@japarson That works! Below is my final code, it work in PowerShell for me and using a managed identity in the service connection. Interesting that a second az login is what did it. AFAIK, the AzureCLI does a log into Azure, but maybe it only persists for that task's duration and not the rest of the pipeline.
I think an improvement to the TrustedSigning task would be to follow what the TerraformTask does. You can specify a service connection, and the task auto-logins in with that service connection's authentication mechanism (secret, workload identity, etc.).
I think an improvement to the TrustedSigning task would be to follow what the TerraformTask does. You can specify a service connection, and the task auto-logins in with that service connection's authentication mechanism (secret, workload identity, etc.).
Originally posted by @JeffBrownTech in https://github.com/Azure/trusted-signing-action/issues/21#issuecomment-2113367971