Add task for authenticating with Gradle repositories

[jokurtz-ms]

Context

Add task for authenticating with gradle repositories. This follows closely the existing MavenAuthenticate task. Maven and gradle both use maven repositories for dependencies. Currently gradle projects can use the MavenAuthenticate along with a gradle plugin for authentication but that approach will not be sustainable in the future.

---

Task Name

GradleAuthenticate

---

Description

This new task was mostly generated with GitHub CoPilot using the existing MavenAuthenticate task as a base. I have reviewed and tested the code myself but I am not very familiar with typescript. I did consider adding support to MavenAuthenticate for Gradle but still calling it MavenAuthenticate didn't seem right and making the decision to abandon it in favor of something like JvmAuthenticate was not a decision I was going to make

---

Risk Assessment (Low / Medium / High)

Low as this is a new task

---

Change Behind Feature Flag (Yes / No)

No. If we can put it behind a flag I would be happy to.

---

Tech Design / Approach

• Design has been written and reviewed.
• Any architectural decisions, trade-offs, and alternatives are captured.

---

Documentation Changes Required (Yes/No)

Indicate whether related documentation needs to be updated.

• User guides, API specs, system diagrams, or runbooks are updated.

---

Unit Tests Added or Updated (Yes / No)

Indicate whether unit tests were added or modified to reflect these changes.

---

Additional Testing Performed

List all other tests performed (manual or automated, including integration, regression, scenario tests, etc.).

---

Logging Added/Updated (Yes/No)

• Appropriate log statements are added with meaningful messages.
• Logging does not expose sensitive data.
• Log levels are used correctly (e.g., info, warn, error).

---

Telemetry Added/Updated (Yes/No)

• Custom telemetry (e.g., counters, timers, error tracking) is added as needed.
• Events are tagged with proper metadata for filtering and analysis.
• Telemetry is validated in staging or test environments.

---

Rollback Scenario and Process (Yes/No)

• Rollback plan is documented.

---

Dependency Impact Assessed and Regression Tested (Yes/No)

• All impacted internal modules, APIs, services, and third-party libraries are analyzed.
• Results are reviewed and confirmed to not break existing functionality.

---

Checklist

• Related issue linked (if applicable)
• Task version was bumped — see versioning guide
• Verified the task behaves as expected

[jokurtz-ms]

/azp run

[azure-pipelines]

Commenter does not have sufficient privileges for PR 21547 in repo microsoft/azure-pipelines-tasks

[embetten]

We should discuss not supporting PAT service connections and only supporting WIF or the build service identity. Secondly, we should look at treating external (cross org) and internal (same org ) feeds the same