Skip to content

chore: Down merging to dev #411

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Prajwal-Microsoft merged 15 commits into from
Jan 28, 2026
Merged

chore: Down merging to dev #411

Prajwal-Microsoft merged 15 commits into from
Jan 28, 2026

Conversation

@Prekshith-Microsoft
Copy link
Contributor

@Prekshith-Microsoft Prekshith-Microsoft commented Jan 28, 2026

This pull request introduces several improvements to the deployment workflows and Docker setup, focusing on enhanced input validation, security, and workflow reliability. The most significant changes are the addition of a comprehensive input validation job for the Linux deployment workflow, updates to workflow permissions for improved security, and refinements to job conditionals to better handle workflow cancellations and job dependencies.

Workflow Input Validation and Orchestration:

  • Added a new validate-inputs job to .github/workflows/deploy-linux.yml that validates all workflow input parameters (such as Azure region, resource group name, booleans, and resource IDs) before proceeding with deployment, ensuring only valid values are used and failing early on errors. Downstream jobs now consume validated outputs instead of raw inputs.

Security and Permissions:

  • Explicitly set permissions for GitHub Actions workflows (build-docker-image.yml, deploy-linux.yml, deploy-orchestrator.yml) to restrict access to only contents: read and actions: read, improving workflow security posture. [1] [2] [3]

Workflow Reliability and Job Conditionals:

  • Updated job conditionals in deploy-orchestrator.yml to use !cancelled() and more precise success/skipped checks, ensuring jobs only run when appropriate and are skipped on workflow cancellation, improving reliability and correctness of deployments, tests, notifications, and cleanup. [1] [2] [3] [4]

Dockerfile Maintenance:

  • Removed the Yarn repository from .devcontainer/Dockerfile to avoid GPG key expiration issues, streamlining the container build process.## Purpose
  • ...

Does this introduce a breaking change?

  • Yes
  • No

Golden Path Validation

  • I have tested the primary workflows (the "golden path") to ensure they function correctly without errors.

Deployment Validation

  • I have validated the deployment process successfully and all services are running as expected with this change.

What to Check

Verify that the following are valid

  • ...

Other Information

Vamshi-Microsoft and others added 15 commits January 9, 2026 11:50
@Vamshi-Microsoft
Add validation step for Inputs and Map Inputs to env
77b46fc
@Vamshi-Microsoft
Add Permissions
5781e12
@Vamshi-Microsoft
Remove export command
2e15a18
@Vamshi-Microsoft
refactor: remove Curl Azure CLI setup steps and replace with Azure se…
cb82ae0 
…tup actions
@Prajwal-Microsoft
Merge pull request #388 from microsoft/psl-pipeline-security-fix
f67b269 
ci: fix pipeline vulnerabilities
@Vamshi-Microsoft
ci: fixed Pipeline failures
08615de
@Vamshi-Microsoft
Minor fix
3b7540c
@Vamshi-Microsoft
Changed Job condition from Always to !Cancelled
3d41816
@Vamshi-Microsoft
Pass Exp to Notification Job
59b207e
@Prajwal-Microsoft
Merge pull request #392 from microsoft/psl-fix-pipeline-failure
0709712 
ci: fixed Pipeline failures
@Vamshi-Microsoft
refactor: update EXP input handling in deployment workflows
b9c65d2
@Prajwal-Microsoft
Merge pull request #389 from microsoft/dev
6acdaaf 
chore: dev to main
@Prajwal-Microsoft
Merge pull request #405 from microsoft/exp-dependency-fix
11ddbea 
ci: update EXP input handling in deployment workflows
@Prekshith-Microsoft
Fix the issue with devcontainer
90d492e
@Prajwal-Microsoft
Merge pull request #410 from microsoft/dev-con-issue
a087ff5 
fix: Resolved the issue with dev container
@Prajwal-Microsoft Prajwal-Microsoft merged commit 586b608 into dev Jan 28, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Prajwal-Microsoft Prajwal-Microsoft Prajwal-Microsoft approved these changes

@Avijit-Microsoft Avijit-Microsoft Awaiting requested review from Avijit-Microsoft Avijit-Microsoft is a code owner

@Roopan-Microsoft Roopan-Microsoft Awaiting requested review from Roopan-Microsoft Roopan-Microsoft is a code owner

@Vinay-Microsoft Vinay-Microsoft Awaiting requested review from Vinay-Microsoft Vinay-Microsoft is a code owner

@aniaroramsft aniaroramsft Awaiting requested review from aniaroramsft aniaroramsft is a code owner

@toherman-msft toherman-msft Awaiting requested review from toherman-msft toherman-msft is a code owner

@nchandhi nchandhi Awaiting requested review from nchandhi nchandhi is a code owner

@dgp10801 dgp10801 Awaiting requested review from dgp10801 dgp10801 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Prekshith-Microsoft @Prajwal-Microsoft @Vamshi-Microsoft