Open aj9411 opened 3 weeks ago
Thank you for opening this issue, we will look into it.
I am thinking AzCopy version is not being updated to the latest if it works locally but not in a data box. Can you try manually updating AzCopy to 10.26.0? Will look into updating to a minimum version of AzCopy in CLI. Thanks.
@calvinhzy I tried with wget -O azcopy_v10.tar.gz https://aka.ms/downloadazcopy-v10-linux && tar -xf azcopy_v10.tar.gz --strip-components=1
, but that didn't work. Any other suggestions?
edit: I am dumb, mixed up OS's. I was able to install the azcopy tool before running az storage fs directory download
, I am fine now! There's a workaround for the problem, so I guess it is your decision if you want to keep this open
Describe the bug
Hey guys,
I am running a script on a build box, the script runs the following commands:
az login --service-principal -u *** --tenant *** --allow-no-subscriptions --federated-token
(works)az account set --subscription ***
(works)az storage blob download --account-name *** -c *** -n *** -f *** --auth-mode login
(works)az storage fs directory download --account-name *** --auth-mode login --file-system *** --source-path *** --destination-path . \ --recursive --only-show-errors
(error)The third command,
az storage blob download
, runs fine, it does not require a re-login. The fourth command though,az storage fs directory download
, asks for login. I see the message:To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code *** to authenticate.
Naturally there's no login with the code, and the script ends up failing with:
failed to perform copy command due to error: Login Credentials missing. OAuth token, SAS token, or shared key should be provided for Blob FS ERROR: Failed to perform copy operation.
Why is
az storage fs directory download
asking for a new login? Shouldn't it use the logged-in identity? I previously used a user-delegated token to runaz storage fs directory download
, I raised this issue https://github.com/Azure/azure-cli/issues/29322 to get support for--auth-mode login
. Thanks for adding support on version 2.63.0, it works fine when I run it from my PC, no re-login required. It's just when a build box is running this command. I do see the INFO log from the build box:INFO: cli.azure.cli.command_modules.storage._validators: Cannot generate sas token. self.account_key should not be None.
, so perhaps that might be the cause?Related command
az storage fs directory download
Errors
failed to perform copy command due to error: Login Credentials missing. OAuth token, SAS token, or shared key should be provided for Blob FS
Issue script & Debug output
Expected behavior
az storage fs directory download
does not require re-login when running it from build box using service principalEnvironment Summary
azure-cli 2.63.0
core 2.63.0 telemetry 1.1.0
Extensions: azure-devops 1.0.1 xsignextension 0.45
Dependencies: msal 1.30.0 azure-mgmt-resource 23.1.1
Python location '/usr/bin/python3.9' Extensions directory '/root/.azure/cliextensions'
Python (Linux) 3.9.19 (main, Jul 31 2024, 03:47:41) [GCC 11.2.0]
Additional context
No response