prepare release v1.6.0

* pre and post cleanup-cli

* exec azpath

* enable azure powershell part

* set user agent

* extract utils

* divide cleanup

* extract azpsconfig class

* fix test

* move runpsscript

* change to AzPSUtils

* fix typo

.github/workflows/azure-login-canary.yml

@@ -30,7 +30,7 @@ jobs:
            az --version
            
       - name: Check out repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         
       - name: 'Az CLI login with subscription'
         uses: azure/login@v1

.github/workflows/azure-login-negative.yml

@@ -9,86 +9,6 @@ permissions:
 
 jobs:
 
-  OSTest:
-    runs-on: macos-latest
-    environment: Automation test
-
-    steps:
-    - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
-
-    - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
-      with:
-        node-version: 16.x
-
-    - name: 'Validate build'
-      run: |
-        npm install
-        npm run build
-        npm run test
-
-    - name: Login with creds
-      continue-on-error: true
-      uses: ./
-      with:
-        creds: ${{secrets.SP1}}
-        enable-AzPSSession: true
-
-    - name: Run Azure Cli
-      run: |
-        az account show --output none
-        az group show --name GitHubAction_CI_RG --output none
-        az vm list --output none
-
-    - name: Run Azure PowerShell
-      id: ps_1
-      continue-on-error: true
-      uses: azure/powershell@v1.2.0
-      with:
-        azPSVersion: "latest"
-        inlineScript: |
-          (Get-AzContext).Environment.Name -eq 'AzureCloud'
-          (Get-AzResourceGroup -Name GitHubAction_CI_RG).ResourceGroupName -eq 'GitHubAction_CI_RG'
-          (Get-AzVM).Count -gt 0
-
-    - name: Check Last step failed
-      if: steps.ps_1.outcome == 'success'
-      uses: actions/github-script@v3
-      with:
-          script: |
-            core.setFailed('Last action should fail but not. Please check it.')
-
-    - name: Login with individual parameters
-      id: login_2
-      uses: ./
-      with:
-        client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }}
-        tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }}
-        # subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }}
-        allow-no-subscriptions: true
-        enable-AzPSSession: true
-
-    - name: Run Azure Cli again
-      run: |
-        az account show --output none
-
-    - name: Run Azure PowerShell again
-      id: ps_2
-      continue-on-error: true
-      uses: azure/powershell@v1.2.0
-      with:
-        azPSVersion: "latest"
-        inlineScript: |
-          (Get-AzContext).Environment.Name -eq 'AzureCloud'
-
-    - name: Check Last step failed
-      if: steps.ps_2.outcome == 'success'
-      uses: actions/github-script@v3
-      with:
-          script: |
-            core.setFailed('Last action should fail but not. Please check it.')
-
   PermissionTest:
     strategy:
       matrix:
@@ -99,10 +19,10 @@ jobs:
     steps:
 
     - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 
@@ -130,7 +50,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.cli_3.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -138,7 +58,7 @@ jobs:
     - name: Run Azure PowerShell
       id: ps_3
       continue-on-error: true
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -148,7 +68,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.ps_3.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -162,10 +82,10 @@ jobs:
 
     steps:
     - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 
@@ -184,7 +104,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_4.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -199,7 +119,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_5.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -213,7 +133,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_6.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -229,7 +149,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_7.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -246,7 +166,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_8.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -266,7 +186,7 @@ jobs:
     - name: Run Azure PowerShell
       id: ps_8
       continue-on-error: true
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -276,7 +196,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.ps_8.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -296,7 +216,7 @@ jobs:
     - name: Run Azure PowerShell
       id: ps_9
       continue-on-error: true
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -306,7 +226,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.ps_9.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -325,7 +245,7 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_10.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -342,12 +262,12 @@ jobs:
 
     - name: Check Last step failed
       if: steps.login_11.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
 
-    # Secret of SP1 in creds will be used to sign in SP2
+    # SP1 is ignored and SP2 will be used for login, but it will fail since SP2 has no access to the given subscription
     - name: Login with both creds and individual parameters
       id: login_12
       continue-on-error: true
@@ -362,7 +282,7 @@ jobs:
     
     - name: Check Last step failed
       if: steps.login_12.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -378,7 +298,38 @@ jobs:
       
     - name: Check Last step failed
       if: steps.login_13.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
+      with:
+          script: |
+            core.setFailed('Last action should fail but not. Please check it.')
+    
+    - name: Login with individual parameters, no subscription-id, no allow-no-subscriptions
+      id: login_14
+      continue-on-error: true
+      uses: ./
+      with:
+        client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }}
+        tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }}
+        enable-AzPSSession: true
+
+    - name: Check Last step failed
+      if: steps.login_14.outcome == 'success'
+      uses: actions/github-script@v7
+      with:
+          script: |
+            core.setFailed('Last action should fail but not. Please check it.')
+    
+    - name: Login with creds, no subscription-id, no allow-no-subscriptions
+      id: login_15
+      continue-on-error: true
+      uses: ./
+      with:
+        creds: '{"clientId":"${{ secrets.OIDC_SP2_CLIENT_ID }}","clientSecret":"${{ secrets.SP2_CLIENT_SECRET }}","tenantId":"${{ secrets.OIDC_SP2_TENANT_ID }}"}'
+        enable-AzPSSession: true
+
+    - name: Check Last step failed
+      if: steps.login_15.outcome == 'success'
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')
@@ -392,10 +343,10 @@ jobs:
 
     steps:
     - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 
@@ -411,7 +362,7 @@ jobs:
     
     - name: Check Last step failed
       if: steps.login_14.outcome == 'success'
-      uses: actions/github-script@v3
+      uses: actions/github-script@v7
       with:
           script: |
             core.setFailed('Last action should fail but not. Please check it.')

.github/workflows/azure-login-positive.yml

@@ -12,16 +12,16 @@ jobs:
   BasicTest:
     strategy:
       matrix:
-        os: [ubuntu-latest, windows-latest, self_linux, self_windows]
+        os: [ubuntu-latest, windows-latest, macos-latest, self_linux, self_windows]
     runs-on: ${{ matrix.os }}
     environment: Automation test
 
     steps:
     - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 
@@ -47,7 +47,7 @@ jobs:
         az vm list --output none
 
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -61,10 +61,9 @@ jobs:
     - name: Login with individual parameters
       uses: ./
       with:
-        client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }}
-        tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }}
-        # subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }}
-        allow-no-subscriptions: true
+        client-id: ${{ secrets.SP1_CLIENT_ID }}
+        tenant-id: ${{ secrets.SP1_TENANT_ID }}
+        subscription-id: ${{ secrets.SP1_SUBSCRIPTION_ID }}
         enable-AzPSSession: true
 
     - name: Run Azure Cli again
@@ -72,7 +71,7 @@ jobs:
         az account show --output none
 
     - name: Run Azure PowerShell again
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -95,7 +94,7 @@ jobs:
         az vm list --output none
 
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -109,16 +108,16 @@ jobs:
   ParameterTest:
     strategy:
       matrix:
-        os: [ubuntu-latest, windows-latest]
+        os: [ubuntu-latest, windows-latest, macos-latest]
     runs-on: ${{ matrix.os }}
     environment: Automation test
 
     steps:
     - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 
@@ -165,7 +164,7 @@ jobs:
         az vm list --output none
  
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -176,6 +175,29 @@ jobs:
                 throw "Not all checks passed!"
             }
 
+    - name: Login with individual parameters, allow no subscription
+      uses: ./
+      with:
+        client-id: ${{ secrets.SP1_CLIENT_ID }}
+        tenant-id: ${{ secrets.SP1_TENANT_ID}}
+        subscription-id: ${{ secrets.SP1_SUBSCRIPTION_ID }}
+        allow-no-subscriptions: true
+        enable-AzPSSession: true
+
+    - name: Run Azure Cli again
+      run: |
+        az account show --output none
+
+    - name: Run Azure PowerShell again
+      uses: azure/powershell@v1
+      with:
+        azPSVersion: "latest"
+        inlineScript: |
+            $checkResult = (Get-AzContext).Environment.Name -eq 'AzureCloud'
+            if(-not $checkResult){
+                throw "Not all checks passed!"
+            }
+
     - name: Login with individual parameters, no subscription, allow no subscription
       uses: ./
       with:
@@ -184,12 +206,37 @@ jobs:
         allow-no-subscriptions: true
         enable-AzPSSession: true
 
+    - name: Run Azure Cli
+      shell: pwsh
+      run: |
+        $checkResult = (az account list --output json | ConvertFrom-Json).Count -eq 2
+        if(-not $checkResult){
+            throw "Not all checks passed!"
+        }
+
+    - name: Run Azure PowerShell
+      uses: azure/powershell@v1
+      with:
+        azPSVersion: "latest"
+        inlineScript: |
+            $checkResult = (Get-AzContext -ListAvailable).Count -eq 2
+            if(-not $checkResult){
+              throw "Not all checks passed!"
+            }
+
+    - name: Login with creds, no subscription, allow no subscription
+      uses: ./
+      with:
+        creds: '{"clientId":"${{ secrets.OIDC_SP2_CLIENT_ID }}","clientSecret":"${{ secrets.SP2_CLIENT_SECRET }}","tenantId":"${{ secrets.OIDC_SP2_TENANT_ID }}"}'
+        allow-no-subscriptions: true
+        enable-AzPSSession: true
+
     - name: Run Azure Cli
       run: |
         az account show --output none
 
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -207,10 +254,10 @@ jobs:
 
     steps:
     - name: 'Checking out repo code'
-      uses: actions/checkout@v3.5.2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 
@@ -231,7 +278,7 @@ jobs:
         az account show --output none
     
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -254,7 +301,7 @@ jobs:
         az vm list --output none
   
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -278,7 +325,7 @@ jobs:
         az account show --output none
     
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -302,7 +349,7 @@ jobs:
         az vm list --output none
     
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |

.github/workflows/azure-login-pr-check.yml

@@ -11,14 +11,14 @@ jobs:
      runs-on: windows-latest
      steps:
        - name: Checkout from PR branch  
-         uses: actions/checkout@v2
+         uses: actions/checkout@v4
          with: 
           repository: ${{ github.event.pull_request.head.repo.full_name }}
           ref: ${{ github.event.pull_request.head.ref }}
 
          # Using 16.x version as an example
        - name: Set Node.js 16.x for GitHub Action
-         uses: actions/setup-node@v1
+         uses: actions/setup-node@v4
          with:
            node-version: 16.x
 

.github/workflows/ci.yml

@@ -1,3 +1,5 @@
+name: Build and Test
+
 on:
   pull_request:
     branches:
@@ -16,10 +18,10 @@ jobs:
     steps:
 
     - name: 'Checking out repo code'
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: Set Node.js 16.x for GitHub Action
-      uses: actions/setup-node@v1
+      uses: actions/setup-node@v4
       with:
         node-version: 16.x
 

.github/workflows/codeql.yml

@@ -14,23 +14,13 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
+      uses: actions/checkout@v4
 
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-      
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v2
-      # Override language selection by uncommenting this and choosing your languages
-      # with:
-      #   languages: go, javascript, csharp, python, cpp, java
+      with:
+        languages: javascript
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)

.github/workflows/defaultLabels.yml

@@ -14,7 +14,7 @@ jobs:
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
           
-      - uses: actions/stale@v3
+      - uses: actions/stale@v8
         name: Setting issue as idle
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
@@ -25,7 +25,7 @@ jobs:
           operations-per-run: 100
           exempt-issue-labels: 'backlog'
           
-      - uses: actions/stale@v3
+      - uses: actions/stale@v8
         name: Setting PR as idle
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/markdownlint.yml

@@ -7,9 +7,9 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Use Node.js
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 16.x
       - name: Run Markdownlint

README.md

@@ -235,7 +235,7 @@ jobs:
             az account show
 
       - name: Azure PowerShell script
-        uses: azure/powershell@v1.2.0
+        uses: azure/powershell@v1
         with:
           azPSVersion: "latest"
           inlineScript: |
@@ -323,7 +323,7 @@ jobs:
           az account show
 
     - name: Azure PowerShell script
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -394,7 +394,7 @@ jobs:
             az account show
 
       - name: Azure PowerShell script
-        uses: azure/powershell@v1.2.0
+        uses: azure/powershell@v1
         with:
           azPSVersion: "latest"
           inlineScript: |
@@ -461,7 +461,7 @@ jobs:
             az account show
 
       - name: Azure PowerShell script
-        uses: azure/powershell@v1.2.0
+        uses: azure/powershell@v1
         with:
           azPSVersion: "latest"
           inlineScript: |
@@ -549,7 +549,7 @@ jobs:
           az account show
 
     - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
+      uses: azure/powershell@v1
       with:
         azPSVersion: "latest"
         inlineScript: |
@@ -570,7 +570,7 @@ This action doesn't implement ```az logout``` by default at the end of execution
       az account clear
 
 - name: Azure PowerShell script
-  uses: azure/powershell@v1.2.0
+  uses: azure/powershell@v1
   with:
     azPSVersion: "latest"
     inlineScript: |

__tests__/LoginConfig.test.ts

@@ -74,16 +74,29 @@ describe("LoginConfig Test", () => {
         await testCreds(creds1);
 
     });
-
-    test('initialize with creds, lack of subscriptionId', async () => {
+   
+    test('initialize with creds, lack of subscriptionId, but allowNoSubscriptionsLogin=true', async () => {
         let creds1 = {
             'clientId': 'client-id',
             'clientSecret': 'client-secret',
             'tenantId': 'tenant-id',
             // 'subscriptionId': 'subscription-id'
         }
-        await testCreds(creds1);
-
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'true');
+        setEnv('auth-type', 'SERVICE_PRINCIPAL');
+        setEnv('creds', JSON.stringify(creds1));
+        let loginConfig = new LoginConfig();
+        await loginConfig.initialize();
+        expect(loginConfig.environment).toBe("azurecloud");
+        expect(loginConfig.enableAzPSSession).toBeTruthy();
+        expect(loginConfig.allowNoSubscriptionsLogin).toBeTruthy();
+        expect(loginConfig.authType).toBe("SERVICE_PRINCIPAL");
+        expect(loginConfig.servicePrincipalId).toBe("client-id");
+        expect(loginConfig.servicePrincipalSecret).toBe("client-secret");
+        expect(loginConfig.tenantId).toBe("tenant-id");
+        expect(loginConfig.subscriptionId).toBe("");
     });
 
     test('initialize with creds', async () => {

__tests__/PowerShell/AzPSLogin.test.ts

@@ -1,92 +1,92 @@
-import * as os from 'os';
-
-import { AzPSLogin } from '../../src/PowerShell/AzPSLogin';
-import { LoginConfig } from '../../src/common/LoginConfig';
-import AzPSConstants from '../../src/PowerShell/AzPSConstants';
-
-let azpsLogin: AzPSLogin;
-jest.setTimeout(30000);
-
-beforeAll(() => {
-    var loginConfig = new LoginConfig();
-    loginConfig.servicePrincipalId = "servicePrincipalID";
-    loginConfig.servicePrincipalSecret = "servicePrincipalSecret";
-    loginConfig.tenantId = "tenantId";
-    loginConfig.subscriptionId = "subscriptionId";
-    azpsLogin = new AzPSLogin(loginConfig);
-});
-
-afterEach(() => {
-    jest.restoreAllMocks();
-});
-
-describe('Testing login', () => {
-    let loginSpy;
-    
-    beforeEach(() => {
-        loginSpy = jest.spyOn(azpsLogin, 'login');
-    });
-
-    test('ServicePrincipal login should pass', async () => {
-        loginSpy.mockImplementationOnce(() => Promise.resolve());
-        await azpsLogin.login();
-        expect(loginSpy).toHaveBeenCalled();
-    });
-});
-
-describe('Testing set module path', () => {
-    test('setDefaultPSModulePath should work', () => {
-        azpsLogin.setPSModulePathForGitHubRunner();
-        const runner: string = process.env.RUNNER_OS || os.type();
-        if(runner.toLowerCase() === "linux"){
-            expect(process.env.PSModulePath).toContain(AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX);
-        }
-        if(runner.toLowerCase().startsWith("windows")){
-            expect(process.env.PSModulePath).toContain(AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS);
-        }
-    });
-
-});
-
-describe('Testing runPSScript', () => {
-    test('Get PowerShell Version', async () => {
-        let script = `try {
-            $ErrorActionPreference = "Stop"
-            $WarningPreference = "SilentlyContinue"
-            $output = @{}
-            $output['Success'] = $true
-            $output['Result'] = $PSVersionTable.PSVersion.ToString()
-        }
-        catch {
-            $output['Success'] = $false
-            $output['Error'] = $_.exception.Message
-        }
-        return ConvertTo-Json $output`;
-
-        let psVersion: string = await AzPSLogin.runPSScript(script);
-        expect(psVersion === null).toBeFalsy();
-    });
-
-    test('Get PowerShell Version with Wrong Name', async () => {
-        let script = `try {
-            $ErrorActionPreference = "Stop"
-            $WarningPreference = "SilentlyContinue"
-            $output = @{}
-            $output['Success'] = $true
-            $output['Result'] = $PSVersionTableWrongName.PSVersion.ToString()
-        }
-        catch {
-            $output['Success'] = $false
-            $output['Error'] = $_.exception.Message
-        }
-        return ConvertTo-Json $output`;
-
-        try{
-            await AzPSLogin.runPSScript(script);
-            throw new Error("The last step should fail.");
-        }catch(error){
-            expect(error.message.includes("Azure PowerShell login failed with error: You cannot call a method on a null-valued expression.")).toBeTruthy();
-        }
-    });
-
+import * as os from 'os';
+
+import { AzPSLogin } from '../../src/PowerShell/AzPSLogin';
+import { LoginConfig } from '../../src/common/LoginConfig';
+import { AzPSConstants, AzPSUtils } from '../../src/PowerShell/AzPSUtils';
+
+let azpsLogin: AzPSLogin;
+jest.setTimeout(30000);
+
+beforeAll(() => {
+    var loginConfig = new LoginConfig();
+    loginConfig.servicePrincipalId = "servicePrincipalID";
+    loginConfig.servicePrincipalSecret = "servicePrincipalSecret";
+    loginConfig.tenantId = "tenantId";
+    loginConfig.subscriptionId = "subscriptionId";
+    azpsLogin = new AzPSLogin(loginConfig);
+});
+
+afterEach(() => {
+    jest.restoreAllMocks();
+});
+
+describe('Testing login', () => {
+    let loginSpy;
+    
+    beforeEach(() => {
+        loginSpy = jest.spyOn(azpsLogin, 'login');
+    });
+
+    test('ServicePrincipal login should pass', async () => {
+        loginSpy.mockImplementationOnce(() => Promise.resolve());
+        await azpsLogin.login();
+        expect(loginSpy).toHaveBeenCalled();
+    });
+});
+
+describe('Testing set module path', () => {
+    test('setDefaultPSModulePath should work', () => {
+        AzPSUtils.setPSModulePathForGitHubRunner();
+        const runner: string = process.env.RUNNER_OS || os.type();
+        if(runner.toLowerCase() === "linux"){
+            expect(process.env.PSModulePath).toContain(AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX);
+        }
+        if(runner.toLowerCase().startsWith("windows")){
+            expect(process.env.PSModulePath).toContain(AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS);
+        }
+    });
+
+});
+
+describe('Testing runPSScript', () => {
+    test('Get PowerShell Version', async () => {
+        let script = `try {
+            $ErrorActionPreference = "Stop"
+            $WarningPreference = "SilentlyContinue"
+            $output = @{}
+            $output['Success'] = $true
+            $output['Result'] = $PSVersionTable.PSVersion.ToString()
+        }
+        catch {
+            $output['Success'] = $false
+            $output['Error'] = $_.exception.Message
+        }
+        return ConvertTo-Json $output`;
+
+        let psVersion: string = await AzPSUtils.runPSScript(script);
+        expect(psVersion === null).toBeFalsy();
+    });
+
+    test('Get PowerShell Version with Wrong Name', async () => {
+        let script = `try {
+            $ErrorActionPreference = "Stop"
+            $WarningPreference = "SilentlyContinue"
+            $output = @{}
+            $output['Success'] = $true
+            $output['Result'] = $PSVersionTableWrongName.PSVersion.ToString()
+        }
+        catch {
+            $output['Success'] = $false
+            $output['Error'] = $_.exception.Message
+        }
+        return ConvertTo-Json $output`;
+
+        try{
+            await AzPSUtils.runPSScript(script);
+            throw new Error("The last step should fail.");
+        }catch(error){
+            expect(error.message.includes("Azure PowerShell login failed with error: You cannot call a method on a null-valued expression.")).toBeTruthy();
+        }
+    });
+
 });

__tests__/PowerShell/AzPSScriptBuilder.test.ts

@@ -1,153 +1,153 @@
-import AzPSSCriptBuilder from "../../src/PowerShell/AzPSScriptBuilder";
-import { LoginConfig } from "../../src/common/LoginConfig";
-
-describe("Getting AzLogin PS script", () => {
-
-    function setEnv(name: string, value: string) {
-        process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] = value;
-    }
-
-    function cleanEnv() {
-        for (const envKey in process.env) {
-            if (envKey.startsWith('INPUT_')) {
-                delete process.env[envKey]
-            }
-        }
-    }
-
-    beforeEach(() => {
-        cleanEnv();
-    });
-
-    test('getImportLatestModuleScript', () => {
-        expect(AzPSSCriptBuilder.getImportLatestModuleScript("TestModule")).toContain("(Get-Module -Name 'TestModule' -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Path");
-        expect(AzPSSCriptBuilder.getImportLatestModuleScript("TestModule")).toContain("Import-Module -Name $latestModulePath");
-    });
-
-    test('getAzPSLoginScript for SP+secret with allowNoSubscriptionsLogin=true', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'true');
-        setEnv('auth-type', 'SERVICE_PRINCIPAL');
-        let creds = {
-            'clientId': 'client-id',
-            'clientSecret': "client-secret",
-            'tenantId': 'tenant-id',
-            'subscriptionId': 'subscription-id'
-        }
-        setEnv('creds', JSON.stringify(creds));
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; $psLoginSecrets = ConvertTo-SecureString 'client-secret' -AsPlainText -Force; $psLoginCredential = New-Object System.Management.Automation.PSCredential('client-id', $psLoginSecrets); Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -Credential $psLoginCredential | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('service principal with secret');
-        });
-    });
-
-    test('getAzPSLoginScript for SP+secret with allowNoSubscriptionsLogin=true, secret with single-quote', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'true');
-        setEnv('auth-type', 'SERVICE_PRINCIPAL');
-        let creds = {
-            'clientId': 'client-id',
-            'clientSecret': "client-se'cret",
-            'tenantId': 'tenant-id',
-            'subscriptionId': 'subscription-id'
-        }
-        setEnv('creds', JSON.stringify(creds));
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; $psLoginSecrets = ConvertTo-SecureString 'client-se''cret' -AsPlainText -Force; $psLoginCredential = New-Object System.Management.Automation.PSCredential('client-id', $psLoginSecrets); Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -Credential $psLoginCredential | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('service principal with secret');
-        });
-    });
-
-    test('getAzPSLoginScript for SP+secret with allowNoSubscriptionsLogin=false', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'false'); // same as true
-        setEnv('auth-type', 'SERVICE_PRINCIPAL');
-        let creds = {
-            'clientId': 'client-id',
-            'clientSecret': 'client-secret',
-            'tenantId': 'tenant-id',
-            'subscriptionId': 'subscription-id'
-        }
-        setEnv('creds', JSON.stringify(creds));
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; $psLoginSecrets = ConvertTo-SecureString 'client-secret' -AsPlainText -Force; $psLoginCredential = New-Object System.Management.Automation.PSCredential('client-id', $psLoginSecrets); Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -Credential $psLoginCredential | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('service principal with secret');
-        });
-    });
-
-    test('getAzPSLoginScript for OIDC', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'false');
-        setEnv('tenant-id', 'tenant-id');
-        setEnv('subscription-id', 'subscription-id');
-        setEnv('client-id', 'client-id');
-        setEnv('auth-type', 'SERVICE_PRINCIPAL');
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        jest.spyOn(loginConfig, 'getFederatedToken').mockImplementation(async () => {loginConfig.federatedToken = "fake-token";});
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -ApplicationId 'client-id' -FederatedToken 'fake-token' | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('OIDC');
-        });
-    });
-
-    test('getAzPSLoginScript for System MI', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'false');
-        setEnv('subscription-id', 'subscription-id');
-        setEnv('auth-type', 'IDENTITY');
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; Connect-AzAccount -Identity -Environment 'azurecloud' -Subscription 'subscription-id'  | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('system-assigned managed identity');
-        });
-    });
-
-    test('getAzPSLoginScript for System MI without subscription id', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'false');
-        // setEnv('subscription-id', 'subscription-id');
-        setEnv('auth-type', 'IDENTITY');
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; Connect-AzAccount -Identity -Environment 'azurecloud'  | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('system-assigned managed identity');
-        });
-    });
-
-    test('getAzPSLoginScript for user-assigned MI', () => {
-        setEnv('environment', 'azurecloud');
-        setEnv('enable-AzPSSession', 'true');
-        setEnv('allow-no-subscriptions', 'true');
-        setEnv('auth-type', 'IDENTITY');
-        setEnv('client-id', 'client-id');
-
-        let loginConfig = new LoginConfig();
-        loginConfig.initialize();
-        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
-            expect(loginScript.includes("Clear-AzContext -Scope Process; Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; Connect-AzAccount -Identity -Environment 'azurecloud' -AccountId 'client-id' | out-null;")).toBeTruthy();
-            expect(loginMethod).toBe('user-assigned managed identity');
-        });
-    });
-
+import AzPSSCriptBuilder from "../../src/PowerShell/AzPSScriptBuilder";
+import { LoginConfig } from "../../src/common/LoginConfig";
+
+describe("Getting AzLogin PS script", () => {
+
+    function setEnv(name: string, value: string) {
+        process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] = value;
+    }
+
+    function cleanEnv() {
+        for (const envKey in process.env) {
+            if (envKey.startsWith('INPUT_')) {
+                delete process.env[envKey]
+            }
+        }
+    }
+
+    beforeEach(() => {
+        cleanEnv();
+    });
+
+    test('getImportLatestModuleScript', () => {
+        expect(AzPSSCriptBuilder.getImportLatestModuleScript("TestModule")).toContain("(Get-Module -Name 'TestModule' -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Path");
+        expect(AzPSSCriptBuilder.getImportLatestModuleScript("TestModule")).toContain("Import-Module -Name $latestModulePath");
+    });
+
+    test('getAzPSLoginScript for SP+secret with allowNoSubscriptionsLogin=true', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'true');
+        setEnv('auth-type', 'SERVICE_PRINCIPAL');
+        let creds = {
+            'clientId': 'client-id',
+            'clientSecret': "client-secret",
+            'tenantId': 'tenant-id',
+            'subscriptionId': 'subscription-id'
+        }
+        setEnv('creds', JSON.stringify(creds));
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("$psLoginSecrets = ConvertTo-SecureString 'client-secret' -AsPlainText -Force; $psLoginCredential = New-Object System.Management.Automation.PSCredential('client-id', $psLoginSecrets); Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -Credential $psLoginCredential | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('service principal with secret');
+        });
+    });
+
+    test('getAzPSLoginScript for SP+secret with allowNoSubscriptionsLogin=true, secret with single-quote', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'true');
+        setEnv('auth-type', 'SERVICE_PRINCIPAL');
+        let creds = {
+            'clientId': 'client-id',
+            'clientSecret': "client-se'cret",
+            'tenantId': 'tenant-id',
+            'subscriptionId': 'subscription-id'
+        }
+        setEnv('creds', JSON.stringify(creds));
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("$psLoginSecrets = ConvertTo-SecureString 'client-se''cret' -AsPlainText -Force; $psLoginCredential = New-Object System.Management.Automation.PSCredential('client-id', $psLoginSecrets); Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -Credential $psLoginCredential | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('service principal with secret');
+        });
+    });
+
+    test('getAzPSLoginScript for SP+secret with allowNoSubscriptionsLogin=false', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'false'); // same as true
+        setEnv('auth-type', 'SERVICE_PRINCIPAL');
+        let creds = {
+            'clientId': 'client-id',
+            'clientSecret': 'client-secret',
+            'tenantId': 'tenant-id',
+            'subscriptionId': 'subscription-id'
+        }
+        setEnv('creds', JSON.stringify(creds));
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("$psLoginSecrets = ConvertTo-SecureString 'client-secret' -AsPlainText -Force; $psLoginCredential = New-Object System.Management.Automation.PSCredential('client-id', $psLoginSecrets); Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -Credential $psLoginCredential | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('service principal with secret');
+        });
+    });
+
+    test('getAzPSLoginScript for OIDC', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'false');
+        setEnv('tenant-id', 'tenant-id');
+        setEnv('subscription-id', 'subscription-id');
+        setEnv('client-id', 'client-id');
+        setEnv('auth-type', 'SERVICE_PRINCIPAL');
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        jest.spyOn(loginConfig, 'getFederatedToken').mockImplementation(async () => {loginConfig.federatedToken = "fake-token";});
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("Connect-AzAccount -ServicePrincipal -Environment 'azurecloud' -Tenant 'tenant-id' -Subscription 'subscription-id' -ApplicationId 'client-id' -FederatedToken 'fake-token' | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('OIDC');
+        });
+    });
+
+    test('getAzPSLoginScript for System MI', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'false');
+        setEnv('subscription-id', 'subscription-id');
+        setEnv('auth-type', 'IDENTITY');
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("Connect-AzAccount -Identity -Environment 'azurecloud' -Subscription 'subscription-id'  | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('system-assigned managed identity');
+        });
+    });
+
+    test('getAzPSLoginScript for System MI without subscription id', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'false');
+        // setEnv('subscription-id', 'subscription-id');
+        setEnv('auth-type', 'IDENTITY');
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("Connect-AzAccount -Identity -Environment 'azurecloud'  | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('system-assigned managed identity');
+        });
+    });
+
+    test('getAzPSLoginScript for user-assigned MI', () => {
+        setEnv('environment', 'azurecloud');
+        setEnv('enable-AzPSSession', 'true');
+        setEnv('allow-no-subscriptions', 'true');
+        setEnv('auth-type', 'IDENTITY');
+        setEnv('client-id', 'client-id');
+
+        let loginConfig = new LoginConfig();
+        loginConfig.initialize();
+        return AzPSSCriptBuilder.getAzPSLoginScript(loginConfig).then(([loginMethod, loginScript]) => {
+            expect(loginScript.includes("Connect-AzAccount -Identity -Environment 'azurecloud' -AccountId 'client-id' | out-null;")).toBeTruthy();
+            expect(loginMethod).toBe('user-assigned managed identity');
+        });
+    });
+
 });

action.yml

@@ -39,4 +39,6 @@ branding:
   color: 'blue'
 runs:
   using: 'node16'
+  pre: 'lib/cleanup.js'
   main: 'lib/main.js'
+  post: 'lib/cleanup.js'

lib/Cli/AzureCliLogin.js

@@ -46,9 +46,6 @@ class AzureCliLogin {
         return __awaiter(this, void 0, void 0, function* () {
             core.info(`Running Azure CLI Login.`);
             this.azPath = yield io.which("az", true);
-            if (!this.azPath) {
-                throw new Error("Azure CLI is not found in the runner.");
-            }
             core.debug(`Azure CLI path: ${this.azPath}`);
             let output = "";
             const execOptions = {
@@ -153,15 +150,14 @@ class AzureCliLogin {
                 args.push("--allow-no-subscriptions");
             }
             yield this.executeAzCliCommand(args, true, this.loginOptions);
-            yield this.setSubscription();
+            if (this.loginConfig.subscriptionId) {
+                yield this.setSubscription();
+            }
             core.info(`Azure CLI login succeeds by using ${methodName}.`);
         });
     }
     setSubscription() {
         return __awaiter(this, void 0, void 0, function* () {
-            if (this.loginConfig.allowNoSubscriptionsLogin) {
-                return;
-            }
             let args = ["account", "set", "--subscription", this.loginConfig.subscriptionId];
             yield this.executeAzCliCommand(args, true, this.loginOptions);
             core.info("Subscription is set successfully.");
@@ -187,7 +183,7 @@ function defaultExecOptions() {
                 if (error && error.trim().length !== 0 && !startsWithWarning) {
                     if (startsWithError) {
                         //removing the keyword 'ERROR' to avoid duplicates while throwing error
-                        error = error.slice(5);
+                        error = error.slice(7);
                     }
                     core.error(error);
                 }

lib/PowerShell/AzPSConstants.js

@@ -1,9 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-class AzPSConstants {
-}
-exports.default = AzPSConstants;
-AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX = '/usr/share';
-AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS = 'C:\\Modules';
-AzPSConstants.AzAccounts = "Az.Accounts";
-AzPSConstants.PowerShell_CmdName = "pwsh";

lib/PowerShell/AzPSLogin.js

@@ -37,12 +37,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AzPSLogin = void 0;
 const core = __importStar(require("@actions/core"));
-const exec = __importStar(require("@actions/exec"));
-const io = __importStar(require("@actions/io"));
-const os = __importStar(require("os"));
-const path = __importStar(require("path"));
 const AzPSScriptBuilder_1 = __importDefault(require("./AzPSScriptBuilder"));
-const AzPSConstants_1 = __importDefault(require("./AzPSConstants"));
+const AzPSUtils_1 = require("./AzPSUtils");
 class AzPSLogin {
     constructor(loginConfig) {
         this.loginConfig = loginConfig;
@@ -50,77 +46,14 @@ class AzPSLogin {
     login() {
         return __awaiter(this, void 0, void 0, function* () {
             core.info(`Running Azure PowerShell Login.`);
-            this.setPSModulePathForGitHubRunner();
-            yield this.importLatestAzAccounts();
+            AzPSUtils_1.AzPSUtils.setPSModulePathForGitHubRunner();
+            yield AzPSUtils_1.AzPSUtils.importLatestAzAccounts();
             const [loginMethod, loginScript] = yield AzPSScriptBuilder_1.default.getAzPSLoginScript(this.loginConfig);
             core.info(`Attempting Azure PowerShell login by using ${loginMethod}...`);
             core.debug(`Azure PowerShell Login Script: ${loginScript}`);
-            yield AzPSLogin.runPSScript(loginScript);
+            yield AzPSUtils_1.AzPSUtils.runPSScript(loginScript);
             console.log(`Running Azure PowerShell Login successfully.`);
         });
     }
-    setPSModulePathForGitHubRunner() {
-        const runner = process.env.RUNNER_OS || os.type();
-        switch (runner.toLowerCase()) {
-            case "linux":
-                this.pushPSModulePath(AzPSConstants_1.default.DEFAULT_AZ_PATH_ON_LINUX);
-                break;
-            case "windows":
-            case "windows_nt":
-                this.pushPSModulePath(AzPSConstants_1.default.DEFAULT_AZ_PATH_ON_WINDOWS);
-                break;
-            case "macos":
-            case "darwin":
-                core.warning(`Skip setting the default PowerShell module path for OS ${runner.toLowerCase()}.`);
-                break;
-            default:
-                core.warning(`Skip setting the default PowerShell module path for unknown OS ${runner.toLowerCase()}.`);
-                break;
-        }
-    }
-    pushPSModulePath(psModulePath) {
-        process.env.PSModulePath = `${psModulePath}${path.delimiter}${process.env.PSModulePath}`;
-        core.debug(`Set PSModulePath as ${process.env.PSModulePath}`);
-    }
-    importLatestAzAccounts() {
-        return __awaiter(this, void 0, void 0, function* () {
-            let importLatestAccountsScript = AzPSScriptBuilder_1.default.getImportLatestModuleScript(AzPSConstants_1.default.AzAccounts);
-            core.debug(`The script to import the latest Az.Accounts: ${importLatestAccountsScript}`);
-            let azAccountsPath = yield AzPSLogin.runPSScript(importLatestAccountsScript);
-            core.debug(`The latest Az.Accounts used: ${azAccountsPath}`);
-        });
-    }
-    static runPSScript(psScript) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let outputString = "";
-            let commandStdErr = false;
-            const options = {
-                silent: true,
-                listeners: {
-                    stdout: (data) => {
-                        outputString += data.toString();
-                    },
-                    stderr: (data) => {
-                        let error = data.toString();
-                        if (error && error.trim().length !== 0) {
-                            commandStdErr = true;
-                            core.error(error);
-                        }
-                    }
-                }
-            };
-            let psPath = yield io.which(AzPSConstants_1.default.PowerShell_CmdName, true);
-            yield exec.exec(`"${psPath}"`, ["-Command", psScript], options);
-            if (commandStdErr) {
-                throw new Error('Azure PowerShell login failed with errors.');
-            }
-            const result = JSON.parse(outputString.trim());
-            console.log(result);
-            if (!(result.Success)) {
-                throw new Error(`Azure PowerShell login failed with error: ${result.Error}`);
-            }
-            return result.Result;
-        });
-    }
 }
 exports.AzPSLogin = AzPSLogin;

lib/PowerShell/AzPSScriptBuilder.js

@@ -12,27 +12,26 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const LoginConfig_1 = require("../common/LoginConfig");
 class AzPSScriptBuilder {
     static getImportLatestModuleScript(moduleName) {
-        let script = `try {
-            $ErrorActionPreference = "Stop"
-            $WarningPreference = "SilentlyContinue"
-            $output = @{}
-            $latestModulePath = (Get-Module -Name '${moduleName}' -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Path
-            Import-Module -Name $latestModulePath
-            $output['Success'] = $true
-            $output['Result'] = $latestModulePath
-        }
-        catch {
-            $output['Success'] = $false
-            $output['Error'] = $_.exception.Message
-        }
+        let script = `try {
+            $ErrorActionPreference = "Stop"
+            $WarningPreference = "SilentlyContinue"
+            $output = @{}
+            $latestModulePath = (Get-Module -Name '${moduleName}' -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Path
+            Import-Module -Name $latestModulePath
+            $output['Success'] = $true
+            $output['Result'] = $latestModulePath
+        }
+        catch {
+            $output['Success'] = $false
+            $output['Error'] = $_.exception.Message
+        }
         return ConvertTo-Json $output`;
         return script;
     }
     static getAzPSLoginScript(loginConfig) {
         return __awaiter(this, void 0, void 0, function* () {
             let loginMethodName = "";
-            let commands = 'Clear-AzContext -Scope Process; ';
-            commands += 'Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; ';
+            let commands = "";
             if (loginConfig.environment.toLowerCase() == "azurestack") {
                 commands += `Add-AzEnvironment -Name '${loginConfig.environment}' -ARMEndpoint '${loginConfig.resourceManagerEndpointUrl}' | out-null;`;
             }
@@ -56,18 +55,18 @@ class AzPSScriptBuilder {
                     loginMethodName = 'system-assigned managed identity';
                 }
             }
-            let script = `try {
-            $ErrorActionPreference = "Stop"
-            $WarningPreference = "SilentlyContinue"
-            $output = @{}
-            ${commands}
-            $output['Success'] = $true
-            $output['Result'] = ""
-        }
-        catch {
-            $output['Success'] = $false
-            $output['Error'] = $_.exception.Message
-        }
+            let script = `try {
+            $ErrorActionPreference = "Stop"
+            $WarningPreference = "SilentlyContinue"
+            $output = @{}
+            ${commands}
+            $output['Success'] = $true
+            $output['Result'] = ""
+        }
+        catch {
+            $output['Success'] = $false
+            $output['Error'] = $_.exception.Message
+        }
         return ConvertTo-Json $output`;
             return [loginMethodName, script];
         });

lib/PowerShell/AzPSUtils.js

@@ -0,0 +1,119 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AzPSUtils = exports.AzPSConstants = void 0;
+const core = __importStar(require("@actions/core"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const exec = __importStar(require("@actions/exec"));
+const io = __importStar(require("@actions/io"));
+const AzPSScriptBuilder_1 = __importDefault(require("./AzPSScriptBuilder"));
+class AzPSConstants {
+}
+exports.AzPSConstants = AzPSConstants;
+AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX = '/usr/share';
+AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS = 'C:\\Modules';
+AzPSConstants.AzAccounts = "Az.Accounts";
+AzPSConstants.PowerShell_CmdName = "pwsh";
+class AzPSUtils {
+    static setPSModulePathForGitHubRunner() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const runner = process.env.RUNNER_OS || os.type();
+            switch (runner.toLowerCase()) {
+                case "linux":
+                    AzPSUtils.pushPSModulePath(AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX);
+                    break;
+                case "windows":
+                case "windows_nt":
+                    AzPSUtils.pushPSModulePath(AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS);
+                    break;
+                case "macos":
+                case "darwin":
+                    core.warning(`Skip setting the default PowerShell module path for OS ${runner.toLowerCase()}.`);
+                    break;
+                default:
+                    core.warning(`Skip setting the default PowerShell module path for unknown OS ${runner.toLowerCase()}.`);
+                    break;
+            }
+        });
+    }
+    static pushPSModulePath(psModulePath) {
+        process.env.PSModulePath = `${psModulePath}${path.delimiter}${process.env.PSModulePath}`;
+        core.debug(`Set PSModulePath as ${process.env.PSModulePath}`);
+    }
+    static importLatestAzAccounts() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let importLatestAccountsScript = AzPSScriptBuilder_1.default.getImportLatestModuleScript(AzPSConstants.AzAccounts);
+            core.debug(`The script to import the latest Az.Accounts: ${importLatestAccountsScript}`);
+            let azAccountsPath = yield AzPSUtils.runPSScript(importLatestAccountsScript);
+            core.debug(`The latest Az.Accounts used: ${azAccountsPath}`);
+        });
+    }
+    static runPSScript(psScript) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let outputString = "";
+            let commandStdErr = false;
+            const options = {
+                silent: true,
+                listeners: {
+                    stdout: (data) => {
+                        outputString += data.toString();
+                    },
+                    stderr: (data) => {
+                        let error = data.toString();
+                        if (error && error.trim().length !== 0) {
+                            commandStdErr = true;
+                            core.error(error);
+                        }
+                    }
+                }
+            };
+            let psPath = yield io.which(AzPSConstants.PowerShell_CmdName, true);
+            yield exec.exec(`"${psPath}"`, ["-Command", psScript], options);
+            if (commandStdErr) {
+                throw new Error('Azure PowerShell login failed with errors.');
+            }
+            const result = JSON.parse(outputString.trim());
+            console.log(result);
+            if (!(result.Success)) {
+                throw new Error(`Azure PowerShell login failed with error: ${result.Error}`);
+            }
+            return result.Result;
+        });
+    }
+}
+exports.AzPSUtils = AzPSUtils;

lib/cleanup.js

@@ -0,0 +1,52 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const core = __importStar(require("@actions/core"));
+const Utils_1 = require("./common/Utils");
+function cleanup() {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            (0, Utils_1.setUserAgent)();
+            yield (0, Utils_1.cleanupAzCLIAccounts)();
+            if (core.getInput('enable-AzPSSession').toLowerCase() === "true") {
+                yield (0, Utils_1.cleanupAzPSAccounts)();
+            }
+        }
+        catch (error) {
+            core.setFailed(`Login cleanup failed with ${error}. Make sure 'az' is installed on the runner. If 'enable-AzPSSession' is true, make sure 'pwsh' is installed on the runner together with Azure PowerShell module.`);
+            core.debug(error.stack);
+        }
+    });
+}
+cleanup();

lib/common/LoginConfig.js

@@ -72,8 +72,8 @@ class LoginConfig {
         this.tenantId = this.tenantId ? this.tenantId : secrets.getSecret("$.tenantId", false);
         this.subscriptionId = this.subscriptionId ? this.subscriptionId : secrets.getSecret("$.subscriptionId", false);
         this.resourceManagerEndpointUrl = secrets.getSecret("$.resourceManagerEndpointUrl", false);
-        if (!this.servicePrincipalId || !this.servicePrincipalSecret || !this.tenantId || !this.subscriptionId) {
-            throw new Error("Not all parameters are provided in 'creds'. Double-check if all keys are defined in 'creds': 'clientId', 'clientSecret', 'subscriptionId', 'tenantId'.");
+        if (!this.servicePrincipalId || !this.servicePrincipalSecret || !this.tenantId) {
+            throw new Error("Not all parameters are provided in 'creds'. Double-check if all keys are defined in 'creds': 'clientId', 'clientSecret', 'tenantId'.");
         }
     }
     getFederatedToken() {

lib/common/Utils.js

@@ -0,0 +1,75 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cleanupAzPSAccounts = exports.cleanupAzCLIAccounts = exports.setUserAgent = void 0;
+const core = __importStar(require("@actions/core"));
+const exec = __importStar(require("@actions/exec"));
+const io = __importStar(require("@actions/io"));
+const crypto = __importStar(require("crypto"));
+const AzPSUtils_1 = require("../PowerShell/AzPSUtils");
+function setUserAgent() {
+    let usrAgentRepo = crypto.createHash('sha256').update(`${process.env.GITHUB_REPOSITORY}`).digest('hex');
+    let actionName = 'AzureLogin';
+    process.env.AZURE_HTTP_USER_AGENT = (!!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT} ` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
+    process.env.AZUREPS_HOST_ENVIRONMENT = (!!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT} ` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
+}
+exports.setUserAgent = setUserAgent;
+function cleanupAzCLIAccounts() {
+    return __awaiter(this, void 0, void 0, function* () {
+        let azPath = yield io.which("az", true);
+        if (!azPath) {
+            throw new Error("Azure CLI is not found in the runner.");
+        }
+        core.debug(`Azure CLI path: ${azPath}`);
+        core.info("Clearing azure cli accounts from the local cache.");
+        yield exec.exec(`"${azPath}"`, ["account", "clear"]);
+    });
+}
+exports.cleanupAzCLIAccounts = cleanupAzCLIAccounts;
+function cleanupAzPSAccounts() {
+    return __awaiter(this, void 0, void 0, function* () {
+        let psPath = yield io.which(AzPSUtils_1.AzPSConstants.PowerShell_CmdName, true);
+        if (!psPath) {
+            throw new Error("PowerShell is not found in the runner.");
+        }
+        core.debug(`PowerShell path: ${psPath}`);
+        core.debug("Importing Azure PowerShell module.");
+        AzPSUtils_1.AzPSUtils.setPSModulePathForGitHubRunner();
+        yield AzPSUtils_1.AzPSUtils.importLatestAzAccounts();
+        core.info("Clearing azure powershell accounts from the local cache.");
+        yield exec.exec(`"${psPath}"`, ["-Command", "Clear-AzContext", "-Scope", "Process"]);
+        yield exec.exec(`"${psPath}"`, ["-Command", "Clear-AzContext", "-Scope", "CurrentUser", "-Force", "-ErrorAction", "SilentlyContinue"]);
+    });
+}
+exports.cleanupAzPSAccounts = cleanupAzPSAccounts;

lib/main.js

@@ -33,20 +33,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
+const Utils_1 = require("./common/Utils");
 const AzPSLogin_1 = require("./PowerShell/AzPSLogin");
 const LoginConfig_1 = require("./common/LoginConfig");
 const AzureCliLogin_1 = require("./Cli/AzureCliLogin");
-var prefix = !!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT}` : "";
-var azPSHostEnv = !!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT}` : "";
 function main() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
-            let usrAgentRepo = `${process.env.GITHUB_REPOSITORY}`;
-            let actionName = 'AzureLogin';
-            let userAgentString = (!!prefix ? `${prefix}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
-            let azurePSHostEnv = (!!azPSHostEnv ? `${azPSHostEnv}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
-            core.exportVariable('AZURE_HTTP_USER_AGENT', userAgentString);
-            core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);
+            (0, Utils_1.setUserAgent)();
             // prepare the login configuration
             var loginConfig = new LoginConfig_1.LoginConfig();
             yield loginConfig.initialize();
@@ -61,14 +55,9 @@ function main() {
             }
         }
         catch (error) {
-            core.setFailed(`Login failed with ${error}. Make sure 'az' is installed on the runner. If 'enable-AzPSSession' is true, make sure 'pwsh' is installed on the runner together with Azure PowerShell module. Double check if the 'auth-type' is correct. Refer to https://github.com/Azure/login#readme for more information.`);
+            core.setFailed(`Login failed with ${error}. Double check if the 'auth-type' is correct. Refer to https://github.com/Azure/login#readme for more information.`);
             core.debug(error.stack);
         }
-        finally {
-            // Reset AZURE_HTTP_USER_AGENT
-            core.exportVariable('AZURE_HTTP_USER_AGENT', prefix);
-            core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azPSHostEnv);
-        }
     });
 }
 main();

node_modules/.package-lock.json

@@ -1117,11 +1117,11 @@
       "dev": true
     },
     "node_modules/actions-secret-parser": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/actions-secret-parser/-/actions-secret-parser-1.0.3.tgz",
-      "integrity": "sha512-+iGlMSsE/cbxDaEZlqR0NUjn35DckMYsdYFwVeZ7JRbtyO/AiBKnaScKkzkHSoiZ4nEPTdIHtMpRGVgoeVYX+A==",
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/actions-secret-parser/-/actions-secret-parser-1.0.4.tgz",
+      "integrity": "sha512-gDAB8GK2Vj9CN5r97DZlmpxqrMcpAGKGWiIY3hpFhJMieLpl3K3ocVR49/Q4ANaA5a/2wNRE3Qng+x0K8mkmkQ==",
       "dependencies": {
-        "@actions/core": "^1.1.3",
+        "@actions/core": "^1.1.10",
         "jsonpath": "^1.0.2",
         "xmldom": "^0.1.27",
         "xpath": "0.0.27"

node_modules/actions-secret-parser/index.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecretParser = exports.FormatType = void 0;
 var core = require('@actions/core');
 var jp = require('jsonpath');
 var xpath = require('xpath');

node_modules/actions-secret-parser/package.json

@@ -1,34 +1,35 @@
-{
-  "name": "actions-secret-parser",
-  "version": "1.0.3",
-  "description": "Parse and set repository secrets",
-  "main": "lib/index.js",
-  "scripts": {
-    "build": "tsc",
-    "copypackage": "copy package.json lib",
-    "dist": "npm run build && npm run copypackage && cd lib && npm publish"
-  },
-  "keywords": [
-    "secret",
-    "actions"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/Microsoft/pipelines-appservice-lib.git"
-  },
-  "author": "Sumiran Aggarwal <suaggar@microsoft.com>",
-  "bugs": {
-    "url": "https://github.com/Microsoft/pipelines-appservice-lib/issues"
-  },
-  "homepage": "https://github.com/Microsoft/pipelines-appservice-lib/tree/master/packages/utility",
-  "license": "MIT",
-  "devDependencies": {
-    "typescript": "^3.6.3"
-  },
-  "dependencies": {
-    "@actions/core": "^1.1.3",
-    "jsonpath": "^1.0.2",
-    "xmldom": "^0.1.27",
-    "xpath": "0.0.27"
-  }
-}
+{
+  "name": "actions-secret-parser",
+  "version": "1.0.4",
+  "description": "Parse and set repository secrets",
+  "main": "index.js",
+  "scripts": {
+    "build": "tsc",
+    "copypackage": "copy package.json lib",
+    "dist": "npm run build && npm run copypackage && cd lib && npm publish"
+  },
+  "keywords": [
+    "secret",
+    "actions"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Microsoft/pipelines-appservice-lib.git"
+  },
+  "author": "Sumiran Aggarwal <suaggar@microsoft.com>",
+  "bugs": {
+    "url": "https://github.com/Microsoft/pipelines-appservice-lib/issues"
+  },
+  "homepage": "https://github.com/Microsoft/pipelines-appservice-lib/tree/master/packages/utility",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^18.11.17",
+    "typescript": "^3.6.3"
+  },
+  "dependencies": {
+    "@actions/core": "^1.1.10",
+    "jsonpath": "^1.0.2",
+    "xmldom": "^0.1.27",
+    "xpath": "0.0.27"
+  }
+}

package-lock.json

@@ -12,7 +12,7 @@
         "@actions/core": "1.9.1",
         "@actions/exec": "^1.0.1",
         "@actions/io": "^1.0.1",
-        "actions-secret-parser": "^1.0.2",
+        "actions-secret-parser": "^1.0.4",
         "package-lock": "^1.0.3"
       },
       "devDependencies": {
@@ -1137,11 +1137,11 @@
       "dev": true
     },
     "node_modules/actions-secret-parser": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/actions-secret-parser/-/actions-secret-parser-1.0.3.tgz",
-      "integrity": "sha512-+iGlMSsE/cbxDaEZlqR0NUjn35DckMYsdYFwVeZ7JRbtyO/AiBKnaScKkzkHSoiZ4nEPTdIHtMpRGVgoeVYX+A==",
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/actions-secret-parser/-/actions-secret-parser-1.0.4.tgz",
+      "integrity": "sha512-gDAB8GK2Vj9CN5r97DZlmpxqrMcpAGKGWiIY3hpFhJMieLpl3K3ocVR49/Q4ANaA5a/2wNRE3Qng+x0K8mkmkQ==",
       "dependencies": {
-        "@actions/core": "^1.1.3",
+        "@actions/core": "^1.1.10",
         "jsonpath": "^1.0.2",
         "xmldom": "^0.1.27",
         "xpath": "0.0.27"
@@ -4741,11 +4741,11 @@
       "dev": true
     },
     "actions-secret-parser": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/actions-secret-parser/-/actions-secret-parser-1.0.3.tgz",
-      "integrity": "sha512-+iGlMSsE/cbxDaEZlqR0NUjn35DckMYsdYFwVeZ7JRbtyO/AiBKnaScKkzkHSoiZ4nEPTdIHtMpRGVgoeVYX+A==",
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/actions-secret-parser/-/actions-secret-parser-1.0.4.tgz",
+      "integrity": "sha512-gDAB8GK2Vj9CN5r97DZlmpxqrMcpAGKGWiIY3hpFhJMieLpl3K3ocVR49/Q4ANaA5a/2wNRE3Qng+x0K8mkmkQ==",
       "requires": {
-        "@actions/core": "^1.1.3",
+        "@actions/core": "^1.1.10",
         "jsonpath": "^1.0.2",
         "xmldom": "^0.1.27",
         "xpath": "0.0.27"

package.json

@@ -21,7 +21,7 @@
     "@actions/core": "1.9.1",
     "@actions/exec": "^1.0.1",
     "@actions/io": "^1.0.1",
-    "actions-secret-parser": "^1.0.2",
+    "actions-secret-parser": "^1.0.4",
     "package-lock": "^1.0.3"
   }
 }

src/Cli/AzureCliLogin.ts

@@ -17,9 +17,6 @@ export class AzureCliLogin {
     async login() {
         core.info(`Running Azure CLI Login.`);
         this.azPath = await io.which("az", true);
-        if (!this.azPath) {
-            throw new Error("Azure CLI is not found in the runner.");
-        }
         core.debug(`Azure CLI path: ${this.azPath}`);
 
         let output: string = "";
@@ -126,14 +123,13 @@ export class AzureCliLogin {
             args.push("--allow-no-subscriptions");
         }
         await this.executeAzCliCommand(args, true, this.loginOptions);
-        await this.setSubscription();
+        if (this.loginConfig.subscriptionId) {
+            await this.setSubscription();
+        }
         core.info(`Azure CLI login succeeds by using ${methodName}.`);
     }
 
     async setSubscription() {
-        if (this.loginConfig.allowNoSubscriptionsLogin) {
-            return;
-        }
         let args = ["account", "set", "--subscription", this.loginConfig.subscriptionId];
         await this.executeAzCliCommand(args, true, this.loginOptions);
         core.info("Subscription is set successfully.");
@@ -160,7 +156,7 @@ function defaultExecOptions(): exec.ExecOptions {
                 if (error && error.trim().length !== 0 && !startsWithWarning) {
                     if (startsWithError) {
                         //removing the keyword 'ERROR' to avoid duplicates while throwing error
-                        error = error.slice(5);
+                        error = error.slice(7);
                     }
                     core.error(error);
                 }

src/PowerShell/AzPSConstants.ts

@@ -1,7 +0,0 @@
-export default class AzPSConstants {
-    static readonly DEFAULT_AZ_PATH_ON_LINUX: string = '/usr/share';
-    static readonly DEFAULT_AZ_PATH_ON_WINDOWS: string = 'C:\\Modules';
-    static readonly AzAccounts: string = "Az.Accounts";
-    static readonly PowerShell_CmdName = "pwsh";
-}
-

src/PowerShell/AzPSLogin.ts

@@ -1,100 +1,24 @@
-import * as core from '@actions/core';
-import * as exec from '@actions/exec';
-import * as io from '@actions/io';
-import * as os from 'os';
-import * as path from 'path';
-
-import AzPSScriptBuilder from './AzPSScriptBuilder';
-import AzPSConstants from './AzPSConstants';
-import { LoginConfig } from '../common/LoginConfig';
-
-interface PSResultType {
-    Result: string;
-    Success: boolean;
-    Error: string;
-}
-
-export class AzPSLogin {
-    loginConfig: LoginConfig;
-
-    constructor(loginConfig: LoginConfig) {
-        this.loginConfig = loginConfig;
-    }
-
-    async login() {
-        core.info(`Running Azure PowerShell Login.`);
-        this.setPSModulePathForGitHubRunner();
-        await this.importLatestAzAccounts();
-
-        const [loginMethod, loginScript] = await AzPSScriptBuilder.getAzPSLoginScript(this.loginConfig);
-        core.info(`Attempting Azure PowerShell login by using ${loginMethod}...`);
-        core.debug(`Azure PowerShell Login Script: ${loginScript}`);
-        await AzPSLogin.runPSScript(loginScript);
-        console.log(`Running Azure PowerShell Login successfully.`);
-    }
-
-    setPSModulePathForGitHubRunner() {
-        const runner: string = process.env.RUNNER_OS || os.type();
-        switch (runner.toLowerCase()) {
-            case "linux":
-                this.pushPSModulePath(AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX);
-                break;
-            case "windows":
-            case "windows_nt":
-                this.pushPSModulePath(AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS);
-                break;
-            case "macos":
-            case "darwin":
-                core.warning(`Skip setting the default PowerShell module path for OS ${runner.toLowerCase()}.`);
-                break;
-            default:
-                core.warning(`Skip setting the default PowerShell module path for unknown OS ${runner.toLowerCase()}.`);
-                break;
-        }
-    }
-
-    private pushPSModulePath(psModulePath: string) {
-        process.env.PSModulePath = `${psModulePath}${path.delimiter}${process.env.PSModulePath}`;
-        core.debug(`Set PSModulePath as ${process.env.PSModulePath}`);
-    }
-
-    private async importLatestAzAccounts() {
-        let importLatestAccountsScript: string = AzPSScriptBuilder.getImportLatestModuleScript(AzPSConstants.AzAccounts);
-        core.debug(`The script to import the latest Az.Accounts: ${importLatestAccountsScript}`);
-        let azAccountsPath: string = await AzPSLogin.runPSScript(importLatestAccountsScript);
-        core.debug(`The latest Az.Accounts used: ${azAccountsPath}`);
-    }
-
-    static async runPSScript(psScript: string): Promise<string> {
-        let outputString: string = "";
-        let commandStdErr = false;
-        const options: any = {
-            silent: true,
-            listeners: {
-                stdout: (data: Buffer) => {
-                    outputString += data.toString();
-                },
-                stderr: (data: Buffer) => {
-                    let error = data.toString();
-                    if (error && error.trim().length !== 0) {
-                        commandStdErr = true;
-                        core.error(error);
-                    }
-                }
-            }
-        };
-
-        let psPath: string = await io.which(AzPSConstants.PowerShell_CmdName, true);
-        await exec.exec(`"${psPath}"`, ["-Command", psScript], options)
-        if (commandStdErr) {
-            throw new Error('Azure PowerShell login failed with errors.');
-        }
-        const result: PSResultType = JSON.parse(outputString.trim());
-        console.log(result);
-        if (!(result.Success)) {
-            throw new Error(`Azure PowerShell login failed with error: ${result.Error}`);
-        }
-        return result.Result;
-    }
-}
-
+import * as core from '@actions/core';
+
+import AzPSScriptBuilder from './AzPSScriptBuilder';
+import { AzPSUtils } from './AzPSUtils';
+import { LoginConfig } from '../common/LoginConfig';
+
+export class AzPSLogin {
+    loginConfig: LoginConfig;
+
+    constructor(loginConfig: LoginConfig) {
+        this.loginConfig = loginConfig;
+    }
+
+    async login() {
+        core.info(`Running Azure PowerShell Login.`);
+        AzPSUtils.setPSModulePathForGitHubRunner();
+        await AzPSUtils.importLatestAzAccounts();
+        const [loginMethod, loginScript] = await AzPSScriptBuilder.getAzPSLoginScript(this.loginConfig);
+        core.info(`Attempting Azure PowerShell login by using ${loginMethod}...`);
+        core.debug(`Azure PowerShell Login Script: ${loginScript}`);
+        await AzPSUtils.runPSScript(loginScript);
+        console.log(`Running Azure PowerShell Login successfully.`);
+    }
+}

src/PowerShell/AzPSScriptBuilder.ts

@@ -1,113 +1,111 @@
-import AzPSConstants from "./AzPSConstants";
-import { LoginConfig } from '../common/LoginConfig';
-
-export default class AzPSScriptBuilder {
-
-    static getImportLatestModuleScript(moduleName: string): string {
-        let script = `try {
-            $ErrorActionPreference = "Stop"
-            $WarningPreference = "SilentlyContinue"
-            $output = @{}
-            $latestModulePath = (Get-Module -Name '${moduleName}' -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Path
-            Import-Module -Name $latestModulePath
-            $output['Success'] = $true
-            $output['Result'] = $latestModulePath
-        }
-        catch {
-            $output['Success'] = $false
-            $output['Error'] = $_.exception.Message
-        }
-        return ConvertTo-Json $output`;
-
-        return script;
-    }
-
-    static async getAzPSLoginScript(loginConfig: LoginConfig) {
-        let loginMethodName = "";
-        let commands = 'Clear-AzContext -Scope Process; ';
-        commands += 'Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue; ';
-
-        if (loginConfig.environment.toLowerCase() == "azurestack") {
-            commands += `Add-AzEnvironment -Name '${loginConfig.environment}' -ARMEndpoint '${loginConfig.resourceManagerEndpointUrl}' | out-null;`;
-        }
-        if (loginConfig.authType === LoginConfig.AUTH_TYPE_SERVICE_PRINCIPAL) {
-            if (loginConfig.servicePrincipalSecret) {
-                commands += AzPSScriptBuilder.loginWithSecret(loginConfig);
-                loginMethodName = 'service principal with secret';
-            } else {
-                commands += await AzPSScriptBuilder.loginWithOIDC(loginConfig);
-                loginMethodName = "OIDC";
-            }
-        } else {
-            if (loginConfig.servicePrincipalId) {
-                commands += AzPSScriptBuilder.loginWithUserAssignedIdentity(loginConfig);
-                loginMethodName = 'user-assigned managed identity';
-            } else {
-                commands += AzPSScriptBuilder.loginWithSystemAssignedIdentity(loginConfig);
-                loginMethodName = 'system-assigned managed identity';
-            }
-        }
-
-        let script = `try {
-            $ErrorActionPreference = "Stop"
-            $WarningPreference = "SilentlyContinue"
-            $output = @{}
-            ${commands}
-            $output['Success'] = $true
-            $output['Result'] = ""
-        }
-        catch {
-            $output['Success'] = $false
-            $output['Error'] = $_.exception.Message
-        }
-        return ConvertTo-Json $output`;
-
-        return [loginMethodName, script];
-    }
-
-    private static loginWithSecret(loginConfig: LoginConfig): string {
-        let servicePrincipalSecret: string = loginConfig.servicePrincipalSecret.split("'").join("''");
-        let loginCmdlet = `$psLoginSecrets = ConvertTo-SecureString '${servicePrincipalSecret}' -AsPlainText -Force; `;
-        loginCmdlet += `$psLoginCredential = New-Object System.Management.Automation.PSCredential('${loginConfig.servicePrincipalId}', $psLoginSecrets); `;
-        
-        let cmdletSuffix = "-Credential $psLoginCredential";
-        loginCmdlet += AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
-
-        return loginCmdlet;
-    }
-
-    private static async loginWithOIDC(loginConfig: LoginConfig) {
-        await loginConfig.getFederatedToken();
-        let cmdletSuffix = `-ApplicationId '${loginConfig.servicePrincipalId}' -FederatedToken '${loginConfig.federatedToken}'`;
-        return AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
-    }
-
-    private static loginWithSystemAssignedIdentity(loginConfig: LoginConfig): string {
-        let cmdletSuffix = "";
-        return AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
-    }
-
-    static loginWithUserAssignedIdentity(loginConfig: LoginConfig): string {
-        let cmdletSuffix = `-AccountId '${loginConfig.servicePrincipalId}'`;
-        return AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
-    }
-
-    private static psLoginCmdlet(authType:string, environment:string, tenantId:string, subscriptionId:string, cmdletSuffix:string){
-        let loginCmdlet = `Connect-AzAccount `;
-        if(authType === LoginConfig.AUTH_TYPE_SERVICE_PRINCIPAL){
-            loginCmdlet += "-ServicePrincipal ";
-        }else{
-            loginCmdlet += "-Identity ";
-        }
-        loginCmdlet += `-Environment '${environment}' `;
-        if(tenantId){
-            loginCmdlet += `-Tenant '${tenantId}' `;
-        }
-        if(subscriptionId){
-            loginCmdlet += `-Subscription '${subscriptionId}' `;
-        }
-        loginCmdlet += `${cmdletSuffix} | out-null;`;
-        return loginCmdlet;
-    }
-}
-
+import { LoginConfig } from '../common/LoginConfig';
+
+export default class AzPSScriptBuilder {
+
+    static getImportLatestModuleScript(moduleName: string): string {
+        let script = `try {
+            $ErrorActionPreference = "Stop"
+            $WarningPreference = "SilentlyContinue"
+            $output = @{}
+            $latestModulePath = (Get-Module -Name '${moduleName}' -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1).Path
+            Import-Module -Name $latestModulePath
+            $output['Success'] = $true
+            $output['Result'] = $latestModulePath
+        }
+        catch {
+            $output['Success'] = $false
+            $output['Error'] = $_.exception.Message
+        }
+        return ConvertTo-Json $output`;
+
+        return script;
+    }
+
+    static async getAzPSLoginScript(loginConfig: LoginConfig) {
+        let loginMethodName = "";
+        let commands = "";
+
+        if (loginConfig.environment.toLowerCase() == "azurestack") {
+            commands += `Add-AzEnvironment -Name '${loginConfig.environment}' -ARMEndpoint '${loginConfig.resourceManagerEndpointUrl}' | out-null;`;
+        }
+        if (loginConfig.authType === LoginConfig.AUTH_TYPE_SERVICE_PRINCIPAL) {
+            if (loginConfig.servicePrincipalSecret) {
+                commands += AzPSScriptBuilder.loginWithSecret(loginConfig);
+                loginMethodName = 'service principal with secret';
+            } else {
+                commands += await AzPSScriptBuilder.loginWithOIDC(loginConfig);
+                loginMethodName = "OIDC";
+            }
+        } else {
+            if (loginConfig.servicePrincipalId) {
+                commands += AzPSScriptBuilder.loginWithUserAssignedIdentity(loginConfig);
+                loginMethodName = 'user-assigned managed identity';
+            } else {
+                commands += AzPSScriptBuilder.loginWithSystemAssignedIdentity(loginConfig);
+                loginMethodName = 'system-assigned managed identity';
+            }
+        }
+
+        let script = `try {
+            $ErrorActionPreference = "Stop"
+            $WarningPreference = "SilentlyContinue"
+            $output = @{}
+            ${commands}
+            $output['Success'] = $true
+            $output['Result'] = ""
+        }
+        catch {
+            $output['Success'] = $false
+            $output['Error'] = $_.exception.Message
+        }
+        return ConvertTo-Json $output`;
+
+        return [loginMethodName, script];
+    }
+
+    private static loginWithSecret(loginConfig: LoginConfig): string {
+        let servicePrincipalSecret: string = loginConfig.servicePrincipalSecret.split("'").join("''");
+        let loginCmdlet = `$psLoginSecrets = ConvertTo-SecureString '${servicePrincipalSecret}' -AsPlainText -Force; `;
+        loginCmdlet += `$psLoginCredential = New-Object System.Management.Automation.PSCredential('${loginConfig.servicePrincipalId}', $psLoginSecrets); `;
+        
+        let cmdletSuffix = "-Credential $psLoginCredential";
+        loginCmdlet += AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
+
+        return loginCmdlet;
+    }
+
+    private static async loginWithOIDC(loginConfig: LoginConfig) {
+        await loginConfig.getFederatedToken();
+        let cmdletSuffix = `-ApplicationId '${loginConfig.servicePrincipalId}' -FederatedToken '${loginConfig.federatedToken}'`;
+        return AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
+    }
+
+    private static loginWithSystemAssignedIdentity(loginConfig: LoginConfig): string {
+        let cmdletSuffix = "";
+        return AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
+    }
+
+    static loginWithUserAssignedIdentity(loginConfig: LoginConfig): string {
+        let cmdletSuffix = `-AccountId '${loginConfig.servicePrincipalId}'`;
+        return AzPSScriptBuilder.psLoginCmdlet(loginConfig.authType, loginConfig.environment, loginConfig.tenantId, loginConfig.subscriptionId, cmdletSuffix);
+    }
+
+    private static psLoginCmdlet(authType:string, environment:string, tenantId:string, subscriptionId:string, cmdletSuffix:string){
+        let loginCmdlet = `Connect-AzAccount `;
+        if(authType === LoginConfig.AUTH_TYPE_SERVICE_PRINCIPAL){
+            loginCmdlet += "-ServicePrincipal ";
+        }else{
+            loginCmdlet += "-Identity ";
+        }
+        loginCmdlet += `-Environment '${environment}' `;
+        if(tenantId){
+            loginCmdlet += `-Tenant '${tenantId}' `;
+        }
+        if(subscriptionId){
+            loginCmdlet += `-Subscription '${subscriptionId}' `;
+        }
+        loginCmdlet += `${cmdletSuffix} | out-null;`;
+        return loginCmdlet;
+    }
+}
+

src/PowerShell/AzPSUtils.ts

@@ -0,0 +1,85 @@
+import * as core from '@actions/core';
+import * as os from 'os';
+import * as path from 'path';
+import * as exec from '@actions/exec';
+import * as io from '@actions/io';
+import AzPSScriptBuilder from './AzPSScriptBuilder';
+
+interface PSResultType {
+    Result: string;
+    Success: boolean;
+    Error: string;
+}
+
+export class AzPSConstants {
+    static readonly DEFAULT_AZ_PATH_ON_LINUX: string = '/usr/share';
+    static readonly DEFAULT_AZ_PATH_ON_WINDOWS: string = 'C:\\Modules';
+    static readonly AzAccounts: string = "Az.Accounts";
+    static readonly PowerShell_CmdName = "pwsh";
+}
+
+export class AzPSUtils {
+    static async setPSModulePathForGitHubRunner() {
+        const runner: string = process.env.RUNNER_OS || os.type();
+        switch (runner.toLowerCase()) {
+            case "linux":
+                AzPSUtils.pushPSModulePath(AzPSConstants.DEFAULT_AZ_PATH_ON_LINUX);
+                break;
+            case "windows":
+            case "windows_nt":
+                AzPSUtils.pushPSModulePath(AzPSConstants.DEFAULT_AZ_PATH_ON_WINDOWS);
+                break;
+            case "macos":
+            case "darwin":
+                core.warning(`Skip setting the default PowerShell module path for OS ${runner.toLowerCase()}.`);
+                break;
+            default:
+                core.warning(`Skip setting the default PowerShell module path for unknown OS ${runner.toLowerCase()}.`);
+                break;
+        }
+    }
+    
+    private static pushPSModulePath(psModulePath: string) {
+        process.env.PSModulePath = `${psModulePath}${path.delimiter}${process.env.PSModulePath}`;
+        core.debug(`Set PSModulePath as ${process.env.PSModulePath}`);
+    }
+    
+    static async importLatestAzAccounts() {
+        let importLatestAccountsScript: string = AzPSScriptBuilder.getImportLatestModuleScript(AzPSConstants.AzAccounts);
+        core.debug(`The script to import the latest Az.Accounts: ${importLatestAccountsScript}`);
+        let azAccountsPath: string = await AzPSUtils.runPSScript(importLatestAccountsScript);
+        core.debug(`The latest Az.Accounts used: ${azAccountsPath}`);
+    }
+
+    static async runPSScript(psScript: string): Promise<string> {
+        let outputString: string = "";
+        let commandStdErr = false;
+        const options: any = {
+            silent: true,
+            listeners: {
+                stdout: (data: Buffer) => {
+                    outputString += data.toString();
+                },
+                stderr: (data: Buffer) => {
+                    let error = data.toString();
+                    if (error && error.trim().length !== 0) {
+                        commandStdErr = true;
+                        core.error(error);
+                    }
+                }
+            }
+        };
+
+        let psPath: string = await io.which(AzPSConstants.PowerShell_CmdName, true);
+        await exec.exec(`"${psPath}"`, ["-Command", psScript], options)
+        if (commandStdErr) {
+            throw new Error('Azure PowerShell login failed with errors.');
+        }
+        const result: PSResultType = JSON.parse(outputString.trim());
+        console.log(result);
+        if (!(result.Success)) {
+            throw new Error(`Azure PowerShell login failed with error: ${result.Error}`);
+        }
+        return result.Result;
+    }
+}

src/cleanup.ts

@@ -0,0 +1,19 @@
+import * as core from '@actions/core';
+import { setUserAgent, cleanupAzCLIAccounts, cleanupAzPSAccounts } from './common/Utils'; 
+
+async function cleanup() {
+    try {
+        setUserAgent();
+        await cleanupAzCLIAccounts();
+        if(core.getInput('enable-AzPSSession').toLowerCase() === "true"){
+            await cleanupAzPSAccounts();
+        }
+    }
+    catch (error) {
+        core.setFailed(`Login cleanup failed with ${error}. Make sure 'az' is installed on the runner. If 'enable-AzPSSession' is true, make sure 'pwsh' is installed on the runner together with Azure PowerShell module.`);
+        core.debug(error.stack);
+    }
+}
+
+cleanup();
+

src/common/LoginConfig.ts

@@ -69,8 +69,8 @@ export class LoginConfig {
         this.tenantId = this.tenantId ? this.tenantId : secrets.getSecret("$.tenantId", false);
         this.subscriptionId = this.subscriptionId ? this.subscriptionId : secrets.getSecret("$.subscriptionId", false);
         this.resourceManagerEndpointUrl = secrets.getSecret("$.resourceManagerEndpointUrl", false);
-        if (!this.servicePrincipalId || !this.servicePrincipalSecret || !this.tenantId || !this.subscriptionId) {
-            throw new Error("Not all parameters are provided in 'creds'. Double-check if all keys are defined in 'creds': 'clientId', 'clientSecret', 'subscriptionId', 'tenantId'.");
+        if (!this.servicePrincipalId || !this.servicePrincipalSecret || !this.tenantId) {
+            throw new Error("Not all parameters are provided in 'creds'. Double-check if all keys are defined in 'creds': 'clientId', 'clientSecret', 'tenantId'.");
         }
     }
 

src/common/Utils.ts

@@ -0,0 +1,36 @@
+import * as core from '@actions/core';
+import * as exec from '@actions/exec';
+import * as io from '@actions/io';
+import * as crypto from 'crypto';
+import { AzPSConstants, AzPSUtils } from '../PowerShell/AzPSUtils';
+
+export function setUserAgent(): void {
+    let usrAgentRepo = crypto.createHash('sha256').update(`${process.env.GITHUB_REPOSITORY}`).digest('hex');
+    let actionName = 'AzureLogin';
+    process.env.AZURE_HTTP_USER_AGENT = (!!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT} ` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
+    process.env.AZUREPS_HOST_ENVIRONMENT = (!!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT} ` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
+}
+
+export async function cleanupAzCLIAccounts(): Promise<void> {
+    let azPath = await io.which("az", true);
+    if (!azPath) {
+        throw new Error("Azure CLI is not found in the runner.");
+    }
+    core.debug(`Azure CLI path: ${azPath}`);
+    core.info("Clearing azure cli accounts from the local cache.");
+    await exec.exec(`"${azPath}"`, ["account", "clear"]);  
+}
+
+export async function cleanupAzPSAccounts(): Promise<void> {
+    let psPath: string = await io.which(AzPSConstants.PowerShell_CmdName, true);
+    if (!psPath) {
+        throw new Error("PowerShell is not found in the runner.");
+    }
+    core.debug(`PowerShell path: ${psPath}`);
+    core.debug("Importing Azure PowerShell module.");
+    AzPSUtils.setPSModulePathForGitHubRunner();
+    await AzPSUtils.importLatestAzAccounts();
+    core.info("Clearing azure powershell accounts from the local cache.");
+    await exec.exec(`"${psPath}"`, ["-Command", "Clear-AzContext", "-Scope", "Process"]);
+    await exec.exec(`"${psPath}"`, ["-Command", "Clear-AzContext", "-Scope", "CurrentUser", "-Force", "-ErrorAction", "SilentlyContinue"]);
+}

src/main.ts

@@ -1,19 +1,12 @@
 import * as core from '@actions/core';
+import { setUserAgent } from './common/Utils'; 
 import { AzPSLogin } from './PowerShell/AzPSLogin';
 import { LoginConfig } from './common/LoginConfig';
 import { AzureCliLogin } from './Cli/AzureCliLogin';
 
-var prefix = !!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT}` : "";
-var azPSHostEnv = !!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT}` : "";
-
 async function main() {
     try {
-        let usrAgentRepo = `${process.env.GITHUB_REPOSITORY}`;
-        let actionName = 'AzureLogin';
-        let userAgentString = (!!prefix ? `${prefix}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
-        let azurePSHostEnv = (!!azPSHostEnv ? `${azPSHostEnv}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
-        core.exportVariable('AZURE_HTTP_USER_AGENT', userAgentString);
-        core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);
+        setUserAgent();
 
         // prepare the login configuration
         var loginConfig = new LoginConfig();
@@ -31,14 +24,9 @@ async function main() {
         }
     }
     catch (error) {
-        core.setFailed(`Login failed with ${error}. Make sure 'az' is installed on the runner. If 'enable-AzPSSession' is true, make sure 'pwsh' is installed on the runner together with Azure PowerShell module. Double check if the 'auth-type' is correct. Refer to https://github.com/Azure/login#readme for more information.`);
+        core.setFailed(`Login failed with ${error}. Double check if the 'auth-type' is correct. Refer to https://github.com/Azure/login#readme for more information.`);
         core.debug(error.stack);
     }
-    finally {
-        // Reset AZURE_HTTP_USER_AGENT
-        core.exportVariable('AZURE_HTTP_USER_AGENT', prefix);
-        core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azPSHostEnv);
-    }
 }
 
 main();