dotnet tool install -g --add-source exception when private nuget packageSource (myget) exists
#16215
Comments
|
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label. |
sfoslund
added
Area-Tools
and removed
untriaged
|
@wli3 it sounds like this might be expected behavior, do you know if it's an issue with dotnet tools specifically or all nuget.config handling? |
That's a good question. It is a pain point and confusing how one gets a private nuget package source working with credentials. But that said, for the record, Visual Studio has been pulling from that source just fine for some time now for me.
Hmm, I hope not 😬 |
|
use |
|
@wli3 interesting! While I personally think this should be the default behavior, I’m glad to know there is this option, will try to test it soon |
|
This is still an issue - and using --ignore-failed-sources doesn't seem to work for me. |
|
I have the same issue, and |
It's possible to install a .NET global CLI type tool as explained in this tutorial. While installation can be done via a public nuget package, one can also use the
--add-sourceproperty to install directly from a.nupkgfile (as the above tutorial demos). The problem is I had exceptions that in the end I discovered were due to having an extra private nuget packageSource registered on my system, which caused the installation to fail. Simply removing the extra source temporarily fixed the problem, but then adding it back, any subsequent attempts to install a global tool require the same workaround.Example: If I have a .nupkg named
microsoft.botsay(to use the above tutorial example, thus full file name being:microsoft.botsay.1.0.0.nupkg) located withinC:\Tools\Botsay, the following should work:dotnet tool install -g --add-source C:\Tools\Botsay microsoft.botsayBut I get this exception:
As you can see there is a 401 Unauthorized exception when trying to read that myget feed, which clearly the only reason the system knows about it is because it's registered on one's system as a nuget package sourced.
One can navigate to their package manager settings via
%appdata%/nugetwhere aNuGet.Configfile exists, which is also what gets set by one's Visual Studio->Options->NuGet Package Manager->Package Sources form. In my case I had in addition to the normal nuget package source, a private myget source, listed last, by the same url as listed in the exception. One needs credentials to view that url in a browser etc. SIMPLY COMMENTING OUT thatpackageSourceallows the above install command to succeed. One moment later and you can re-add the myget source, BUT: This would be a really bad experience if you need to have a team, etc, follow this workaround just to install this, as many other devs might easily have a private packageSource feed in their system as well.My guess is that this tool reads all nuget sources listed as
<packageSources>(reading the public nuget one first obviously) to see if there are any conflicts with the tool being installed. But then when it hits a private feed, which it is not authorized to open, the process fails and there is an exception, which terminates the install, even though otherwise that myget package source works fine in VStudio and on my system. It should just ignore that private (in this case myget) index.json file when it can't be read. That would fix this problem.Cheers
The text was updated successfully, but these errors were encountered: