search

Azure / deployment-stacks

Contains Deployment Stacks CLI scripts and releases
MIT License
87 stars 6 forks source link

Unable to download the ZIP for PS Module #96

Closed wsmelton closed 1 year ago

wsmelton commented 1 year ago

Describe the bug GitHub seems to be blocking the download of the ZIP file for PS module. I can download the CLI zips with no issues

It gives a permission/network issue (nothing wrong with my Internet connection).

To Reproduce Steps to reproduce the behavior:

  1. Go to releases
  2. Click on link for Azure PowerShell module
  3. See download error in Edge (permission or network error)

Expected behavior Asset to download to my device

Screenshots image

wsmelton commented 1 year ago

GitHub CLI is showing the same issue, both CLI files downloaded but the Module failed

image

azcloudfarmer commented 1 year ago

Hello @wsmelton I attempted to repro this issue with the steps mentioned above and I was able to download the zip files successfully. It seems like it may be an issue on your machine. Can you try downloading again with a different browser?

wsmelton commented 1 year ago

Seems that way. I was able to download from my mobile device.

wsmelton commented 1 year ago

Confirmed with security our AV/Endpoint protection is blocking the download. It is flagging it as malware: MSIL_Kryptik.IAZ.gen!Eldorado

wsmelton commented 1 year ago

Does anyone know why this file is flagged as malware?

https://www.virustotal.com/gui/file/f8420748ac1d269810903ac4c96f1474da988d9fa2455933e4eb56d8e365dcd4?nocache=1

Screenshot_20230314-101002.png

wsmelton commented 1 year ago

Seems a file included is being flagged because it is not signed https://www.virustotal.com/gui/file/bd9389e2dbc532ba2a297373d2ba52318c477bb779152ea21b4a4da5ba3b8a5c/details

image

Microsoft.Azure.Management.ResourceManager.dll

image

azcloudfarmer commented 1 year ago

Hi @wsmelton, thank you for all the details here. It appears there is a code signing issue with the PS bits. Given we are close to making this part of the public PS module, we don't have a current plan for signing these. Please let us know if this is a hard blocker for you or if you are able to test with CLI in the interim.

wsmelton commented 1 year ago

Does that mean you never sign the bits during private preview? (This occurs on every previous release I've tested; a handful). Our security team will not allow the file in our environment.

We do not use the Azure CLI in our deployment configurations, so in the sense trying to test this functionality in our current workflow I'm blocked. I can "play" with the CLI but won't be able to put it through the full course of usage.

We will just wait until things are signed and it comes into public preview.