diff --git a/pkg/azurefile/azurefile.go b/pkg/azurefile/azurefile.go index 3356a5ea0a..59cf6eafd6 100644 --- a/pkg/azurefile/azurefile.go +++ b/pkg/azurefile/azurefile.go @@ -197,6 +197,8 @@ var ( supportedFSGroupChangePolicyList = []string{FSGroupChangeNone, string(v1.FSGroupChangeAlways), string(v1.FSGroupChangeOnRootMismatch)} retriableErrors = []string{accountNotProvisioned, tooManyRequests, shareBeingDeleted, clientThrottled} + + defaultAzcopyCopyOptions = []string{"--recursive", "--check-length=false"} ) // Driver implements all interfaces of CSI drivers @@ -1022,7 +1024,8 @@ func (d *Driver) copyFileShare(ctx context.Context, req *csi.CreateVolumeRequest return err case fileutil.AzcopyJobNotFound: klog.V(2).Infof("copy fileshare %s to %s", srcFileShareName, dstFileShareName) - cmd := exec.Command("azcopy", "copy", srcPath, dstPath, "--recursive", "--check-length=false") + cmd := exec.Command("azcopy", "copy", srcPath, dstPath) + cmd.Args = append(cmd.Args, defaultAzcopyCopyOptions...) if len(authAzcopyEnv) > 0 { cmd.Env = append(os.Environ(), authAzcopyEnv...) } @@ -1034,7 +1037,9 @@ func (d *Driver) copyFileShare(ctx context.Context, req *csi.CreateVolumeRequest if sasToken, _, err = d.getAzcopyAuth(ctx, accountName, "", storageEndpointSuffix, accountOptions, secrets, secretName, secretNamespace, true); err != nil { return err } - out, copyErr = exec.Command("azcopy", "copy", srcPath+sasToken, dstPath+sasToken, "--recursive", "--check-length=false").CombinedOutput() + cmd := exec.Command("azcopy", "copy", srcPath+sasToken, dstPath+sasToken) + cmd.Args = append(cmd.Args, defaultAzcopyCopyOptions...) + out, copyErr = cmd.CombinedOutput() } if copyErr != nil { klog.Warningf("CopyFileShare(%s, %s, %s) failed with error(%v): %v", resourceGroupName, accountName, dstFileShareName, copyErr, string(out)) diff --git a/pkg/azurefile/controllerserver.go b/pkg/azurefile/controllerserver.go index 957cdaf5ac..e2d0f5c773 100644 --- a/pkg/azurefile/controllerserver.go +++ b/pkg/azurefile/controllerserver.go @@ -1335,7 +1335,7 @@ func (d *Driver) authorizeAzcopyWithIdentity() ([]string, error) { return authAzcopyEnv, nil } - return []string{}, fmt.Errorf("service principle or managed identity are both not set") + return []string{}, fmt.Errorf("neither the service principal nor the managed identity has been set") } // getAzcopyAuth will only generate sas token for azcopy in following conditions: @@ -1345,7 +1345,7 @@ func (d *Driver) authorizeAzcopyWithIdentity() ([]string, error) { // 4. parameter useSasToken is true func (d *Driver) getAzcopyAuth(ctx context.Context, accountName, accountKey, storageEndpointSuffix string, accountOptions *azure.AccountOptions, secrets map[string]string, secretName, secretNamespace string, useSasToken bool) (string, []string, error) { var authAzcopyEnv []string - if len(secrets) == 0 && len(secretName) == 0 { + if !useSasToken && len(secrets) == 0 && len(secretName) == 0 { var err error authAzcopyEnv, err = d.authorizeAzcopyWithIdentity() if err != nil { diff --git a/pkg/azurefile/controllerserver_test.go b/pkg/azurefile/controllerserver_test.go index 7aa262e2f4..7057910a01 100644 --- a/pkg/azurefile/controllerserver_test.go +++ b/pkg/azurefile/controllerserver_test.go @@ -3044,7 +3044,7 @@ func TestAuthorizeAzcopyWithIdentity(t *testing.T) { }, } expectedAuthAzcopyEnv := []string{} - expectedErr := fmt.Errorf("service principle or managed identity are both not set") + expectedErr := fmt.Errorf("neither the service principal nor the managed identity has been set") authAzcopyEnv, err := d.authorizeAzcopyWithIdentity() if !reflect.DeepEqual(authAzcopyEnv, expectedAuthAzcopyEnv) || !reflect.DeepEqual(err, expectedErr) { t.Errorf("Unexpected authAzcopyEnv: %v, Unexpected error: %v", authAzcopyEnv, err)