Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder)#419
Merged
Merged
Conversation
* update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com>
* update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com>
…nAIChatClient Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
…ts for 1.2.1 Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
…migration Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
…ent kwargs, observability sample Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
james-tn
April 28, 2026 16:42
View session
Contributor
|
@copilot I re-checked this after the base branch changed to
Validation notes: confirmed PR 419 now targets |
Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/91307ce7-2444-4b5f-b75f-2b736bc022c5 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
Contributor
Author
Both fixed in 038dfb6:
|
james-tn
approved these changes
Apr 28, 2026
james-tn
added a commit
that referenced
this pull request
Apr 28, 2026
* update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 * Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder) (#419) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Bump agent-framework to 1.2.1 and migrate AzureOpenAIChatClient → OpenAIChatClient Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Rewrite handoff agent on native HandoffBuilder; update regression tests for 1.2.1 Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Update HANDOFF_README and dependency table for native HandoffBuilder migration Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Address GPT-5.5 review: fix CheckpointStorage protocol, reflection_agent kwargs, observability sample Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Fix PEP 8 spacing in mcp_agent_demo files (code review nits) Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Regenerate uv.lock files; pass workflow_name to 1.2.x checkpoint listing Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/91307ce7-2444-4b5f-b75f-2b736bc022c5 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James Nguyen <janguy@microsoft.com> Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com>
james-tn
added a commit
that referenced
this pull request
Apr 28, 2026
…odel=…) for agent-framework 1.2.1 (#421) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#420) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 * Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder) (#419) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Bump agent-framework to 1.2.1 and migrate AzureOpenAIChatClient → OpenAIChatClient Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Rewrite handoff agent on native HandoffBuilder; update regression tests for 1.2.1 Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Update HANDOFF_README and dependency table for native HandoffBuilder migration Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Address GPT-5.5 review: fix CheckpointStorage protocol, reflection_agent kwargs, observability sample Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Fix PEP 8 spacing in mcp_agent_demo files (code review nits) Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Regenerate uv.lock files; pass workflow_name to 1.2.x checkpoint listing Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/91307ce7-2444-4b5f-b75f-2b736bc022c5 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James Nguyen <janguy@microsoft.com> Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Fix ChatOptions key for agent-framework 1.2.1 (model_id → model) Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/f921a448-fe80-4a39-8834-6b0ee615f1d1 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James Nguyen <janguy@microsoft.com> Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> Co-authored-by: copilot <copilot@github.com>
9 tasks
james-tn
added a commit
that referenced
this pull request
Apr 28, 2026
* update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 * Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder) (#419) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Bump agent-framework to 1.2.1 and migrate AzureOpenAIChatClient → OpenAIChatClient Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Rewrite handoff agent on native HandoffBuilder; update regression tests for 1.2.1 Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Update HANDOFF_README and dependency table for native HandoffBuilder migration Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Address GPT-5.5 review: fix CheckpointStorage protocol, reflection_agent kwargs, observability sample Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Fix PEP 8 spacing in mcp_agent_demo files (code review nits) Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Regenerate uv.lock files; pass workflow_name to 1.2.x checkpoint listing Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/91307ce7-2444-4b5f-b75f-2b736bc022c5 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James Nguyen <janguy@microsoft.com> Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * docs: Remove misleading RequestInfoExecutor references (#418) doc update * Fix backend 500s by renaming ChatOptions(model_id=…) to ChatOptions(model=…) for agent-framework 1.2.1 (#421) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#420) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 * Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder) (#419) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production …
james-tn
added a commit
that referenced
this pull request
Apr 28, 2026
…2.1 storages (#423) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 * Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder) (#419) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Bump agent-framework to 1.2.1 and migrate AzureOpenAIChatClient → OpenAIChatClient Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Rewrite handoff agent on native HandoffBuilder; update regression tests for 1.2.1 Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Update HANDOFF_README and dependency table for native HandoffBuilder migration Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Address GPT-5.5 review: fix CheckpointStorage protocol, reflection_agent kwargs, observability sample Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Fix PEP 8 spacing in mcp_agent_demo files (code review nits) Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/b1edc1aa-9c20-46c5-afdc-0256050a03de Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Regenerate uv.lock files; pass workflow_name to 1.2.x checkpoint listing Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/91307ce7-2444-4b5f-b75f-2b736bc022c5 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> --------- Co-authored-by: James Nguyen <janguy@microsoft.com> Co-authored-by: James N. <james.nguyen@microsoft.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * docs: Remove misleading RequestInfoExecutor references (#418) doc update * Replace custom DictCheckpointStorage with built-in 1.2.1 storages Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/f6da6e3e-b288-425d-ac4d-c7ba6fe62fe7 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * tests: use asyncio.run() instead of new/get_event_loop() Agent-Logs-Url: https://github.com/microsoft/OpenAIWorkshop/sessions/f6da6e3e-b288-425d-ac4d-c7ba6fe62fe7 Co-authored-by: james-tn <25941658+james-tn@users.noreply.github.com> * Fix backend 500s by renaming ChatOptions(model_id=…) to ChatOptions(model=…) for agent-framework 1.2.1 (#421) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#416) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * Promote: int-agentic → main (production) (#420) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment after successful auto-merge to int-agentic. Only dev environments are destroyed; production is retained. * Trigger rebuild: deploy Cosmos DB auth fix and agent list cleanup * Fix: iterate ResponseStream directly, not .updates ResponseStream is AsyncIterable - iterate with 'async for chunk in stream:' The .updates property returns a Sequence (list), not an async iterator. This caused TypeError: 'async for' requires __aiter__, got list. Not caught in local tests because unit tests mocked the streaming and the regression tests verified API signatures but didn't run live agents. * Fix: make integration test failures block the pipeline Removed continue-on-error: true from the pytest step so test failures actually fail the workflow. Previously, 5/7 tests could fail and the pipeline would still report success and proceed to auto-merge. * Fix: use SHA-tagged images for container deployment, not :latest Container Apps don't create a new revision when the image tag is unchanged. Using :latest meant the old container kept running even after a new image was pushed. Now passes github.sha as the image tag, which forces a new revision on every deploy. This was the root cause of the ResponseStream.updates bug reaching production - the integration tests ran against old containers. * Skip MCP localhost check in CI mode In CI, the evaluation talks to the backend via HTTP which connects to the deployed MCP container internally. The localhost:8000 check is only useful for local dev and was producing a confusing warning in CI logs. * Fix: auto-merge creates PR if none exists Previously auto-merge only looked for an existing open PR and skipped if none was found. Now it auto-creates a PR from the dev branch to int-agentic if one doesn't exist, then merges it. This ensures every successful pipeline run promotes code to int-agentic regardless of whether a PR was manually created beforehand. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22330447642 * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22334055353 * Migrate workshop to agent-framework==1.2.1 (incl. native HandoffBuilder) (#419) * Promote: int-agentic → main (production) (#414) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * Updating Durable Agent Implementation (#404) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * chore: reduce anomaly probability to 1% for controlled demo pace * Reduce anomaly probability to 1% for controlled demo pace (#406) * update fraud_detection_durable to feb 12 agent-framework * enhance fraud detection durable * update readme * chore: reduce anomaly probability to 1% for controlled demo pace --------- Co-authored-by: James N. <james.nguyen@microsoft.com> * add mcp_agent_demo * Add hybrid MCP server (strict-schema + natural-language tools) and typed-contract workflow Scripts 6-8 for the MCP agent demo: - workflow_typed_contracts.py: 4-agent IT security incident response pipeline with Pydantic-enforced contracts at every boundary (SecurityAlert, ThreatAssessment, ImpactAnalysis, IncidentResponse) - mcp_server_hybrid.py: Single MCP endpoint exposing BOTH tool types: * Strict-schema: triage_alert, assess_threat, create_response (Pydantic) * Natural-language: ask_security_advisor, explain_for_customer (prose) * Shared session state across all tools - mcp_client_hybrid.py: 5-step incident flow using both tool types with explicit context passing between steps - README.md: Updated from 6 to 8 capabilities with Hybrid Mode architecture diagram and Quick Start sections 7-8 * Replace workflow_local_remote.py with simplified proxy agent (Script 3) - Delete workflow_local_remote.py (old Script 3 with extra LLM call) - Add workflow_proxy_agent.py: MCPProxyAgent (BaseAgent, no LLM) calls MCP tools directly via call_tool() zero local LLM overhead - Simplify MCPProxyAgent: extract common _call() method, module-level _last_text() helper, remove verbose static methods - Fix workflow_typed_contracts.py: add async with context managers - Update README: merge Script 9 into Script 3 position, update architecture diagram, Quick Start, How It Works sections * Clean up MCP demos: remove comparison commentary, drop typed-contracts - workflow_proxy_agent.py: remove 'traditional vs proxy' framing MCPProxyAgent is the standard approach for remote agent integration - Delete workflow_typed_contracts.py: not relevant to MCP integration - README: 7 scripts, renumber hybrid 6-7, remove typed-contract sections * Add LangGraph + MAF GroupChat cross-framework demo (Scripts 8-9) - mcp_server_langgraph.py: LangGraph ReAct agent exposed as MCP server on port 8003 with architecture tools (pattern eval, migration estimate, tech stack recommendation) - workflow_group_chat.py: MAF GroupChatBuilder orchestration with LLM planner routing between local BusinessStrategist (MAF) and remote TechnicalArchitect (LangGraph via MCP) - pyproject.toml: add langgraph, langchain-openai, langchain-core deps - README.md: update to 9 scripts, add cross-framework architecture diagram, Quick Start sections, and dependency table entries * MCP agent demo: rewrite README as MCP-vs-A2A thesis, delete proxy agent, finalize group chat with inline Planner * README: Mermaid diagrams, professional tone, remove LinkedIn teasing language * README: reframe around multi-framework interop problem, two design patterns (Agent-as-Tool + Agent Adapter), add conceptual architecture * README: fix Mermaid diagrams - use br tags instead of \n for line breaks * README: fix A2A comparison table - elicitation supported, structured schemas not * Upgrade agent-framework to 1.0.0rc1 and fastmcp to 3.0.2 Breaking changes migrated: - agent-framework 1.0.0rc1: ChatAgent->Agent, AgentThread->AgentSession, run_stream->run(stream=True), model->default_options(ChatOptions), WorkflowOutputEvent/AgentRunEvent/RequestInfoEvent->unified WorkflowEvent, MagenticBuilder now uses constructor kwargs, orchestrations moved to agent_framework_orchestrations package - fastmcp 3.0.2: removed mcp version pin (now pulled by fastmcp), no code changes needed (fully compatible) Files updated: - agentic_ai/agents/agent_framework/single_agent.py - agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.py - agentic_ai/agents/agent_framework/multi_agent/reflection_agent.py - agentic_ai/agents/agent_framework/multi_agent/magentic_group.py - agentic_ai/applications/pyproject.toml (agent-framework==1.0.0rc1) - agentic_ai/workflow/fraud_detection_durable/pyproject.toml (agent-framework==1.0.0rc1) - mcp/pyproject.toml (fastmcp==3.0.2) - tests/test_agent_framework_rc1_regression.py (51 regression tests, all passing) * Fix CI: regenerate requirements.txt with agent-framework-core==1.0.0rc1 The Docker build uses requirements.txt (not pyproject.toml/uv.lock), and it still had agent-framework-core==1.0.0b260130 pinned, which conflicts with agent-framework==1.0.0rc1 requiring agent-framework-core==1.0.0rc1. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22315210980 * Fix: use GH_PAT for auto-merge to trigger downstream workflows Pushes made by GITHUB_TOKEN don't trigger other workflows (GitHub Actions limitation to prevent infinite loops). This meant the auto-merge into int-agentic never triggered promote-to-main.yml. Now uses secrets.GH_PAT with fallback to GITHUB_TOKEN so: 1. If GH_PAT is configured: merge triggers promote-to-main.yml 2. If not: merge still works, but promotion PR must be created manually * Add workflow_dispatch trigger to promote-to-main Allows manual triggering when auto-trigger is missed (e.g. after GITHUB_TOKEN-based merges that don't fire downstream workflows). * Fix: Cosmos DB auth + remove phantom reflection_workflow_agent 1. MCP Cosmos DB: Replace AzureCliCredential (not available in containers) with ManagedIdentityCredential (when AZURE_CLIENT_ID is set) or DefaultAzureCredential as fallback. This fixes the 'Azure CLI not found on path' error in production Container Apps. 2. Backend: Remove reflection_workflow_agent from DEFAULT_AVAILABLE_AGENTS and descriptions - the module file doesn't exist, causing it to show as a broken option in the UI agent selector. * chore: merge james-dev into int-agentic (auto) Auto-merged after successful CI/CD pipeline run 22321497108 * Fix promote-to-main + auto-destroy dev environments 1. promote-to-main.yml: Use GH_PAT instead of GITHUB_TOKEN so the workflow can create PRs (GITHUB_TOKEN lacks permission for this in repos with branch protection). 2. orchestrate.yml: Add Step 8 auto-destroy that tears down the integration-* environment…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Migrates the workshop from
agent-framework==1.0.0rc1toagent-framework==1.2.1, including a deeper rewrite of the multi-domain handoff agent on top of the now-nativeHandoffBuilderorchestration.Investigation: what changes between 1.0.0rc1 and 1.2.1
Verified
pip install agent-framework==1.2.1succeeds and inspected the installed package source. Three things matter for this codebase:agent_framework.azure.AzureOpenAIChatClient(deployment_name=…, endpoint=…)agent_framework.openai.OpenAIChatClient(model=…, azure_endpoint=…)— single unified client; auto-routes to Azure whenazure_endpoint(orcredential) is passedCheckpointStorageprotocolsave_checkpoint,load_checkpoint,delete_checkpoint;WorkflowCheckpoint.workflow_idsave,load,delete,get_latest; listing methods now require keyword-onlyworkflow_name;WorkflowCheckpoint.workflow_nameagent_framework_orchestrations.HandoffBuilder— auto-injectshandoff_to_<target>tools per agent, intercepts via middleware, broadcasts shared conversation, emitshandoff_sentevents, supports checkpointingOther APIs in active use (
Agent,AgentSession,ChatOptions,MCPStreamableHTTPTool,MagenticBuilder,WorkflowEvent, etc.) remain compatible.What this PR does
Dependency pins (4 files)
agentic_ai/applications/pyproject.toml,agentic_ai/applications/requirements.txt(regenerated withuv pip compile)agentic_ai/workflow/fraud_detection_durable/pyproject.tomlagentic_ai/agents/mcp_agent_demo/pyproject.toml— replaces the olderagent-framework-core>=0.2.0+agent-framework-orchestrations>=0.1.0split with the unifiedagent-framework==1.2.1umbrellaMechanical chat-client migration (13 files)
from agent_framework.azure import AzureOpenAIChatClient→from agent_framework.openai import OpenAIChatClient, withdeployment_name=→model=andendpoint=→azure_endpoint=. Affectssingle_agent.py,magentic_group.py,reflection_agent.py, all 7mcp_agent_demomodules,fraud_detection_durable/{worker,fraud_analysis_workflow}.py, andobservability/sample_agent_with_tracing.py.Deeper migration: handoff agent rewrite
agentic_ai/agents/agent_framework/multi_agent/handoff_multi_domain_agent.pyis rewritten on top ofHandoffBuilder. The hand-rolled intent classifier (Pydantic structured output), regex-based handoff phrase detection, and manual_build_context_prefixare gone. The new flow:Agentper domain, configured with a filtered MCP tool set andrequire_per_service_call_history_persistence=True(required by HandoffBuilder).HandoffBuilderwith default mesh topology — every specialist can hand off to every other specialist via auto-generatedhandoff_to_<target>tools that the LLM decides to call.with_checkpointing(_DictCheckpointStorage), with the storage backed by the per-sessionstate_store. First turn →workflow.run(prompt, stream=True); subsequent turns →workflow.run(responses={pending_id: HandoffAgentUserRequest.create_response(prompt)}, checkpoint_id=…, stream=True).outputevents withAgentResponseUpdatedata driveagent_token/tool_called;handoff_sentevents drivehandoff_announcement+ a follow-upagent_start. Synthetichandoff_to_*tool calls are filtered from the UI.The new file is ~510 lines vs ~782 lines before, removing ~200 lines of regex / classifier code.
Checkpoint storage
Both
_DictCheckpointStorage(handoff) andDictCheckpointStorage(magentic_group) updated to the 1.2.xCheckpointStorageprotocol.magentic_group._purge_checkpoint_storageupdated to usedeleteand the new keyword-onlyworkflow_name.Tests
tests/test_agent_framework_rc1_regression.py→tests/test_agent_framework_1_2_1_regression.py. Added coverage for the unifiedOpenAIChatClient(Azure routing, kwarg names), the nativeHandoffBuilderintegration, the newCheckpointStorageprotocol shape, and a save/load/get_latest roundtrip onDictCheckpointStorage. All 61 tests pass.Docs
agentic_ai/agents/mcp_agent_demo/README.md— dependency table updated to the unified package.agentic_ai/agents/agent_framework/multi_agent/HANDOFF_README.md— rewritten end-to-end to describe the new tool-based handoff flow (architecture diagram, configuration, sample multi-turn trace).Validation
pytest tests/test_agent_framework_1_2_1_regression.py→ 61 passed againstagent-framework==1.2.1.All migrated modules import cleanly with no fallback to legacy attributes.
GPT-5.5 review (run via the
tasksubagent withmodel=gpt-5.5) surfaced 4 substantive bugs that an LLM-driven review would have shipped if not caught:_DictCheckpointStorageimplemented obsoletesave_checkpoint/load_checkpointand referenced removedWorkflowCheckpoint.workflow_id.DictCheckpointStorage(magentic_group) had the same protocol drift, plus a staledelete_checkpointreference in_purge_checkpoint_storage.reflection_agent.pybuiltOpenAIChatClient(**client_kwargs)from a dict whose keys still said"deployment_name"/"endpoint"(the migration regex matched only Python kwarg syntax).observability/sample_agent_with_tracing.pystill imported the removedChatAgent, used the oldchat_client=/thread/run_streamAPI, and had two undefined locals from a regex-misfire.All four issues are fixed in this PR, and new regression tests lock in the protocol shape so they cannot silently regress.
parallel_validation(Code Review + CodeQL): CodeQL clean (0 alerts); 7 minor PEP 8 spacing comments inmcp_agent_demomodules addressed.Things to be aware of
handoff_to_<target>tool when a request is out of domain. The legacyHANDOFF_LAZY_CLASSIFICATIONandHANDOFF_CONTEXT_TRANSFER_TURNSenv vars are no longer used (workflow shares conversation between specialists automatically).state_store[f"{session_id}_handoff_state"]and is trimmed to the last 5 checkpoints.