feat(toolboxes): add azd ai toolbox direct commands

[hund030]

Summary

Adds the azd ai toolbox command group as a new standalone azure.ai.toolboxes extension so users can manage versioned, connection-backed tool collections from the terminal. Closes #8143. Implements the design spec from #8160.

Changes

• extensions/azure.ai.toolboxes/internal/cmd/ — verbs create, update, delete, show, list, version list, and the connection {add, remove, list} subgroup. create takes its input from a JSON/YAML file (--from-file) describing the initial tool set and publishes v1 directly; connection add supports both a single positional and the same file mode; connection remove confirms by default and accepts --force; update retargets default_version.
• internal/foundry/{credential.go, projectctx/, connections/} — duplicated infrastructure from azure.ai.agents (5-level project-endpoint cascade, Foundry credential factory, single-connection lookup client). Isolated under internal/foundry/ with a one-way import contract so a future shared-module lift is mechanical.
• internal/pkg/azure/foundry_toolsets_client.go — toolbox CRUD data-plane client (ListToolboxes, Get/List/DeleteToolboxVersion, SetDefaultVersion, capped paginator).
• internal/cmd/toolbox_files.go — JSON/YAML file parser for --from-file with DisallowUnknownFields/KnownFields and context-aware error suggestions.
• internal/exterrors/ — trimmed copy carrying only the codes/ops the toolbox surface uses.
• extensions/azure.ai.agents/ — toolbox-specific files and codes removed; pre-existing foundry_toolsets_client.go / exterrors/codes.go reverted to main.
• .golangci.yaml, AGENTS.md — added at the extension root for consistency with sibling extensions.
• Tests — table-driven coverage for every verb's branches against a stubbed toolboxClient and connectionResolver, plus the file-parser and shared helpers.

[github-actions]

📋 Prioritization Note

Thanks for the contribution! The linked issue isn't in the current milestone yet.
Review may take a bit longer — reach out to @rajeshkamal5050 or @kristenwomack if you'd like to discuss prioritization.

[Copilot]

Pull request overview

This PR adds a new azd ai agent toolbox command group to the azure.ai.agents extension to manage Foundry toolboxes as versioned, connection-backed tool collections, including a local “pending toolbox” flow for create prior to the first connection add.

Changes:

• Introduces toolbox CRUD-ish verbs (create, update, delete, show, list) plus toolbox connection add|remove|list under the agent extension command tree.
• Adds a per-endpoint pending-toolbox config store (bucketed by a hashed endpoint) and wires it into create, show, list, and promotion on connection add.
• Extends the Foundry toolbox/projects Azure clients with toolbox pagination/version operations and a connection lookup without credentials, plus unit tests for the new command branches and helper functions.

Reviewed changes

Copilot reviewed 20 out of 20 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
cli/azd/extensions/azure.ai.agents/internal/pkg/azure/foundry_toolsets_client.go	Adds shared JSON request helper, toolbox URL builder, cursor-pagination walker, and new toolbox/version operations.
cli/azd/extensions/azure.ai.agents/internal/pkg/azure/foundry_projects_client.go	Adds GetConnection (no credentials) for toolbox connection resolution.
cli/azd/extensions/azure.ai.agents/internal/exterrors/codes.go	Adds toolbox-specific error codes and Azure service operation names for toolbox flows.
cli/azd/extensions/azure.ai.agents/internal/cmd/root.go	Registers the new toolbox command group in the extension root command.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox.go	Adds toolbox parent command, cross-cutting flags, name/output validation, endpoint resolution, and 404 detection helper.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_client.go	Defines a toolboxClient interface to allow unit tests to stub the toolbox API.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_shared.go	Adds shared helpers for JSON emission, toolbox-not-found mapping, and tool connection ID walking.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_context.go	Adds toolbox/projects client constructors and endpoint parsing helpers.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_create.go	Implements toolbox create as a local pending record (no initial POST).
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_update.go	Implements toolbox update (PATCH default version only).
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_delete.go	Implements toolbox delete including guarded per-version delete semantics and pending-record clearing.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_show.go	Implements toolbox show, including MCP endpoint computation and pending-record rendering.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_list.go	Implements toolbox list, merging live toolboxes with local pending entries.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_connection.go	Adds toolbox connection add and tool-entry construction logic based on connection category.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_connection_actions.go	Implements toolbox connection remove and toolbox connection list.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_connection_resolver.go	Adds a resolver that fetches a project connection (no credentials) and maps it into toolbox-ready shape.
cli/azd/extensions/azure.ai.agents/internal/cmd/pending_toolboxes.go	Implements per-endpoint pending-toolbox storage and the pendingToolboxStore abstraction.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_test_helpers_test.go	Adds mock toolbox client, stub connection resolver, and in-memory pending store for tests.
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_helpers_test.go	Adds unit tests for helper utilities (validation, tool entry building, filtering, URL building, hashing).
cli/azd/extensions/azure.ai.agents/internal/cmd/toolbox_commands_test.go	Adds unit tests covering command branch behavior and key error cases.

[jongio]

Technical findings from code-level analysis. I'm not restating the design/UX feedback from @therealjohn and @trangevi; their reviews cover the broader picture.

Three findings, one medium priority:

1. [MED] Non-atomic version promotion connection add and connection remove both call CreateToolboxVersion then SetDefaultVersion as two separate API calls. If the second fails, there's an orphaned version that isn't the default, and the error doesn't include the created version number, so recovery via toolbox update --default-version requires the user to first figure out which version got created. Same pattern in toolbox_connection_actions.go around line 120.

2. [LOW] Silent pagination truncation listPagedFromClient returns partial results without error when the server responds with has_more=true but provides no usable cursor (lines 161-164 of foundry_toolsets_client.go). Unlikely in practice, but a log.Printf warning here would make debugging much easier if it ever happens.

3. [LOW] No length cap on toolbox/tool names toolboxNamePattern is ^[A-Za-z0-9_-]+$ with no min/max bounds. The existing agent name validation in parse.go enforces 1-63 chars. Worth adding a length cap so users get a clear local error rather than a less helpful service-side 400.

[trangevi]

/check-enforcer override

[trangevi]

@copilot update the codeowners file for this extension to match azure.ai.agents

[Copilot]

@copilot update the codeowners file for this extension to match azure.ai.agents

Updated .github/CODEOWNERS so /cli/azd/extensions/azure.ai.toolboxes/ matches the azure.ai.agents owner list. Commit: d0da007.

[trangevi]

@copilot resolve the merge conflicts in this pull request

[Copilot]

@copilot resolve the merge conflicts in this pull request

Resolved the merge conflict by merging origin/main and keeping the new azure.ai.toolboxes CODEOWNERS entry aligned with the updated azure.ai.agents owners from main. Commit: c054f9b.

[trangevi]

@copilot resolve the merge conflicts in this pull request

[Copilot]

@copilot resolve the merge conflicts in this pull request

Resolved the latest merge conflict by merging origin/main again and keeping /cli/azd/extensions/azure.ai.toolboxes/ aligned with the current azure.ai.agents CODEOWNERS entry. Commit: ce374b3.

[JeffreyCA]

/check-enforcer override