I'm trying to install NuGet packages like Unity or EntityFramework, but after downloading Nuget cannot install those and returns this error message:
Your machine group policy or user group policy disables execution of PowerShell script.
Adjust your group policy settings to allow execution of PowerShell scripts
How can I resolve this issue? Thanks in advance ;)
Currently old version of NuGet aka not > 1.4 do not sign powershell scripts and thus you need to run the following from a powershell command line:
set-executionpolicy Unrestricted
in 1.4 we are going to sign the scripts so you shouldn't have this problem. Although 1.4 has not shipped yet, but very very soon :)
The above fix might fail if your administrator has locked down powershell scripts in that case you can either ask them to do this for you or wait till NuGet 1.4 is released.
Related
I just installed chocolatey through nuGet using the following steps in the admin shell: chocolatey nuget install. However, when I try to get any package, I am asked for credentials (which I assume is not meant to happen). Can anyone point out what I am doing wrong?
chocolatey
Maybe not a fix, but I found a work around. It is possible to download the *.nupkg files from https://chocolatey.org/packages and then run choco install [packageFile], which doesn't require the server to be contacted and this avoids the permission issue.
I installed VSTS build agent on mac to build xamarin iOS project. Builds worked fine until I added powershell build step.
Even though I installed powershell for mac (https://github.com/PowerShell/PowerShell) and re-installed the agent, VSTS complains it does not have agent that is capable to run the build.
No agent could be found with the following capabilities:
DotNetFramework, Xamarin.iOS, npm
When I disable the build step, builds work just fine.
Is it possible to run powershell build step on Mac?
As MrHinsh clarified, the PowerShell task cannot be used on Mac.
As a workaround I used ShellScript task:
With the following bash script:
#!/bin/bash
powershell ./SetAppVersion.ps1
Also, the powershell installer did not seem to add powershell to my PATH so I had to add it:
$ export PATH=$PATH:/usr/local/microsoft/powershell/6.0.0-alpha.16
If you're sure that DotNetFramework is installed then you can go to the Agent Queues settings and add a custom Capability to it called exactly that.
That should allow it to run but it might fail after that if the agent can't actually find them, but it might also succeed so it's probably worth a try.
No, you can't use a PowerShell task on a Mac, only node tasks are supported.
PowerShell tasks as currently written in PowerShell3 which is not supported on Mac. You can request that the team implement this on http://visualstudio.uservoice.com
In TFS build go to Agents Queues=>Capablilities=>Add variable named as DotNetFramework and give value for mac agent's dotnet framework path.
It's fix for the issue "No agent could be found with the following capabilities:DotNetFramework"
This is a follow-up to the accepted answer to address a question in a comment which I also had.
Thanks to spatialguy for posting and finding a simple solution to this problem. I had the same problem as KeithA45:
QUESTION: What if you wanted to do the same, but also pass arguments to the Bash script which passes them to the Powershell script?
I found a solution to this, first off, I modified the shell script task to include the Visual Studio Team Services (VSTS) environmental variables that I wanted to pass to the powershell script.
Next, I pass the arguments through to the called powershell script by slightly modifying the shell script mentioned by the accepted answer.
#!/bin/bash
powershell ./Version.ps1 $1 $2
Finally, in the powershell script, I catch the arguments that have been passed through using using param like this:
param([string]$version, [string]$path)
Wherein I can now use the variables $version and $path which contain the original arguments entered in VSTS to the needs of my powershell script.
Things seem to have moved forward because I ran successfully today a PowerShell#2 task on a Mac Self-Hosted Agent from an Azure DevOps build pipeline.
By checking "Enable system diagnostics" when queuing the build, the log shows me that the task found itself the path to the PowerShell Core (pwsh) that I installed on my Mac with the help of Homebrew (brew cask install powershell - see https://learn.microsoft.com/fr-fr/powershell/scripting/install/installing-powershell-core-on-macos).
I was trying to use Nuget as a software deployment system (repository, versioning and delivery) - idea from Octopus. Previously I was packaging ASP.NET sites into a self-extracting RAR archives with a .CMD startup scripts embeded. Now I'm trying to use Nuget creating puckages during automated build. The issue is that the package installation scripts (tools\Install.ps1 or tools\Init.ps1) do not execute if the package is being installed using command line:
nuget.exe install <package_id> -OutputDirectory <install_folder> -source <local_repo>
Same scripts are able to execute when package installed from Visual Studio Package Manager or Console.
I do not see why this shouldn't be possible given omnipresence of PowerShell.
Am I missing something or this is behaviour by design? Will appreciate you help.
Yes, we did consider MSDeploy but we already have install scripts that do the same thing and give more control and we need some strong package management and repository for build artifacts (something that Java folks do with Maven).
As of today, the powershell scripts are not invoked from doing installations from command line.
One reason for this is that, in general, most of the install/init actions are tied to dte and the visual studio project and doesn't add much value to be able to run it from outside VS.
We have a backlog item for enabling support for exe based scripts too in addition to powershell.
I'm trying to setup a large number of build agents and so far i can install all the dependencies silently (using powershell, nuget and chocolatey).
However i cannot install the tool IlMerge without the damn GUI popping up.
Ive tried all the usual msiexec switches and they are just ignored. does anyone know of a way of getting this tool on a box in an unattended way?
Or should i just repack the thing in zip/msi?
This is on windows server 2008 R2
If i run
Invoke-Expression "msiexec $installerPath\ilmerge.msi /passive"
I still get a security dialog.
Currently i'm just thinking ill do this:
Copy-Item x:\installs\ilmerge.exe "C:\Program Files (x86)\ILMerge"
seeing as its only one file.
Below worked for me, no security dialogs.
cp ILMerge.msi \\Server\admin$
winrs -r:Server ILMerge.msi /passive
dir "\\Server\C$\Program Files (x86)\Microsoft\ILMerge"
With chocolatey you would have just needed to specify -ia '/quiet' as the package was not silent by default. This was specified by the tag notSilent and it was also in the description (http://chocolatey.org/packages/ilmerge/2.11.1103.1).
The latest package is just the executable, so you can just install it. http://chocolatey.org/packages/ilmerge
When you install a package from NuGet, it can run some Powershell scripts to set things up (such as exporting commands to be used in the Package Manager console).
I'm trying (and failing) to find details of what these scripts can/can't do. Specifically - should we be worried about malicious code in these? Can they read the filesystem, send web requests, etc.?
When NuGet sets up the PowerShell host, it checks to see what the current ExecutionPolicy is. If it is not Unrestricted, RemoteSigned, or Bypass, it forces the ExcecutionPolicy to RemoteSigned for the current process (devenv.exe).
PowerShell does not see the embedded scripts init.ps1, install.ps1, etc. as being downloaded from the Internet, so there is nothing preventing a malicious script from doing anything on your machine that your account has permissions to do.
At this point, all NuGet package creators are pretty much on the "honor" system. I believe Ruby Gems have a similar situtation.
NuGet does have the ability to use private package sources, so if security is critical, I suggest you download and vet all packages, and only allow installing packages from these trusted sources.
I'll defer to someone from the NuGet team, but I'm almost certain they run under the current execution policy.
Here's a clip from my own nuget console:
PM> Get-ExecutionPolicy
RemoteSigned
If I open PowerShell as an admin and change the execution policy, nuget reports the change:
PM> Get-ExecutionPolicy
Restricted
In sum, whatever execution policy you've got on your default host also applies to the nuget console.
When you download a script from the internet, unless it is installed with a setup program where you have given it escalated permissions to install, the scripts are marked as blocked. You have to authorize (unblock) them by right clicking on the scripts and choosing the button Unblock.