Merge branch 'azure-sdk:main' into main

Author: Unity-Billal-mesloub

eng/.docsettings.yml

@@ -127,6 +127,7 @@ known_content_issues:
   - ['sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/README.md','azure-sdk-tools/issues/404']
   - ['sdk/extensions/Microsoft.Azure.WebJobs.Extensions.Clients/README.md','azure-sdk-tools/issues/404']
   - ['sdk/extensions/Microsoft.Extensions.Azure/README.md','azure-sdk-tools/issues/404']
+  - ['sdk/identity/Azure.Identity.Broker/README.md','azure-sdk-tools/issues/404']
   - ['sdk/storage/Azure.Storage.Common/README.md','azure-sdk-tools/issues/404']
   - ['sdk/textanalytics/Azure.AI.TextAnalytics.Legacy.Shared/README.md','https://github.com/Azure/azure-sdk-tools/issues/404']
   - ['sdk/webpubsub/Azure.Messaging.WebPubSub/README.md', 'azure-sdk-tools/issues/404 - requires different name for auth section']

eng/Packages.Data.props

@@ -457,7 +457,7 @@
 
   <PropertyGroup>
     <TestProxyVersion>1.0.0-dev.20250805.1</TestProxyVersion>
-    <UnbrandedGeneratorVersion>1.0.0-alpha.20250828.2</UnbrandedGeneratorVersion>
+    <UnbrandedGeneratorVersion>1.0.0-alpha.20250902.2</UnbrandedGeneratorVersion>
     <AzureGeneratorVersion>1.0.0-alpha.20250826.3</AzureGeneratorVersion>
   </PropertyGroup>
 </Project>

eng/azure-typespec-http-client-csharp-emitter-package-lock.json

@@ -1,7 +1,7 @@
 {
   "main": "dist/src/index.js",
   "dependencies": {
-    "@azure-typespec/http-client-csharp": "1.0.0-alpha.20250828.2"
+    "@azure-typespec/http-client-csharp": "1.0.0-alpha.20250902.2"
   },
   "devDependencies": {
     "@azure-tools/typespec-azure-core": "0.59.0",

eng/azure-typespec-http-client-csharp-emitter-package.json

@@ -1,7 +1,7 @@
 {
   "main": "dist/src/index.js",
   "dependencies": {
-    "@azure-typespec/http-client-csharp-mgmt": "1.0.0-alpha.20250827.1"
+    "@azure-typespec/http-client-csharp-mgmt": "1.0.0-alpha.20250902.1"
   },
   "devDependencies": {
     "@azure-tools/typespec-azure-core": "0.59.0",

eng/azure-typespec-http-client-csharp-mgmt-emitter-package-lock.json

@@ -358,8 +358,15 @@ try {
     # Make sure the provisioner OID is set so we can pass it through to the deployment.
     if (!$ProvisionerApplicationId -and !$ProvisionerApplicationOid) {
         if ($context.Account.Type -eq 'User') {
-            # HomeAccountId format is '<object id>.<tenant id>'
-            $userAccountId = (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
+            # Calls to graph API in corp tenant get blocked by conditional access policy now
+            # but not in TME. For corp tenant we get the user's id from the login context
+            # but for TME it is different so we have to source it from graph
+            $userAccountId = if ($wellKnownTMETenants.Contains($TenantId)) {
+                (Get-AzADUser -SignedIn).Id
+            } else {
+                # HomeAccountId format is '<object id>.<tenant id>'
+                (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
+            }
             if ($null -eq $userAccountId) {
                 throw "Failed to find entra object ID for the current user"
             }
@@ -430,12 +437,20 @@ try {
 
     if (!$CI -and !$ServicePrincipalAuth) {
         if ($TestApplicationId) {
-            Write-Warning "The specified TestApplicationId '$TestApplicationId' will be ignored when -ServicePrincipalAutth is not set."
+            Write-Warning "The specified TestApplicationId '$TestApplicationId' will be ignored when -ServicePrincipalAuth is not set."
         }
 
         $userAccountName = (Get-AzContext).Account.Id
         # HomeAccountId format is '<object id>.<tenant id>'
-        $userAccountId = (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
+        # Calls to graph API in corp tenant get blocked by conditional access policy now
+        # but not in TME. For corp tenant we get the user's id from the login context
+        # but for TME it is different so we have to source it from graph
+        $userAccountId = if ($wellKnownTMETenants.Contains($TenantId)) {
+            (Get-AzADUser -SignedIn).Id
+        } else {
+            # HomeAccountId format is '<object id>.<tenant id>'
+            (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
+        }
         if ($null -eq $userAccountId) {
             throw "Failed to find entra object ID for the current user"
         }

eng/azure-typespec-http-client-csharp-mgmt-emitter-package.json

@@ -1,22 +1,22 @@
 ---
 mode: 'agent'
-tools: ['azsdk_check_service_label', 'azsdk_engsys_validate_codeowners_entry_for_service', 'azsdk_engsys_codeowner_update'] 
+tools: ['azsdk_check_service_label', 'azsdk_engsys_validate_codeowners_entry_for_service', 'azsdk_engsys_codeowner_update']
 ---
 
-## Goal: 
+## Goal:
 Validate service label and ensure at least 2 valid code owners exist for SDK repositories.
 
 ## Step 1: Validate Service Label
 Use `azsdk_check_service_label` to verify the service label exists:
 - **DoesNotExist/NotAServiceLabel**: Direct user to create valid service label first. Stop validation process until service label is created.
 - **Exists/InReview**: Proceed to Step 2
 
-## Step 2: Validate Code Owners  
+## Step 2: Validate Code Owners
 Ask user to specify SDK repository they want to validate codeowners for or detect from context.
 
 Repository name mapping:
 - .NET/dotnet: use "azure-sdk-for-net"
-- Python: use "azure-sdk-for-python" 
+- Python: use "azure-sdk-for-python"
 - Java: use "azure-sdk-for-java"
 - JavaScript: use "azure-sdk-for-js"
 - Go: use "azure-sdk-for-go"
@@ -28,7 +28,7 @@ Use `azsdk_engsys_validate_codeowners_entry_for_service` with either `serviceLab
 
 ## Step 3: Check Existing Code Owners
 Valid code owners must be:
-- PUBLIC members of Microsoft and Azure GitHub organizations  
+- PUBLIC members of Microsoft and Azure GitHub organizations
 - Have write access to the SDK repository
 
 **If at least 2 valid owners**: Success - optionally add or delete additional owners
@@ -41,7 +41,7 @@ When no CODEOWNERS entry exists yet:
 1. Ensure you have the following information
    - repo - **Required** - Repository name mapping:
       - .NET/dotnet: use "azure-sdk-for-net"
-      - Python: use "azure-sdk-for-python" 
+      - Python: use "azure-sdk-for-python"
       - Java: use "azure-sdk-for-java"
       - JavaScript: use "azure-sdk-for-js"
       - Go: use "azure-sdk-for-go"
@@ -71,4 +71,4 @@ When no CODEOWNERS entry exists yet:
 ## Requirements
 - **MINIMUM**: At least 2 valid code owners at all times
 - **NO EXCEPTIONS**: Cannot proceed with insufficient owners
-- **RESPONSE HANDLING**: If any exception occurs during validation or creation, ALWAYS provide documentation link [Codeowners documentation](https://eng.ms/docs/products/azure-developer-experience/develop/supporting-sdk-customers/codeowners)
+- **RESPONSE HANDLING**: If any exception occurs during validation or creation, ALWAYS provide documentation link [CODEOWNERS documentation](https://eng.ms/docs/products/azure-developer-experience/develop/supporting-sdk-customers/codeowners)

eng/common/TestResources/New-TestResources.ps1

@@ -2,31 +2,53 @@
 mode: 'agent'
 tools: ['azsdk_check_service_label', 'azsdk_create_service_label']
 ---
-
+ 
 ## Goal
 Validate service label exists or create new one for SDK release process.
-
-## Step 1: Get Service Label
-Ask user for their service label. If none provided, explain that a valid service label is required for SDK release.
-
-## Step 2: Validate Label
+ 
+## Step 1: Provide Information
+ 
+Provide the following information about the importance of service labels:
+ 
+"Before your SDK is released, your service must have a valid service label in the Azure SDK repositories. Service labels enable automatic owner assignment and notifications across the Azure SDK ecosystem.
+ 
+When properly configured, service labels automatically:
+ 
+- Notify service owners when issues are filed against their SDK
+- Add appropriate reviewers to pull requests
+- Connect code changes to the right team members through CODEOWNERS integration
+ 
+Without a valid service label, the process to identify the correct service owners for issues and code reviews becomes manual and inefficient."
+ 
+## Step 2: Get Service Label
+ 
+Ask user for their service label. If they don't know their service label provide guidance:
+ 
+- Check out the [Common Labels CSV](https://github.com/Azure/azure-sdk-tools/blob/main/tools/github/data/common-labels.csv) file and look for a row whose first column contains your service's product name.
+ 
+If they don't have a service label - go to Step 3 for new service label
+ 
+## Step 3: Validate Label
+ 
 Use `azsdk_check_service_label` to check status:
-
+ 
 - **Exists**: Success - user can proceed with next steps in SDK release process
 - **InReview**: Label pending approval - user can proceed (will be available once merged)
 - **DoesNotExist**: Go to Step 3 to create new label
 - **NotAServiceLabel**: Label exists but it is not a service label - go to Step 3 for new service label
-
-## Step 3: Create New Service Label
+ 
+## Step 4: Create New Service Label
+ 
 If no valid service label exists, guide the user through creating a new one.
-
+ 
 1. **Check existing labels**: Search for related service labels, offer alternatives
 2. **Generate recommendation**: Suggest label name following guidelines:
+   - Should match the service's official product name as described on Service Tree (e.g., "Event Hubs", "Kusto", "Cosmos", etc.)
    - No "Microsoft/Azure" in name
    - Title Case (except short prepositions)
    - Avoid Service Groups: Use "Communication Rooms" instead of "Communication - Rooms"
    - Single label per service
 3. **Get confirmation**: User confirms or modifies suggested name
 4. **Create label**: Use `azsdk_create_service_label` with confirmed name and documentation link given by user
-
-Inform user they can proceed.
+ 
+Inform user they can proceed.