feat(agents): native Activity protocol support (use-case profiles, digital-worker init/deploy)#8753
Open
Hameedkunkanoor wants to merge 3 commits into
Open
feat(agents): native Activity protocol support (use-case profiles, digital-worker init/deploy)#8753Hameedkunkanoor wants to merge 3 commits into
Hameedkunkanoor wants to merge 3 commits into
Conversation
Make activity_protocol a first-class protocol so hosted activity agents deploy
end-to-end with azd provision + azd deploy (no custom scripts/hooks):
- Send Foundry-Features AgentEndpoints header on CreateAgent/PatchAgent so the
agent_endpoint (protocols + authorization_schemes) is honored by the service.
- Auto-inject the activity endpoint protocol + BotServiceRbac auth scheme for
activity agents when not declared in agent.yaml.
- Inject BlueprintReference from MAIB_NAME; normalize activity->activity_protocol.
- Resolve agent name from AGENT_{serviceKey}_NAME in postdeploy (fixes 404 when
agent.yaml name differs from the azure.yaml service name).
- Add native M365 registration (best-effort): post-provision OAuth2 grants +
blueprint owner; post-deploy digital-worker publish + Teams backend config.
- Add unit tests for the new behavior.
…, and onboarding next-steps Builds on native activity-protocol support with use-case profiles and end-to-end azd init/provision/deploy for digital workers. - agent_yaml: add ActivityConfig.use_case (simple|digital_worker), ActivityProfile, IsActivityProtocol(), and ResolveActivityProfile(hasBlueprintEnv). Profile gates activity-endpoint injection, BotServiceRbac, blueprint reference, and M365 provision/publish. - service_target_agent: resolve the activity profile in prepareDeploy and gate blueprint/BotServiceRbac injection on it; ensureActivityEndpointDefaults takes the profile; append a visible digital-worker onboarding next-steps note (admin-center approval, blueprint ID, Teams instance) to the deploy artifact so it surfaces in azd deploy output. - listen.go: digitalWorkerEnvUpdate preprovision hook sets ENABLE_DIGITAL_WORKER and AGENT_NAME so the starter-template infra provisions MAIB + Bot Service; gate M365 provision/publish on the per-service profile. - init.go/init_from_code.go: add --activity-use-case flag and AZD_AI_STARTER_TEMPLATE override; round-trip activity use_case from manifest into agent.yaml; accept both 'activity' and 'activity_protocol' names. - Tests: new activity_profile_test.go; updated profile-aware endpoint/deploy-note tests and fixed map_test call sites. go vet + go test ./... green.
Add CHANGELOG entry for native Activity-protocol support (#8753).
Hameedkunkanoor
requested review from
glharper,
therealjohn,
trangevi and
trrwilson
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the azure.ai.agents azd extension to support Foundry’s Activity protocol end-to-end (including M365 “digital worker” scenarios) across azd ai agent init → azd provision → azd deploy, including endpoint/protocol normalization, blueprint wiring, and best-effort M365 onboarding steps.
Changes:
- Add Activity protocol support end-to-end: wire-level feature header, protocol name normalization (
activity↔activity_protocol), endpoint display/config output, and default endpoint injection (incl. BotServiceRbac for digital workers). - Introduce
activity.use_caseprofiles (simplevsdigital_worker) and propagate/use them across init/provision/deploy flows (including setting infra-driving env vars and printing onboarding next steps). - Add best-effort M365 registration/publish + Teams backend configuration logic with unit tests.
Reviewed changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| cli/azd/extensions/azure.ai.agents/version.txt | Bump extension version. |
| cli/azd/extensions/azure.ai.agents/extension.yaml | Keep extension manifest version in sync with version.txt. |
| cli/azd/extensions/azure.ai.agents/CHANGELOG.md | Add release notes describing Activity protocol + use-case profiles changes. |
| cli/azd/extensions/azure.ai.agents/internal/project/service_target_agent.go | Inject Activity endpoint defaults, blueprint reference injection, protocol display normalization, and deploy “next steps” note augmentation. |
| cli/azd/extensions/azure.ai.agents/internal/project/service_target_agent_test.go | Add/adjust tests for activity endpoint display, artifacts, endpoint defaults, and deploy note next steps. |
| cli/azd/extensions/azure.ai.agents/internal/project/m365_registration.go | Add best-effort Graph/AzureML/Teams calls for blueprint provisioning and digital-worker publish flows. |
| cli/azd/extensions/azure.ai.agents/internal/project/m365_registration_test.go | Add unit tests for the internal authenticated HTTP client helpers. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_yaml/yaml.go | Add activity config, activity.use_case resolution, and blueprint reference schema + helpers. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_yaml/map.go | Normalize activity protocol for API requests and map blueprint references into CreateAgent requests. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_yaml/map_test.go | Add tests for activity protocol normalization and blueprint reference mapping. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_yaml/activity_profile_test.go | Add test coverage for activity protocol detection and profile resolution. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_api/operations.go | Set Foundry feature header for Create/Patch to ensure agent_endpoint fields are honored. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_api/operations_test.go | Add test ensuring PatchAgent sets the AgentEndpoints feature header. |
| cli/azd/extensions/azure.ai.agents/internal/pkg/agents/agent_api/models.go | Extend CreateAgentVersionRequest with blueprint_reference. |
| cli/azd/extensions/azure.ai.agents/internal/cmd/listen.go | Hook M365 provisioning/publish into lifecycle handlers and set digital-worker infra-driving env vars. |
| cli/azd/extensions/azure.ai.agents/internal/cmd/invoke.go | Clarify Activity protocol is not invocable; point users to endpoint show. |
| cli/azd/extensions/azure.ai.agents/internal/cmd/init.go | Add --activity-use-case and starter-template override via AZD_AI_STARTER_TEMPLATE. |
| cli/azd/extensions/azure.ai.agents/internal/cmd/init_from_code.go | Add activity protocol support to init-from-code flow, including activity-only skip of model prompts and profile recording. |
| cli/azd/extensions/azure.ai.agents/internal/cmd/init_from_code_test.go | Add tests for activity protocol selection/normalization and activity-only gating helpers. |
| cli/azd/extensions/azure.ai.agents/internal/cmd/helpers.go | Improve invocation error suggestion text for non-invocable protocols. |
Comment on lines
+391
to
395
| apiProtocol := agent_api.AgentProtocol(protocol.Protocol) | ||
| if apiProtocol == "activity" { | ||
| apiProtocol = agent_api.AgentProtocolActivityProtocol | ||
| } | ||
| protocolVersions = append(protocolVersions, agent_api.ProtocolVersionRecord{ |
Comment on lines
+1254
to
+1258
| // Resolve the activity deployment profile. The use case comes from | ||
| // agent.yaml's activity.use_case when set; otherwise it falls back to the | ||
| // environment (a provisioned blueprint/MAIB implies a digital worker). | ||
| hasBlueprintEnv := azdEnv["MAIB_NAME"] != "" || azdEnv["AGENT_IDENTITY_BLUEPRINT_ID"] != "" | ||
| activityProfile := agentDef.ResolveActivityProfile(hasBlueprintEnv) |
Comment on lines
+425
to
+430
| if versionObj.AgentGUID != "" { | ||
| if def, ok := loadContainerAgentForService(args.Project, svc); ok && | ||
| def.ResolveActivityProfile(hasBlueprintEnv).M365Publish { | ||
| agentGUIDs[agentName] = versionObj.AgentGUID | ||
| } | ||
| } |
Comment on lines
+1518
to
+1523
| // Template defaults to the published starter. AZD_AI_STARTER_TEMPLATE allows | ||
| // pointing at a local clone or fork for testing infra changes before they | ||
| // land upstream (azd init -t accepts a local directory path). | ||
| starterTemplate := "Azure-Samples/azd-ai-starter-basic" | ||
| if override := os.Getenv("AZD_AI_STARTER_TEMPLATE"); override != "" { | ||
| starterTemplate = override |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds native Activity-protocol support to the
azure.ai.agentsextension, so activity agents (including M365 "digital workers") work end-to-end withazd ai agent init→azd provision→azd deploywithout external scripts.What's included
Native activity protocol (commit 1)
Foundry-Features: HostedAgents=V1Preview,AgentEndpoints=V1Previewon CreateAgent/PatchAgent so the agent endpoint patch (protocols + authorization_schemes) is accepted.protocols: [activity]andauthorization_schemes: [BotServiceRbac]for activity agents (additive; does not override user config).activity↔ internalactivity_protocolwire value inmap.go.m365_registration.go: best-effort M365 onboarding (OAuth2 grants for MCP/APEX, blueprint owner, digital-worker publish, Teams backend config) wired into the postprovision/postdeploy hooks.Use-case profiles + init + onboarding next-steps (commit 2)
agent.yamlgainsactivity.use_case(simple|digital_worker).ResolveActivityProfilegates activity-endpoint injection, BotServiceRbac, blueprint reference, and M365 provision/publish.azd ai agent initround-tripsuse_casefrom the manifest; adds--activity-use-caseand anAZD_AI_STARTER_TEMPLATEoverride. The preprovision hook setsENABLE_DIGITAL_WORKER+AGENT_NAMEso the starter template provisions the MAIB + Bot Service.azd deploynow prints the digital-worker onboarding next steps (M365 admin-center approval, blueprint ID, Teams instance) in the visible deploy summary.Testing
go vet ./...clean.go test ./...green across all packages (cmd, project, agent_yaml, nextstep, doctor, ...).