Comments (25)
Just to add - we have just found that SDK v2.2.203 has broken the --interactive function (for Azure Devops hosted feeds, from Windows 10 machines). Reverted to v2.2.202 and it works.
from artifacts-credprovider.
For anyone looking for a summarized solution, here's what worked on a Mac setup:
-
generate a personal acess token (PAT) that gives you rights to the given service;
-
configure your
Nuget.config
to use the PAT for authentication usingBasic
auth as shown by stephan7878:<?xml version="1.0" encoding="utf-8"?> <configuration> <packageSources> <add key="NuGet official package source" value="https://api.nuget.org/v3/index.json" /> <add key="Partner" value="https://tfs.partner.com/DefaultCollection/_packaging/Nuget/nuget/v3/index.json" /> </packageSources> <packageSourceCredentials> <Partner> <add key="Username" value="USERNAME" /> <add key="ClearTextPassword" value="PATSTRING" /> <add key="ValidAuthenticationTypes" value="basic" /> </Partner> </packageSourceCredentials> </configuration>
-
clear the cache and restore the packages using the old HTTP client:
cd repo nuget locals -clear all && export DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER=0 && nuget restore
from artifacts-credprovider.
Our investigation on the internal work item resulted that unfortunately, the way the interactive flow currently works in this cred provider, there is no way to make it work interactively for an on premise Azure DevOps Server instance. The best solution we currently have is to use the workaround of using the environment variables mentioned above. Sorry for the inconvenience.
To make it clearer, the newest version of this cred provider detects if the feed URI is an Azure DevOps Server on premise URI and won't even try the interactive flow to avoid confusing logs.
As a follow-up work item, we should document this in the cred provider readme.
from artifacts-credprovider.
Closing this issue due to inactivity.
from artifacts-credprovider.
I am also experiencing issues with the provider, but I use it in a container.
Here is the setup:
Docker image: mcr.microsoft.com/dotnet/core/sdk:3.0-bionic (same behavior with 2.2-bionic)
Install provider in Dockerfile: RUN bash /application/scripts/installcredprovider.sh
Pass Env Variable In Compose:
environment:
- VSS_NUGET_EXTERNAL_FEED_ENDPOINTS=${VSS_JSON}
Calling dotnet restore
inside the container (with or without --interactive) always throws:
/usr/share/dotnet/sdk/3.0.100-preview8-013656/NuGet.targets(123,5): error : Unable to load the service index for source [REDACTED]. [/application/build/_build.csproj]
/usr/share/dotnet/sdk/3.0.100-preview8-013656/NuGet.targets(123,5): error : GSSAPI operation failed with error - Unspecified GSS failure. Minor code may provide more information (SPNEGO cannot find mechanisms to negotiate). [/application/build/_build.csproj]
Can anyone give me a hint how to fix this?
from artifacts-credprovider.
With release of 3.0 this is still NOT working for us. Nothing helps. Our whole Integration Test environment is halted due to this issue. I cannot make dotnet restore work on linux containers with our internal NuGet repository, no matter what. Please give me something. I don't want to switch to Windows containers...
from artifacts-credprovider.
Hello, for whos having this problem, maybe you can try this solution -> #63
from artifacts-credprovider.
I'm finding that
--interactive
does not work for private packages on Azure Devops, either.PS D:\Dev\sample-func\SampleFunc> dotnet add package --interactive Microsoft.Azure.SignalR.Management Determining projects to restore... Writing C:\Users\ThisGuy\AppData\Local\Temp\tmpC2A0.tmp info : Adding PackageReference for package 'Microsoft.Azure.SignalR.Management' into project 'D:\Dev\sample-func\SampleFunc\SampleFunc.csproj'. info : CACHE https://api.nuget.org/v3/registration5-gz-semver2/microsoft.azure.signalr.management/index.json info : GET https://pkgs.dev.azure.com/<removed>/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json info : GET https://<removed>.pkgs.visualstudio.com/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json info : Unauthorized https://<removed>.pkgs.visualstudio.com/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json 272ms info : Unauthorized https://pkgs.dev.azure.com/<removed>/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json 275ms error: Response status code does not indicate success: 401 (Unauthorized).
I am on
NuGet Command Line 5.8.0.6930
anddotnet 5.0.1.02
I suggest you create a new issue as this issue is specific to azure devops server, and has been closed.
from artifacts-credprovider.
I've attempted the workaround described in #6135, also without success.
from artifacts-credprovider.
There's a known issue with NuGet 4.9 and SDK 2.1.500. See here for some additional info.
from artifacts-credprovider.
Thanks @phil-hodgson. I created a globals.json
to force .Net SDK 2.1.402, but still seeing the same behaviour.
CredProvider
export NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED=true
export VSS_NUGET_EXTERNAL_FEED_ENDPOINTS="{\"endpointCredentials\": [{\"endpoint\":\"https://[REDACTED]/nuget/v3/index.json\", \"username\":\"vsts\", \"password\":\"[PAT]\"}]}"
dotnet restore
Exception:
(Restore target) ->
/usr/share/dotnet/sdk/2.1.402/NuGet.targets(114,5): error : Unable to load the service index for source https://[REDACTED]/nuget/v3/index.json. [REDACTED]
/usr/share/dotnet/sdk/2.1.402/NuGet.targets(114,5): error : GSSAPI operation failed with error - An invalid status code was supplied (Invalid value in argument). [REDACTED]
Using a nuget.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear />
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
<add key="tfs" value="https://[REDACTED]/nuget/v3/index.json" />
</packageSources>
<disabledPackageSources />
<packageSourceCredentials>
<tfs>
<add key="Username" value="vsts" />
<add key="ClearTextPassword" value="[PAT]" />
<add key="ValidAuthenticationTypes" value="basic" />
</tfs>
</packageSourceCredentials>
</configuration>
Run restore
dotnet restore
Exception:
/usr/share/dotnet/sdk/2.1.402/NuGet.targets(114,5): error : Unable to load the service index for source https://[REDACTED]/nuget/v3/index.json. [REDACTED]
/usr/share/dotnet/sdk/2.1.402/NuGet.targets(114,5): error : GSSAPI operation failed with error - An invalid status code was supplied (Invalid value in argument). [REDACTED]
I also upgraded to .NET SDK 2.2 without success, but this is expected as per your link.
Any other ideas?
from artifacts-credprovider.
Are you still experiencing issues? Can you try running dotnet restore --interactive without having credentials in your nuget.config or the env var VSS_NUGET_EXTERNAL_FEED_ENDPOINTS? If you have already given credentials via nuget.config or the env var, is --interactive really necessary?
from artifacts-credprovider.
I'm going to close this due to inactivity. Please reopen if this issue is still occuring.
from artifacts-credprovider.
Hi @alexmullans could you guide me please for a documentation where I can implement dotnet restore --interactivice for CI/CD with restore nuggets from private TFS packager ? And also in automatic way, so we don't have the add the password every time or once a month
Right now I'm facing the same issue like @stephan7878. My workaround which I don't agree with, and trying to change is that we are building and restore de packages in TFS Build (not docker) and after copy in the docker image.
from artifacts-credprovider.
@alexmullans It still isn't prompting for me with:
- Azure DevOps Server 2019
- dotnet v2.2.203
- artifacts-credprovider v0.1.15
- OS: Windows Server 2012 R2
Manually setting the env variable VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
is working for me, but it's not user friendly as the dotnet documenation mentions the --interactive
flag for this use case.
Could you reopen this issue?
from artifacts-credprovider.
I have the same problem, dotnet restore --interactive does not trigger login for on-premise tfs/azure devops server nuget feeds. It does trigger for cloud azure devops nuget feeds.
Please advice. Is the credential provider actually supposed to work with on-premise tfs/azure devops? If not, how do we use on-premise nuget feeds with dotnet restore in a user friendly way (ie not putting a json object in environment variables)? And also could this be reflected in the docs somewhere if it is in fact not supported? I can't find any information on this.
from artifacts-credprovider.
@shubham90 what do you mean closing due to inactivity? We are waiting for clarification on the credential helper working with azure devops on premise or not. There's been zero answer.
from artifacts-credprovider.
@Mobrockers I apologize for closing this. I missed the fact that this issue is talking about on premise scenario. Hosted ones had a similar bug which got fixed with .NET sdks latest release.
After a quick glance at the code, it looks like --interactive won't work with onprem because it looks for source patterns which are meaningful only for hosted urls. I will change the title of this issue to mention onprem and create an internal bug which fixes this issue.
Meanwhile, the only solution today is to use the environment variable VSS_NUGET_EXTERNAL_FEED_ENDPOINTS to give source and credentials which triggers a separate code path. I am sorry for this inconvenience.
from artifacts-credprovider.
@shubham90 thank you for reopening and filing a bug internally!
from artifacts-credprovider.
Hello, for whos having this problem, maybe you can try this solution -> #63
OMG, THAT WORKED! Weeks have been lost, until this moment. Thank you so much!!!!
from artifacts-credprovider.
@totollygeek specifically what worked for you? i'm still having the same issue :(
from artifacts-credprovider.
This appears to be resolved as per the comments. Please let us know if this is still an existing issue!
from artifacts-credprovider.
@herenhuang No I don't think the actual original problem has been solved, everything here so far has been a workaround using non-interactive authentication.
The actual issue is that interactive login doesn't work on-premises.
As you can see in this post: #45 (comment)
@shubham90 filed an internal issue to fix this problem. There has not yet been any answer on if the actual issue is fixed. The problem has not been fixed.
from artifacts-credprovider.
Alright thanks.
from artifacts-credprovider.
I'm finding that --interactive
does not work for private packages on Azure Devops, either.
PS D:\Dev\sample-func\SampleFunc> dotnet add package --interactive Microsoft.Azure.SignalR.Management
Determining projects to restore...
Writing C:\Users\ThisGuy\AppData\Local\Temp\tmpC2A0.tmp
info : Adding PackageReference for package 'Microsoft.Azure.SignalR.Management' into project 'D:\Dev\sample-func\SampleFunc\SampleFunc.csproj'.
info : CACHE https://api.nuget.org/v3/registration5-gz-semver2/microsoft.azure.signalr.management/index.json
info : GET https://pkgs.dev.azure.com/<removed>/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json
info : GET https://<removed>.pkgs.visualstudio.com/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json
info : Unauthorized https://<removed>.pkgs.visualstudio.com/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json 272ms
info : Unauthorized https://pkgs.dev.azure.com/<removed>/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json 275ms
error: Response status code does not indicate success: 401 (Unauthorized).
I am on NuGet Command Line 5.8.0.6930
and dotnet 5.0.1.02
from artifacts-credprovider.
Related Issues (20)
- README: Linux one-line Credential Provider installer script does not work HOT 1
- Broken when referencing a Nuget package in F# interactive HOT 17
- Nu
- Azure Artifacts Credential provider failing to start HOT 6
- NullReferenceException in v1.0.9 HOT 3
- Azure Devops: gzip: stdin: unexpected end of file HOT 3
- Problem starting the plugin - Broken Pipe HOT 1
- How to do enhanced debugging? HOT 1
- Issue authenticating to Azure Artifacts via Python behind firewall decryption HOT 1
- Use Windows authentication context from in WSL HOT 6
- System.Security.Cryptography.CryptographicException on remote connections HOT 9
- The last Create 1.1.0 release Build Failed. When v1.1.0 will be released? HOT 6
- The messages logged by the credential providers are not localized. HOT 3
- Inconsistent account selection modal behavior across operating systems HOT 3
- MsalInteractiveTokenProvider breaks if no console window handle available HOT 4
- Artifacts Conda Remove SDK Dependency HOT 2
- Credential provider is not working on new laptop HOT 4
- `JsonException` with Release `1.1.0` when using `VSS_NUGET_EXTERNAL_FEED_ENDPOINTS` HOT 4
- dotnet list <SOLUTION> package --vulnerable/--outdated/--deprecated fails with Azure Artifacts Credential Provider HOT 7
- Are the Requirements Correct? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from artifacts-credprovider.