Increase token expiration and retry until compatible token (#7239)

eng/common/templates-official/steps/get-delegation-sas.yml

@@ -25,15 +25,20 @@ steps:
     scriptType: 'pscore'
     scriptLocation: 'inlineScript'
     inlineScript: |
-      # Calculate the expiration of the SAS token and convert to UTC
-      $expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ")
+      # Temporarily work around a helix issue where SAS tokens with / in them will cause incorrect downloads
+      # of correlation payloads. See https://github.com/dotnet/dnceng/issues/3484
+      $sas = ""
+      do {
+        # Calculate the expiration of the SAS token and convert to UTC
+        $expiry = (Get-Date).AddHours(${{ parameters.expiryInHours }}).ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ")
 
-      $sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv
+        $sas = az storage container generate-sas --account-name ${{ parameters.storageAccount }} --name ${{ parameters.container }} --permissions ${{ parameters.permissions }} --expiry $expiry --auth-mode login --as-user -o tsv
 
-      if ($LASTEXITCODE -ne 0) {
-        Write-Error "Failed to generate SAS token."
-        exit 1
-      }
+        if ($LASTEXITCODE -ne 0) {
+          Write-Error "Failed to generate SAS token."
+          exit 1
+        }
+      } while($sas.IndexOf('/') -ne -1)
 
       if ('${{ parameters.base64Encode }}' -eq 'true') {
         $sas = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($sas))