chore: Main to Dev downMerge#653
Merged
Merged
Conversation
feat: Developed scripts and Implement ACR deployment
chore: Update acr script to handle WAF deployment
docs: Update deployment script and azure.yaml to run script in proper sequence
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the deployment/infrastructure posture to deploy Container Apps with a fixed public “hello world” image by default (removing prior image parameterization), tightens/clarifies registry wiring and role assignments, and shifts post-provision steps from automated azd hooks to manual scripts with updated documentation.
Changes:
- Hardcode Container Apps images to
mcr.microsoft.com/azuredocs/containerapps-helloworld:latestand removecontainerRegistryEndpoint/imageTagparameters from Bicep/ARM + parameter files. - Add new ACR build/push helper scripts (bash + PowerShell) to build images in ACR and update Container Apps to use them post-deploy.
- Remove
azdpostprovision automation and update deployment instructions and CODEOWNERS.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| infra/scripts/acr_build_push.sh | Adds bash script to ACR-build images and update Container Apps post-deploy. |
| infra/scripts/acr_build_push.ps1 | Adds PowerShell equivalent of the ACR build/push + app update flow. |
| infra/modules/container-registry.bicep | Adjusts default publicNetworkAccess behavior based on private networking toggle. |
| infra/main.waf.parameters.json | Removes registry/image parameter entries from WAF parameters file. |
| infra/main.parameters.json | Removes registry/image parameter entries from default parameters file. |
| infra/main.json | Removes containerRegistryEndpoint / imageTag parameters; hardcodes hello world images; updates registry identity wiring. |
| infra/main.bicep | Removes containerRegistryEndpoint / imageTag parameters; hardcodes hello world images; updates registry identity wiring. |
| infra/main_custom.bicep | Removes containerRegistryEndpoint / imageTag parameters (custom template flavor). |
| docs/DeploymentGuide.md | Updates post-deployment instructions to run ACR build/push and post-deploy scripts manually. |
| azure.yaml | Clears postprovision hook (no longer auto-running post-deploy steps). |
| .github/CODEOWNERS | Updates listed default code owners. |
Comments suppressed due to low confidence (2)
infra/main.json:114
infra/main.jsonno longer defines theimageTagparameter, but the repo's CI workflow still passesimageTag=...toaz deployment group create(see.github/workflows/deploy.yml:159). That deployment will fail with an unrecognized/unused parameter error unless the workflow is updated (or the parameter is reintroduced).
docs/DeploymentGuide.md:339- This section still says schema registration happens automatically via the
azd uppostprovision hook, butazure.yamlnow setshooks.postprovisionto{}and Step 5.1 instructs runningpost_deployment.*manually. The current text is contradictory and will mislead users following the guide.
### 5.2 Schema Registration (Automatic)
> Want to customize the schemas for your own documents? [Learn more about adding your own schemas here.](./CustomizeSchemaData.md)
Schema registration happens **automatically** as part of the `azd up` post-provisioning hook — no manual steps required. After infrastructure is deployed, the hook:
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Roopan-Microsoft
approved these changes
Jul 14, 2026
Avijit-Microsoft
approved these changes
Jul 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request introduces several infrastructure changes to how container images are configured and deployed, as well as updates to documentation and code ownership. The main focus is on removing parameterized container image settings in favor of hardcoded sample images, updating container registry access, and improving deployment instructions.
Infrastructure changes:
infra/main.bicep,infra/main.json) now use the public Microsoft "helloworld" container image (mcr.microsoft.com/azuredocs/containerapps-helloworld:latest) for all container apps, replacing the previous use of parameters for custom registry endpoints and image tags. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]containerRegistryEndpointandimageTaghave been removed from the templates, simplifying the deployment configuration. [1] [2]Documentation and configuration:
docs/DeploymentGuide.md) now instructs users to manually run ACR build/push and post-deployment scripts, reflecting the changes in automation.azure.yamlpostprovision hook is now empty, indicating that post-provisioning steps are no longer automated via this hook..github/CODEOWNERSfile has been updated to correct some owner usernames.These changes collectively shift the deployment process toward using sample images and manual post-deployment steps, while clarifying registry access and permissions.
Does this introduce a breaking change?
Golden Path Validation
Deployment Validation
What to Check
Verify that the following are valid
Other Information