Alan-Jowett / CoPilot-For-Consensus / 20976629984 / 23
82%
main: 82%

DEFAULT BRANCH: main
Ran
Files 7
Run time 0s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 96.358%. Remained the same
20976629984.23

push

github

web-flow 
fix(infra): Remove secrets from environment variables, use secret_provider architecture (#855)

* fix: support both appinsights and azure secret names in metrics schema

The Bicep deployment creates Key Vault secrets with these names:
- appinsights-instrumentation-key
- appinsights-connection-string

But the schema was looking for:
- azure_connection_string
- azure_monitor_instrumentation_key

Updated the schema to try both naming conventions for backward compatibility with local dev and Bicep deployments.

* Revert "fix: support both appinsights and azure secret names in metrics schema"

This reverts commit aa51f2710.

* fix: align Azure Monitor secret names with schema expectations

Update Bicep deployment to create Key Vault secrets with names matching
the metrics adapter schema:
- appinsights-instrumentation-key → azure_monitor_instrumentation_key
- appinsights-connection-string → azure_connection_string

These names are expected by the copilot_config secret provider adapter
which reads them from Key Vault using the secret names defined in
docs/schemas/configs/adapters/drivers/metrics/metrics_azure_monitor.json

BREAKING: Deployments using the old secret names will need to be
redeployed to use the new naming convention.

* fix(infra): Remove secrets from environment variables, use secret_provider

Architectural fix: Secrets should be loaded via secret_provider from Key Vault
using schema secret_name field, not injected as environment variables with
@Microsoft.KeyVault(...) references.

Changes:
- Removed APPINSIGHTS_INSTRUMENTATIONKEY and APPLICATIONINSIGHTS_CONNECTION_STRING
  environment variables from all 8 microservices in containerapps.bicep
- These secrets are already in Key Vault (azure_monitor_instrumentation_key,
  azure_connection_string) and will be loaded automatically by copilot_config
  Phase 3 using the secret_provider with managed identity
- Enhanced validate_bicep_config.py to detect architectural vi... (continued)

291 of 302 relevant lines covered (96.36%)

0.96 hits per line

Source Files on job copilot_logging - 20976629984.23