I am able to push nuget packages to Artifactory using dotnet nuget push %WORKSPACE%\NuGetPackages\*.nupkg --source <url> --api-key <username>:<encrypted password>. However, I would like push using a API key or an access token, but I receive 403 Forbidden trying to do so. Is it possible to get this working?
NuGet protocol expects the API key to be username:password. You can use the Artifactory API key instead of the password, but you still have to provide the username, as described as a fourth option in the API docs.
Related
I am new to GitHub and I have created a ACTIONS in GitHub Enterprise 3.7 to publish the package to GitHub Package.
But the job failed with log as below:
I have setup the Repository Token as shown below:
The value of Token I have retrieved from here
and assign to value for REPOSITORY secret NPM_TOKEN
However, it just said the TOKEN cannot be authenticate. Any idea where I doing wrong?
***Add on - The ACTIONS will run success if I assign the TOKEN value where I get from my GitHub Access token (Setup in GitHub.com but not GitHub Enterprise), ACTION will run success. However, the published package will only show in my GitHub but not in my GitHub Enterprise.
GitHub Enterprise Account will not able to see that Published Package.
I am trying to publish a NuGet package to a NuGet feed I created in Azure Devops. I have experience in doing these kind of things (I published on NuGet.org) but for some reason I do not understand, it is not working when I try to do this for my employer.
When I click "Connect To Feed", I see this explanation:
This clearly shows where to put my package path and where to put the source. However, it does not show where to put the API key I generated.
But I gave it a try and typed (after generating the package file):
dotnet nuget push --source "Test" --api-key az ClassLibrary1.1.0.0.nupkg
This was not working (401)
I really do not understand this part of the explanation: "API Key (any string will do)". Why possibly "any string will do". I need a valid API key.... Not "any string".
After that I tried to publish in way I have good experience with (when publishing nuget.org public nuget packages). In this statement, the source and key are clearly specified.
Here is how I did it:
Also that does not work. I got a 401 again.
My API key that should give me access (and thus prevents a 401) should be fine. This is how I generated the API key:
Most likely, there is something wrong with the way I specified my API key, not with the API key itself. So how do I specify it correctly in my command-line statement in order to successfully publish my package?
There are a few steps you'll have to take before you can push to your NuGet feed locally:
Install the Azure Artifact Credential Provider: https://go.microsoft.com/fwlink/?linkid=2099625
Run dotnet restore --interactive, this will prompt you for credentials
Run dotnet nuget push --source "BackgroundJobs" --api-key anyapikey <package-path>
Note: You can use any API key.
We have an Angular project in an Azure repo that references another private Azure project/Repo in the packages.json file under dependencies. The project builds fine locally for all developers, but fails in the Azure Pipeline with Authentication failed. What is the correct way to pull code from a private Azure repo into another projects build pipeline?
I changed the access protocol from ssh to https and have done a lot of reading about how to accomplish this. I have read about the personal access tokens, but this doesn't seem like a good solution.
"core-js": "^2.5.4",
"xxx": "git+https://xxx#dev.azure.com/xxx/xxx#master",
"date-fns": "^1.30.1",
Note: The error is saying fatal: Authentication failed for 'https://dev.azure.com/..., which doesn't include the provided username in the dependency url.
Agree with yours. I also think that using PAT token is not a security way, because it does not expose the token exactly.
If you want to use SSH, you need first sure that the repos you want to install has a package.json at root.
And then, generate a pair of public/private key with the command: vssh-keygen -t rsa. After that, you can follow this doc: Use SSH key authentication to install them into your org.
Clone the repos with SSH, and this will make your client accept the fingerprint expressed by the server. Then, go repos page, get the SSH URI to cloning your repos and add it into the dependencies section of your package.json file:
"dependencies": {
"testproj": "git+ssh://account#ssh.visualstudio.com:v3/{org name}/{project name}/{repos name}"
}
When pushing I see this:
nuget push blah.1.0.0.nupkg -source repo
WARNING: No API Key was provided and no API Key could be found for 'https://meeee.jfrog.io/meeee/api/nuget/repo'. To save an API Key for a source use the 'setApiKey' command.
Pushing blah.1.0.0.nupkg to 'https://meeee.jfrog.io/meeeee/api/nuget/repo'...
PUT https://meeee.jfrog.io/meeee/api/nuget/repo/
Created https://meeee.jfrog.io/meeee/api/nuget/repo/ 8585ms
Still works and it has to be using the API key because otherwise I'd get access denied - so I'm not sure what it's warning me about. Maybe because I don't have a default machine wide API key? I had to add the nuget source with user name and password because nuget is a mess and won't pull the default API key for it without setting it for each source.
Also I noticed even if I upload the same exact package a bunch of times in a row it still uploads it - I thought maybe Artifactory would see it was the same and not upload or tell me that?
You probably have your credentials specified in your nuget.config file for repo to authenticate.
To get rid of the warning, simply specify a dummy API key using --api-key 0 in your request.
The warning went away for me after using the following nuget command:
nuget setapikey YOUR_API_KEY -source YOUR_SOURCE_NAME
Is anyone else having an issue gedmo/doctrine-extensions installing via composer?
The repository is public so I am not sure why it's saying it is a private repo
Cloning failed using an ssh key for authentication, enter your GitHub credentials to access private repos
Head to https://github.com/settings/tokens/new?scopes=repo&description=Composer+on+computername+2015-09-04+1040
to retrieve a token. It will be stored in "/location/.composer/auth.json" for future use by Composer.
Token (hidden):
In short: you are hitting the API rate limit, because you don't auth against it.
The Github API has a very low rate limit, so if you install lots of packages it will at some point fail and ask you for your login/password.
If you prefer to not provide your GitHub credentials to Composer, you can manually create a token using the following procedure:
Create an OAuth token on GitHub (https://github.com/blog/1509-personal-api-tokens).
Add it to the configuration running composer config -g github-oauth.github.com <oauthtoken>
Now Composer should install/update without asking for authentication.
git install your system
close cmd (command promt)