Does Google artifact registry support generic package format? - google-artifact-registry

Jfrog artifactory supports a repository, where in we can save an artifact of any generic type i.e. of any file extension. Does google artifact registry also support such kind of repository creation?

Artifact Repository doesn't support generic repositories, but you could use Google Cloud Storage buckets for this instead.

Related

Find used deprecated Nuget packages in Azure DevOps Git repositories

We are using Azure DevOps as source code management system.
I am searching for a tool which scans the git repositories and searches for used deprecated Nuget packages inside those repositories.
Does anybody know such a tool or is there any other way to find those packages easily without checking each repository by hand?

Manually upload symbols to Azure DevOps

We are running an Azure DevOps Server on premise.
We use the git repos and the artifacts nuget feed for our project.
Currently we do our builds (for the nugets) manually without the pipelines and upload the nugets later.
If we would use the pipelines the "Index sources and publish symbols" task would place the symbols to a file share.
So I have two questions:
Is there a way to upload the symbols manually (e.g. via CLI like we can with the nugets)?
Anywhere a documentation how the URL of the file share would look like on an on premise server? All examples I found so far only show dev.azure.com
Is there a way to upload the symbols manually (e.g. via CLI like we can with the nugets)?
The answer is yes.
You could use the push both primary and symbol packages at the same time using the below command. Both .nupkg and .snupkg files need to be present in the current folder:
nuget push MyPackage.nupkg -source
And publish to a different symbol repository, or to push a legacy symbol package that doesn't follow the naming convention, use the -Source option:
nuget push MyPackage.symbols.nupkg -source https://nuget.smbsrc.net/
Please refere the document for some more details:
Publishing a symbol package
Publishing a legacy symbol package
Anywhere a documentation how the URL of the file share would look like
on an on premise server?
You could check the document Index Sources & Publish Symbols task:

Automate mirroring GitHub to GCP Source Repository?

We run Google Cloud Functions (python), which require to be deployed from Google Cloud Source Repository. Since all the code is stored on GitHub we resort to first mirroring GitHub into Source Repository. Although this only requires a few mouse clicks, it becomes a burden to repeat over 3+ projects (dev, staging, production) times 5+ repos (5+ apps).
I am looking to automate the mirroring config, preferably to add into the Terraform automation we already use, into a hands-off project configuration. Does the Google API support this mirroring automation? So far on my Google Cloud expedition everything was available in their API!
I fail to find Terraform examples though, and would appreciate a tip.
Come to think of it, if I can take Source Repository out of the equation, that would be just fine with me too. After all, I only use it as a pass-through / empty shell.
The Cloud Source Repository API includes a Repo resource that has a Mirror Config object where you could type in your Github's URL, webhook and credentials to automate this procedure. I would initially test it with the create method, but if you have an existing Cloud Source Repository I believe the patch method will also be worth exploring.
Additionally, there is an open Feature Request in order to connect a repository via the Cloud Build GitHub App that I recommend you to star and follow, as it could further ease your automation needs.

Is there an equivalent of GitHib releases in Azure DevOps?

Simply speaking, does Azure Devops have something that works very close to GitHub releases?
I would like to publish artifacts that are created during an Azure DevOps pipeline so that they be easily viewed and downloaded afterwards in a central location. The closest equivalent to what I'm looking for is how GitHub releases work, where there is a web page listing out all the versions of the repository and the assets that can be downloaded for each version.
It seems to me that published artifacts within Azure DevOps pipelines are always tied to the run of the pipeline, and there isn't an easy way to see one list of artifacts that have been created in a historical view like GitHub releases provides, but maybe I'm missing something.
Azure Artifacts does not meet my needs because it is tied to particular packaging formats and is meant to be used for developer tooling.
I would like to publish artifacts that are created during an Azure
DevOps pipeline so that they be easily viewed and downloaded
afterwards in a central location.
As a workaround ,you can switch Artifact publish location to A file share in Publish Pipeline Artifacts task then specify your network drive folder path.
Specifying the path to the file share where you want to copy the files. The path must be a fully-qualified path or a valid path relative to the root directory of your repository. Publishing artifacts from a Linux or macOS agent to a file share is not supported.
Besides, there should be no other built-in hosting, I am afraid that Azure Artifact is the closest to your needs. because it is tied to particular packaging formats you can consider using Universal Packages.

Wouldn't adding DevExpress Nuget authorization key in nuget.config of an OSS .sln project expose the key?

I'm experimenting with the DevExpress.Blazor Controls. Also I like to get my CICD workflow going right from getgo so that any issues crop up sooner rather than later. Since the project is OSS hosted on Github we will be using GitHub actions
To install the DevExpress.Blazor control, I need to add a unique URL as my Nuget Feed
While there is a DevExpress link [https://docs.devexpress.com/GeneralInformation/400604/installation/install-devexpress-controls-using-nuget-packages/integrate-nuget-to-popular-continuous-integration-systems] that lists how to configure various CICD unfortunately Github actions is missing out. The closest approximation is Azure DevOps but it mentions to tag the Nuget Feed in an unencrypted Nuget.config file. This would expose my Authorization Key. Is there any recommended way to ensure this is done in a secure manner?
If you do not want to store the auth key in the NuGet.config file (i.e., in the repository), it is possible to hide unique NuGet feed in Azure DevOps Build pipeline