Add default retention policy #623
Open
+1,893
−47
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bionic711
reviewed
Jan 22, 2026
Bionic711
reviewed
Jan 22, 2026
Bionic711
reviewed
Jan 22, 2026
Bionic711
reviewed
Jan 22, 2026
Bionic711
previously approved these changes
Jan 22, 2026
Collaborator
Bionic711
left a comment
Bionic711
left a comment
There was a problem hiding this comment.
Nothing needed to stop the PR, but a couple notes to do in a future push.
Collaborator
Author
Updated log_event and dissemination of error directly to front end. Approve when you have time. |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces admin-configurable organization-wide default retention policies for conversations and documents, allowing administrators to set defaults per workspace type that users can either accept or override. It also includes fixes for sovereign cloud authentication, user search UX improvements, private networking support, and Control Center application roles.
Changes:
- Retention Policy Defaults: Adds organization-level default retention policies with admin force-push capability, new API endpoints, and conditional UI based on enabled workspace types
- Bug Fixes: Fixes sovereign cloud cognitive services scope hardcoding and replaces browser alerts with toast notifications in user search
- Infrastructure: Adds comprehensive private networking support via AZD/Bicep with VNet integration and private endpoints
- Access Control: Introduces two new Control Center application roles for finer-grained permissions
- Dependency Updates: Updates Werkzeug to 3.1.5 and aiohttp to 3.13.3
Reviewed changes
Copilot reviewed 19 out of 19 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| config.py | Version updated to 0.236.011 |
| functions_settings.py | Added 6 new default retention policy settings for each workspace type |
| route_frontend_admin_settings.py | Handles saving of new default retention settings from admin form |
| route_backend_retention_policy.py | Implements GET defaults and POST force-push API endpoints with activity logging |
| functions_retention_policy.py | Adds resolve_retention_value() helper to handle 'default' value resolution |
| functions_activity_logging.py | Implements log_retention_policy_force_push() for audit trail |
| admin_settings.html | Adds default retention UI with conditional visibility and force push modal |
| profile.html | Updates retention dropdowns with "Using organization default" option |
| control_center.html | Adds retention policy settings for group and public workspaces with org defaults |
| workspace-manager.js | Implements public workspace retention settings loading and saving |
| requirements.txt | Updates Werkzeug (3.1.4→3.1.5) and aiohttp (3.12.15→3.13.3) |
| release_notes.md | Documents all new features and bug fixes for v0.236.011 |
| RETENTION_POLICY_DEFAULTS.md | Comprehensive feature documentation with examples and configuration |
| PRIVATE_NETWORKING_SUPPORT.md | Documents private networking deployment via AZD with architecture diagrams |
| CONTROL_CENTER_APPLICATION_ROLES.md | Documents new application roles for Control Center access control |
| USER_AGREEMENT.md | Updates version reference to 0.236.011 |
| USER_SEARCH_TOAST_INLINE_MESSAGES_FIX.md | Documents UX improvement replacing alerts with inline messages |
| SOVEREIGN_CLOUD_COGNITIVE_SERVICES_SCOPE_FIX.md | Documents fix for hardcoded commercial Azure scope |
| RETENTION_POLICY_DOCUMENT_DELETION_FIX.md | Pre-existing fix documentation (not changed in this PR) |
docs/explanation/fixes/v0.236.011/USER_SEARCH_TOAST_INLINE_MESSAGES_FIX.md
Show resolved
Hide resolved
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
activity_logscontainer for audit purposes with admin info, affected scopes, and results summary./api/retention-policy/defaults/<workspace_type>(GET) and/api/admin/retention-policy/force-push(POST) endpoints.functions_settings.py,admin_settings.html,route_frontend_admin_settings.py,route_backend_retention_policy.py,functions_retention_policy.py,functions_activity_logging.py,profile.html,control_center.html,workspace-manager.js.