fix(agents): add OAuth URL, audience, connectorName fields to ConnectionResource and Connection structs#7668
Merged
trangevi merged 9 commits intoAzure:trangevi/toolboxfrom Apr 13, 2026
Conversation
…ants Add missing fields to ConnectionResource (yaml.go), Connection (config.go), and the extractConnectionConfigs mapping in init.go so that all properties defined in azure.yaml are passed through to the Bicep ARM deployment without being silently dropped by the Go YAML unmarshaler. New fields added to both ConnectionResource and project.Connection: - AuthorizationUrl (OAuth2 authorization endpoint) - TokenUrl (OAuth2 token endpoint) - RefreshUrl (OAuth2 refresh endpoint) - Scopes (OAuth2 requested scopes) - Audience (token audience for UserEntraToken / AgenticIdentity) - ConnectorName (managed connector for OAuth2 managed connectors) New AuthType constants added to yaml.go (mirroring REST API values): UserEntraToken, AgenticIdentity, ManagedIdentity, ServicePrincipal, UsernamePassword, AccessKey, AccountKey, SAS
lindazqli
requested review from
JeffreyCA,
hemarina,
jongio,
rajeshkamal5050,
tg-msft,
therealjohn,
trangevi,
trrwilson,
vhvb1989,
wbreza and
weikanglim
as code owners
…shUrl, scopes, audience, connectorName) to azure.ai.agent JSON schema and inline aiAgentConfig in azure.yaml.json to eliminate VS Code YAML validation errors
jongio
reviewed
Apr 13, 2026
Member
jongio
left a comment
jongio
left a comment
There was a problem hiding this comment.
No tests for the 6 new fields. A round-trip test (YAML unmarshal -> extractConnectionConfigs -> JSON marshal) for a connection with authorizationUrl/tokenUrl/scopes would catch tag typos and verify the full pipeline. There's already parse_test.go and yaml_test.go in the same package - this would fit naturally there.
trangevi
requested changes
Apr 13, 2026
| "properties": { | ||
| "config": { | ||
| "$ref": "https://raw.githubusercontent.com/Azure/azure-dev/refs/heads/main/cli/azd/extensions/azure.ai.agents/schemas/azure.ai.agent.json", | ||
| "$ref": "#/definitions/aiAgentConfig", |
Member
There was a problem hiding this comment.
We should not be modifying this file, otherwise we'll have two separate sources of truth. The current reference pointer should be maintained.
…Agent* definitions)
trangevi
approved these changes
Apr 13, 2026
trangevi
added a commit
that referenced
this pull request
Apr 14, 2026
* Maybe working changes for tools Signed-off-by: trangevi <trangevi@microsoft.com> * Attempting to handle new yaml Signed-off-by: trangevi <trangevi@microsoft.com> * Clean up dead/duplicated code after toolbox merge - Remove ToolboxToolDefinition struct (replaced by []any tools) - Remove deriveConnectionName (orphaned after init refactor) - Migrate ToolKind constants to snake_case, remove converter functions - Remove 7 dead functions from service_target_agent.go (deployToolboxes, enrichToolboxFromConnections, resolveToolboxEnvironmentVariables, resolveMapValues, resolveAnyValue, upsertToolset, registerToolboxEnvironmentVariables) and their tests - Fix provision path: correct FOUNDRY_TOOLBOX_* env var prefix, add env var resolution and connection enrichment, update-on-conflict for upsertToolset (409 -> update instead of skip) - Extract marshalAndSetEnvVar shared helper to reduce duplication - Consolidate toolboxMCPEndpointEnvKey (remove duplicate from init.go) - Fix GetValues API call to use correct GetEnvironmentRequest type Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Missing test file Signed-off-by: trangevi <trangevi@microsoft.com> * Some more fixes Signed-off-by: trangevi <trangevi@microsoft.com> * Fix merge Signed-off-by: trangevi <trangevi@microsoft.com> * More fixes Signed-off-by: trangevi <trangevi@microsoft.com> * Add connection resource type for provisioning Signed-off-by: trangevi <trangevi@microsoft.com> * Move to /toolboxes api Signed-off-by: trangevi <trangevi@microsoft.com> * Add version Signed-off-by: trangevi <trangevi@microsoft.com> * Add unit tests and testdata for azure.ai.agents extension (#7634) * Add unit tests and testdata for azure.ai.agents extension Add 86 new unit tests across 5 previously untested or undertested packages in the azure.ai.agents extension, raising total test count from 183 to 269. Coverage improvements: - agent_yaml: 23.1% -> 53.8% (map.go YAML-to-API mapping fully tested) - registry_api: 0% -> 28.8% (tool conversion, parameter conversion, merge) - agent_api: 0% -> tested (JSON round-trip for all model types) - cmd: 23.0% -> 23.6% (copyDirectory, copyFile, buildAgentEndpoint) New test files: - agent_yaml/map_test.go: 44 tests for YAML-to-API transform functions - registry_api/helpers_test.go: 35 tests for pure conversion helpers - agent_api/models_test.go: 24 JSON serialization round-trip tests - cmd/init_copy_test.go: directory/file copy logic tests - cmd/agent_context_test.go: endpoint construction test - agent_yaml/testdata_test.go: fixture-based parsing + regression tests New testdata fixtures (7 YAML files): - 3 valid agents (minimal prompt, full prompt, hosted) - 1 MCP tools agent - 3 invalid manifests (no kind, no model, empty template) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * refactor: replace ptr[T] helper with Go 1.26 new(val) in tests Replace the generic ptr[T](v T) *T helper function with Go 1.26's built-in new(val) pattern in models_test.go and helpers_test.go, consistent with map_test.go and AGENTS.md conventions. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * remove outdated comment --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Revert "Add unit tests and testdata for azure.ai.agents extension (#7634)" This reverts commit af85a8f. * PR comments part 1 Signed-off-by: trangevi <trangevi@microsoft.com> * Update feature header Signed-off-by: trangevi <trangevi@microsoft.com> * PR comment Signed-off-by: trangevi <trangevi@microsoft.com> * fix(agents): add OAuth URL, audience, connectorName fields to ConnectionResource and Connection structs (#7668) * fix: add OAuth URL, audience, connectorName fields and authType constants Add missing fields to ConnectionResource (yaml.go), Connection (config.go), and the extractConnectionConfigs mapping in init.go so that all properties defined in azure.yaml are passed through to the Bicep ARM deployment without being silently dropped by the Go YAML unmarshaler. New fields added to both ConnectionResource and project.Connection: - AuthorizationUrl (OAuth2 authorization endpoint) - TokenUrl (OAuth2 token endpoint) - RefreshUrl (OAuth2 refresh endpoint) - Scopes (OAuth2 requested scopes) - Audience (token audience for UserEntraToken / AgenticIdentity) - ConnectorName (managed connector for OAuth2 managed connectors) New AuthType constants added to yaml.go (mirroring REST API values): UserEntraToken, AgenticIdentity, ManagedIdentity, ServicePrincipal, UsernamePassword, AccessKey, AccountKey, SAS * fix: add missing connection fields (authorizationUrl, tokenUrl, refreshUrl, scopes, audience, connectorName) to azure.ai.agent JSON schema and inline aiAgentConfig in azure.yaml.json to eliminate VS Code YAML validation errors * fix: correct Audience and ConnectorName field comments in ConnectionResource * revert: restore azure.yaml.json external schema ref (remove inline aiAgent* definitions) * test: add JSON round-trip tests for 6 new ConnectionResource fields * Update yaml.go * Update yaml.go * Update azure.ai.agent.json * Update azure.ai.agent.json * PR comments Signed-off-by: trangevi <trangevi@microsoft.com> * Remove credential from azure.yaml file Signed-off-by: trangevi <trangevi@microsoft.com> * Update azure.ai.agent.json * Update azure.ai.agent.json (#7696) * Fix json Signed-off-by: trangevi <trangevi@microsoft.com> * Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Test update Signed-off-by: trangevi <trangevi@microsoft.com> * PR comments Signed-off-by: trangevi <trangevi@microsoft.com> * A couple of build failure fixes Signed-off-by: trangevi <trangevi@microsoft.com> * modernization fix Signed-off-by: trangevi <trangevi@microsoft.com> --------- Signed-off-by: trangevi <trangevi@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Glenn Harper <64209257+glharper@users.noreply.github.com> Co-authored-by: Linda Li <139801625+lindazqli@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
wbreza
pushed a commit
to wbreza/azure-dev
that referenced
this pull request
Apr 15, 2026
* Maybe working changes for tools Signed-off-by: trangevi <trangevi@microsoft.com> * Attempting to handle new yaml Signed-off-by: trangevi <trangevi@microsoft.com> * Clean up dead/duplicated code after toolbox merge - Remove ToolboxToolDefinition struct (replaced by []any tools) - Remove deriveConnectionName (orphaned after init refactor) - Migrate ToolKind constants to snake_case, remove converter functions - Remove 7 dead functions from service_target_agent.go (deployToolboxes, enrichToolboxFromConnections, resolveToolboxEnvironmentVariables, resolveMapValues, resolveAnyValue, upsertToolset, registerToolboxEnvironmentVariables) and their tests - Fix provision path: correct FOUNDRY_TOOLBOX_* env var prefix, add env var resolution and connection enrichment, update-on-conflict for upsertToolset (409 -> update instead of skip) - Extract marshalAndSetEnvVar shared helper to reduce duplication - Consolidate toolboxMCPEndpointEnvKey (remove duplicate from init.go) - Fix GetValues API call to use correct GetEnvironmentRequest type Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Missing test file Signed-off-by: trangevi <trangevi@microsoft.com> * Some more fixes Signed-off-by: trangevi <trangevi@microsoft.com> * Fix merge Signed-off-by: trangevi <trangevi@microsoft.com> * More fixes Signed-off-by: trangevi <trangevi@microsoft.com> * Add connection resource type for provisioning Signed-off-by: trangevi <trangevi@microsoft.com> * Move to /toolboxes api Signed-off-by: trangevi <trangevi@microsoft.com> * Add version Signed-off-by: trangevi <trangevi@microsoft.com> * Add unit tests and testdata for azure.ai.agents extension (Azure#7634) * Add unit tests and testdata for azure.ai.agents extension Add 86 new unit tests across 5 previously untested or undertested packages in the azure.ai.agents extension, raising total test count from 183 to 269. Coverage improvements: - agent_yaml: 23.1% -> 53.8% (map.go YAML-to-API mapping fully tested) - registry_api: 0% -> 28.8% (tool conversion, parameter conversion, merge) - agent_api: 0% -> tested (JSON round-trip for all model types) - cmd: 23.0% -> 23.6% (copyDirectory, copyFile, buildAgentEndpoint) New test files: - agent_yaml/map_test.go: 44 tests for YAML-to-API transform functions - registry_api/helpers_test.go: 35 tests for pure conversion helpers - agent_api/models_test.go: 24 JSON serialization round-trip tests - cmd/init_copy_test.go: directory/file copy logic tests - cmd/agent_context_test.go: endpoint construction test - agent_yaml/testdata_test.go: fixture-based parsing + regression tests New testdata fixtures (7 YAML files): - 3 valid agents (minimal prompt, full prompt, hosted) - 1 MCP tools agent - 3 invalid manifests (no kind, no model, empty template) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * refactor: replace ptr[T] helper with Go 1.26 new(val) in tests Replace the generic ptr[T](v T) *T helper function with Go 1.26's built-in new(val) pattern in models_test.go and helpers_test.go, consistent with map_test.go and AGENTS.md conventions. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * remove outdated comment --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Revert "Add unit tests and testdata for azure.ai.agents extension (Azure#7634)" This reverts commit af85a8f. * PR comments part 1 Signed-off-by: trangevi <trangevi@microsoft.com> * Update feature header Signed-off-by: trangevi <trangevi@microsoft.com> * PR comment Signed-off-by: trangevi <trangevi@microsoft.com> * fix(agents): add OAuth URL, audience, connectorName fields to ConnectionResource and Connection structs (Azure#7668) * fix: add OAuth URL, audience, connectorName fields and authType constants Add missing fields to ConnectionResource (yaml.go), Connection (config.go), and the extractConnectionConfigs mapping in init.go so that all properties defined in azure.yaml are passed through to the Bicep ARM deployment without being silently dropped by the Go YAML unmarshaler. New fields added to both ConnectionResource and project.Connection: - AuthorizationUrl (OAuth2 authorization endpoint) - TokenUrl (OAuth2 token endpoint) - RefreshUrl (OAuth2 refresh endpoint) - Scopes (OAuth2 requested scopes) - Audience (token audience for UserEntraToken / AgenticIdentity) - ConnectorName (managed connector for OAuth2 managed connectors) New AuthType constants added to yaml.go (mirroring REST API values): UserEntraToken, AgenticIdentity, ManagedIdentity, ServicePrincipal, UsernamePassword, AccessKey, AccountKey, SAS * fix: add missing connection fields (authorizationUrl, tokenUrl, refreshUrl, scopes, audience, connectorName) to azure.ai.agent JSON schema and inline aiAgentConfig in azure.yaml.json to eliminate VS Code YAML validation errors * fix: correct Audience and ConnectorName field comments in ConnectionResource * revert: restore azure.yaml.json external schema ref (remove inline aiAgent* definitions) * test: add JSON round-trip tests for 6 new ConnectionResource fields * Update yaml.go * Update yaml.go * Update azure.ai.agent.json * Update azure.ai.agent.json * PR comments Signed-off-by: trangevi <trangevi@microsoft.com> * Remove credential from azure.yaml file Signed-off-by: trangevi <trangevi@microsoft.com> * Update azure.ai.agent.json * Update azure.ai.agent.json (Azure#7696) * Fix json Signed-off-by: trangevi <trangevi@microsoft.com> * Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Test update Signed-off-by: trangevi <trangevi@microsoft.com> * PR comments Signed-off-by: trangevi <trangevi@microsoft.com> * A couple of build failure fixes Signed-off-by: trangevi <trangevi@microsoft.com> * modernization fix Signed-off-by: trangevi <trangevi@microsoft.com> --------- Signed-off-by: trangevi <trangevi@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Glenn Harper <64209257+glharper@users.noreply.github.com> Co-authored-by: Linda Li <139801625+lindazqli@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The Go structs that unmarshal connection resources from
azure.yamlare incomplete. When users specify OAuth, audience, or connectorName fields in theirazure.yaml, the Go YAML unmarshaler silently drops them because the struct fields don't exist. Those values never reach the Bicep parameters and are therefore never provisioned.Affected structs
ConnectionResourceagent_yaml/yaml.goAuthorizationUrl,TokenUrl,RefreshUrl,Scopes,Audience,ConnectorNameConnectionproject/config.goextractConnectionConfigscmd/init.goRoot cause
Silent YAML unmarshal drop — Go's YAML library ignores keys that have no corresponding struct field. Fields present in
azure.yaml→ unmarshaled intoConnectionResource→ mapped toproject.Connection→ serialized to Bicep params. If any step is missing a field, it's gone.Changes
agent_yaml/yaml.goConnectionResource:AuthorizationUrl,TokenUrl,RefreshUrl,Scopes,Audience,ConnectorNameAuthTypeconstants that the REST API accepts but weren't declared:UserEntraToken,AgenticIdentity,ManagedIdentity,ServicePrincipal,UsernamePassword,AccessKey,AccountKey,SASproject/config.goproject.Connectioncmd/init.goextractConnectionConfigsTesting
These fields are validated against the Azure AI Projects REST API
2025-04-01-previewconnection schema. Companion Bicep PR: Azure-Samples/azd-ai-starter-basic#51 (adds the same fields toconnection.bicepso they flow through to ARM).