git-clone task doesn't honor Key Vault PAT

[nickjmcclure]

When using the git-clone task the pat parameter expects the actual PAT and not the Key Vault Secret Identifier as described in the blog post here: https://techcommunity.microsoft.com/blog/azuredevcommunityblog/accelerate-developer-onboarding-with-the-configuration-as-code-customization-in-/4062416

To Reproduce
Create a template with a task to perform a git-clone

• name: git-clone
  description: Clone this repository into z:\workspaces
  parameters:
  repositoryUrl: https://github.com/myOrg/SomeRepo.git
  directory: z:\workspaces
  pat: https://not-a-real.vault.azure.net/secrets/GitHubPAT/abc123blahblahblah

Use this template as the customization file when creating a new Dev Box.

Expected behavior
The git-clone process should get the PAT from the key vault using the identity of the Dev Center Project managed identity

Dev Box VM Details (please complete the following information):

• OS version: Windows 11
• Image: microsoftvisualstudio_visualstudioplustools_vs-2022-ent-general-win11-m365-gen2

Additional context
Key Vault exists and is not protected by a firewall.
Dev Center and Project managed identities given RBAC roles to Key Vault

When providing the actual PAT as the value of the parameter, the git-clone works without issue.

[jheins-91]

I can confirm this Problem. If you also have a look at the actual implementation of the task, you find no part, where a AZ Key Vault is queried for the PAT. It seams as it is simply not implemented.

It is also part of the official documentation https://learn.microsoft.com/en-us/azure/dev-box/how-to-write-customization-file#use-key-vault-secrets-in-team-customization-files

[nickjmcclure]

Looks like the documentation has been updated, but I'm not sure it is working with GitHub repos.

https://learn.microsoft.com/en-us/azure/dev-box/how-to-use-secrets-customization-files