I have a newly installed Windows 10 machine with the .NET Core SDK 3.0.100. I have a project with it's nuget.config file containing (among other reference) a reference to an Azure Artifacts nuget feed, and i'd like to access credentials to this feed interactively. It's worth to point out that i'd like to use command line to achieve this. My IDE of choice is Jetbrains Rider and not Visual Studio (for this particular question i'm not sure that matters though).
I have downloaded the Azure Artifacts Credential Provider by running a powershell command (Invoke-WebRequest...) and installed it - what seems - successfully. Now I have a nuget plugin on my computer that's supposed to help me retrieve credentials for azure artifact feeds.
What i do expect to work is that running dotnet restore --interactive should prompt me to enter credentials, but it doesnt. It doesnt prompt at all, and just complains that it cannot find the packages.
I've tried this other times too, both on MacOS and Windows with my colleagues, and it always seem to be some problems related to this. Any ideas what i'm doing wrong?
Thanks for your help!
There is another option in case you cannot make dotnet restore --interactive work out of the box when you add the nuget.config file to your project.
You can clear all the nuget local caches.
The easiest way of doing this is using the following command:
dotnet nuget locals all --clear
After some time, when all caches are cleared, you can run dotnet restore --interactive again, and hopefully the Azure Artifacts Credential Provider should show you instructions for authentication through device code.
I'll answer my own question as it might help someone else.
When I tried dotnet restore --configfile .\.nuget\NuGet.Config --interactive it did prompt me. I could login in and everything worked!
I'm not sure why, but it seems that just running dotnet restore --interactive doesn't pick the correct nuget sources - or at least not the ones I have defined in .\.nuget\NuGet.Config in my local project. And therefore the credential provider (obviously) won't prompt me for anything. I haven't found any details on whether this is the expected behaviour or a bug.
With the option posted by #Robson Rocha about clear all the nuget local caches, I could got the credential instructions but nevertheless after authentication I kept getting the error:
warn : The plugin credential provider could not acquire credentials. ...
error: Response status code does not indicate success: 401 (Unauthorized).
I solved the problem in my Windows dev environment creating an Azure Personal Access Token with permissions “Scopes: Custom defined, Packaging: Read” and setting it in the %AppData% Nuget folder:
C:\Users\{UserName}\AppData\Roaming\NuGet\NuGet.Config
nuget.config reference - packageSourceCredentials
<packageSourceCredentials>
<MyPackageSourceKey>
<add key="Username" value="myUserName" />
<add key="ClearTextPassword" value="TheAzurePersonalAccessToken" />
</MyPackageSourceKey>
</packageSourceCredentials>
Because the %AppData% Nuget folder is per user and it is outside of the repo folder, the credentials are kept secure per user and we avoid committing them into the repo.
You may need to install https://github.com/microsoft/artifacts-credprovider#setup then you will be able to use dotnet restore --interactive
As of January 2023 "dotnet restore --interactive" in many cases will not actually show the prompt and silently wait for 90 seconds, then fail to restore. Presumably showing the prompt is done at wrong logging level and hence do not show up on the console.
Workaround: add --verbosity minimal
dotnet restore --interactive --verbosity minimal
Solution obtained from the corresponding issue reported in 2021 - https://github.com/dotnet/sdk/issues/22987
Related
Really confused by all this.
A few days ago I set up a windows azure vm.
I installed the build agent from azure devops
Followed the instructions for installation
and all was working!
Today - for some reason - it is complaining about not being able to read my git password:
Git fetch failed with exit code: 128
Nothing has changed.
No new PAT
No expired PAT
I figured I would remove the agent from the machine and reinstall and configure the agent - which I was kind of hoping wouldnt have worked because I then wouldnt be able to trust it in the future.
Sure enough it didnt work
Does anyone know what might be up?
A bonus question too - does anyone know if there is "just a build image I can use"? Liek the ones Azure uses? I see the repo on github and it has a load of scripts but not sure how you run them. Individually? Is there a master script I just cant see?
Thanks all!
This is the answer to my problem. I have read a lot of only helpful posts and they all point to different issues to the same error message.
It turns out that my ~/.gitconfig had the contents of my known_hosts file.
:|
I dont know how it happened, but it did. I deleted it and the git clone is working!
Thanks Lance and all!
Does anyone know what might be up?
When cloning azure devops repos using cmd.exe in local machine, we can use simple command like git clone URL. The URL comes from Azure Devops Repos=>Clone:
If it's one private azure devops repos, normally in local machine it will display a popup window for authentication. But now since we're running that command in pipeline job, we can't sign in with that popup window.
For this, there're two available choices:
1.git clone https://UserName:Password#dev.azure.com/OrgName/ProjectName/_git/RepoName
Replace username and password with those values after clicking the button. Replace those OrgName,ProjectName,RepoName with your actual ones.
2.Check this, you can also use PAT in that command like: git clone https://anything:{yourPAT}#dev.azure.com/OrgName/ProjectName/_git/RepoName
Replace {yourPAT} with your PAT. Replace those OrgName,ProjectName,RepoName with your actual ones.
In my question here I managed to push one package to my feed, however I now get an Access is denied error.
According to this question I should be prompted for user name and password. This did occur for the package I managed to push, but it no longer occurs.
What do I need to do?
Studying the docs
this issue on Git is relevant
[Update]
Something strange has happened to my folder.
I get the error if I just type Nuget at the dos prompt.
If I create a new folder and extract nugetcredentialprovider.zip into it, then run Nuget I don't get the error
the cli reference
push reference
configuring nuget behaviour
Starting over again with a new installation of credentialsprovider solved the problem.
I accidentally cause the problem again by pasting in a command that started with the directory name
(a cut and paste boo booo)
I need to execute a command line utility from a package that is downloaded as part of nuget package restore in the TFS build process.
On my local computer that is stored in c:\users\me.nuget*
I've tried every permutation of that on TFS without success. I've also tried \mydir\packages with no success as well.
The biggest problem is that I have to run the package restore step before being able to see any sort of feedback from the log. That's some slow debugging.
Any ideas? Thanks ahead.
With the latest nuget/msbuild the packages folder is held under the active user's profile directory, so an appropriate Powershell command is
Get-ChildItem $(UserProfile)\.nuget\packages
This currently evaluates on the VSTS 2017 Hosted build agent to C:\Users\VssAdministrator\.nuget\packages but by using the variable you are insulated from any changes made.
Just an addition to #Paul Hatcher's answer:
I also faced the same problem in Azure DevOps build pipeline where a specific package and nuget packages directory could not be found.
It is a Xamarin.Forms app based on a .net standard library where no packages folder exists. I later noticed in build logs that the packages are restored to nuget folder under user's profile. However this particular case is not documented on https://learn.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=vsts#agent-variables.
That means #Paul Hatcher's answer is also valid if you try to reference nuget package folder directly from your build pipeline. This ($(UserProfile).nuget\packages) should actually be a (standard) predefined build variable.
The Nuget package cache folder is in C:\Users\buildguest.nuget\packages, but it will be cleaned after build if you are using Hosted build server.
The simple way to verify:
Add NuGet restore or .Net Core Restore build step to restore packages
Add PowerShell build step to list files in C:\Users\buildguest.nuget\packages
Code:
Get-ChildItem -Path C:\Users\buildguest\.nuget\packages
Queue build and check the PowerShell step log (the packages’ will be listed in the log)
Remove/disable NuGet restore or .Net Core Restore build step > Save build definition
Queue build
The build will be failed, because the path does not exist.
So, the packages need to be restored before build solution/project if aren’t existing. You can add packages to source control and map to build agent to deal with the issue of too long time takes to restore packages.
I am using Artifactory as NuGet repository to store all the nuget packages.
When we use this Artifactory link as source, the package Manager in Visual Studio prompts for credentials and worked very fine.
As soon as we moved to build machine (with out VS) and try to build application it is throwing error :
.nuget\NuGet.targets(100,9): error : Key not valid for use in
specified state.
I added source with -user -password and put config at local user location. I tried with ClearText password and encrypted password both are throwing same error.
Am I missing anything here? Please advice.
I believe the error isn't related to Artifactory.
The issue NuGet reports is related with encrypting/decrypting user credentials in nuget.config files.
I encountered the error when I tried to set apiKey for a repo:
NuGet setapikey user:pwd -Config .\NuGet.test.Config -Source .\packages
NuGet reported "Key not valid for use in specified state".
I had NuGet.config file located near NuGet.test.Config. That nuget.config contained packageSourceCredentials section with credentials of other user (than one which was passed to setapikey).
After I remove that credentials from nuget.config the error gone.
Please check Nuget.Config in %AppData%\NuGet
You may want re-create it in order to resolve the issue.
FYI, I had the same problem with my build agent, the issue is resolved by removing "nuget.config" in "C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\NuGet"
I encountered the same error when I logged into Windows using a new user account (story: our network admin at our company had removed our users due to an infection by a ransomware and created a new user account for each of us).
We have a local nuget server at our company (created using free Nuget Server).
As #Jinsoo stated, I needed to remove the nuget settings in Nuget.Config (at %AppData%/Roaming/Nuget folder) and set again the apikey for our nuget source using such a command:
nuget setApiKey abcdefghijklmn -Source http://www.our-company-nuget-server.com/nuget
After that I was able again to issue 'nuget push' commands.
Got this issue in TeamCity after adding a global nuget config to the build servers.
Had to change to a newer version of nuget.exe in the build configs, as the old version probably could not cope with some setting in the nuget config.
I had the same problem.
For me the problem could be resolved by simply putting a dotnet restore task in front of the dotnet build task.
In the dotnet restore task I could then specify my feed. With just the dotnet build task it tried to restore nugets with the NuGet.conf file and the local logins, which is more error prone.
It seems that NuGet setapikey encrypts the credentials using the currently-logged-on-user's private key. Therefore, only that user can use these encrypted credentials. If a different user (a service account for CI/CD etc.) tries, they get Key not valid for use in specified state.
I have an MVC4 + EF4.0 .NET 4.5 project (say, MyProject) I'm able to run the project locally just fine. When I FTP deploy it to Azure Websites (not cloud service) it runs fine too. However, if I do a GIT deploy, the site 'runs' for the most part until it does some EF5.0 database operations. I get an exception Unable to load the specified metadata resource.
Upon debugging I noticed that if I:
GIT deploy the entire MVC4 project (as before)
FTP in and then replace bin\MyProject.dll with the bin\MyProject.dll file that I just built locally (Windows 8 x64, VS2012, Oct'12 Azure tools) after the GIT push (i.e. same source)
then the Azure hosted website runs just fine (even the EF5.0 database functionality portion).
The locally built .dll is about 5KB larger than the Azure GIT publish built one and both are 'Release' mode. It's obvious that the project as built after the GIT push (inside Azure) is being built differently than as on my own PC. I checked the portal and it's set to .NET 4.5. I'm also GIT pushing the entire solution folder (with just one project) and not just small bits and pieces.
When I load the locally built as well as the remotely built MyProject.dll files, I noticed the following difference(FrameworkDisplayName)
local: System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5", FrameworkDisplayName = ".NET Framework 4.5"),
remote: System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5", FrameworkDisplayName = ""),
Anyone knows why this is happening and what the fix might be?
Yes, this is a bug that will be fixed in the next release. The good news is that it's possible to work around it today:
First, you need to use a custom deployment script, per this post.
Then you need to change the MSBuild command line in the custom script per this issue.
Credit goes to David above for the pointers and hints. I voted him up but I'll also post the exact solution to the issue here. I've edited my original post because I found there was a major bug that I didn't notice until I started from scratch (moved GIT servers). So here is the entire process, worked for me.
Download Node.JS (it's needed even for .NET projects because the GIT deploy tools use it)
Install the azure-cli tool (open regular command prompt => npm install azure-cli -g)
In the command prompt, cd to the root of your repository (cd \projects\MyRepoRoot)
In there, type azure site deploymentscript --aspWAP PathToMyProject\MyProject.csproj -s PathToMySolution.sln (obviously adjust the paths as needed)
This will create the .deployment and deploy.cmd files
Now edit the deploy.cmd file, find the line starting with %MSBUILD_PATH% (will be just one)
Insert the /t:Build parameter. For example:
[Before] %MSBUILD_PATH% <blah blah> /verbosity:m /t:pipelinePreDeployCopyAllFilesToOneFolder
[After] %MSBUILD_PATH% <blah blah> /verbosity:m /t:Build /t:pipelinePreDeployCopyAllFilesToOneFolder)
Push to GIT (check the GIT output if everything went ok)
Browse to your website and confirm it works!
I'll be glad when it's fixed in the next revision so we won't maintain the build script