Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
Why does pacakge publishing require view permissions on user anonymous?
-
I found it quite strange that publishing requires view_feed permissions on user anonymous. Removing the permissions would cause server to prompt for credentials which causes buildmaster to fail.
What I am trying to do is to publish to a ProGet feed from BuildMaster where the feed is private. But because of the permissioning issue I have to configure my feed to have view_feed permissions for anonymous. While no one is able to download the actual package, having the packages listed is also not ideal.
Is there any solution for this?
Product: ProGet
Version: 3.6.1
-
You can specify the username/password in the -ApiKey with user:pass, thus logging in when doing a push.
Alternatively, if you don't want to authenticate at all, just use ProGet's drop folder, and the package will be picked up.
-
It is also worth noting that strictly speaking, pushing packages does not require the View privilege, that is a result of the NuGet client sending a GET request (i.e. "list") first before sending the PUT request to push the package -- it's the first request that gets 401ed. You can use the following PowerShell script to perform just the package upload:
$FeedUrl = 'http://proget/nuget/Default' $FileName = 'C:\tmp\ProGet\packages\Package.1.0\Package.1.0.nupkg' $APIKey = 'Admin:Admin' #params([string]$FeedUrl, [string]$FileName, [string]$APIKey) $req = [System.Net.WebRequest]::CreateHttp($FeedUrl) $req.Method = 'PUT' $req.ServicePoint.Expect100Continue = $false If ($APIKey) { $req.Headers.Add('X-NuGet-APIKey', $APIKey) } $boundary = '---------------------------' + [System.Guid]::NewGuid().ToString('n') $req.ContentType = "multipart/form-data; boundary=""$boundary""" $utf8 = New-Object -TypeName System.Text.UTF8Encoding -ArgumentList ($false) $reqWriter = New-Object -TypeName System.IO.StreamWriter -ArgumentList ($req.GetRequestStream(), $utf8) $reqWriter.WriteLine("--$boundary") $reqWriter.WriteLine("Content-Disposition: form-data; name=""package""; filename=""package""") $reqWriter.WriteLine("Content-Type: application/octet-stream") $reqWriter.WriteLine() $reqWriter.Flush() $fileStream = [System.IO.File]::OpenRead($FileName) $fileStream.CopyTo($reqWriter.BaseStream) $fileStream.Close() $reqWriter.WriteLine() $reqWriter.Write("--$boundary--") $reqWriter.Dispose() $response = $req.GetResponse() $response.Dispose()