.com/Azure-Samples/rag-postgres-openai-python/pulls) for an open or closed PR
+* Search the repository (https://github.com/Azure-samples/rag-postgres-openai-python/pulls) for an open or closed PR
   that relates to your submission. You don't want to duplicate effort.
-
 * Make your changes in a new git fork
+* Follow [Code style conventions](#style)
+* [Run the tests](#tests) (and write new ones, if needed)
 * Commit your changes using a descriptive commit message
 * Push your fork to GitHub
-* In GitHub, create a pull request
-* If we suggest changes then:
-  * Make the required updates.
-  * Rebase your fork and force push to your GitHub repository (this will update your Pull Request):
+* In GitHub, create a pull request to the `main` branch of the repository
+* Ask a maintainer to review your PR and address any comments they might have
+
+## <a name="tests"></a> Setting up the development environment
+
+Install the development dependencies:
+
+```
+python3 -m pip install -r requirements-dev.txt
+```
+
+Install the pre-commit hooks:
+
+```
+pre-commit install
+```
+
+Compile the JavaScript:
+
+```
+( cd ./app/frontend ; npm install ; npm run build )
+```
+
+## <a name="style"></a> Code Style
+
+This codebase includes several languages: TypeScript, Python, Bicep, Powershell, and Bash.
+Code should follow the standard conventions of each language.
+
+For Python, you can enforce the conventions using `ruff` and `black`.
+
+Install the development dependencies:
+
+```
+python3 -m pip install -r requirements-dev.txt
+```
+
+Run `ruff` to lint a file:
+
+```
+python3 -m ruff <path-to-file>
+```
 
-    ```shell
-    git rebase master -i
-    git push -f
-    ```
+Run `black` to format a file:
 
-That's it! Thank you for your contribution!
+```
+python3 -m black <path-to-file>
+```
 
+If you followed the steps above to install the pre-commit hooks, then you can just wait for those hooks to run `ruff` and `black` for you.

CONTRIBUTING.md

@@ -42,7 +42,7 @@ You can run this template virtually by using GitHub Codespaces. The button will
 3. Sign in to your Azure account:
 
     ```shell
-    azd auth login --use-device-code
+    azd auth login
     ```
 
 4. Provision the resources and deploy the code:

README.md

@@ -246,7 +246,6 @@ module web 'web.bicep' = {
   }
 }
 
-
 resource openAiResourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' existing =
   if (!empty(openAiResourceGroupName)) {
     name: !empty(openAiResourceGroupName) ? openAiResourceGroupName : resourceGroup.name
@@ -293,15 +292,16 @@ module openAi 'core/ai/cognitiveservices.bicep' = {
 }
 
 // USER ROLES
-module openAiRoleUser 'core/security/role.bicep' = if (empty(runningOnGh)) {
-  scope: openAiResourceGroup
-  name: 'openai-role-user'
-  params: {
-    principalId: principalId
-    roleDefinitionId: '5e0bd9bd-7b93-4f28-af87-19fc36ad61bd'
-    principalType: 'User'
+module openAiRoleUser 'core/security/role.bicep' =
+  if (empty(runningOnGh)) {
+    scope: openAiResourceGroup
+    name: 'openai-role-user'
+    params: {
+      principalId: principalId
+      roleDefinitionId: '5e0bd9bd-7b93-4f28-af87-19fc36ad61bd'
+      principalType: 'User'
+    }
   }
-}
 
 // Backend roles
 module openAiRoleBackend 'core/security/role.bicep' = {
@@ -314,7 +314,6 @@ module openAiRoleBackend 'core/security/role.bicep' = {
   }
 }
 
-
 output AZURE_LOCATION string = location
 output APPLICATIONINSIGHTS_NAME string = monitoring.outputs.applicationInsightsName
 

infra/main.bicep

@@ -9,13 +9,11 @@ param identityName string
 param serviceName string = 'web'
 param environmentVariables array = []
 
-
 resource webIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
   name: identityName
   location: location
 }
 
-
 module app 'core/host/container-app-upsert.bicep' = {
   name: '${serviceName}-container-app-module'
   params: {
@@ -26,7 +24,8 @@ module app 'core/host/container-app-upsert.bicep' = {
     exists: exists
     containerAppsEnvironmentName: containerAppsEnvironmentName
     containerRegistryName: containerRegistryName
-    env: union(environmentVariables,
+    env: union(
+      environmentVariables,
       [
         {
           name: 'APP_IDENTITY_ID'