Updated messages and correcteed repository URL information.

2026-02-14 20:23:50 +01:00
parent 04e31b9f12
commit 93615a1b1e
5 changed files with 57 additions and 12 deletions
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Azure DevOps Azure Federated Auth Task

-Private Azure DevOps extension with a single task: `AzureFederatedAuth@1`.
+Azure DevOps extension with a single task: `AzureFederatedAuth@1`.

 The task requests an OIDC token for a selected AzureRM service connection and exports:

@@ -14,7 +14,7 @@ The task requests an OIDC token for a selected AzureRM service connection and ex
 - Linux agents (YAML pipelines)
 - Job setting that exposes OAuth token (`System.AccessToken`)
 - AzureRM service connection with workload identity federation
- Visual Studio Marketplace publisher account (required to publish/share this extension, even for private org-only usage)
+- Visual Studio Marketplace publisher account (required to publish/share this extension, including org-only usage)

 ## Build

--- a/overview.md
+++ b/overview.md
@@ -0,0 +1,36 @@
+# Azure Federated Auth Task
+
+`AzureFederatedAuth@1` is an Azure Pipelines task that requests an OIDC token for an AzureRM service connection configured for workload identity federation.
+
+It is designed for pipelines that need ARM federation variables without storing long-lived secrets.
+
+## What It Sets
+
+- `ARM_OIDC_TOKEN` (secret)
+- `ARM_TENANT_ID`
+- `ARM_CLIENT_ID`
+- `GIT_ACCESS_TOKEN` (secret, optional)
+
+## Task Input
+
+- `serviceConnectionARM` (required): Azure Resource Manager service connection
+- `setGitAccessToken` (optional): exchanges OIDC assertion for Azure DevOps scope and sets `GIT_ACCESS_TOKEN`
+
+## Prerequisites
+
+- AzureRM service connection using workload identity federation
+- Pipeline access to `System.AccessToken`
+- Linux YAML agents
+
+## Example
+
+```yaml
+- task: AzureFederatedAuth@1
+  inputs:
+    serviceConnectionARM: 'my-arm-service-connection'
+    setGitAccessToken: true
+```
+
+## Repository
+
+https://gitea.koszewscy.waw.pl/koszewscy/ado-azurefederatedauth-task.git
--- a/task/AzureFederatedAuth/package.json
+++ b/task/AzureFederatedAuth/package.json
@@ -2,7 +2,7 @@
  "name": "azure-federated-auth-task",
  "version": "1.0.0",
  "private": true,
-  "description": "Azure DevOps private task to fetch OIDC token for AzureRM service connection.",
+  "description": "Azure DevOps task to fetch OIDC token for AzureRM service connection.",
  "main": "dist/index.js",
  "scripts": {
    "build": "tsc -p tsconfig.json",
--- a/task/AzureFederatedAuth/task.json
+++ b/task/AzureFederatedAuth/task.json
@@ -3,16 +3,16 @@
  "id": "11c532b8-f2bd-45f8-ac94-3b7e44608cc4",
  "name": "AzureFederatedAuth",
  "friendlyName": "Azure Federated Auth",
-  "description": "Requests an OIDC token for an AzureRM service connection and exports ARM_OIDC_TOKEN, ARM_TENANT_ID, ARM_CLIENT_ID, and optionally GIT_ACCESS_TOKEN for Azure DevOps Git HTTPS auth.",
-  "helpMarkDown": "Private task for YAML pipelines on Linux agents.",
+  "description": "Gets OIDC token and sets ARM vars (optionally GIT_ACCESS_TOKEN).",
+  "helpMarkDown": "For details, see: https://gitea.koszewscy.waw.pl/koszewscy/ado-azurefederatedauth-task.git",
  "category": "Deploy",
-  "author": "private",
+  "author": "skoszewski-lab",
  "version": {
    "Major": 1,
    "Minor": 0,
-    "Patch": 0
+    "Patch": 3
  },
-  "instanceNameFormat": "Configure Azure federated auth for $(serviceConnectionARM)",
+  "instanceNameFormat": "Configure federated auth: $(serviceConnectionARM)",
  "inputs": [
    {
      "name": "serviceConnectionARM",
@@ -25,10 +25,10 @@
    {
      "name": "setGitAccessToken",
      "type": "boolean",
-      "label": "Also set GIT_ACCESS_TOKEN for Azure DevOps Git HTTPS auth",
+      "label": "Set GIT_ACCESS_TOKEN for Azure DevOps Git",
      "defaultValue": "false",
      "required": false,
-      "helpMarkDown": "When enabled, exchanges the OIDC token for an Entra access token scoped to Azure DevOps (499b84ac-1321-427f-aa17-267ca6975798/.default) and sets secret variable GIT_ACCESS_TOKEN."
+      "helpMarkDown": "Exchange OIDC for Azure DevOps scope and set secret GIT_ACCESS_TOKEN."
    }
  ],
  "execution": {
--- a/vss-extension.json
+++ b/vss-extension.json
@@ -2,14 +2,19 @@
  "manifestVersion": 1,
  "id": "azuredevops-get-oidc-token-task",
  "name": "Azure DevOps AzureFederatedAuth Task",
-  "version": "1.0.0",
+  "version": "1.0.3",
  "publisher": "skoszewski-lab",
  "targets": [
    {
      "id": "Microsoft.VisualStudio.Services"
    }
  ],
-  "description": "Private Azure DevOps task to request an OIDC token for an AzureRM service connection and expose Terraform ARM variables.",
+  "description": "Azure DevOps task to request an OIDC token for an AzureRM service connection and expose Terraform ARM variables.",
+  "content": {
+    "details": {
+      "path": "overview.md"
+    }
+  },
  "categories": [
    "Azure Pipelines"
  ],
@@ -24,6 +29,10 @@
    {
      "path": "images",
      "addressable": true
+    },
+    {
+      "path": "overview.md",
+      "addressable": true
    }
  ],
  "contributions": [