[BUG]: AzureCLI@2 visibleAzLogin: false not working using workload identity federation service connection

[bengtfredh]

New issue checklist

• I searched for existing GitHub issues
• I read pipeline troubleshooting guide
• I checked how to collect logs

Task name

AzureCLI@2

Task version

2.242.0

Issue Description

visibleAzLogin: false is not applied when using workload identity federation service connection.
From log:
/usr/bin/az login --service-principal -u *** --tenant xxxxxx-xxxx-xxxx-xxxx-xxxxxxx --allow-no-subscriptions --federated-token ***

From before switch to using workload identity federation service connection:
/usr/bin/az login --service-principal -u *** --password=*** --tenant xxxxxx-xxxx-xxxx-xxxx-xxxxxxx --allow-no-subscriptions --output none

Environment type (Please select at least one enviroment where you face this issue)

• Self-Hosted
• Microsoft Hosted
• VMSS Pool
• Container

Azure DevOps Server type

dev.azure.com (formerly visualstudio.com)

Azure DevOps Server Version (if applicable)

No response

Operation system

Ubuntu 22.04

Relevant log output

/usr/bin/az cloud set -n AzureCloud
##[debug]Agent environment resources - Disk: / Available 26442.00 MB out of 29588.00 MB, Memory: Used 578.00 MB out of 3902.00 MB, CPU: Usage 37.67%
##[debug]connectedServiceNameARM=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx auth scheme = WorkloadIdentityFederation
##[debug]xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx auth scheme = WorkloadIdentityFederation
##[debug]xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx data SubscriptionID = xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]visibleAzLogin=false
##[debug]xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx auth param serviceprincipalid = ***
##[debug]xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx auth param tenantid = xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]System.JobId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]System.PlanId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]System.TeamProjectId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]System.HostType=build
##[debug]System.CollectionUri=https://dev.azure.com/brreg/
##[debug]Getting credentials for local feeds
##[debug]SYSTEMVSSCONNECTION exists true
##[debug]Got auth token
##[debug]Processed: ##vso[task.setsecret]***
##[debug]which 'az'
##[debug]found: '/usr/bin/az'
##[debug]/usr/bin/az arg: login --service-principal -u "***" --tenant "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" --allow-no-subscriptions --federated-token "***"
##[debug]/usr/bin/az arg: login --service-principal -u "***" --tenant "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" --allow-no-subscriptions --federated-token "***"
##[debug]exec tool: /usr/bin/az
##[debug]exec tool: /usr/bin/az
##[debug]arguments:
##[debug]arguments:
##[debug]   login
##[debug]   login
##[debug]   --service-principal
##[debug]   --service-principal
##[debug]   -u
##[debug]   -u
##[debug]   ***
##[debug]   ***
##[debug]   --tenant
##[debug]   --tenant
##[debug]   xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]   xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
##[debug]   --allow-no-subscriptions
##[debug]   --allow-no-subscriptions
##[debug]   --federated-token
##[debug]   --federated-token
##[debug]   ***
##[debug]   ***
/usr/bin/az login --service-principal -u *** --tenant xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx --allow-no-subscriptions --federated-token ***

Full task logs with system.debug enabled

No response

Repro steps

- task: AzureCLI@2
    displayName: 'Hello World'
    inputs:
      azureSubscription: 'federated-service-connection'
      visibleAzLogin: false
      scriptType: bash
      scriptLocation: inlineScript
      inlineScript: |
        echo "Hello World!"

[bengtfredh]

• add visibleAzLogin for workloadidentityfederation #19991