feat(ai-agents): add --agent-endpoint flag to invoke command

[antriksh30]

Summary

Adds --agent-endpoint to azd ai agent invoke so users can invoke a deployed Foundry agent from any directory without needing an azd project, azure.yaml, or environment.

azd ai agent invoke \
    --agent-endpoint <endpoint-url> \
    'Hello!'

The endpoint is the same URL printed by azd ai agent show for a deployed agent.

Behavior

• Agent name and protocol are parsed from the URL no positional name or --protocol needed.
• Auth uses AzureDeveloperCLICredential (run azd auth login first), consistent with the rest of the extension.
• Session and conversation IDs are persisted to the per-user azd config, keyed by the parsed endpoint. Subsequent invokes against the same endpoint auto-resume the session/conversation; pass --new-session or --new-conversation to reset.
• After every successful invoke a one-line tip is printed pointing users at --help for the reset flags. The tip is protocol-aware:
  • Responses protocol: (tip: pass --new-session or --new-conversation to reset; see azd ai agent invoke --help)
  • Invocations protocol: (tip: pass --new-session to reset; see azd ai agent invoke --help) multi-turn memory on this protocol is bound to the session, so --new-conversation is not advertised.
• If the user passes --new-conversation while invoking an invocations endpoint, a note: is printed to stderr explaining that the flag has no effect for this protocol and pointing at --new-session instead. The flag is still accepted (no error) so existing scripts keep working.
• The invocation ID (x-agent-invocation-id) returned by the invocations protocol is printed for trace correlation, matching the local-invoke behavior.
• The local OpenAPI-spec cache is skipped there's no project to write it into.

Changes

• New --agent-endpoint flag on azd ai agent invoke. A single regex parses /api/projects/<proj>/agents/<name>/endpoint/protocols/(invocations|openai/responses) and derives projectEndpoint, agent name, protocol, and apiVersion (from the api-version query parameter) in one pass.
• Rejects encoded path separators (%2F, %5C) inside the project segment so the parsed project name is stable.
• Validates that flags which conflict with ephemeral mode are not also supplied: --local, a positional agent name, --port, --protocol. Each is rejected with a targeted suggestion. --new-session / --new-conversation are accepted (they reset the persisted IDs).
• Unit tests for endpoint URL parsing, flag-conflict validation, and stability of the persistence key across URL variants.

Example

with responses endpoint:

with invocations endpoint:

when --new-conversation flag is added with invocations endpoint, a warning/note is shown:

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

This PR updates azd ai agent invoke so --agent-endpoint can accept a full Foundry agent endpoint URL and derive the remote invocation settings directly from it, including support for running outside an azd project.

Changes:

• Added parsing and validation for full Foundry agent endpoint URLs, plus a new --agent-endpoint flag.
• Refactored remote invocation setup to support an “ephemeral” mode that skips azd project resolution and uses values derived from the endpoint URL.
• Added tests for endpoint parsing and upfront flag-conflict validation.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.

File	Description
cli/azd/extensions/azure.ai.agents/internal/cmd/invoke.go	Wires in --agent-endpoint, adds remote-context resolution, and updates remote request construction.
cli/azd/extensions/azure.ai.agents/internal/cmd/invoke_test.go	Adds validation tests for --agent-endpoint conflict handling.
cli/azd/extensions/azure.ai.agents/internal/cmd/agent_endpoint.go	Implements endpoint URL parsing/validation and ephemeral session hint output.
cli/azd/extensions/azure.ai.agents/internal/cmd/agent_endpoint_test.go	Adds tests for endpoint parsing, agent-name validation, and session hint smoke coverage.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

[jongio]

resolveRemoteContext cleanly centralizes name/endpoint/api-version resolution. Deferring acquireBearerToken until after body validation avoids unnecessary token round-trips on input errors. URL parser is thorough (scheme, host suffix, port rejection, path structure, agent-name charset, empty api-version).

One gap: ephemeral responses mode creates a conversation via createConversation but doesn't print a --conversation-id continuation hint. See thread on printEphemeralSessionHint.

[wbreza]

Review Summary

This PR adds an --agent-endpoint flag to azd ai agent invoke, enabling users to invoke Foundry agents from any directory without needing an azd project. The code is well-structured with good URL parsing/validation in a dedicated agent_endpoint.go file. Most prior feedback has been addressed across 6 iterative commits.

Should Fix

1. Empty API version produces malformed request URL
When a user provides an endpoint URL without a ?api-version= query parameter, ApiVersion is set to in the parsed struct.buildResponsesURL()/buildInvocationsURL()then produce?api-version=(key present, empty value). The existing fix rejects explicit?api-version=with no value, but not the absence of the parameter entirely. Consider falling back toDefaultAgentAPIVersionwhenapiVersion` is empty, or rejecting URLs missing the parameter.

2. Ephemeral conversation hint missing from invocationsRemote()
responsesRemote() prints both printEphemeralSessionHint and printEphemeralConversationHint, but invocationsRemote() only prints the session hint. Users invoking with --protocol invocations in ephemeral mode won't see how to continue their conversation — inconsistent UX between the two protocols.

3. Missing test coverage for resolveRemoteContext() and ephemeral integration flow
resolveRemoteContext() is a critical new function that branches between ephemeral and project modes, handles auth, and manages resource cleanup. It currently has no tests. The parsing helpers have good coverage, but the orchestration layer is untested.

4. Tests use raw t.Errorf/t.Fatalf instead of testify assertions
Repo convention uses testify (require/assert). The new agent_endpoint_test.go uses raw Go testing patterns. Should use require.NoError(t, err), require.Equal(t, expected, actual), etc.

5. Credential error messages may expose auth infrastructure details
ephemeralAuthError() uses fmt.Sprintf("failed to get auth token: %v", err) which may surface OAuth endpoint URLs or credential manager internals via %v formatting.

Nitpick

6. Several test functions in agent_endpoint_test.go are missing t.Parallel().

7. Variable url shadows the net/url package import — consider renaming to respURL.

[jongio]

Addresses my previous feedback - the conversation-id continuation hint is clean and well-tested. The guard logic (skip when user already supplied --conversation-id, skip when no conversation was created) covers the right cases. LGTM.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

[jongio]

Re-approving after the rebase and rework. The config persistence layer (config_store.go) is clean - proper validation, key normalization, legacy fallback with rewrite. The stderr fix for warnIneffectiveResetFlags, delegation to agent_yaml.ValidateAgentName, and the tip messages are all good. All prior findings addressed.

[wbreza]

Re-Review (post-rebase) — Approve

The PR was rebased with 7 new commits. 5 of 7 original findings are resolved. New commits fix real bugs: broken saveContextValue(..., "invocations"), suppressed log.Printf warnings, and loose agent name validation now delegated to �gent_yaml.ValidateAgentName.

Previous Findings — Status

Finding	Status
Empty API version → malformed URL	✅ Resolved
Conversation hint missing from invocationsRemote()	✅ Resolved
Credential error exposure	✅ Resolved
Missing .Parallel()	✅ Resolved
Variable shadowing	✅ Resolved
Missing
esolveRemoteContext() tests	⚠️ Still open
Raw .Errorf vs testify	⚠️ Still open

New Findings

🟡 Should Fix

1.
esolveRemoteContext() still has no dedicated tests
This function branches between ephemeral and project modes, manages �zdClient lifecycle, and handles auth. It's the critical orchestration point but remains untested in isolation. Parsing helpers have good coverage; the integration layer does not.

2. warnIneffectiveResetFlags() doesn't account for protocol
--new-conversation is always a no-op for invocations protocol (memory is session-bound), but the warning only fires when there's no parent daemon. A user with a daemon running invocations + --new-conversation gets no warning.

🟢 Nitpick

3. �gent_endpoint_test.go assertion style inconsistency
config_store_test.go correctly uses �ssert.Equal()/�ssert.NotEqual(), but �gent_endpoint_test.go still uses .Fatalf/ .Errorf. Standardizing would improve consistency.

4. No test for URL-encoded invalid agent names
TestParseAgentEndpoint_RejectsInvalidAgentNames tests underscores, length, and hyphens — but not URL-encoded characters like �gent%20name. Likely works via ValidateAgentName() but worth a test case.

[antriksh30]

Thanks for the re-review @wbreza. Status on the remaining items:

New #1 resolveRemoteContext() tests Addressed in 854e901.
Added TestResolveRemoteContext_EphemeralMode covering the ephemeral branch end-to-end: api-version default fallback (URL omits ?api-version=), explicit override, and name/projectEndpoint/agentKey propagation. The project-mode branch depends on the azd gRPC client and is exercised by the live tests in this PR's verification rather than unit tests.

New #2 — warnIneffectiveResetFlags() protocol awareness Function no longer exists.
It was removed in 9ed62d9d during the rebase because the warning path was unreachable: runRemote() always reaches the per-protocol branches, and both responsesRemote() and invocationsRemote() print their own protocol-specific notes when reset flags don't apply (e.g., note: --new-conversation has no effect for the invocations protocol (memory is bound to the session; use --new-session to reset) at invoke.go:736-739). The exact gap you describe (daemon + invocations + --new-conversation) is now covered by that protocol-aware note.

[trangevi]

/check-enforcer override