Resolve conflicts between release-2024-02-06 and main (#24097)

* [Account]Redirect DeviceCode Info from warning stream to information stream in `Connect-AzAccount` (#23665)

* Redirct DeviceCode Info from warning stream to information stream

* add change log

* writehighlightedinformation

* Formmat device code login message

* rename writeinformation

* polish code

* update comments for CommonRepo.psm1 (#24077)

* update comments for CommonRepo.psm1

* update

* Sync resourceManagement.yml (#24085)

* Implemention of AuxTenant parameter in New-AzResourceGroupDeployment. (#24088)

* Implemention of AuxTenant parameter in New-AzResourceGroupDeployment.

Allows cmdlet to work with deployments that reference resources in other
tenants. For example, it allows vnet peering where the target vnet
exists in a different tenant as the source vnet.

* Polish ChangeLog.md

* Revert Resources.sln

---------

Co-authored-by: Jin Lei <[email protected]>
Co-authored-by: Lei Jin <[email protected]>

* Sync resourceManagement.yml (#24092)

* Resolve conflict with main

---------

Co-authored-by: Beisi Zhou <[email protected]>
Co-authored-by: Yabo Hu <[email protected]>
Co-authored-by: Azure PowerShell <[email protected]>
Co-authored-by: Dante <[email protected]>
Co-authored-by: Jin Lei <[email protected]>
Co-authored-by: Lei Jin <[email protected]>

.github/policies/resourceManagement.yml

@@ -1717,6 +1717,22 @@ configuration:
             - hiaga
             replyTemplate: Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc ${mentionees}.
             assignMentionees: False
+      - if:
+        - or:
+          - labelAdded:
+              label: Service Attention
+          - labelAdded:
+              label: DesktopVirtualization
+        - hasLabel:
+            label: Service Attention
+        - hasLabel:
+            label: DesktopVirtualization
+        then:
+        - mentionUsers:
+            mentionees:
+            - alec-baird，costinhagiu
+            replyTemplate: Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc ${mentionees}.
+            assignMentionees: False
       - if:
         - or:
           - labelAdded:
@@ -2049,6 +2065,9 @@ configuration:
         then:
         - mentionUsers:
             mentionees:
+            - bavneetsingh16
+            - Arif-lakhani
+            - ramyasreechakka
             - NarayanThiru
             replyTemplate: Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc ${mentionees}.
             assignMentionees: False

src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs

@@ -45,6 +45,7 @@
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using Microsoft.Azure.PowerShell.Common.Share.Survey;
 using Microsoft.Azure.Commands.Profile.Utilities;
+using System.Management.Automation.Runspaces;
 
 namespace Microsoft.Azure.Commands.Profile
 {
@@ -249,6 +250,7 @@ protected override IAzureContext DefaultContext
         protected override void BeginProcessing()
         {
             base.BeginProcessing();
+            ValidateActionRequiredMessageCanBePresented();
             if (AzureEnvironment.PublicEnvironments.ContainsKey(EnvironmentName.AzureCloud))
             {
                 _environment = AzureEnvironment.PublicEnvironments[EnvironmentName.AzureCloud];
@@ -273,11 +275,19 @@ protected override void BeginProcessing()
 
             _writeWarningEvent -= WriteWarningSender;
             _writeWarningEvent += WriteWarningSender;
+            _writeInformationEvent -= WriteInformationSender;
+            _writeInformationEvent += WriteInformationSender;
+
             // store the original write warning handler, register a thread safe one
             AzureSession.Instance.TryGetComponent(WriteWarningKey, out _originalWriteWarning);
             AzureSession.Instance.UnregisterComponent<EventHandler<StreamEventArgs>>(WriteWarningKey);
             AzureSession.Instance.RegisterComponent(WriteWarningKey, () => _writeWarningEvent);
 
+            // store the original write information handler, register a thread safe one
+            AzureSession.Instance.TryGetComponent(WriteInformationKey, out _originalWriteInformation);
+            AzureSession.Instance.UnregisterComponent<EventHandler<StreamEventArgs>>(WriteInformationKey);
+            AzureSession.Instance.RegisterComponent(WriteInformationKey, () => _writeInformationEvent);
+
             // todo: ideally cancellation token should be passed to authentication factory as a parameter
             // however AuthenticationFactory.Authenticate does not support it
             // so I store it in AzureSession.Instance as a global variable
@@ -289,11 +299,19 @@ protected override void BeginProcessing()
         private event EventHandler<StreamEventArgs> _writeWarningEvent;
         private event EventHandler<StreamEventArgs> _originalWriteWarning;
 
+        private event EventHandler<StreamEventArgs> _writeInformationEvent;
+        private event EventHandler<StreamEventArgs> _originalWriteInformation;
+
         private void WriteWarningSender(object sender, StreamEventArgs args)
         {
             _tasks.Enqueue(new Task(() => this.WriteWarning(args.Message)));
         }
 
+        private void WriteInformationSender(object sender, StreamEventArgs args)
+        {
+            _tasks.Enqueue(new Task(() => this.WriteInformation(args.Message)));
+        }
+
         protected override void StopProcessing()
         {
             if (AzureSession.Instance.TryGetComponent("LoginCancellationToken", out CancellationTokenSource cancellationTokenSource))
@@ -562,6 +580,20 @@ public override void ExecuteCmdlet()
             }
         }
 
+        private void ValidateActionRequiredMessageCanBePresented()
+        {
+            if (UseDeviceAuthentication.IsPresent && IsWriteInformationIgnored())
+            {
+                throw new ActionPreferenceStopException(Resources.DoNotIgnoreInformationIfUserDeviceAuth);
+            }
+        }
+
+        private bool IsWriteInformationIgnored()
+        {
+            return !MyInvocation.BoundParameters.ContainsKey("InformationAction") && ActionPreference.Ignore.ToString().Equals(SessionState?.PSVariable?.GetValue("InformationPreference", ActionPreference.SilentlyContinue)?.ToString() ?? "") ||
+                MyInvocation.BoundParameters.TryGetValue("InformationAction", out var value) && ActionPreference.Ignore.ToString().Equals(value?.ToString() ?? "", StringComparison.InvariantCultureIgnoreCase);
+        }
+
         private string PreProcessAuthScope()
         {
             string mappedScope = AuthScope;
@@ -774,6 +806,9 @@ protected override void EndProcessing()
             // unregister the thread-safe write warning, because it won't work out of this cmdlet
             AzureSession.Instance.UnregisterComponent<EventHandler<StreamEventArgs>>(WriteWarningKey);
             AzureSession.Instance.RegisterComponent(WriteWarningKey, () => _originalWriteWarning);
+            // unregister the thread-safe write information, because it won't work out of this cmdlet
+            AzureSession.Instance.UnregisterComponent<EventHandler<StreamEventArgs>>(WriteInformationKey);
+            AzureSession.Instance.RegisterComponent(WriteInformationKey, () => _originalWriteInformation);
         }
     }
 }

src/Accounts/Accounts/ChangeLog.md

@@ -19,14 +19,17 @@
 -->
 
 ## Upcoming Release
+* Redirected device code login messages from warning stream to information stream if use device authentication in `Connect-AzAccount`.
 
 ## Version 2.15.1
 * Upgraded the reference of Azure PowerShell Common to 1.3.90-preview.
 * Upgraded Azure.Identity to 1.10.3 [#23018].
   - Renamed token cache from `msal.cache` to `msal.cache.cae` or `masl.cache.nocae`.
 * Enabled Continue Access Evaluation (CAE) for all Service Principals login methods.
 * Supported signing in with Microsoft Account (MSA) via Web Account Manager (WAM). Enable it by `Set-AzConfig -EnableLoginByWam $true`.
-* Adjusted output format to be more user-friendly for `Get-AzContext/Tenant/Subscription` and `Invoke-AzRestMethod`.
+* Adjusted output format to be more user-friendly for `Get-AzContext/Tenant/Subscription` and `Invoke-AzRestMethod`, including 
+    - ordering and grouping output items to make items easy to find.
+    - re-prioritizing positions for output properties to highlight valuable properties.
 * Fixed the multiple `x-ms-unique-id` values issue.
 
 ## Version 2.15.0

src/Accounts/Accounts/Properties/Resources.resx

@@ -595,4 +595,7 @@
   <data name="ProfileCredentialsWriteWarning" xml:space="preserve">
     <value>Personally identifiable information and confidential data may be written to the file located at '{0}'. Please ensure that appropriate access controls are assigned to the saved file.</value>
   </data>
+  <data name="DoNotIgnoreInformationIfUserDeviceAuth" xml:space="preserve">
+    <value>Please do not set InformationAction or $InformationPreference to Ignore if you want to use device code authentication.</value>
+  </data>
 </root>

src/Accounts/Authenticators/DeviceCodeAuthenticator.cs

@@ -12,10 +12,6 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
-using System;
-using System.Threading;
-using System.Threading.Tasks;
-
 using Azure.Core;
 using Azure.Identity;
 
@@ -24,6 +20,12 @@
 using Microsoft.Azure.Commands.Common.Authentication;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Azure.Commands.ResourceManager.Common;
+using Microsoft.WindowsAzure.Commands.Common;
+
+using System;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
 
 namespace Microsoft.Azure.PowerShell.Authenticators
 {
@@ -64,7 +66,7 @@ public override Task<IAccessToken> Authenticate(AuthenticationParameters paramet
 
         private Task DeviceCodeFunc(DeviceCodeInfo info, CancellationToken cancellation)
         {
-            WriteWarning(info.Message);
+            WriteInfomartion(info.Message, info.UserCode);
             return Task.CompletedTask;
         }
 
@@ -73,12 +75,29 @@ public override bool CanAuthenticate(AuthenticationParameters parameters)
             return (parameters as DeviceCodeParameters) != null;
         }
 
-        private void WriteWarning(string message)
+
+        private void WriteInfomartion(string message, string userCode)
         {
-            EventHandler<StreamEventArgs> writeWarningEvent;
-            if (AzureSession.Instance.TryGetComponent(AzureRMCmdlet.WriteWarningKey, out writeWarningEvent))
+
+            var loginInfo = new StringBuilder();
+            string LoginToAzurePhrase = $"{PSStyle.Bold}{PSStyle.BackgroundColor.Blue}[Login to Azure]{PSStyle.Reset} ";
+            loginInfo.Append(LoginToAzurePhrase);
+
+            if (!string.IsNullOrEmpty(userCode))
+            {
+                var formattedUserCode = $"{PSStyle.Underline}{userCode}{PSStyle.Reset}";
+                var formattedMessage = message.Replace(userCode, formattedUserCode);
+                loginInfo.Append(formattedMessage);
+            }
+            else
+            {
+                loginInfo.Append(message);
+            }
+
+            EventHandler<StreamEventArgs> writeInforamtionEvent;
+            if (AzureSession.Instance.TryGetComponent(AzureRMCmdlet.WriteInformationKey, out writeInforamtionEvent))
             {
-                writeWarningEvent(this, new StreamEventArgs() { Message = message });
+                writeInforamtionEvent(this, new StreamEventArgs() { Message = loginInfo.ToString() });
             }
         }
     }

src/Resources/ResourceManager/Implementation/ResourceGroupDeployments/NewAzureResourceGroupDeploymentCmdlet.cs

@@ -78,6 +78,9 @@ public class NewAzureResourceGroupDeploymentCmdlet : DeploymentCreateCmdlet
         [Parameter(Mandatory = false, HelpMessage = "Run cmdlet in the background")]
         public SwitchParameter AsJob { get; set; }
 
+        [Parameter(Mandatory = false, HelpMessage = "Aux tenant ids for cross tenant references in deployments.")]
+        public string[] AuxTenant { get; set; }
+
         protected override ConfirmImpact ConfirmImpact => ((CmdletAttribute)Attribute.GetCustomAttribute(
             typeof(NewAzureResourceGroupDeploymentCmdlet),
             typeof(CmdletAttribute))).ConfirmImpact;
@@ -102,7 +105,8 @@ public class NewAzureResourceGroupDeploymentCmdlet : DeploymentCreateCmdlet
                     Type = RollbackToLastDeployment ? OnErrorDeploymentType.LastSuccessful : OnErrorDeploymentType.SpecificDeployment,
                     DeploymentName = RollbackToLastDeployment ? null : RollBackDeploymentName
                 }
-                : null
+                : null,
+            AuxTenantHeaders = GetAuxiliaryAuthHeaderFromTenantIds(AuxTenant)
         };
 
         protected override PSDeploymentWhatIfCmdletParameters BuildWhatIfParameters() => new PSDeploymentWhatIfCmdletParameters(
@@ -117,7 +121,7 @@ public class NewAzureResourceGroupDeploymentCmdlet : DeploymentCreateCmdlet
             templateParametersUri: this.TemplateParameterUri,
             templateParametersObject: this.GetTemplateParameterObject(),
             resultFormat: this.WhatIfResultFormat,
-            excludeChangeTypes: this.WhatIfExcludeChangeType); 
+            excludeChangeTypes: this.WhatIfExcludeChangeType);
 
         protected override void OnProcessRecord()
         {

src/Resources/ResourceManager/SdkClient/NewResourceManagerSdkClient.cs

@@ -511,7 +511,15 @@ private DeploymentValidateResult ValidateDeployment(PSDeploymentCmdletParameters
                     return ResourceManagementClient.Deployments.ValidateAtManagementGroupScope(parameters.ManagementGroupId, parameters.DeploymentName, scopedDeployment);
 
                 case DeploymentScopeType.ResourceGroup:
-                    return ResourceManagementClient.Deployments.Validate(parameters.ResourceGroupName, parameters.DeploymentName, deployment);
+                    if (parameters.AuxTenantHeaders != null)
+                    {
+                        return ResourceManagementClient.Deployments.ValidateWithHttpMessagesAsync(parameters.ResourceGroupName, parameters.DeploymentName, deployment,
+                            customHeaders: ConvertAuxTenantDictionary(parameters.AuxTenantHeaders)).GetAwaiter().GetResult().Body;
+                    }
+                    else
+                    {
+                        return ResourceManagementClient.Deployments.Validate(parameters.ResourceGroupName, parameters.DeploymentName, deployment);
+                    }
 
                 case DeploymentScopeType.Subscription:
                 default:
@@ -647,7 +655,15 @@ private void BeginDeployment(PSDeploymentCmdletParameters parameters, Deployment
                     break;
 
                 case DeploymentScopeType.ResourceGroup:
-                    ResourceManagementClient.Deployments.BeginCreateOrUpdate(parameters.ResourceGroupName, parameters.DeploymentName, deployment);
+                    if (parameters.AuxTenantHeaders != null)
+                    {
+                        ResourceManagementClient.Deployments.BeginCreateOrUpdateWithHttpMessagesAsync(parameters.ResourceGroupName, parameters.DeploymentName, deployment,
+                            customHeaders: ConvertAuxTenantDictionary(parameters.AuxTenantHeaders)).GetAwaiter().GetResult();
+                    }
+                    else
+                    {
+                        ResourceManagementClient.Deployments.BeginCreateOrUpdate(parameters.ResourceGroupName, parameters.DeploymentName, deployment);
+                    }
                     break;
 
                 case DeploymentScopeType.Subscription:
@@ -656,6 +672,22 @@ private void BeginDeployment(PSDeploymentCmdletParameters parameters, Deployment
                     break;
             }
         }
+        /// <summary>
+        /// Conversion method for aux tenant dictionary to put it in correct format for passing as custom header object in sdk.
+        /// </summary>
+        /// <param name="auxTenants">Dictionary of tenant to tokens.</param>
+        private Dictionary<string, List<string>> ConvertAuxTenantDictionary(IDictionary<string, IList<string>> auxTenants)
+        {
+            if (auxTenants == null) return null;
+
+            var headers = new Dictionary<string, List<string>> ();
+            foreach (KeyValuePair<string, IList<string>> entry in auxTenants)
+            {
+                headers[entry.Key] = entry.Value.ToList();
+            }
+
+            return headers;
+        }
 
         private void RunDeploymentValidation(PSDeploymentCmdletParameters parameters, Deployment deployment)
         {

src/Resources/ResourceManager/SdkModels/Deployments/PSDeploymentCmdletParameters.cs

@@ -41,5 +41,7 @@ public class PSDeploymentCmdletParameters
         public string DeploymentDebugLogLevel { get; set; }
 
         public OnErrorDeployment OnErrorDeployment { get; set; }
+
+        public IDictionary<string, IList<string>> AuxTenantHeaders { get; set; }
     }
 }

src/Resources/Resources/ChangeLog.md

@@ -19,6 +19,7 @@
 -->
 
 ## Upcoming Release
+* Added `AuxTenant` parameter in `New-AzResourceGroupDeployment`to support cross-tenant deployment.
 
 ## Version 6.15.0
 * Supported `-SkipClientSideScopeValidation` in RoleAssignment and RoleDefinition related commands. [#22473]