Game Master Copilot is an AI enabled copilot to help game masters create content. It is a multitenant application that can be used to serve users and teams (organizations).
The application is a work-in-progress and is being used a test platform for various technologies and services. It is intended to demonstrate the use of Large Foundational Models/Generative AI using Azure OpenAI Service and Semantic Kernel as well as a reference architecture for running multitenant SaaS applications in Azure.
This application uses the following Microsoft & Azure technologies, including:
Future features planned:
The application is built and deployed using:
The GitHub Actions workflow has been configured to use Entra ID Workload Identity for the workflow to connect to Azure. Please see Configuring Workload Identity Federation for GitHub Actions workflow for more information.
The following environments should be configured in the GitHub repository:
TEST
: The Azure AD URL to use for authentication. For example, `https://login.microsoftonline.com/``.PRODUCTION
: The Azure region to deploy the resources to. For example, EastUS
.Your environments should look similar to this:
Currently the continuous-delivery
only deploys the test
environment, but in future it will deploy to both test
and production
depending on tagging and other criteria.
The following Actions Variables should be configured in the GitHub repository:
LOCATION
: The Azure region to deploy the resources to. For example, EastUS
.BASE_RESOURCE_NAME_SHARED
: The base name that will prefixed to all shared Azure resources deployed to ensure they are unique. For example, dsr-gmcopilot-shared
.RESOURCE_GROUP_NAME_SHARED
: The name of the Azure resource group to create and add the shared resources to. For example, dsr-gmcopilot-shared-rg
.The following variables are used to configure authentcation to Entra ID for the application. See Enable authentication and authorization in Azure Container Apps with Microsoft Entra ID to learn more about how to configure the Application Registration to use.
ENTRAID_ISSUER_URL
: The base Entra ID Issuer URL to use for authentication. For example, https://login.microsoftonline.com/
.ENTRAID_TENANT_ID
: The Tenant ID of the Entra ID tenant to use for authentication.ENTRAID_CLIENT_ID
: The Client ID of the Entra ID Application Registration to use for authentication.The shared resrouces are resources that are shared across all environments. These resources are:
Each environment should have the following actions variables defined:
BASE_RESOURCE_NAME
: The base name that will prefixed to all Azure resources deployed to ensure they are unique. For example, dsr-gmcopilot-prod
for production.RESOURCE_GROUP_NAME
: The name of the Azure resource group to create and add the application resources to. For example, dsr-gmcopilot-prod-rg
for production.ENVIRONMENT_CODE
: A code that will be used to identify this environment. For example, prod
for production. This is not currently used.Your variables should look similar to this:
The following Actions Secrets need to be defined so that that the resources can be deployed by the GitHub Actions workflow and that the Web Application can use Azure AD as an authentication source:
AZURE_CLIENT_ID
: The Application (Client) ID of the Service Principal used to authenticate to Azure. This is generated as part of configuring Workload Identity Federation.AZURE_TENANT_ID
: The Tenant ID of the Service Principal used to authenticate to Azure.AZURE_SUBSCRIPTION_ID
: The Subscription ID of the Azure Subscription to deploy to.ENTRAID_CLIENT_SECRET
: The client secret of the Entra ID application registration that has been created in the Entra ID tenant to be used as an authentication source.These values should be kept secret and care taken to ensure they are not shared with anyone.
Your secrets should look like this: