From 11a61fa980e8217db17f9c02980437c410074128 Mon Sep 17 00:00:00 2001
From: Wes Haggard <weshaggard@users.noreply.github.com>
Date: Fri, 30 Aug 2024 10:33:47 -0700
Subject: [PATCH] Switch to User Delegate SAS for vcpkg caching (#5950)

---
 eng/pipelines/templates/steps/vcpkg.yml |  2 +-
 eng/scripts/Set-VcpkgWriteModeCache.ps1 | 23 ++++++-----------------
 2 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/eng/pipelines/templates/steps/vcpkg.yml b/eng/pipelines/templates/steps/vcpkg.yml
index d36802bee..0e7e420b9 100644
--- a/eng/pipelines/templates/steps/vcpkg.yml
+++ b/eng/pipelines/templates/steps/vcpkg.yml
@@ -8,7 +8,7 @@ steps:
     - task: AzurePowerShell@5
       displayName: Set Vcpkg Write-mode Cache
       inputs:
-        azureSubscription: 'cpp Resource Group'
+        azureSubscription: 'Azure SDK Artifacts'
         ScriptType: FilePath
         ScriptPath: eng/scripts/Set-VcpkgWriteModeCache.ps1
         azurePowerShellVersion: LatestVersion
diff --git a/eng/scripts/Set-VcpkgWriteModeCache.ps1 b/eng/scripts/Set-VcpkgWriteModeCache.ps1
index 1ab83ed7d..a319384a0 100644
--- a/eng/scripts/Set-VcpkgWriteModeCache.ps1
+++ b/eng/scripts/Set-VcpkgWriteModeCache.ps1
@@ -1,6 +1,5 @@
 param(
-    [string] $StorageAccountName = 'cppvcpkgcache',
-    [string] $ResourceGroupName = 'cpp'
+    [string] $StorageAccountName = 'cppvcpkgcache'
 )
 
 
@@ -27,25 +26,15 @@ $env:PSModulePath = $modulePaths -join $moduleSeperator
 
 Install-ModuleIfNotInstalled "Az.Storage" "4.3.0" | Import-Module
 
-$storageAccountKeys = Get-AzStorageAccountKey `
-    -ResourceGroupName $ResourceGroupName `
-    -Name $StorageAccountName
-
 $ctx = New-AzStorageContext `
-    -StorageAccountKey $storageAccountKeys[0].Value`
-    -StorageAccountName $StorageAccountName
+    -StorageAccountName $StorageAccountName `
+    -UseConnectedAccount
 
-$token = New-AzStorageAccountSASToken `
-    -Service Blob `
-    -ResourceType Object `
+$vcpkgBinarySourceSas = New-AzStorageContainerSASToken `
+    -Name $StorageAccountName `
     -Permission "rwc" `
     -Context $ctx `
-    -ExpiryTime (Get-Date).AddDays(1)
-
-$vcpkgBinarySourceSas = $token
-if ($token.StartsWith('?')) {
-    $vcpkgBinarySourceSas = $token.Substring(1)
-}
+    -ExpiryTime (Get-Date).AddHours(1)
 
 Write-Host "Ensure redaction of SAS tokens in logs" 
 Write-Host "##vso[task.setvariable variable=VCPKG_BINARY_SAS_TOKEN;issecret=true;]$vcpkgBinarySourceSas"