FEAT: Block GUI sends when target doesn't support the modality

.azuredevops/end-to-end-tests.yml

@@ -0,0 +1,21 @@
+# Runs end-to-end scenario tests using pyrit_scan CLI
+
+trigger: none  # Disable automatic CI triggers
+
+schedules:
+- cron: "0 7 * * *"  # 7 AM UTC = 11 PM PST (UTC-8) / Midnight PDT (UTC-7)
+  displayName: Nightly E2E Tests at 11 PM PST
+  branches:
+    include:
+    - main
+  always: true  # Run even if there are no code changes
+
+jobs:
+- template: test-job-template.yml
+  parameters:
+    jobName: EndToEndTests
+    jobDisplayName: "Run end-to-end scenario tests"
+    testAzureSubscription: 'integration-test-service-connection'
+    newDir: e2e_test_directory
+    testsFolder: end_to_end
+    makeTarget: end-to-end-test

.azuredevops/integration-tests.yml

@@ -0,0 +1,19 @@
+
+# Builds the pyrit environment and runs integration tests
+
+trigger:
+  branches:
+    include:
+      - main
+
+# There are additional PR triggers for this that are configurable in ADO.
+
+jobs:
+- template: test-job-template.yml
+  parameters:
+    jobName: IntegrationTests
+    jobDisplayName: "Builds the pyrit environment and runs integration tests"
+    testAzureSubscription: 'integration-test-service-connection'
+    newDir: integration_test_directory
+    testsFolder: integration
+    makeTarget: integration-test

.azuredevops/partner-integration-tests.yml

@@ -0,0 +1,21 @@
+# Builds the pyrit environment and runs partner integration tests. Partner integration tests are to ensure that we
+# are not breaking any contract between PyRIT and its partners.
+trigger: none  # Disable automatic CI triggers
+
+schedules:
+- cron: "0 6 * * *"  # 6 AM UTC = 10 PM PST (UTC-8) / 11PM PDT (UTC-6)
+  displayName: Nightly Partner Integration Tests at 10 PM PST
+  branches:
+    include:
+    - main
+  always: true  # Run even if there are no code changes
+
+jobs:
+- template: test-job-template.yml
+  parameters:
+    jobName: PartnerIntegrationTests
+    jobDisplayName: "Builds the pyrit environment and runs partner integration tests"
+    testAzureSubscription: 'integration-test-service-connection'
+    newDir: partner_integration_test_directory
+    testsFolder: partner_integration
+    makeTarget: partner-integration-test

.azuredevops/test-job-template.yml

@@ -0,0 +1,126 @@
+parameters:
+  - name: jobName
+    type: string
+  - name: jobDisplayName
+    type: string
+  - name: testAzureSubscription
+    type: string
+  - name: newDir
+    type: string
+  - name: testsFolder
+    type: string
+  - name: makeTarget
+    type: string
+
+jobs:
+- job: ${{ parameters.jobName }}
+  displayName: ${{ parameters.jobDisplayName }}
+  timeoutInMinutes: 360
+  pool:
+    vmImage: ubuntu-latest
+  steps:
+  - checkout: self
+    fetchDepth: 1
+  - task: UsePythonVersion@0
+    inputs:
+      versionSpec: '3.12'
+      addToPath: true
+  - bash: |
+      mkdir -p ~/.pyrit
+    displayName: "Create PyRIT configuration directory"
+    name: create_pyrit_dir
+  - task: AzureKeyVault@2
+    displayName: Azure Key Vault - retrieve .env file secret
+    inputs:
+      azureSubscription: 'integration-test-service-connection'
+      KeyVaultName: 'pyrit-environment'
+      SecretsFilter: 'env-global'
+      RunAsPreJob: false
+  - bash: |
+      python -c "
+      import os;
+      secret = os.environ.get('PYRIT_TEST_SECRET');
+      if not secret:
+        raise ValueError('PYRIT_TEST_SECRET is not set');
+      with open(os.path.expanduser('~/.pyrit/.env'), 'w') as file:
+        file.write(secret)"
+    env:
+      PYRIT_TEST_SECRET: $(env-global)
+    name: create_env_file
+  - bash: |
+      cp build_scripts/env_local_integration_test ~/.pyrit/.env.local
+    displayName: "Create .env.local from example"
+  - script:
+      wget -qO- https://astral.sh/uv/install.sh | sh
+    name: install_uv
+  - bash: sudo apt-get install python3-tk
+    name: install_tkinter
+  - bash: |
+      set -e
+      # Detect Ubuntu version
+      UBUNTU_VERSION=$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2)
+      SUPPORTED_VERSIONS="18.04 20.04 22.04 24.04 24.10"
+
+      if ! [[ "$SUPPORTED_VERSIONS" == *"$UBUNTU_VERSION"* ]]; then
+        echo "Ubuntu $UBUNTU_VERSION is not currently supported."
+        exit 1
+      fi
+
+      # Download the package to configure the Microsoft repo
+      curl -sSL -O https://packages.microsoft.com/config/ubuntu/$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2)/packages-microsoft-prod.deb
+      # Install the package
+      sudo dpkg -i packages-microsoft-prod.deb
+      # Delete the file
+      rm packages-microsoft-prod.deb
+
+      # Install the driver
+      sudo apt-get update
+      sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18
+
+      echo "Microsoft ODBC Driver 18 installed successfully."
+    displayName: 'Install ODBC Driver 18 for SQL Server'
+  - bash: uv sync --extra all
+    name: install_PyRIT
+  - bash: df -all -h
+    name: disk_space_check
+# This step ensures that tests are run outside of the PyRIT repository to test that .env files are accessed correctly.
+  - bash: |
+      PyRIT_DIR=$(pwd)
+      NEW_DIR="${{ parameters.newDir }}"
+      cd ..
+      mkdir -p $NEW_DIR/tests
+      cp -r $PyRIT_DIR/doc $NEW_DIR
+      cp -r $PyRIT_DIR/assets $NEW_DIR
+      cp -r $PyRIT_DIR/tests/${{ parameters.testsFolder }} $NEW_DIR/tests
+      cd $NEW_DIR
+    displayName: "Create and switch to new test directory"
+  - task: AzureCLI@2
+    displayName: "Authenticate with service principal, cache Cognitive Services access token, and run tests"
+    inputs:
+      azureSubscription: ${{ parameters.testAzureSubscription }}
+      scriptType: 'bash'
+      scriptLocation: 'inlineScript'
+      inlineScript: |
+        # Prefetch token for Cognitive Services before ID token expires (60-90 minute validity)
+        az account get-access-token --scope https://cognitiveservices.azure.com/.default --output none
+        echo "Cognitive Services access token cached successfully."
+
+        # Prefetch token for Azure ML / Foundry model endpoints
+        az account get-access-token --scope https://ml.azure.com/.default --output none
+        echo "Azure ML/Foundry access token cached successfully."
+
+        # Prefetch token for Azure SQL Database
+        az account get-access-token --scope https://database.windows.net/.default --output none
+        echo "Azure SQL Database access token cached successfully."
+
+        # Run tests
+        make ${{ parameters.makeTarget }}
+  - bash: |
+      rm -f ~/.pyrit/.env ~/.pyrit/.env.local
+    name: clean_up_env_files
+    condition: always()
+  - task: PublishTestResults@2
+    condition: always()
+    inputs:
+      testResultsFormat: 'JUnit'
+      testResultsFiles: 'junit/test-results.xml'

.devcontainer/Dockerfile

@@ -1,67 +1,91 @@
-FROM mcr.microsoft.com/devcontainers/anaconda:3
+# syntax=docker/dockerfile:1
+FROM mcr.microsoft.com/devcontainers/python:3.11-bookworm
+
+# Makes installation faster
+ENV UV_COMPILE_BYTECODE=1
+ENV DEBIAN_FRONTEND=noninteractive
 
 SHELL ["/bin/bash", "-c"]
 
 USER root
 
-# Install required system packages + ODBC prerequisites
-RUN apt-get update && apt-get install -y \
-    unixodbc \
-    unixodbc-dev \
-    libgl1-mesa-glx \
-    curl \
-    xdg-utils \
- && apt-get clean && rm -rf /var/lib/apt/lists/*
+# Remove the Yarn repository (has expired GPG key and we don't use Yarn)
+RUN rm -f /etc/apt/sources.list.d/yarn.list 2>/dev/null || true
 
-# Download and install the DuckDB CLI
-RUN curl -Lo duckdb.gz https://github.com/duckdb/duckdb/releases/download/v1.2.1/duckdb_cli-linux-amd64.gz \
- && gunzip duckdb.gz \
- && mv duckdb /usr/local/bin/duckdb \
- && chmod +x /usr/local/bin/duckdb
+# Install required system packages + ODBC prerequisites
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
+    apt-get update \
+ && apt-get install -y --no-install-recommends \
+      sudo \
+      unixodbc \
+      unixodbc-dev \
+      libgl1 \
+      git \
+      curl \
+      xdg-utils \
+      build-essential
 
-# Install the Azure CLI, Microsoft ODBC Driver 18 & SQL tools
-RUN apt-get update && apt-get install -y \
-      apt-transport-https \
+# Install Microsoft ODBC Driver 18 & SQL tools
+# Note: Debian Trixie's sqv rejects SHA1 signatures, so we use gpg directly to import the Microsoft key
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
+    apt-get update \
+ && apt-get install -y --no-install-recommends \
       ca-certificates \
       gnupg \
-      lsb-release \
- && curl -sL https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb \
-      -o packages-microsoft-prod.deb \
- && dpkg -i packages-microsoft-prod.deb \
- && rm packages-microsoft-prod.deb \
+ && curl -sL https://packages.microsoft.com/keys/microsoft.asc \
+      | gpg --dearmor \
+      > /usr/share/keyrings/microsoft-archive-keyring.gpg \
+ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/microsoft-archive-keyring.gpg] https://packages.microsoft.com/debian/12/prod bookworm main" \
+      > /etc/apt/sources.list.d/microsoft.list \
  && apt-get update \
- && ACCEPT_EULA=Y apt-get install -y \
+ && ACCEPT_EULA=Y apt-get install -y --no-install-recommends \
       msodbcsql18 \
-      mssql-tools \
-      unixodbc-dev \
- && apt-get install -y azure-cli \
- && echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> /etc/profile.d/sqltools.sh \
- && apt-get clean \
- && rm -rf /var/lib/apt/lists/*
+      mssql-tools18 \
+ && echo 'export PATH="$PATH:/opt/mssql-tools18/bin"' >> /etc/profile.d/sqltools.sh
 
 # audio back-ends needed by Azure Speech SDK
-RUN apt-get update \
- && DEBIAN_FRONTEND=noninteractive \
- apt-get install -y --no-install-recommends \
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
+    apt-get update \
+ && apt-get install -y --no-install-recommends \
       libasound2 \
-      libpulse0 \
- && rm -rf /var/lib/apt/lists/*
+      libpulse0
+
+# Install uv system-wide and create pyrit-dev venv
+RUN curl -LsSf https://astral.sh/uv/0.10.8/install.sh | sh \
+ && mv /root/.local/bin/uv /bin/uv \
+ && mv /root/.local/bin/uvx /bin/uvx
+RUN uv venv /opt/venv --python 3.11 --prompt pyrit-dev \
+ && chown -R vscode:vscode /opt/venv
+ENV PATH="/opt/venv/bin:$PATH"
+
+# Install Node.js 24.x LTS for frontend development
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
+    curl -fsSL https://deb.nodesource.com/setup_24.x | bash - \
+ && apt-get install -y --no-install-recommends nodejs
 
-# Create conda env and install pyodbc into it
-RUN conda create -n pyrit-dev python=3.11 -y && \
-    conda install -n pyrit-dev -c conda-forge pyodbc -y && \
-    chown -R vscode:vscode /opt/conda/envs/pyrit-dev
+# vscode user already exists in the base image, just ensure sudo access
+RUN echo "vscode ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
 
 # Pre-create common user caches and fix permissions
 RUN mkdir -p /home/vscode/.cache/pre-commit \
  && mkdir -p /home/vscode/.vscode-server \
  && mkdir -p /home/vscode/.cache/pip \
- && mkdir -p /home/vscode/.cache/conda \
+ && mkdir -p /home/vscode/.cache/uv \
+ && mkdir -p /home/vscode/.cache/venv \
+ && mkdir -p /home/vscode/.cache/pylance \
  && chown -R vscode:vscode /home/vscode/.cache /home/vscode/.vscode-server \
- && chmod -R 777 /home/vscode/.cache/conda /home/vscode/.cache/pip \
+ && chmod -R 755 /home/vscode/.cache/pip /home/vscode/.cache/pylance /home/vscode/.cache/venv /home/vscode/.cache/uv \
  && chmod -R 755 /home/vscode/.vscode-server
 
 USER vscode
+# Create bash configuration files and activate the venv in bash sessions
+RUN touch /home/vscode/.bashrc /home/vscode/.bash_profile \
+ && echo "[ -f /opt/venv/bin/activate ] && source /opt/venv/bin/activate" >> /home/vscode/.bashrc \
+ && echo "[ -f /opt/venv/bin/activate ] && source /opt/venv/bin/activate" >> /home/vscode/.bash_profile
 
 # Configure Git for better performance with bind mounts
 RUN git config --global core.preloadindex true \
@@ -70,5 +94,6 @@ RUN git config --global core.preloadindex true \
  && git config --global status.showUntrackedFiles all \
  && git config --global core.fsmonitor true
 
-# Set pip’s cache directory so it can be mounted
+# Set cache directories so they can be mounted
 ENV PIP_CACHE_DIR="/home/vscode/.cache/pip"
+ENV UV_CACHE_DIR="/home/vscode/.cache/uv"