Initialize NuGet's Credential Service #868
Conversation
NuKeeper/Local/LocalEngine.cs
Outdated
| @@ -43,6 +44,8 @@ public class LocalEngine : ILocalEngine | |||
|
|
|||
| public async Task Run(SettingsContainer settings, bool write) | |||
| { | |||
| DefaultCredentialServiceUtility.SetupDefaultCredentialService(new NuGet.Common.NullLogger(), true); | |||
There was a problem hiding this comment.
I'm definitely open to suggestions here; Wasn't sure where the best place is to put this.
It's also possible we want to use a different logger and/or to do something to integrate NuKeeper's logger with the basic NuGet one?
There was a problem hiding this comment.
If you'd add a dependency of NuGet.Common.ILogger to the constructor, you'll get one injected that will forward the events to the NuKeeper logging.
Other than that, I think this looks good (other than the fact it's awkward static setup, but that's how this code works in NuGet itself and not much we can do about it).
There was a problem hiding this comment.
I'll fix that ASAP then, Thanks.
There was a problem hiding this comment.
I'm not sure about this but should this Setup-method also be called in CollaborationEngine?
There was a problem hiding this comment.
@skolima Thanks to @Greybird this is now fixed.
As per @MartinDemberger 's comment, I'd need another pair of eyes on that.
There was a problem hiding this comment.
@ransagy I think I need you're fix in the CollaborationEngine. When I call runkeeper repo on a Azure devops nuget feed it can't find any packages. If my repo doesn't have a NuGet.config and I set credentials in my profile NuGet.config it works. But if my repository does have a NuGet.config without credentials it fails.
To bypass this I call nukeeper with --source, but this too fails because of credentials.
I tried to update GitRepositoryEngine with the line
DefaultCredentialServiceUtility.SetupDefaultCredentialService(_nugetLogger, true);
but when executing nukeeper I get the error:
Problem starting the plugin 'C:\Users%username%.nuget\plugins\netcore\CredentialProvider.Microsoft\CredentialProvider.Microsoft.dll'. Cannot start process because a file name has not been provided.
Can you help?
There was a problem hiding this comment.
@johntyrrell The latter error sounds like the missing dotnet env path var: NuGet/Home#7438
There was a problem hiding this comment.
@ransagy when I set the DOTNET_HOST_PATH like this:
[System.Environment]::SetEnvironmentVariable("DOTNET_HOST_PATH", "C:\Program Files\dotnet")
The error changes to this:
Problem starting the plugin 'C:\Users%USERNAME%.nuget\plugins\netcore\CredentialProvider.Microsoft\CredentialProvider.Microsoft.dll'. Access is denied.
System.ComponentModel.Win32Exception (5): Access is denied.
at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)
at System.Diagnostics.Process.Start()
at NuGet.Protocol.Plugins.PluginProcess.Start()
at NuGet.Protocol.Plugins.PluginFactory.CreatePluginAsync(String filePath, IEnumerable1 arguments, IRequestHandlers requestHandlers, ConnectionOptions options, CancellationToken sessionCancellationToken) at NuGet.Protocol.Plugins.PluginFactory.GetOrCreateAsync(String filePath, IEnumerable1 arguments, IRequestHandlers requestHandlers, ConnectionOptions options, CancellationToken sessionCancellationToken)
at NuGet.Protocol.Plugins.PluginManager.TryCreatePluginAsync(PluginDiscoveryResult result, OperationClaim requestedOperationClaim, PluginRequestKey requestKey, String packageSourceRepository, JObject serviceIndex, CancellationToken cancellationToken)
Any ideas?
There was a problem hiding this comment.
I think that env var needs to be the full path to the actual dotnet exe - In my (local machine) case i just set it to 'dotnet' so it will use whatever is installed in the path.
About permissions - No idea, I haven't used the pipeline scenario at all.
There was a problem hiding this comment.
@ransagy , changing it do "dotnet" did the trick. After that I needed to also set NUGET_PLUGIN_HANDSHAKE_TIMEOUT_IN_SECONDS and NUGET_PLUGIN_REQUEST_TIMEOUT_IN_SECONDS to "30" and then I was able to read the Azure DevOps feed. Thnx!
|
Tests are broken due to a non-related issue to this PR; see my PR to fix that in #894 . |
ransagy
force-pushed
the
initCredentials
branch
from
673af7f
to
31134eb
Compare
* Initialize NuGet's Credential Service * Rebased and switched to the expected Logger (#2) * 📦 Automatic update of NUnit3TestAdapter to 3.15.1 (NuKeeperDotNet#869) * 📦 Automatic update of SimpleInjector to 4.7.1 (NuKeeperDotNet#870) * 📦 Automatic update of LibGit2Sharp to 0.26.1 (NuKeeperDotNet#874) * Automatic update of NuGet.CommandLine to 5.2.0 (NuKeeperDotNet#875) * 📦 Automatic update of NuGet.CommandLine to 5.2.0 * Bump the packaged NuGet version * 📦 Automatic update of Octokit to 0.34.0 (NuKeeperDotNet#880) * FxCopAnalyzers already pulls in other analyzers (NuKeeperDotNet#883) * Automatic update of Microsoft.NET.Test.Sdk to 16.3.0 (NuKeeperDotNet#884) * 📦 Automatic update of Microsoft.NET.Test.Sdk to 16.3.0 * Fix mismatched test project target framework * Automatic update of coverlet.msbuild to 2.7.0 (NuKeeperDotNet#885) * 📦 Automatic update of coverlet.msbuild to 2.7.0 * Remove duplicate coverlet privateassets node * 📦 Automatic update of NuGet.Protocol to 5.3.0 (NuKeeperDotNet#886) * 📦 Automatic update of System.Text.Encoding.CodePages to 4.6.0 (NuKeeperDotNet#887) * 📦 Automatic update of McMaster.Extensions.CommandLineUtils to 2.4.2 (NuKeeperDotNet#888) * 📦 Automatic update of Octokit to 0.36.0 (NuKeeperDotNet#890) * Initialize NuGet's Credential Service * Switch to nuget logger
ransagy
force-pushed
the
initCredentials
branch
from
edfe9e5
to
4bf74db
Compare
|
Is this ready to be reviewed again @ransagy? |
|
@MarcBruins Pending any additional comment in the thread about |
|
Any movement on this? It's something I've just run into as well 🙃 |
|
Still waiting for approval/further review by the maintainers, as specified. |
|
Does anybody know when this might be released to a version (usable by the Azure pipeline extension)? Running into this on our Pipeline builds and it's a show-stopper. |
|
Also running up against this. Getting nukeeper to work via a devops pipeline either through the extension or a powershell script is headache inducing. @AnthonySteele Any chance we can get an update on when to expect a new release? |
|
I am also awaiting this to be released. When can I expect a release that includes this? |
|
I'm quite sure it was already included in the 0.28 and 0.29 NuGet releases; Just wasn't updated on the GitHub releases due to a bug, i think. |
|
That's correct, it's on the last NuGet releases, but there was an issue with release notes. |
✨ What kind of change does this PR introduce? (Bug fix, feature, docs update...)
Somewhere between feature and bug fix.
When performing NuGet operations against private/authenticated feeds, Current behavior assumes that auth is done solely via basic http authentication. This is not always true in some cases (Azure DevOps Artifacts in my case) and NuGet has a plugin framework for credentials management.
🆕 What is the new behavior (if this is a feature change)?
We initialize NuGet's credentials service before performing operations, allowing the usage of NuGet's own providers for that. In my case, Microsoft's Azure Artifacts credentials provider.
💥 Does this PR introduce a breaking change?
Possibly, If a user has credentials providers installed that will override the old auth system.
🐛 Recommendations for testing
The auth tests i saw seem to cover these cases, But we might consider adding more tests that specifically use the credential providers and/or Azure Artifacts authentication. It might be too much of an overhead though.
📝 Links to relevant issues/docs
https://docs.microsoft.com/en-us/nuget/reference/extensibility/nuget-exe-credential-providers
https://github.com/microsoft/artifacts-credprovider
#542
🤔 Checklist before submitting