[ContainerRegistry] Fix -ExposeToken only print token as secure string without login in Connect-AzContainerRegistry

[VeryEarly]

Description

Mandatory Checklist

• Please choose the target release of Azure PowerShell. (⚠️Target release is a different concept from API readiness. Please click below links for details.)

  • General release
  • Public preview
  • Private preview
  • Engineering build
  • No need for a release

• Check this box to confirm: I have read the Submitting Changes section of CONTRIBUTING.md and reviewed the following information:

• SHOULD update ChangeLog.md file(s) appropriately
  • Update src/{{SERVICE}}/{{SERVICE}}/ChangeLog.md.
    • A snippet outlining the change(s) made in the PR should be written under the ## Upcoming Release header in the past tense.
  • Should not change ChangeLog.md if no new release is required, such as fixing test case only.
• SHOULD regenerate markdown help files if there is cmdlet API change. Instruction
• SHOULD have proper test coverage for changes in pull request.
• SHOULD NOT adjust version of module manually in pull request

[azure-client-tools-bot-prd]

Thanks for your contribution! The pull request validation has started. Please revisit this comment for updated status.

[Copilot]

Pull request overview

This PR fixes the -ExposeToken parameter behavior in the Connect-AzContainerRegistry cmdlet. Previously, when using -ExposeToken, the cmdlet would still perform a docker login and call the Authenticate() method. The fix changes the behavior to only return the access token as a SecureString without performing the login, allowing users to manually authenticate with containerization tools like docker.

Key changes:

• Modified the ExposeToken logic to return the password (refresh token) as a SecureString instead of calling Authenticate()
• Removed the status field from the returned credential object when ExposeToken is used
• Added Example 4 to the help documentation demonstrating how to use the ExposeToken feature with docker login

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
src/ContainerRegistry/ContainerRegistry/Commands/ConnectAzureContainerRegistry.cs	Updated ExposeToken logic to convert password to SecureString and removed the status field from the returned object
src/ContainerRegistry/ContainerRegistry/help/Connect-AzContainerRegistry.md	Added Example 4 showing how to use ExposeToken with docker login
src/ContainerRegistry/ContainerRegistry/ChangeLog.md	Added changelog entry documenting the ExposeToken fix

[Copilot]

The ChangeLog entry needs to be more descriptive and user-facing. It should explain what the issue was and how it affects users, not just state that something was fixed. Additionally, it should reference the related GitHub issue if one exists. For example: "Fixed -ExposeToken parameter in Connect-AzContainerRegistry to properly return the access token without performing docker login" or similar.

[Copilot]

The removal of the status field from the returned credential object is a breaking change. The previous implementation included a status field that contained the result of the docker login script execution. Removing this field without documentation could break existing scripts that depend on this return value. Consider whether this field should be retained for backward compatibility, or if this is an intentional breaking change, it should be clearly documented in the ChangeLog with the breaking change format.