Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Paket does not seem to work with Azure Artifacts Credential Provider
See original GitHub issueDescription
If I install the Azure Artifacts Credential Provider, Paket does not seem to work with it, and fails to understand what the credential provider provides. (I’ve investigated why, read on!)
Repro steps
- Install the Azure Artifacts Credentials Provider using the installation steps here. It installs the credential provider into
%UserProfile%/.nuget/plugins/netcoreand%UserProfile%/.nuget/plugins/netfxwhich is apparently the standard location for NuGet plugins. - Paket expects the Credentials Provider in a different location (maybe an old location?), so copy
%UserProfile%\.nuget\plugins\netcore\CredentialProvider.Microsoftto%LOCALAPPDATA%\NuGet\CredentialProviders%. - Create a
paket.dependencieswith asourcepointing to your Azure Artifacts feed and use a package that is only in your private feed.
source https://api.nuget.org/v3/index.json
source https://pkgs.dev.azure.com/COMPANY/_packaging/FEEDNAME/nuget/v3/index.json
framework auto-detect
nuget FSharp.Core
nuget MyInternalPackage 0.0.72
> paket install -von the command line.
Expected behavior
A successful paket install that grabs the necessary credentials from the provider.
Actual behavior
It fails. 😭 The relevant part of the logs are:
-> Credential provider returned an invalid result: [Information] [CredentialProvider]Username: optional
[Information] [CredentialProvider]Password: CENSOREDFORBUGREPORT
Error:
-> JsonSerializationException: Cannot deserialize the current JSON array (e.g. [1,2,3]) into type 'Paket.CredentialProviderResultMessage' because the type requires a JSON object (e.g. {"name":"value"}) to deserialize correctly.
To fix this error either change the JSON to a JSON object (e.g. {"name":"value"}) or change the deserialized type to an array or a type that implements a collection interface (e.g. ICollection, IList) like List<T> that can be deserialized from a JSON array. JsonArrayAttribute can also be added to the type to force it to deserialize from a JSON array.
Path '', line 1, position 1.
The problem appears to be twofold.
- Paket is looking for credential providers in the wrong (old?) location
- The Azure Artifacts Credential Provider has changed the command line arguments it expects to receive. (TLDR: It seems like you need to pass
-F jsonfor it to print JSON on the command line, otherwise it defaults to “Human Readable”)
If I run the credential provider by hand:
> & "C:\Program Files\dotnet\dotnet.exe" "C:\Users\dchambers\.NuGet\plugins\netcore\CredentialProvider.Microsoft\CredentialProvider.Microsoft.dll" -uri https://pkgs.dev.azure.com/COMPANY/_packaging/FEEDNAME/nuget/v3/index.json
[Information] [CredentialProvider]Username: optional
[Information] [CredentialProvider]Password: CENSOREDFORBUGREPORT
According to the help text for the credential provider:
OutputFormat (-F) In standalone mode, format the results for human readability or as JSON. If JSON is selected, then logging (which may include Device Code
instructions) will be logged to standard error instead of standard output.
HumanReadable
Json
If I add -F json to the command line:
> & "C:\Program Files\dotnet\dotnet.exe" "C:\Users\dchambers\.NuGet\plugins\netcore\CredentialProvider.Microsoft\CredentialProvider.Microsoft.dll" -uri https://pkgs.dev.azure.com/COMPANY/_packaging/FEEDNAME/nuget/v3/index.json -F json
{"Username":"optional","Password":"CENSOREDFORBUGREPORT"}
Given that Paket’s code seems to copy what is in NuGet, I was surprised that such a breaking change would have been made by Microsoft! So I investigated what dotnet does when it uses the credential provider by using Process Monitor to watch the command line args it uses.
So apparently NuGet must use a completely different mode of interaction with these plugins! This seems to be this “plugin” mode, whereas paket is using “standalone” mode, and they’ve broken back-compat by having this -F flag. 😭
Known workarounds
None for us. We build on internal TeamCity build agents, and these have been configured with the Azure Artifacts Credential Provider. The old CredentialProvider.VSS.exe (which is no longer available via Azure Artifacts as in the Paket doco) seems to pop an interactive dialog and therefore is not suitable on the build agents (it does not seem to respect the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable the new provider uses to go non-interactive).
Issue Analytics
- State:
- Created 4 years ago
- Reactions:2
- Comments:24 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
We are also using the older CredentialProvider.VSS.exe (probably obtained with this compilation method mentioned above) and this worked well for years, however now it seems that it starts failing randomly in CI machines, and also since today with user PCs.
I would ask to focus here on this topic since AZure DevOps got more and more important in today´s .NET business. If MS really dropped the old plugin way of things, this needs to be followed up also in Paket.
@mfschumann I just checked: They have made an update on the repo to target net5.0. Along with that update, they also updated the package references:
In the version I used some months ago, the references were:
If I change back to the old versions it works for me. I cannot explain why.