Sync eng/common directory with azure-sdk-tools for PR 13235

[azure-sdk]

Sync eng/common directory with azure-sdk-tools for PR Azure/azure-sdk-tools#13235 See eng/common workflow

[Copilot]

Pull request overview

This PR syncs the eng/common directory with azure-sdk-tools PR 13235, migrating APIView authentication from API key-based authentication to Bearer token authentication using Azure Managed Identity/Service Principal.

Key Changes:

• Replaced API key authentication with Bearer token authentication using az account get-access-token
• Updated API endpoints to use lowercase paths (/autoreview, /upload, /create)
• Changed HTTP method from GET to POST for the /create endpoint

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
eng/common/scripts/Create-APIReview.ps1	Removed $APIKey parameter, added Get-ApiViewBearerToken() function for token acquisition, updated authentication headers to use Bearer tokens, and changed API endpoints and HTTP methods
eng/common/pipelines/templates/steps/create-apireview.yml	Changed from Powershell@2 to AzureCLI@2 task to support Azure CLI authentication, added service connection reference, and removed API key parameter from script arguments

---

After thoroughly reviewing this pull request, I found no issues. The changes are well-implemented with:

• Proper security improvement: Migration from API key to Managed Identity-based authentication
• Correct task configuration: AzureCLI@2 task is necessary to provide Azure context for az account get-access-token
• Good error handling: Token acquisition failures are properly caught and return appropriate HTTP status codes
• Consistent updates: All references to the old authentication method have been properly removed
• Appropriate API changes: Endpoint updates and HTTP method changes align with the authentication migration

The implementation follows PowerShell best practices and maintains backward compatibility in error handling patterns.