Issue
We have a CI build working in Jenkins. We have a NuGet package feed in Azure DevOps, and we are getting a 401 Unauthorized error when restoring NuGet packages during a build:
href="https://pkgs.dev.azure.com/X/_packaging/FeedName@Release/nuget/v3/index.json" rel="nofollow noreferrer">https://pkgs.dev.azure.com/X/_packaging/FeedName@Release/nuget/v3/index.json: Unable to load the service index for source https://pkgs.dev.azure.com/X/_packaging/FeedName@Release/nuget/v3/index.json. Response status code does not indicate success: 401 (Unauthorized).
Jenkins setup:
- Windows 10
- Jenkins 2.199
- NuGet 5.3.1.6268
- Java 1.8.0_191
- Jenkins is running as a Windows Service logged in a "Local System."
I have the NuGet Credential Provider installed on the Jenkins machine, but I installed it when logged in as myself. I replicated the steps I took on my laptop to get around this same issue. My laptop is working. The Jenkins server is not, and I think it has something to do with the NuGet Credential Provider not working for the "Local System" account, but have no idea how to fix this.
The build is controlled by a PowerShell script, and the NuGet restore command looks like:
& "$solutionPath"\.nuget\NuGet.exe restore "$solutionFile"
$solutionPathis the folder in which the .sln file exists for Visual Studio$solutionFileis the exact file name for the .sln file
After reading How to specify credentials for external nuget feeds in VSTS nuget restore I also added a new "source" to the local NuGet installation via:
.\.nuget\NuGet.exe sources add -name "FeedName" -source "https://pkgs.dev.azure.com/X/_packaging/FeedName@Release/nuget/v3/index.json" -username <my username> -password <my personal access token> -configfile .\.nuget\NuGet.config
Usernames that I tried:
- My actual username
- My e-mail
- And just
., like the Jenkins config needs to authenticate with Azure DevOps when getting the latest version of our code via TFVC
The -password argument was a copy and paste of a Personal Access Token with read/write permissions to the Azure DevOps artifacts feed.
But again, I was remoted into the Jenkins machine as my username when I did this, and I'm still getting the same problem.
How to fix 401 Unauthorized when restoring NuGet packages during a Jenkins build when the packages are coming from an Azure DevOps artifacts NuGet feed?
Solution
Try using the name of the Personal Access Token (PAT) as the username. That is the name that you gave to the PAT while creating it.
Edit .nuget/NuGet.config and add the following code:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<solution>
<add key="disableSourceControlIntegration" value="true" />
</solution>
<packageSources>
<add key="MyPackages" value="https://pkgs.dev.azure.com/OrganizationName/_packaging/FeedName@Release/nuget/v3/index.json" />
</packageSources>
<packageSourceCredentials>
<!-- Tag name 'MyPackages' matches 'key' attribute under packageSources -->
<MyPackages>
<!-- Username is the name you gave your Personal Access Token in Azure -->
<add key="Username" value="NameOfPersonalAccessToken" />
<!-- Choose one of the tags below: -->
<!-- Use Password if PAT is encrypted -->
<add key="Password" value="EncryptedPersonalAccessTokenGoesHere" />
<!-- Use ClearTextPassword if PAT is encrypted -->
<add key="ClearTextPassword" value="PlainTextPersonalAccessTokenGoesHere" />
</MyPackages>
</packageSourceCredentials>
</configuration>
More info: https://docs.microsoft.com/en-us/nuget/reference/nuget-config-file#packagesourcecredentials
Answered By - Kehinde Ladipo
Answer Checked By - Katrina (JavaFixing Volunteer)
