(coding-agent) Update some text, include MI portal link and prep for release (#5924)

- Remove the dependency on being in an 'azd' project.
- Adding in some more visual demarcation for the "NOTE:" at the end of the console output
- PR body description has more text, and a link to the created managed identity
- Updating release materials to 0.3.0

Fixes #5914

Author: richardpark-msft

cli/azd/extensions/azure.coding-agent/extension.yaml

@@ -7,4 +7,4 @@ language: go
 namespace: coding-agent
 usage: azd coding-agent <command> [options]
 # NOTE: Make sure version.txt is in sync with this version.
-version: 0.2.0
+version: 0.3.0

cli/azd/extensions/azure.coding-agent/internal/cmd/coding_agent_config.go

@@ -51,11 +51,12 @@ var prBodyMD string
 const copilotEnv = "copilot"
 
 type flagValues struct {
-	Debug          bool
-	RepoSlug       string
-	RoleNames      []string
-	BranchName     string
-	GitHubHostName string
+	Debug               bool
+	ManagedIdentityName string
+	RepoSlug            string
+	RoleNames           []string
+	BranchName          string
+	GitHubHostName      string
 }
 
 func setupFlags(commandFlags *pflag.FlagSet) *flagValues {
@@ -84,6 +85,13 @@ func setupFlags(commandFlags *pflag.FlagSet) *flagValues {
 		"The branch name to use when pushing changes to the copilot-setup-steps.yml",
 	)
 
+	commandFlags.StringVar(
+		&flagValues.ManagedIdentityName,
+		"managed-identity-name",
+		"mi-copilot-coding-agent",
+		"The name to use for the managed identity, if created.",
+	)
+
 	commandFlags.StringVar(
 		&flagValues.GitHubHostName,
 		"github-host-name",
@@ -129,13 +137,6 @@ func newConfigCommand() *cobra.Command {
 
 		promptClient := azdClient.Prompt()
 
-		// Get the azd project to retrieve the project path
-		getProjectResponse, err := azdClient.Project().Get(ctx, &azdext.EmptyRequest{})
-
-		if err != nil {
-			return fmt.Errorf("failed to get azd project: %w", err)
-		}
-
 		if err := loginToGitHubIfNeeded(ctx, flagValues.GitHubHostName, newCommandRunner, newGitHubCLI); err != nil {
 			return fmt.Errorf("failed to log in to GitHub. Login manually using `gh auth login`: %w", err)
 		}
@@ -177,7 +178,7 @@ func newConfigCommand() *cobra.Command {
 		}
 
 		gitCLI := newInternalGitCLI(defaultCommandRunner)
-		gitRepoRoot, err := gitCLI.GetRepoRoot(ctx, getProjectResponse.Project.Path)
+		gitRepoRoot, err := gitCLI.GetRepoRoot(ctx, ".")
 
 		if err != nil {
 			return fmt.Errorf("failed to get git repository root: %w", err)
@@ -194,7 +195,7 @@ func newConfigCommand() *cobra.Command {
 			&msiService,
 			entraIDService,
 			rgClient,
-			getProjectResponse.Project.Name, subscriptionID, flagValues.RoleNames)
+			flagValues.ManagedIdentityName, subscriptionID, flagValues.RoleNames)
 
 		if err != nil {
 			return err
@@ -228,10 +229,16 @@ func newConfigCommand() *cobra.Command {
 			repoSlug,
 		)
 
+		managedIdentityPortalURL := formatPortalLinkForManagedIdentity(tenantID, subscriptionID, authConfig.ResourceGroup, authConfig.Name)
+
 		fmt.Println("")
+		fmt.Println(output.WithHighLightFormat("(!)"))
 		fmt.Println(output.WithHighLightFormat("(!) NOTE: Some tasks must still be completed, manually:"))
+		fmt.Println(output.WithHighLightFormat("(!)"))
+		fmt.Println("")
 		fmt.Printf("1. The branch created at %s/%s must be merged to %s/main\n", remote, flagValues.BranchName, repoSlug)
-		fmt.Printf("2. Visit '%s' and update the \"MCP configuration\" field with this JSON:\n\n", codingAgentURL)
+		fmt.Printf("2. Configure Copilot coding agent's managed identity roles in the Azure portal: %s\n", managedIdentityPortalURL)
+		fmt.Printf("3. Visit '%s' and update the \"MCP configuration\" field with this JSON:\n\n", codingAgentURL)
 
 		fmt.Println(mcpJson)
 
@@ -246,8 +253,10 @@ func newConfigCommand() *cobra.Command {
 }
 
 func openBrowserWindows(ctx context.Context,
-	prompter azdext.PromptServiceClient, githubCLI *azd_tools_github.Cli,
-	codingAgentURL string, gitRepoRoot string) error {
+	prompter azdext.PromptServiceClient,
+	githubCLI *azd_tools_github.Cli,
+	codingAgentURL string,
+	gitRepoRoot string) error {
 	resp, err := prompter.Confirm(ctx, &azdext.ConfirmRequest{
 		Options: &azdext.ConfirmOptions{
 			Message:      "Open browser window to create a pull request?",
@@ -324,7 +333,7 @@ func promptForRepoSlug(ctx context.Context,
 
 	resp, err := promptClient.Select(ctx, &azdext.SelectRequest{
 		Options: &azdext.SelectOptions{
-			Message: "Which git repository will use the Copilot coding agent?",
+			Message: "Which GitHub repository will use the Copilot coding agent?",
 			Choices: choices,
 		},
 	})
@@ -476,7 +485,7 @@ func pickOrCreateMSI(ctx context.Context,
 	msiService azdMSIService,
 	entraIDService entraid.EntraIdService,
 	resourceService resourceService,
-	projectName string, subscriptionId string, roleNames []string) (*authConfiguration, error) {
+	identityName string, subscriptionId string, roleNames []string) (*authConfiguration, error) {
 
 	// ************************** Pick or create a new MSI **************************
 
@@ -548,8 +557,6 @@ func pickOrCreateMSI(ctx context.Context,
 			resourceGroupName = rgName
 		}
 
-		identityName := "msi-copilot-" + projectName
-
 		taskList.AddTask(ux.TaskOptions{
 			Title: fmt.Sprintf("Creating User Managed Identity (MSI) '%s'", identityName),
 			Action: func(spf ux.SetProgressFunc) (ux.TaskState, error) {
@@ -593,7 +600,7 @@ func pickOrCreateMSI(ctx context.Context,
 
 		selectedOption, err := prompter.Select(ctx, &azdext.SelectRequest{
 			Options: &azdext.SelectOptions{
-				Message: "Select an existing User Managed Identity (MSI) to use:",
+				Message: "Select an existing User Managed Identity (MSI) to use",
 				Choices: choices,
 			},
 		})
@@ -644,6 +651,8 @@ func pickOrCreateMSI(ctx context.Context,
 	}
 
 	return &authConfiguration{
+		Name:           *managedIdentity.Name,
+		ResourceGroup:  parsedID.ResourceGroupName,
 		TenantId:       *managedIdentity.Properties.TenantID,
 		SubscriptionId: subscriptionId,
 		ResourceID:     *managedIdentity.ID,
@@ -689,6 +698,8 @@ func promptForResourceGroup(ctx context.Context,
 }
 
 type authConfiguration struct {
+	Name           string
+	ResourceGroup  string
 	ClientId       string
 	SubscriptionId string
 	TenantId       string
@@ -889,3 +900,12 @@ func (cli *internalGitCLI) ListRemotes(ctx context.Context, gitRepoRoot string)
 	remotes := strings.Split(strings.TrimSpace(runResult.Stdout), "\n")
 	return remotes, nil
 }
+
+// formatPortalLinkForManagedIdentity takes you to the Azure portal blade, for your managed identity, that lets you see its role assignments.
+func formatPortalLinkForManagedIdentity(tenantID string, subscriptionID string, resourceGroupName string, managedIdentityName string) string {
+	return fmt.Sprintf("https://portal.azure.com/#@%s/resource/subscriptions/%s/resourceGroups/%s/providers/Microsoft.ManagedIdentity/userAssignedIdentities/%s/azure_resources",
+		tenantID,
+		subscriptionID,
+		resourceGroupName,
+		managedIdentityName)
+}

cli/azd/extensions/azure.coding-agent/internal/cmd/templates/pr-body.md

@@ -1,5 +1,7 @@
 Update copilot-setup-steps.yml to use a federated credential to access Azure resources.
 
+## Final steps
+
 **NOTE: one final step, and you're ready to use the Copilot coding agent with Azure!**
 
 After this pull request merges, you'll need to update the Copilot coding agent's MCP settings [(link)](%s) with
@@ -8,3 +10,17 @@ the following JSON to activate the Azure MCP server:
 ```json
 %s
 ```
+
+## Extending the managed identity's roles and scopes
+
+By default, the identity is configured with the Reader role, on the resource group you created/selected. You can expand the role and scope for the identity, to fit better with your needs:
+
+Some further instructions on how to assign roles:
+
+- [Using the Azure portal to assign roles](https://learn.microsoft.com/azure/role-based-access-control/role-assignments-portal-managed-identity)
+- [Using the Azure CLI to assign roles](https://learn.microsoft.com/azure/role-based-access-control/role-assignments-cli)
+- [Azure built-in roles](https://learn.microsoft.com/azure/role-based-access-control/built-in-roles)
+
+## Resources
+
+- `coding-agent` readme: ([link](https://github.com/Azure/azure-dev/blob/main/cli/azd/extensions/azure.coding-agent/README.md#troubleshooting))

cli/azd/extensions/azure.coding-agent/version.txt

@@ -1 +1 @@
-0.2.0
+0.3.0