I try to learn Github action and packages. So, I create a sample nuget package and successfully created. However I could not use it.
I follow this step;
Options > Nuget Package Manager > Package Sources
Click add button write organization name and add package source address like that:
After that Visual Studio doesn't ask me any credential for this address.
If there is no credential, I will expect to an error. And I got it.
[github] Failed to retrieve metadata from source 'https://nuget.pkg.github.com/[OrganizationName]/query?q=&skip=0&take=26&prerelease=false&semVerLevel=2.0.0'.
Response status code does not indicate success: 401 (Unauthorized).
Then, I decide to some credential like explained in github documentation.
My nuget.config file:
However still I get Unauthorized error. And also when I click the error link gettin a message like that:
{"errors":[{"code":"Your token has not been granted the required
scopes to execute this query. The 'id' field requires one of the
following scopes","message":" ['read:packages'], but your token has
only been granted the: [''] scopes. Please modify your token's scopes
at: https://github.com/settings/tokens."}]}
but I already have a token with read/write package credential.
All that fails and I try to another way. I add credential information to Windows Credential Manager. Eveything still same.
So, how I add and use my private nuget packages?
How to use github nuget packages on Visual Studio 2019
First, make sure that your credential info is correct on the nuget.config file.
I found your document suggest you should put a new nuget.config file to your solution. This nuget.config file is a local action file, it will act on any projects in the current subdirectory and below the current level. You can refer to this document.
In this way, you should restart VS Instance to enable this new nuget.config file.
-------Global nuget.config--------
However, from your description and first picture, you used the global nuget.config file. And UI's info stores under global nuget.config file.
If you want to config this gihub package source for all the projects on your PC, you should config it on the global nuget.config file.
And the first picture which you provided indicates that you used in the global file(C:\Users\xxx(current user)\AppData\Roaming\NuGet\NuGet.Config).
This function also needs restart VS to enable the new nuget.config file.
Suggestion
please add your content of the file into C:\Users\xxx(current user)\AppData\Roaming\NuGet\NuGet.Config.
restart VS Instance or restart PC to enable this new nuget.config file. It is designed by that.
It is not an easy task, but here is the solution (after 2 days of struggling)
First generate PAT (Personal Access Token) in Github
Follow these steps to generate a PAT
Very important to select the read:packages options
Github will show you the PAT for ONLY ONE TIME, So make sure to copy it to save place, otherwise, you have to generate it again
Now with PAT in your hand, Add Nuget.Config file to your project
The content of the file should be like following
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear />
<add key="github" value="https://nuget.pkg.github.com/OWNER/index.json" />
</packageSources>
<packageSourceCredentials>
<github>
<add key="Username" value="USERNAME" />
<add key="ClearTextPassword" value="TOKEN" />
</github>
</packageSourceCredentials>
</configuration>
You must replace:
USERNAME with the name of your user account on GitHub.
TOKEN with your personal access token (the token you generated in Step 1).
OWNER with the name of the user or organization account that owns the repository containing your project.
You must restart Visual Studio or even Restart the PC This is important
After that open the Terminal and copy and paste (maybe with some modifications) the statement that Github give to you to install the package
Now you are ready to get the Package.
UPDATE
How to configure github nuget packages for teams?
Configure the nuget.config using environment variables:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="NuGet official package source" value="https://api.nuget.org/v3/index.json" />
<add key="Github" value="https://nuget.pkg.github.com/OWNER/index.json" />
</packageSources>
<packageSourceCredentials>
<Github>
<add key="Username" value="%GITHUB_PACKAGE_USER_NAME%" />
<add key="ClearTextPassword" value="%GITHUB_PACKAGE_TOKEN%" />
</Github>
</packageSourceCredentials>
</configuration>
The GITHUB_PACKAGE_USER_NAME and GITHUB_PACKAGE_TOKEN can be anything you want.
Now, each team member should configure their user environment variables:
GITHUB_PACKAGE_USER_NAME: team member github user name
GITHUB_PACKAGE_TOKEN: team member Personal Access Token (PAT)
With those configurations, Visual Studio will be able to query and download packages, assuming the team member has access to the OWNER package repository.
How to restore github nuget packages in github actions workflows?
With the previous NuGet.config configured, you need to change your workflow passing the required environment variables, like so:
- name: Restore dependencies
env:
GITHUB_PACKAGE_USER_NAME: ${{ github.actor }}
GITHUB_PACKAGE_TOKEN: ${{ secrets.RESTORE_ORGANIZATION_PACKAGES }}
run: dotnet restore ./src
Since you can't pass your PAT, you need to configure a github secret (either for the repository or the organization). In the above example, I created a secret named RESTORE_ORGANIZATION_PACKAGES with read:packages permission at the repository level.
I just faced this problem today with VS 19.
When adding a new source for Nuget packages as shown below, i got prompted a first time for User and Password
Add nuget package source
I did the mistake of entering my github password as password. Instead you should create a token under your github settings as shown below and enter the token itself instead of your account's password.
Generate token
In my case, I selected the following options when creating the token
Token options
VS 19 unfortunately did not prompt another time for credentials and kept showing the error message:
[github] Failed to retrieve metadata from source ... .Response status code does not indicate success: 401 (Unauthorized).
To change this parameters on Windows, open Control Panel\User Accounts\Credential Manager as shown below:
Web credentials
Click on Edit, and paste the access token you just created on github as password. Scroll down the list of credentials. In my case, I needed to change the password in a second place as well.
Second web credentials
Related
I tried to follow the best practices by using a single feed from the client. So I've setup a Nuget.config file with a single entry to my feed, with a <clear/> tag as stated in the doc.
On the devops server side, I've set up the feed with an Upstream source to the public Nuget Gallery (in order to cache, as this sounded nice in case of public package managers outages.
When I directly use the nuget.exe client on any machine, I can install any nuget.org package in any case. But at build time, when a public package isn't already in my serve's upstream cache, it won't be found by the build agent... (it seems that in this case, the upstreams isn't been used to feed the cache).
Is this normal? Is it limited to already cached packages at build time?
In our develoment team, we are used to add nuget packages through the VS UI (right click project "manage nuget packages"). In this mode, we can not see those upstreams packages, so we toggle the source to nuget directly at dev time.
The solutions that I found could be either:
to add a second entry to the Nuget.config to declare nuget.org for build (but we loose the caching capability)
to systematically use the command line nuget.exe to install the packages at development time?
What did I miss? Do you have any other ideas/solutions?
EDIT: it seems that it failed due to the following error:
BTW: I'm quite new to Azure Devops (using an on premise version "Dev18.M170.6").
Is this normal? Is it limited to already cached packages at build time?
This is not normal. It is not limited to the cached packages at build time.
For example, I create a new test feed with enable Upstream source to the public Nuget Gallery:
Now only a few packages I tested before are cached, then I add another test package log4net and restore it with my following nuget.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear />
<add key="NewFeed" value="https://pkgs.dev.azure.com/<MyOrgName>/_packaging/NewFeed/nuget/v3/index.json" />
</packageSources>
<config>
</config>
<packageSourceCredentials>
<NewFeed>
<add key="Username" value="XXX" />
<add key="ClearTextPassword" value="XXX" />
</NewFeed>
</packageSourceCredentials>
</configuration>
The nuget restore result:
The feed result:
So, It is not limited to the cached packages at build time. The reason why this method is invalid for you requires specific analysis of your nuget restore task log.
As a reminder, please check if project Build Services have permission to access your feed:
Feed settings->Permissions->...->Allow Project-scoped build:
In our develoment team, we are used to add nuget packages through the
VS UI (right click project "manage nuget packages"). In this mode, we
can not see those upstreams packages, so we toggle the source to nuget
directly at dev time.
You could add the upstream source nuget.org as nuget scource in Visual Studio, which you could dd nuget packages through the VS UI. When you build the pipeline in Azure devops, nuget will restore the package from the custom feed and cache the package from upstream source:
I'm trying to push and then consume a NuGet package using GitHub packages (documentation here). As a newcomer, after experimenting a bit I managed to push a sample NuGet package to a public GitHub repository.
Yet, I'm missing the final part, i.e. consume the package from some Visual Studio project. When I try to add the package, I first get a "Restoring packages for..." notification, and then the error "Unable to load the service index for source... : The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters".
So, it seems my endpoint for NuGet is not configured as expected, yet I could not find a clear direction about this. To help newbies like me starting with GPR, and detail my procedure so that readers can spot my errors, here is what I learnt until now:
Setup
Before using GPR, you must create a token in your GitHub account.
Creating and Publishing Packages
set the RepositoryUrl and RepositoryType properties in your .csproj file to your target repository URL and git respectively, e.g.:
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<!-- omissis ... -->
<RepositoryUrl>https://github.com/USERNAME/PROJECTNAME</RepositoryUrl>
<RepositoryType>git</RepositoryType>
</PropertyGroup>
</Project>
open the GitHub bash in your project folder, and create the package like this:
dotnet pack NAME.csproj -c Release -p:IncludeSymbols=true -p:SymbolPackageFormat=snupkg
where -c selects the configuration. See creating snupkg for more, and the dotnet pack reference.
open the GitHub bash in your project folder, and publish like this: dotnet nuget push "bin/Release/NAME.1.0.0.nupkg" --source "github".
Note: you first need to register (once) the GPR feed with:
nuget sources add -name "github" -Source https://nuget.pkg.github.com/YOURGITHUBUSERNAME/index.json -Username YOURGITHUBUSERNAME -Password YOURGITHUBTOKEN
If you need to install nuget.exe, download it from https://www.nuget.org/downloads. If you place it e.g. in C:\Exe, you can invoke it from the Windows Git Bash with /c/Exe/nuget.exe.
Also, you need to set the nuget API key:
nuget setapikey YOURGITHUBTOKEN -Source https://nuget.pkg.github.com/YOURGITHUBUSERNAME/index.json
This encrypts the key and saves it in a config file under your %APPDATA% folder. e.g. mine ends up in C:\Users\USERNAME\AppData\Roaming\NuGet\NuGet.Config.
Using Packages
documentation
for each client project, add nuget.config to your project: add a nuget.config file in your project folder with a content like this:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear />
<add key="github" value="https://nuget.pkg.github.com/OWNER/index.json" />
</packageSources>
<packageSourceCredentials>
<github>
<add key="Username" value="YOURUSERNAME" />
<add key="ClearTextPassword" value="YOURTOKEN" />
</github>
</packageSourceCredentials>
</configuration>
This comes from the documentation sample. Yet, to avoid storing token in this file, which would be saved in the repo, I rather use a per-user or per-machine NuGet setting (reference): e.g. per-user:
nuget config -set GITHUB_PACKAGES_TOKEN=YOURTOKEN
This saves the setting per-user (the default option). Now, consume it like this (see Setting an environment variable in a NuGet.Config file):
<add key="Password" value="%GITHUB_PACKAGES_TOKEN%" />
to use a package, execute dotnet add YOURPROJECT.csproj package YOURPACKAGE --version YOURPACKAGEVERSION.
Yet, at this last point I get the above error. Where is my NuGet source config wrong?
The documentation for pushing NuGet packages to Github is outdated. The steps that worked for me:
Go to GitHub
Click your avatar (top-right)
Settings
Developer settings
Personal access tokens
Generate
write:packages
read:packages
delete:packages
This will automatically check the repo permissions for your OAuth token
Click Generate token
Open cmd
Navigate to your project directory or the directory containing your NuGet package
Add a new nuget source:
dotnet nuget add source --username [GithubUserName] --password [YourApiKey] --name github https://nuget.pkg.github.com/[UsernameOrOrganizationName]/index.json
Push the package to the github source
dotnet nuget push --source github bin\Release\MyAwesomePackage.1.0.0.nupkg
Verify that the Github API key is not stored inside a Nuget.config file inside your solution before committing your code to source control.
It seems my team mates have turned off their nuget server and gone on holidays.
I need a temporary work around so that my Azure Dev Ops build does not fail when restoring the nuget packages.
I have a local copy of the package at
C:\Users\kirst.nuget\packages\mypackagetemp
Which I want to publish to a temporary feed.
I read the instructions on publishing a package from the command line but am confused about step 6
Surely I dont need to set up the Project and restore packages as I already have the .nupkg
I tried the command
c:\nuget\nuget.exe push -Source "TempFeed" -ApiKey az mypackagetemp.nupkg
but got an error
unable to load the service index for source
https://pkgs.dev.azure.com/mycompany/myproject/_packageing/TempFeed/nuget/v3/index.json
When I repeat the command I get a request for credentials
When I put in the credentials I connect to Azure Dev Ops with they do not work.
[Update]
I was prompted for credentials.. reading up on it... so confusing.
[Update]
I upgraded nuget.exe from 5.1.0.6013 to the latest version 5.4.0.6315 This time I got a UI to log in and the message
Your package was pushed
However when the devops pipeline build runs I het a message
unable to load the service index for source
https://pkgs.dev.azure.com/mycompany/myproject/_packageing/TempFeed/nuget/v3/index.json
I guess I need to create an index.json file somehow.
My project is using a mynuget.config that has the following in the packagesources
<add key="TempPackage" value="https://pkgs.dev.azure.com/mycompany/_packaging/myfeed/nuget" />
[Update]
I changed mynuget.config to have
<add key="TempPackage" value="https://pkgs.dev.azure.com/mycompany/_packaging/myfeed/nuget/v3/index.json" />
Now the dev ops build shows the message
Failed to retrieve information about 'Serilog.Enrichers.Thread'
from remote source
'https://pkgs.dev.azure.com/mycompany/_packaging/myfeed/nuget/FindPackagesById()?id="Serilog.Enrichers.Thread'',
response status code does not indicate success: 404 (Not Found).)
My solution does use Serilog. I don't think the 3rd party package uses it.
[Update]
The next time I built I got a different error looking for WindowsAzure.Storage
I seem to get a different file causing the error each time I build the pipeline.
My project artifacts does have 2 feeds. The needed files are in the unselected feed.
[Update]
I tried editing mynuget.config to use index.json however I get a build error
The nuget command failed with exit code(1) and error(Unable to load
the service index for source
https://pkgs.dev.azure.com/mycompany/_packaging/myfeed/nuget/v3/index.json.
Response status code does not indicate success: 404 (Not Found - The
feed with ID 'MyFeed' doesn't exist
[Update]
Because the new feed was project based I edited mynuget.config to have
<add key="TempPackage" value="https://pkgs.dev.azure.com/mycompany/myproject/_packaging/myfeed/nuget/v3/index.json" />
Now it works!
In Azure Devops web portal, for your current project, go Artifacts tab and make sure your packages like mypackagetemp.nupkg are available there.
For me, I have custom LibraryCore.nupkg pushed there. Now let's click the Connect to feed settings, choose nuget.exe and you can see:
Copy exactly same content to your own mynuget.config file. Then your build pipeline can access your published mypackagetemp.nupkg.
Failed to retrieve information about 'Serilog.Enrichers.Thread' from
remote source
'https://pkgs.dev.azure.com/mycompany/_packaging/myfeed/nuget/FindPackagesById()?id="Serilog.Enrichers.Thread'',
response status code does not indicate success: 404 (Not Found).)
The next time I built I got a different error looking for
WindowsAzure.Storage
These packages(Serilog.Enrichers.Thread,WindowsAzure.Storage and ...) are all available in nuget.org, so you should also make sure you've add nuget.org as package source in your config file:
In addition:
According to your description, you only need to use your custom devops feed and other packages from nuget.org, apart from using your mynuget.config, you could configure your nuget restore task like this:
Choose devops feed directly(second red line) by Feeds I select here instead of Feeds in my Nuget.config. And check the Use packages from nuget.org checkbox. Then you can access the packages in custom feed and nuget.org during build.
I have a VS2017 solution with a private nuget repository. As a repository, I'm using a simple file share (protected via username/password). I've placed the NuGet.Config file in solution root (so that not every developer has to add the private repository manually).
I've added my private repository via the following command:
nuget.exe sources Add -Name mySource -UserName user -Password secret -Configfile C:\MySolutionDirectory\NuGet.Config
When opening the NuGet.Config file I see a <packageSourceCredentials> element (as described on msdn) with the correct username and the password in encrypted form.
When I perform a fresh checkout and build the solution via VS 2017 the nuget package manager can't connect to the given file share. If I open the file share in the Windows Explorer and enter the credentials manually, building the solution via VS2017 works.
Does anyone know if nuget supports authentication for a file share?
I have OpenShift set up to build a ASP.NET Core application. I've succeeded in configuring OpenShift so it pulls in the latest source code. I see in the logs that it starts to build, but it immediately stops on the restore step.
OpenShift doesn't have access to our private NuGet feeds.
I know I can add credentials to the NuGet.config file, but that would mean committing sensitive information to the repository, which we don't want.
I've tried adding Input Secrets, as mentioned in the docs. I did this by creating a secret that contains the NuGet.config contents and adding the secret to my BuildConfig. I still get the same error (a HTTP 401).
Can I somehow tell OpenShift how to connect to the private NuGet feeds? Maybe using the secrets feature perhaps?
In the case of nuget configuration, you will need to specify where the NuGet.Config build input secret gets mounted into. This can be done by setting the destinationDir parameter to a valid configuration location.
As for being able to add the config file in your repository itself, you can do this by making use of environment variable references in the config, for example <add key="ClearTextPassword" value="%NUGET_REPO_PASSWORD%" />. The NUGET_REPO_PASSWORD environment variable can then be configured in your build configuration and value referenced from an OpenShift secret.
Hope this gets you going. If all else fails, you can definitely override the s2i assemble script with your own by adding an executable script at .s2i/bin/assemble of your project repository.