[Storage] Support Storage Account saspolicy new properties SasExpirationAction #27908
Conversation
| Thanks for your contribution! The pull request validation has started. Please revisit this comment for updated status. |
There was a problem hiding this comment.
Pull Request Overview
Adds support for the new -SasExpirationAction property on storage account cmdlets, allowing users to specify how violations of SAS expiration policies are handled, and updates documentation, tests, and changelog accordingly.
- Introduce
SasExpirationActionparameter (Log or Block) in New/Set-AzStorageAccount cmdlets - Handle defaulting, validation, and policy construction logic in C# implementation
- Update help markdown, tests, and changelog for the new parameter
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs | Add SasExpirationAction parameter and integrate into update logic |
| src/Storage/Storage.Management/StorageAccount/NewAzureStorageAccount.cs | Add SasExpirationAction parameter and integrate into creation logic |
| src/Storage/Storage.Management/help/Set-AzStorageAccount.md | Add parameter help/details, update examples with action column |
| src/Storage/Storage.Management/help/New-AzStorageAccount.md | Add parameter help/details, update examples with action column |
| src/Storage/Storage.Management/ChangeLog.md | Document upcoming release changes for SasExpirationAction |
| src/Storage/Storage.Management.Test/ScenarioTests/StorageAccountTests.ps1 | Add scenario tests for default and explicit SasExpirationAction |
Comments suppressed due to low confidence (6)
src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs:473
- Consider adding a [PSDefaultValue(Help = "Log", Value = StorageModels.ExpirationAction.Log)] attribute to match the default behavior and help callers discover the default.
[Parameter(Mandatory = false, HelpMessage = "The action to be performed when SasExpirationPeriod is violated.")]
src/Storage/Storage.Management/help/Set-AzStorageAccount.md:1146
- Update the 'Default value' to 'Log' (or the appropriate action) to reflect the actual default applied by the cmdlet.
Default value: None
src/Storage/Storage.Management/help/New-AzStorageAccount.md:1212
- Change the default value from 'None' to 'Log' to accurately document the cmdlet's behavior.
Default value: None
src/Storage/Storage.Management/help/Set-AzStorageAccount.md:288
- Remove the extra space before the comma in 'SasExpirationAction ,' for proper punctuation.
This command updates a Storage account with KeyExpirationPeriod and SasExpirationPeriod with SasExpirationAction , then show the updated account related properties.
src/Storage/Storage.Management/ChangeLog.md:21
- [nitpick] Rephrase this entry for clarity and correct grammar (e.g., 'Support SasExpirationAction (Log|Block) with SasExpirationPeriod').
* Supported set SasExpirationAction as Log or Block, together with SasExpirationPeriod
src/Storage/Storage.Management.Test/ScenarioTests/StorageAccountTests.ps1:1697
- Add a negative test case to verify that specifying -SasExpirationAction without -SasExpirationPeriod throws the expected exception.
function Test-AzureStorageAccountKeySASPolicy
src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs
Outdated
Show resolved
Hide resolved
src/Storage/Storage.Management/StorageAccount/NewAzureStorageAccount.cs
Outdated
Show resolved
Hide resolved
src/Storage/Storage.Management/StorageAccount/SetAzureStorageAccount.cs
Outdated
Show resolved
Hide resolved
|
Would you please help to look at the only test case failure? The failed test case "Microsoft.Azure.Commands.Management.Storage.Test.ScenarioTests.StorageAccountTests.TestNewSetAzureStorageAccountTLSveresionBlobPublicAccess" is no changed in this PR, and the test only fail on MacOS. I also can't repro this failure on my local machine (win11). |
|
/azp run |
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
The function Retry-IfException looks like has a subtle issue. It relies on the global variable $Error which could be set from outside of the function scope. However, I did not see it was reset at the beginning of the function call. |
|
Hi @vidai-msft, Thanks for looking at the test failure! As the test pass after rerun, would you like to review and merge this PR if not other issue? |
Description
Mandatory Checklist
Please choose the target release of Azure PowerShell. (⚠️ Target release is a different concept from API readiness. Please click below links for details.)
Check this box to confirm: I have read the Submitting Changes section of
CONTRIBUTING.mdand reviewed the following information:ChangeLog.mdfile(s) appropriatelysrc/{{SERVICE}}/{{SERVICE}}/ChangeLog.md.## Upcoming Releaseheader in the past tense.ChangeLog.mdif no new release is required, such as fixing test case only.