Add VNet enterprise tests for Foundry IQ KB MCP server#545
Open
farzad528 wants to merge 6 commits intomicrosoft-foundry:mainfrom
Open
Add VNet enterprise tests for Foundry IQ KB MCP server#545farzad528 wants to merge 6 commits intomicrosoft-foundry:mainfrom
farzad528 wants to merge 6 commits intomicrosoft-foundry:mainfrom
Conversation
…sources) - Reverted 15-private-network-standard-agent-setup to match upstream/main exactly - Added 19-hybrid-private-resources-agent-setup: hybrid architecture with public AI Services endpoint and private backend resources (AI Search, Cosmos DB, Storage) - Template 19 enables portal-based agent testing while keeping data resources private - Includes TESTING-GUIDE.md, test scripts, and architecture diagrams in template 19
Updates based on actual testing: - Fixed SDK usage: use AzureAISearchTool class, not dict format - Added note about portal limitation with network injection - Added correct API version (2025-05-15-preview) for REST API - Added MCP HTTP server implementation (Streamable HTTP transport) - Updated MCP deployment instructions with proper HTTP-based server - Added connection name lookup command - Fixed test script to use AzureAISearchTool class MCP Server: - Added mcp-http-server/server.py - Flask-based MCP server - Added mcp-http-server/Dockerfile for containerization - Implements JSON-RPC over HTTP as required by Azure AI Agents
Add test scripts and infrastructure for validating the Foundry IQ Knowledge Base MCP server with Azure AI Foundry Agent Service V2 in a VNet/private endpoint scenario (template 19). New files: - foundry-iq-kb-mcp/Dockerfile: Container image for the MCP server - tests/create_sample_kb.py: Seed AI Search with sample KB data - tests/test_kb_api_connectivity.py: Direct REST tests against AI Search KB API - tests/test_foundry_iq_kb_mcp.py: Agent V2 integration tests via MCP tool - tests/TESTING-GUIDE-KB-MCP.md: Full testing guide with VNet setup guidance The MCP server must be containerized inside the VNet when AI Search has public access disabled, as it makes direct HTTP calls to the KB API endpoint. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Covers 11 enterprise scenarios with pre-configured variables: 1. Public (basic), 2. PNA disabled, 3. VNet injection, 4. PNA+PLE+VPN, 5. CMK, 6. Custom subdomain, 7. Disable local auth, 8. RBAC only, 9. UAI, 10. BYO Storage, 11. Actionable error messaging Use with VS Code REST Client extension. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds test scripts and infrastructure for validating the Foundry IQ Knowledge Base MCP server with Azure AI Foundry Agent Service V2 in a VNet/private endpoint scenario (template 19).
This mirrors the testing approach from #450 but specifically targets the Foundry IQ KB MCP server and Azure AI Search Knowledge Base API (\2025-11-01-preview).
New Files
Architecture
\
Test Client → Agent Service → Data Proxy → (networkInjection) → VNet
├── Foundry IQ KB MCP Server (Container App)
└── Azure AI Search (Private Endpoint)
\\
Key finding: The MCP server must be containerized inside the VNet when AI Search has public access disabled, because the MCP server makes direct HTTP \ etch()\ calls to the AI Search KB API endpoint. A hosted MCP server (e.g., on Vercel) cannot reach private endpoints.
Test Coverage
Related