Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Authenticated feeds sample does not work

See original GitHub issue

When using the snippet in the readme for authenticated feeds:

- uses: actions/setup-dotnet@v1
  with:
    dotnet-version: '2.2.103' # SDK Version to use.
    source-url: https://nuget.pkg.github.com/<owner>/index.json
  env:
    NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
- run: dotnet build <my project>
- name: Create the package
  run: dotnet pack --configuration Release <my project>
 - name: Publish the package to GPR
  run: dotnet nuget push <my project>/bin/Release/*.nupkg

It does not work. As written, dotnet emits the following error: error: Source parameter was not specified.

When you specify a -s parameter with the GPR url it fails auth:

info : Pushing TimHeuer.TestLib.1.0.2.nupkg to 'https://nuget.pkg.github.com/***'...
info :   PUT https://nuget.pkg.github.com/***/
warn : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
info :   Unauthorized https://nuget.pkg.github.com/***/ 51ms
error: Response status code does not indicate success: 401 (Unauthorized).

It does not appear that the adding of the source to use authenticated feeds is working with dotnet nuget push in this configuration.

Issue Analytics

State:
Created 4 years ago
Comments:5 (2 by maintainers)

Top GitHub Comments

2reactions

jonstellycommented, Jan 3, 2020

I don’t believe the example will work at all on Linux due to https://github.com/NuGet/Home/issues/7473. They closed that issue as a duplicate of this one: https://github.com/NuGet/Home/issues/6437 which isn’t quite the same thing but given the age of both issues, I don’t expect a fix anytime soon.

To summarize from what i understand: on linux there’s no support for encryption/decryption of the nuget.config values and the api token can only be saved to a nuget.config in an encrypted format.

Workaround / Working Example

In the end, I just used the dotnet nuget push command with a -k $NUGET_AUTH_KEY argument and that seems to work.

I imagine most people are concerned like I was about using the -k option on public repos, wondering if the argument (from a github secret) might get logged somewhere. But when passing the secret as an environment variable like below it doesn’t seem to show up in the log. I haven’t tested this a ton, but even when passing a bad key the bad key doesn’t get logged, so this seems safe-ish.

Example Build with successful publish

Build Script:

name: Autofac Events Build

on: [push]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v1
    - name: Setup .NET Core
      uses: actions/setup-dotnet@master
      with:
        dotnet-version: 3.1.100
    - name: Build
      run: dotnet build --configuration Release
    - name: Pack
      run: dotnet pack --configuration Release --version-suffix action-testing -o "./packages"
    - name: Publish
      env:
        NUGET_AUTH_TOKEN: ${{secrets.NUGET_AUTH_TOKEN}}
      run: dotnet nuget push -s https://www.nuget.org/api/v2/package -k $NUGET_AUTH_TOKEN ./packages/*.nupkg

0reactions

ZEisingercommented, Jan 7, 2020

@ransagy @anatoly-kryzhanovsky If you are still experiencing the mentioned issue can you please open a new issue to be looked into?

The original issue is now resolved by publishing v1.4.0.

Top Results From Across the Web

Consuming packages from authenticated feeds | Microsoft Learn

Consuming packages from authenticated feeds in all NuGet client scenarios.

The RSS webpart does not support authenticated feeds

Check RSS feeds are actually enabled on the source list (you can try to navigate directly to the feed URL to check it...

RSS feed macro dont works with "Not permitted" error. - Jira

RSS feeds requested does not need any authentication and accessible from confluence server via Internet Explorer without any problems.

7.4 - Feeds Protocol Developer's Guide - Google

The URLs submitted in a content feed are not crawled by the search appliance. ... Under Sample Forms Authentication protected URL, enter the...

RSS Feeds for Instant Articles - Meta for Developers

Though optional, we recommend configuring basic authentication (username and ... If there are no RSS feed errors, ensure that your articles are populating ......