artifacts-credprovider: dotnet restore --interactive does not work On prem

Just to add - we have just found that SDK v2.2.203 has broken the --interactive function (for Azure Devops hosted feeds, from Windows 10 machines). Reverted to v2.2.202 and it works.

Our investigation on the internal work item resulted that unfortunately, the way the interactive flow currently works in this cred provider, there is no way to make it work interactively for an on premise Azure DevOps Server instance. The best solution we currently have is to use the workaround of using the environment variables mentioned above. Sorry for the inconvenience.

To make it clearer, the newest version of this cred provider detects if the feed URI is an Azure DevOps Server on premise URI and won’t even try the interactive flow to avoid confusing logs.

As a follow-up work item, we should document this in the cred provider readme.

For anyone looking for a summarized solution, here’s what worked on a Mac setup:

1. generate a personal acess token (PAT) that gives you rights to the given service;

2. configure your Nuget.config to use the PAT for authentication using Basic auth as shown by stephan7878:

   <?xml version="1.0" encoding="utf-8"?>
   <configuration>
       <packageSources>
           <add key="NuGet official package source" value="https://api.nuget.org/v3/index.json" />
           <add key="Partner" value="https://tfs.partner.com/DefaultCollection/_packaging/Nuget/nuget/v3/index.json" />
       </packageSources>
       <packageSourceCredentials>
           <Partner> 
               <add key="Username" value="USERNAME" />
               <add key="ClearTextPassword" value="PATSTRING" />
               <add key="ValidAuthenticationTypes" value="basic" /> 
           </Partner>
       </packageSourceCredentials>
   </configuration>
   

3. clear the cache and restore the packages using the old HTTP client:

   cd repo
   nuget locals -clear all && export DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER=0 && nuget restore
   

I’m finding that --interactive does not work for private packages on Azure Devops, either.

PS D:\Dev\sample-func\SampleFunc> dotnet add package --interactive Microsoft.Azure.SignalR.Management
  Determining projects to restore...
  Writing C:\Users\ThisGuy\AppData\Local\Temp\tmpC2A0.tmp
info : Adding PackageReference for package 'Microsoft.Azure.SignalR.Management' into project 'D:\Dev\sample-func\SampleFunc\SampleFunc.csproj'.
info :   CACHE https://api.nuget.org/v3/registration5-gz-semver2/microsoft.azure.signalr.management/index.json
info :   GET https://pkgs.dev.azure.com/<removed>/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json
info :   GET https://<removed>.pkgs.visualstudio.com/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json
info :   Unauthorized https://<removed>.pkgs.visualstudio.com/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json 272ms
info :   Unauthorized https://pkgs.dev.azure.com/<removed>/_packaging/<removed>/nuget/v3/registrations2-semver2/microsoft.azure.signalr.management/index.json 275ms
error: Response status code does not indicate success: 401 (Unauthorized).

I am on NuGet Command Line 5.8.0.6930 and dotnet 5.0.1.02

I suggest you create a new issue as this issue is specific to azure devops server, and has been closed.

Hello, for whos having this problem, maybe you can try this solution -> https://github.com/microsoft/artifacts-credprovider/issues/63

With release of 3.0 this is still NOT working for us. Nothing helps. Our whole Integration Test environment is halted due to this issue. I cannot make dotnet restore work on linux containers with our internal NuGet repository, no matter what. Please give me something. I don’t want to switch to Windows containers…

I am also experiencing issues with the provider, but I use it in a container. Here is the setup:

Docker image: mcr.microsoft.com/dotnet/core/sdk:3.0-bionic (same behavior with 2.2-bionic) Install provider in Dockerfile: RUN bash /application/scripts/installcredprovider.sh Pass Env Variable In Compose:

environment:
            - VSS_NUGET_EXTERNAL_FEED_ENDPOINTS=${VSS_JSON}

Calling dotnet restore inside the container (with or without --interactive) always throws:

/usr/share/dotnet/sdk/3.0.100-preview8-013656/NuGet.targets(123,5): error : Unable to load the service index for source [REDACTED]. [/application/build/_build.csproj] /usr/share/dotnet/sdk/3.0.100-preview8-013656/NuGet.targets(123,5): error : GSSAPI operation failed with error - Unspecified GSS failure. Minor code may provide more information (SPNEGO cannot find mechanisms to negotiate). [/application/build/_build.csproj]

Can anyone give me a hint how to fix this?

Closing this issue due to inactivity.