first commit

.devcontainer/devcontainer.json

@@ -0,0 +1,42 @@
+{
+    "name": "Java 17 and maven 3.8.8 DevContainer to build Java RAG example with Azure AI",
+    "image": "mcr.microsoft.com/devcontainers/java:1-17-bullseye",
+    "features": {
+        "azure-cli": "latest",
+        "ghcr.io/azure/azure-dev/azd:latest": {
+            "version": "1.7.0"
+        },
+        "ghcr.io/devcontainers/features/java:1": {
+            "version": "none",
+            "installMaven": true,
+            "mavenVersion": "3.8.8"
+        },
+        "ghcr.io/devcontainers/features/node:1": {
+            "version": "20.5.0"
+        },
+
+        "ghcr.io/devcontainers/features/git:1": {
+            "version": "2.39.1"
+        },
+        "ghcr.io/devcontainers-contrib/features/typescript:2": {},
+        "ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {
+            "version": "1.1.8"
+        },
+        "docker-in-docker": {
+            "version": "latest",
+            "moby": true,
+            "dockerDashComposeVersion": "v1"
+        }
+    },
+    "customizations": {
+        "vscode": {
+            "extensions": [
+                "GitHub.vscode-github-actions",
+                "ms-azuretools.azure-dev",
+                "ms-azuretools.vscode-bicep",
+                "vscjava.vscode-java-pack",
+                "amodio.tsl-problem-matcher"
+            ]
+        }
+    }
+}

.gitattributes

@@ -0,0 +1 @@
+*.sh text eol=lf

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,9 @@
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [[email protected]](mailto:[email protected]) with questions or concerns

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,36 @@
+<!--
+IF SUFFICIENT INFORMATION IS NOT PROVIDED VIA THE FOLLOWING TEMPLATE THE ISSUE MIGHT BE CLOSED WITHOUT FURTHER CONSIDERATION OR INVESTIGATION
+-->
+> Please provide us with the following information:
+> ---------------------------------------------------------------
+
+### This issue is for a: (mark with an `x`)
+```
+- [ ] bug report -> please search issues before submitting
+- [ ] feature request
+- [ ] documentation issue or request
+- [ ] regression (a behavior that used to work and stopped in a new release)
+```
+
+### Minimal steps to reproduce
+>
+
+### Any log messages given by the failure
+>
+
+### Expected/desired behavior
+>
+
+### OS and Version?
+> Windows 7, 8 or 10. Linux (which distribution). macOS (Yosemite? El Capitan? Sierra?)
+
+### azd version?
+> run `azd version` and copy paste here.
+
+### Versions
+>
+
+### Mention any other details that might be useful
+
+> ---------------------------------------------------------------
+> Thanks! We'll be in touch soon.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,45 @@
+## Purpose
+<!-- Describe the intention of the changes being proposed. What problem does it solve or functionality does it add? -->
+* ...
+
+## Does this introduce a breaking change?
+<!-- Mark one with an "x". -->
+```
+[ ] Yes
+[ ] No
+```
+
+## Pull Request Type
+What kind of change does this Pull Request introduce?
+
+<!-- Please check the one that applies to this PR using "x". -->
+```
+[ ] Bugfix
+[ ] Feature
+[ ] Code style update (formatting, local variables)
+[ ] Refactoring (no functional changes, no api changes)
+[ ] Documentation content changes
+[ ] Other... Please describe:
+```
+
+## How to Test
+*  Get the code
+
+```
+git clone [repo-address]
+cd [repo-name]
+git checkout [branch-name]
+npm install
+```
+
+* Test the code
+<!-- Add steps to run the tests suite and/or manually test -->
+```
+```
+
+## What to Check
+Verify that the following are valid
+* ...
+
+## Other Information
+<!-- Add any other helpful information that may be needed here. -->

.github/workflows/app-ci.yaml

@@ -0,0 +1,100 @@
+name: APP CI/CD Pipeline 
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "app/**"
+    tags:        
+      - v*.*.*
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    outputs:
+      env-name: ${{steps.set-deploy-env.outputs.DEPLOY_ENVIRONMENT}}
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Java version
+        uses: actions/setup-java@v2
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+
+      - name: Set environment for branch
+        id: set-deploy-env
+        run: |
+          echo "checking branch name [${{github.ref_name}}]"
+          if [[ ${{github.ref_name}} == 'main' ]]; then
+              echo "main branch detected. Set Development environment"
+              echo "DEPLOY_ENVIRONMENT=Development" >> "$GITHUB_OUTPUT"
+          elif [[ ${{github.ref_name}} == *'release'* ]]; then
+              echo "release branch detected. Set Test environment"
+              echo "DEPLOY_ENVIRONMENT=Test" >> "$GITHUB_OUTPUT"
+          elif [[ ${{github.ref_name}} == *'v'* ]]; then
+              echo "tag detected. Set Production environment" 
+              echo "DEPLOY_ENVIRONMENT=Production" >> "$GITHUB_OUTPUT"
+          else
+              echo "branch not detected. Set Development environment as default"
+              echo "DEPLOY_ENVIRONMENT=Development" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Build React Frontend
+        run: |
+          echo "Building frontend and merge into spring boot static folder. Environment [${{ steps.set-deploy-env.outputs.DEPLOY_ENVIRONMENT }}]"
+          cd ./app/frontend
+          npm install
+          npm run build
+          mkdir -p ../backend/src/main/resources/static
+          cp -r ./build/* ../backend/src/main/resources/static
+      
+      - name: Verify Indexer project
+        run: |
+          echo "Testing indexer project."
+          cd ./app/indexer
+          mvn test
+
+      - name: Build Spring Boot App
+        run: |
+          echo "Building spring boot app. Environment [${{ steps.set-deploy-env.outputs.DEPLOY_ENVIRONMENT }}]"
+          cd ./app/backend
+          mvn package
+          artifactid=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)
+          jarversion=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
+          originaljarname="$artifactid-$jarversion.jar"
+          echo "Renaming $originaljarname to app.jar"
+          # Renaming jar so it is auto detected by app service
+          mv ./target/$originaljarname ./target/app.jar
+
+      - name: Upload artifacts for backend deployment jobs
+        uses: actions/upload-artifact@v2
+        with:
+          name: spring-boot-app
+          path: |
+            ./app/backend/target/app.jar
+
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    environment:
+      name: ${{ needs.build.outputs.env-name}}
+      url: ${{ steps.deploy-app.outputs.webapp-url }}
+
+    steps:
+      - name: Download backend artifact from build job
+        uses: actions/download-artifact@v2
+        with:
+          name: spring-boot-app
+          path: ./backend
+
+      - name: 'Deploy backend to Azure Web App'
+        uses: azure/webapps-deploy@v2
+        id: deploy-app
+        with:
+          app-name: ${{ vars.AZUREAPPSERVICE_APP_NAME }}
+          package: ./backend
+          publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE}}

.github/workflows/infra-ci.yaml

@@ -0,0 +1,143 @@
+name: Infra CI Pipeline 
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "deploy/**"
+
+  workflow_dispatch:
+
+# To configure required secrets for connecting to Azure, simply run `azd pipeline config`
+
+# Set up permissions for deploying with secretless Azure federated credentials
+# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
+permissions:
+  id-token: write
+  contents: read
+  security-events: write
+
+jobs:
+  validate-bicep:
+    name: "Infra Biceps Validation"
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Filter Changes
+        uses: dorny/paths-filter@v2
+        id: changes
+        with:
+            filters: |
+              app-service:
+                - 'deploy/app-service/**'
+              aks:
+                - 'deploy/aks/**'
+              aca:
+                - 'deploy/aca/**'
+      - name: Build App Service Bicep for linting
+        if: steps.changes.outputs.app-service == 'true'
+        uses: azure/CLI@v1
+        with:
+          inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/app-service/infra/main.bicep --stdout
+
+      - name: Build AKS Bicep for linting
+        if: steps.changes.outputs.aks == 'true'
+        uses: azure/CLI@v1
+        with:
+          inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/aks/infra/main.bicep --stdout
+
+      - name: Build ACA Bicep for linting
+        if: steps.changes.outputs.aca == 'true'
+        uses: azure/CLI@v1
+        with:
+          inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/aca/infra/main.bicep --stdout
+
+      - name: Run Microsoft Security DevOps Analysis
+        uses: microsoft/security-devops-action@v1
+        id: msdo
+        continue-on-error: true
+        with:
+          tools: templateanalyzer
+
+      - name: Upload alerts to Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        if: github.repository == 'Azure-Samples/azure-search-openai-demo-java'
+        with:
+          sarif_file: ${{ steps.msdo.outputs.sarifFile }}
+
+
+#   deploy:
+#     name: "Deploy Infra and App using azd"
+#     runs-on: ubuntu-latest
+#     environment:
+#         name: "Development"
+#     env:
+#       AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
+#       AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
+#       AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+#       AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+#     steps:
+#       - name: Checkout
+#         uses: actions/checkout@v4
+
+#       - name: Install azd
+#         uses: Azure/[email protected]
+
+#       - name: Log in with Azure (Federated Credentials)
+#         if: ${{ env.AZURE_CLIENT_ID != '' }}
+#         run: |
+#           azd auth login `
+#             --client-id "$Env:AZURE_CLIENT_ID" `
+#             --federated-credential-provider "github" `
+#             --tenant-id "$Env:AZURE_TENANT_ID"
+#         shell: pwsh
+
+#       - name: Log in with Azure (Client Credentials)
+#         if: ${{ env.AZURE_CREDENTIALS != '' }}
+#         run: |
+#           $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable;
+#           Write-Host "::add-mask::$($info.clientSecret)"
+
+#           azd auth login `
+#             --client-id "$($info.clientId)" `
+#             --client-secret "$($info.clientSecret)" `
+#             --tenant-id "$($info.tenantId)"
+#         shell: pwsh
+#         env:
+#           AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+
+#       - name: Provision Infrastructure
+#         run: azd provision --no-prompt
+#         env:
+#           AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+#           AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+#           AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+#           AZURE_FORMRECOGNIZER_RESOURCE_GROUP: ${{ vars.AZURE_FORMRECOGNIZER_RESOURCE_GROUP }}
+#           AZURE_FORMRECOGNIZER_SERVICE: ${{ vars.AZURE_FORMRECOGNIZER_RESOURCE_GROUP }}
+#           AZURE_OPENAI_RESOURCE_GROUP: ${{ vars.AZURE_FORMRECOGNIZER_SERVICE }}
+#           AZURE_OPENAI_SERVICE: ${{ vars.AZURE_OPENAI_SERVICE }}
+#           AZURE_RESOURCE_GROUP: ${{ vars.AZURE_RESOURCE_GROUP }}
+#           AZURE_SEARCH_SERVICE: ${{ vars.AZURE_SEARCH_SERVICE }}
+#           AZURE_SEARCH_SERVICE_RESOURCE_GROUP: ${{ vars.AZURE_SEARCH_SERVICE_RESOURCE_GROUP }}
+#           AZURE_STORAGE_ACCOUNT: ${{ vars.AZURE_STORAGE_ACCOUNT }}
+#           AZURE_STORAGE_RESOURCE_GROUP: ${{ vars.AZURE_STORAGE_RESOURCE_GROUP }}
+
+#       - name: Deploy Application
+#         run: azd deploy --no-prompt
+#         env:
+#           AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
+#           AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
+#           AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
+#           AZURE_FORMRECOGNIZER_RESOURCE_GROUP: ${{ vars.AZURE_FORMRECOGNIZER_RESOURCE_GROUP }}
+#           AZURE_FORMRECOGNIZER_SERVICE: ${{ vars.AZURE_FORMRECOGNIZER_RESOURCE_GROUP }}
+#           AZURE_OPENAI_RESOURCE_GROUP: ${{ vars.AZURE_FORMRECOGNIZER_SERVICE }}
+#           AZURE_OPENAI_SERVICE: ${{ vars.AZURE_OPENAI_SERVICE }}
+#           AZURE_RESOURCE_GROUP: ${{ vars.AZURE_RESOURCE_GROUP }}
+#           AZURE_SEARCH_SERVICE: ${{ vars.AZURE_SEARCH_SERVICE }}
+#           AZURE_SEARCH_SERVICE_RESOURCE_GROUP: ${{ vars.AZURE_SEARCH_SERVICE_RESOURCE_GROUP }}
+#           AZURE_STORAGE_ACCOUNT: ${{ vars.AZURE_STORAGE_ACCOUNT }}
+#           AZURE_STORAGE_RESOURCE_GROUP: ${{ vars.AZURE_STORAGE_RESOURCE_GROUP }}
+
+