Skip to content

Automated sync from private repo (2026-06-12)#774

Merged
foundry-samples-repo-sync[bot] merged 2 commits into
mainfrom
sync/private-to-public-20260612-074523
Jun 12, 2026
Merged

Automated sync from private repo (2026-06-12)#774
foundry-samples-repo-sync[bot] merged 2 commits into
mainfrom
sync/private-to-public-20260612-074523

Conversation

@foundry-samples-repo-sync

Copy link
Copy Markdown
Contributor

Automated sync from private repo.

Synced commits: 2
Authors: Brandon Miller

Validation gate: mode=none; tracked=46; blocked=11.

Rollback point: 8d06d4a05a3efeaac632a77c715ee1aa3d183b00 — to revert, force-push this SHA to main and clear the sync-marks cache.

Triggered by: schedule
Run: https://github.com/microsoft-foundry/foundry-samples-pr/actions/runs/27402161697

brandom-msft and others added 2 commits June 11, 2026 15:33
…md (#521)

* docs: fix customer-facing leakage in SUPPORT.md and migration/README.md

SUPPORT.md previously contained literal Microsoft template placeholders (TODO/REPO OWNER/REPO MAINTAINER) that would ship to the public Azure/foundry-samples repo unedited. Rewrite as a real support statement pointing to GitHub Issues, Microsoft Foundry docs, and Microsoft Q&A.

migration/README.md contained a 'Your current values (validated)' table with a developer's personal Azure subscription ID, resource names, project name, and account email, plus example commands and a troubleshooting tip that reused those values. Replace all personal values with generic <your-...> placeholders.

Tracks ADO 5350802 (https://msdata.visualstudio.com/Vienna/_workitems/edit/5350802).

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: scrub internal MS infra IDs from migration scripts and CMK infrastructure templates

Extends the SUPPORT.md / migration README.md leakage fix to other reader-facing
files that ship to the public Azure/foundry-samples repo via the regular sync.
All flagged values were either Microsoft-internal e2e test infra or the
Microsoft corporate tenant ID — same class of leakage as the original two files.

migration/v1_to_v2_migration.py:
- L28-32: replaced hardcoded internal-test subscription ID (921496dc-...),
  resource groups (agents-e2e-tests-eastus, agents-e2e-tests-westus2), and
  workspace names (basicaccountjqqa@..., e2e-tests-westus2-account@...) with
  None defaults. External customers could never have successfully used these
  defaults (would 403); making them None forces explicit configuration via env
  vars or CLI flags rather than silently targeting internal MS infra.
- L45: replaced hardcoded Microsoft tenant (72f988bf-...) SOURCE_TENANT default
  with None. The Azure SDK falls back to the caller's default tenant.
- L1719-1720: removed the same hardcoded internal-sub and resource-group
  fallbacks from the project-parameter-extraction code path.
- Docstrings, epilog examples, and argparse --help text: replaced all
  nikhowlett-*/nextgen-eastus/yinchu-* resource and project names, plus all
  internal subscription/tenant GUIDs, with generic <your-...> placeholders.

migration/run-migration-docker-auth.{sh,ps1}:
- Replaced personal/internal IDs (MS tenant, nextgen-eastus, b1615458-...,
  33e577a9-..., asst_wBMH6Khnqbo1J7W1G6w3p1rN) in the missing-required-params
  usage example with <your-...> placeholders.

infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/
{modules-standard/ai-account-encryption.bicep, azuredeploy.json}:
- Replaced hardcoded Microsoft tenant ID (72f988bf-...) in the CosmosDB-global-app
  Key Vault access policy with subscription().tenantId / [subscription().tenantId],
  matching the existing pattern on the line above. The CosmosDB resource-provider
  service principal is provisioned in the customer's own tenant when they enable
  the service, so the customer tenant is the correct value here.

Verified: python AST parse passes; repo-wide grep for nikhowlett|47f1c914|
72f988bf-86f1|b1615458|33e577a9|921496dc|nextgen-eastus|yinchu|agents-e2e-tests|
basicaccountjqqa in migration/ and infrastructure/ returns zero matches.

Tracks ADO 5350802 (https://msdata.visualstudio.com/Vienna/_workitems/edit/5350802)
— extends the original fix scope per direction.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Two small reader-facing fixes bundled to avoid trivial-PR overhead:

- samples-mistral/README.md: fix empty [uv]() link target to
  https://docs.astral.sh/uv/, and add the standard sample frontmatter
  (page_type, languages: python, products, description).
- .azure-pipelines/README.md: add 'Last updated: 2026-06-10' line and a
  'See also' section cross-referencing docs/validation-contract.md,
  docs/validation-results-contract.md, and docs/repo-sync-automation.md.

The third cleanup proposed in the ADO Task (.infra/pytest_plugins/
changed_samples/README.md stub) is deferred — it should be folded into a
broader proposal to either fully document or fully remove the
pytest-changed-samples plugin + tox/conftest scaffolding, which exceeds this
Task's authority.

ADO 5350804: https://msdata.visualstudio.com/Vienna/_workitems/edit/5350804

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@foundry-samples-repo-sync foundry-samples-repo-sync Bot merged commit 810884d into main Jun 12, 2026
7 checks passed
@foundry-samples-repo-sync foundry-samples-repo-sync Bot deleted the sync/private-to-public-20260612-074523 branch June 12, 2026 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant