Publish Powershell module to bintray nuget repo - powershell

I created a nuget repository in bintray and I'd like to publish a Powershell module. I've created a package in Bintray and added a version.
First, I added the repository:
Register-PSRepository -Name "Bintray" -SourceLocation "https://api.bintray.com/nuget/{organization}/{repository}" -PublishLocation "https://api.bintray.com/nuget/{organization}/{repository}" -InstallationPolicy Trusted
Then, I try to publish:
Publish-Module -Path . -Repository "Bintray" -NugetApiKey {MyApiKey}
Publish-PSArtifactUtility : Failed to publish module 'MyModule': 'Response status code does not indicate success: 401 (Unauthorized)'
I've checked my API key, my user is a "member" and members have "Publish" rights on the repository. There are no restrictions on the repository. The name of the package in Bintray matches the name of the module I'm trying to publish.
I've also tried appending -Credential {UserName} to the publish command, and entering my password when prompted. The result is always the same.
What did I miss? How can I publish a Powershell module to a Bintray nuget repo?
Editing to update: when I try with the bintry account admin, I instead get error 405 "Not Allowed". This is true using PowerShell Publish-Module and calling nuget directly. curl gives me a 400 error: "Error occurred while uploading", as does bintray-cli. The web UI gives a generic error message.
This article says it works with Artifactory; and jfrog calls bintray a "full fledged nuget repository". So why doesn't this work?

After properly specifying the authentication information and URLs, I landed with the 400 / 405 error detailed in the question edit ("Error occurred while uploading").
We determined that the failure was caused by the <tags> element in the package .nuspec file exceeding 1024 characters. This is not a published limitation, or an inherent limitation of the format (nuget.org advertises that they support a maximum of 4000 characters). Removing or truncating the tags allows the package to be uploaded to bintray.

Just to clarify, the only docs available from JFrog are here, and don't help very much:
https://jfrog.com/knowledge-base/how-to-work-with-powershell-modules-and-nuget-repository-in-artifactory/
We were able to create a nuget repository in bintray and tried using the equivalent URLs from bintray as opposed to artifactory without success. We really need something suitable to publish externally to customers (bintray) as opposed to internal artifact management (artifactory) in this case.

Related

How to specify an API Key when publishing to a private nuget source in Azure Devops?

I am trying to publish a NuGet package to a NuGet feed I created in Azure Devops. I have experience in doing these kind of things (I published on NuGet.org) but for some reason I do not understand, it is not working when I try to do this for my employer.
When I click "Connect To Feed", I see this explanation:
This clearly shows where to put my package path and where to put the source. However, it does not show where to put the API key I generated.
But I gave it a try and typed (after generating the package file):
dotnet nuget push --source "Test" --api-key az ClassLibrary1.1.0.0.nupkg
This was not working (401)
I really do not understand this part of the explanation: "API Key (any string will do)". Why possibly "any string will do". I need a valid API key.... Not "any string".
After that I tried to publish in way I have good experience with (when publishing nuget.org public nuget packages). In this statement, the source and key are clearly specified.
Here is how I did it:
Also that does not work. I got a 401 again.
My API key that should give me access (and thus prevents a 401) should be fine. This is how I generated the API key:
Most likely, there is something wrong with the way I specified my API key, not with the API key itself. So how do I specify it correctly in my command-line statement in order to successfully publish my package?
There are a few steps you'll have to take before you can push to your NuGet feed locally:
Install the Azure Artifact Credential Provider: https://go.microsoft.com/fwlink/?linkid=2099625
Run dotnet restore --interactive, this will prompt you for credentials
Run dotnet nuget push --source "BackgroundJobs" --api-key anyapikey <package-path>
Note: You can use any API key.

Nuget login errors with Jenkins and Artifactory

Running into an issue with Nuget, Jenkins, and Artifactory. Can't seem to get the Jenkins pipeline to recognize the Nuget configuration
What is working:
login to artifactory with the account I'm trying to read with.
view the repository and artifacts I am trying to access.
use the nuget command line to access the repository and put in username and password when prompted.
Now when the same process is put in a Jenkins pipeline, I get the following:
"The remote server indicated that the previous request was forbidden. Please provide credentials for **https://host.domain/artifactory/api/nuget/v3/repo**"
Here is how I setup nuget:
nuget.exe sources Add -Name Artifactory -Source https://host.domain/artifactory/api/nuget/v3/repo -username <username> -password <password>
nuget.exe setapikey <username>:<password> -Source Artifactory
Even adding the two lines above result in the same error
Had similar error. Nuget.Config was good, everything looked (and was) correctly set up. Turned out nuget was using a CredentialProvider exe from VS2019 which overrode my config settings.
Renamed that exe and everything works as expected.
to check if you are having the same issue, try running:
nuget list -Source YourArtifactory -verbosity detailed
If it mentions any Credential Providers and their errors - this could be the reason.
In Artifactory repository button "Set Me Up".
This is how to step by step.

Nuget Push always returning 404 (Not Found)

I've tried to publish a nuget package to my GitHub Packages account but in all cases I'm having the 404 error.
I've followed as requested on the GitHub's site:
nuget source Add -Name "GitHub" -Source "https://nuget.pkg.github.com/[MyAccount]/index.json" -UserName [MyUserName] -Password GH_TOKEN
It throwed me an error saying to add an api key.
So I created a Personal Access Token and set the api key:
nuget setapikey [MY_PAT_TOKEN] -Source "https://nuget.pkg.github.com/[MyAccount]/index.json"
But when trying to push again I had:
"Your request could not be authenticated by the GitHub Packages
service. Please ensure your access token is valid and has the
appropriate scopes configured."
So I created another token with the necessary scopes:
- read:packages
- write:packages
- delete:packages
- repo
I deleted the source and the api key and started the steps above again, with the new token, but I had the 404 error, saying that the source was not found.
So I've tried a lot of options... changing package name, changing source name, and a bunch of other things, but with the same result.
So I read this on the GitHub's website:
"When you publish a package, by default GitHub Packages uses the
package name to determine the GitHub repository containing the
package. For example, a package named odata-client would be published
to the OWNER/odata-client repository. If you would like to change the
repository containing the package, or publish multiple packages to the
same repository, you can include the URL to the GitHub repository in
the repository field of the package's .nuspec file."
As I'm using .NET Core 3.0 so I changed the csproj including:
<RepositoryUrl>https://nuget.pkg.github.com/[MyAccount]/Common</RepositoryUrl>
<RepositoryType>git</RepositoryType>
But this time I had a 400 (Bad Request)
And I tired some variations for the above url: ending with index.json, ending without index.json, ending with common, etc... But always have Bad Request error.
So I deleted this configurations and tryied again: 404 (Not Found)
I don't know what to do any more. There are someone that can help me with that? What am I doing wrong? It lacks some configuration?
I had same issue. For me it was wrong Repository Url in nuget package. I would advise you to check that RepositoryUrl is set and it is a valid url of existing repo.
I have been fixed the same error setting my repository URL:
<PropertyGroup>
<!--Others configurations values-->
<RepositoryUrl>https://github.com/GITUSERNAME/REPOSITORY-PATH**</RepositoryUrl>
</PropertyGroup>
I am using dotnet core and setting this configuration in .csproj
I had the same issue, my solution was to give all "Repo" permissions to the token.
PS: my Repo was private
I had the exact same issue and struggled with it alot.
I ended up using some of your pointers - adding
to my .nuspec and packed the project again.
This helped and pushing to github worked.
Please try packing your project again.

AppVeyor NuGet Restore failing to connect to private account repo

I am attempting to restore packages that I've uploaded to my AppVeyor account NuGet feed, yet it is failing to connect to the feed during the build.
In my appveyor.yml file I have:-
nuget:
account_feed: true
And I have confirmed that the account feed mentioned in the logs is the correct URL for my account feed.
I have also opened that feed by connecting to it using Visual Studio and entering my account credentials. When doing that, I have confirmed that the packages I'm trying to restore exist as expected.
However the build fails with this in the logs:-
https://ci.appveyor.com/nuget/xxxxxxxxxx-yyyyyyyyyyyy: Unable to load the service index for source https://ci.appveyor.com/nuget/xxxxxxxxxx-yyyyyyyyyyyy.
The HTTP request to 'GET https://ci.appveyor.com/nuget/xxxxxxxxxx-yyyyyyyyyyyy' has timed out after 100000ms.
NuGet Config files used:
C:\projects\MyProjectName\Source\NuGet.Config
C:\Users\appveyor\AppData\Roaming\NuGet\NuGet.Config
C:\ProgramData\nuget\Config\Microsoft.VisualStudio.Offline.config
C:\ProgramData\nuget\Config\ServiceFabricSDK.config
Feeds used:
C:\Users\appveyor\.nuget\packages\
https://www.nuget.org/api/v2
https://A-CUSTOM-EXTERNAL-NUGET-FEED-I-ALSO-ACCESS/nuget
https://ci.appveyor.com/nuget/xxxxxxxxxx-yyyyyyyyyyyy
C:\Program Files (x86)\Microsoft SDKs\NuGetPackages\
C:\Program Files\Microsoft SDKs\Service Fabric\packages\
Note: The custom external NuGet feed should be unrelated. I have other packages that successfully restore from there before my build breaks with the private account repo attempt.
Is there something I'm missing that will allow me to connect to my AppVeyor account NuGet repo for the restoring of a package?
Could it have anything to do with the package itself?
AppVeyor has made some changes not allowing you to implicitly include your private account NuGet repository for public code respositories.
As in #ilyaf's answer, the discussion here confirms this, and says the following is the reason.
In previous implementation having this enabled and working for public
project was a vulnerability rather than a feature because on your
account feed you can have NuGet packages from both public and private
projects and anyone submitting PR to public build would have been able
to grab private packages from your account feed. It's fixed now.
So to still get this working, as mentioned in #Feodor Fitsner's comment, you need to configure a new nuget source mentioning your account's NuGet repo.
Here's what you need to do.
Go to the Project in AppVeyor that you're trying to build and select the Settings for that project. On the 'Environments' settings tab, add two new Environment Variables:-
'nuget_user'
'nuget_password'
...placing your AppVeyor credentials in the values for each of those.
In your appveyor.yml, add a new NuGet source under the install node.
install:
- nuget sources add -Name MyAccountFeed -Source <feed-url> -UserName %nuget_user% -Password %nuget_password%
...where <feed-url> is your NuGet feed URL.
Note: These two steps are defined in steps 2 and 3 or this doc.
https://www.appveyor.com/docs/nuget/#configuring-external-private-nuget-feed-for-your-builds
Now, ensure that you have account_feed and project_feed off for your build (otherwise the build will complain that there are duplicate feeds).
Do this by either deleting the following:-
nuget: account_feed:
OR ensure you have
nuget:
account_feed: false
project_feed: false
Your project should now build correctly, retrieving your NuGet packages from your NuGet account.
This, however, may be a workaround to what AppVeyor were trying to initially block with their change.
Please take a look at this discussion.

Nuget with Artifactory. Key not valid for use in specified state

I am using Artifactory as NuGet repository to store all the nuget packages.
When we use this Artifactory link as source, the package Manager in Visual Studio prompts for credentials and worked very fine.
As soon as we moved to build machine (with out VS) and try to build application it is throwing error :
.nuget\NuGet.targets(100,9): error : Key not valid for use in
specified state.
I added source with -user -password and put config at local user location. I tried with ClearText password and encrypted password both are throwing same error.
Am I missing anything here? Please advice.
I believe the error isn't related to Artifactory.
The issue NuGet reports is related with encrypting/decrypting user credentials in nuget.config files.
I encountered the error when I tried to set apiKey for a repo:
NuGet setapikey user:pwd -Config .\NuGet.test.Config -Source .\packages
NuGet reported "Key not valid for use in specified state".
I had NuGet.config file located near NuGet.test.Config. That nuget.config contained packageSourceCredentials section with credentials of other user (than one which was passed to setapikey).
After I remove that credentials from nuget.config the error gone.
Please check Nuget.Config in %AppData%\NuGet
You may want re-create it in order to resolve the issue.
FYI, I had the same problem with my build agent, the issue is resolved by removing "nuget.config" in "C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\NuGet"
I encountered the same error when I logged into Windows using a new user account (story: our network admin at our company had removed our users due to an infection by a ransomware and created a new user account for each of us).
We have a local nuget server at our company (created using free Nuget Server).
As #Jinsoo stated, I needed to remove the nuget settings in Nuget.Config (at %AppData%/Roaming/Nuget folder) and set again the apikey for our nuget source using such a command:
nuget setApiKey abcdefghijklmn -Source http://www.our-company-nuget-server.com/nuget
After that I was able again to issue 'nuget push' commands.
Got this issue in TeamCity after adding a global nuget config to the build servers.
Had to change to a newer version of nuget.exe in the build configs, as the old version probably could not cope with some setting in the nuget config.
I had the same problem.
For me the problem could be resolved by simply putting a dotnet restore task in front of the dotnet build task.
In the dotnet restore task I could then specify my feed. With just the dotnet build task it tried to restore nugets with the NuGet.conf file and the local logins, which is more error prone.
It seems that NuGet setapikey encrypts the credentials using the currently-logged-on-user's private key. Therefore, only that user can use these encrypted credentials. If a different user (a service account for CI/CD etc.) tries, they get Key not valid for use in specified state.