From 93615a1b1e44ce06ef91b1c1e80080dfa7a07a20 Mon Sep 17 00:00:00 2001
From: Slawomir Koszewski <slawek@koszewscy.waw.pl>
Date: Sat, 14 Feb 2026 20:23:50 +0100
Subject: [PATCH] Updated messages and correcteed repository URL information.

---
 README.md                            |  4 ++--
 overview.md                          | 36 ++++++++++++++++++++++++++++
 task/AzureFederatedAuth/package.json |  2 +-
 task/AzureFederatedAuth/task.json    | 14 +++++------
 vss-extension.json                   | 13 ++++++++--
 5 files changed, 57 insertions(+), 12 deletions(-)
 create mode 100644 overview.md

diff --git a/README.md b/README.md
index cd88a6e..0799584 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Azure DevOps Azure Federated Auth Task
 
-Private Azure DevOps extension with a single task: `AzureFederatedAuth@1`.
+Azure DevOps extension with a single task: `AzureFederatedAuth@1`.
 
 The task requests an OIDC token for a selected AzureRM service connection and exports:
 
@@ -14,7 +14,7 @@ The task requests an OIDC token for a selected AzureRM service connection and ex
 - Linux agents (YAML pipelines)
 - Job setting that exposes OAuth token (`System.AccessToken`)
 - AzureRM service connection with workload identity federation
-- Visual Studio Marketplace publisher account (required to publish/share this extension, even for private org-only usage)
+- Visual Studio Marketplace publisher account (required to publish/share this extension, including org-only usage)
 
 ## Build
 
diff --git a/overview.md b/overview.md
new file mode 100644
index 0000000..1baa38d
--- /dev/null
+++ b/overview.md
@@ -0,0 +1,36 @@
+# Azure Federated Auth Task
+
+`AzureFederatedAuth@1` is an Azure Pipelines task that requests an OIDC token for an AzureRM service connection configured for workload identity federation.
+
+It is designed for pipelines that need ARM federation variables without storing long-lived secrets.
+
+## What It Sets
+
+- `ARM_OIDC_TOKEN` (secret)
+- `ARM_TENANT_ID`
+- `ARM_CLIENT_ID`
+- `GIT_ACCESS_TOKEN` (secret, optional)
+
+## Task Input
+
+- `serviceConnectionARM` (required): Azure Resource Manager service connection
+- `setGitAccessToken` (optional): exchanges OIDC assertion for Azure DevOps scope and sets `GIT_ACCESS_TOKEN`
+
+## Prerequisites
+
+- AzureRM service connection using workload identity federation
+- Pipeline access to `System.AccessToken`
+- Linux YAML agents
+
+## Example
+
+```yaml
+- task: AzureFederatedAuth@1
+  inputs:
+    serviceConnectionARM: 'my-arm-service-connection'
+    setGitAccessToken: true
+```
+
+## Repository
+
+https://gitea.koszewscy.waw.pl/koszewscy/ado-azurefederatedauth-task.git
diff --git a/task/AzureFederatedAuth/package.json b/task/AzureFederatedAuth/package.json
index 79a5245..47dd433 100644
--- a/task/AzureFederatedAuth/package.json
+++ b/task/AzureFederatedAuth/package.json
@@ -2,7 +2,7 @@
   "name": "azure-federated-auth-task",
   "version": "1.0.0",
   "private": true,
-  "description": "Azure DevOps private task to fetch OIDC token for AzureRM service connection.",
+  "description": "Azure DevOps task to fetch OIDC token for AzureRM service connection.",
   "main": "dist/index.js",
   "scripts": {
     "build": "tsc -p tsconfig.json",
diff --git a/task/AzureFederatedAuth/task.json b/task/AzureFederatedAuth/task.json
index 16c59f4..4438238 100644
--- a/task/AzureFederatedAuth/task.json
+++ b/task/AzureFederatedAuth/task.json
@@ -3,16 +3,16 @@
   "id": "11c532b8-f2bd-45f8-ac94-3b7e44608cc4",
   "name": "AzureFederatedAuth",
   "friendlyName": "Azure Federated Auth",
-  "description": "Requests an OIDC token for an AzureRM service connection and exports ARM_OIDC_TOKEN, ARM_TENANT_ID, ARM_CLIENT_ID, and optionally GIT_ACCESS_TOKEN for Azure DevOps Git HTTPS auth.",
-  "helpMarkDown": "Private task for YAML pipelines on Linux agents.",
+  "description": "Gets OIDC token and sets ARM vars (optionally GIT_ACCESS_TOKEN).",
+  "helpMarkDown": "For details, see: https://gitea.koszewscy.waw.pl/koszewscy/ado-azurefederatedauth-task.git",
   "category": "Deploy",
-  "author": "private",
+  "author": "skoszewski-lab",
   "version": {
     "Major": 1,
     "Minor": 0,
-    "Patch": 0
+    "Patch": 3
   },
-  "instanceNameFormat": "Configure Azure federated auth for $(serviceConnectionARM)",
+  "instanceNameFormat": "Configure federated auth: $(serviceConnectionARM)",
   "inputs": [
     {
       "name": "serviceConnectionARM",
@@ -25,10 +25,10 @@
     {
       "name": "setGitAccessToken",
       "type": "boolean",
-      "label": "Also set GIT_ACCESS_TOKEN for Azure DevOps Git HTTPS auth",
+      "label": "Set GIT_ACCESS_TOKEN for Azure DevOps Git",
       "defaultValue": "false",
       "required": false,
-      "helpMarkDown": "When enabled, exchanges the OIDC token for an Entra access token scoped to Azure DevOps (499b84ac-1321-427f-aa17-267ca6975798/.default) and sets secret variable GIT_ACCESS_TOKEN."
+      "helpMarkDown": "Exchange OIDC for Azure DevOps scope and set secret GIT_ACCESS_TOKEN."
     }
   ],
   "execution": {
diff --git a/vss-extension.json b/vss-extension.json
index e7e968f..448d371 100644
--- a/vss-extension.json
+++ b/vss-extension.json
@@ -2,14 +2,19 @@
   "manifestVersion": 1,
   "id": "azuredevops-get-oidc-token-task",
   "name": "Azure DevOps AzureFederatedAuth Task",
-  "version": "1.0.0",
+  "version": "1.0.3",
   "publisher": "skoszewski-lab",
   "targets": [
     {
       "id": "Microsoft.VisualStudio.Services"
     }
   ],
-  "description": "Private Azure DevOps task to request an OIDC token for an AzureRM service connection and expose Terraform ARM variables.",
+  "description": "Azure DevOps task to request an OIDC token for an AzureRM service connection and expose Terraform ARM variables.",
+  "content": {
+    "details": {
+      "path": "overview.md"
+    }
+  },
   "categories": [
     "Azure Pipelines"
   ],
@@ -24,6 +29,10 @@
     {
       "path": "images",
       "addressable": true
+    },
+    {
+      "path": "overview.md",
+      "addressable": true
     }
   ],
   "contributions": [