Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error NU1301: Unable to load the service index for source Failed to restore (in 6.21 sec). #531

Open
UriZafrir opened this issue Nov 13, 2024 · 5 comments
Open

error NU1301: Unable to load the service index for source Failed to restore (in 6.21 sec). #531

UriZafrir opened this issue Nov 13, 2024 · 5 comments
Labels
invalid This doesn't seem right question Further information is requested

Comments

@UriZafrir
Copy link

UriZafrir commented Nov 13, 2024
edited
Loading

Describe the bug

posted here also dotnet/dotnet-docker#6046 (comment), ive seen them pointing to this repo, so i post here also.

in on prem Azure Devops, using azure artifacts, i try to run dotnet restore in a docker container.
It results in the error below. When running on the linux hosting the container, it works.
Image

error NU1301: Unable to load the service index for source 
  Failed to restore  (in 6.21 sec).

The error:

root@d553c5d80b84:/src/Common# dotnet add package curl
  Determining projects to restore...
  Writing /tmp/tmpXB2IXF.tmp
info : X.509 certificate chain validation will use the fallback certificate bundle at '/usr/share/dotnet/sdk/8.0.403/trustedroots/codesignctl.pem'.
info : X.509 certificate chain validation will use the fallback certificate bundle at '/usr/share/dotnet/sdk/8.0.403/trustedroots/timestampctl.pem'.
info : Adding PackageReference for package 'curl' into project '/src/Common/Common.csproj'.
error: Unable to load the service index for source https://<url>/<etc>/_packaging/feed/nuget/v3/index.json.
error:   The SSL connection could not be established, see inner exception.
error:   The remote certificate is invalid because of errors in the certificate chain: PartialChain

I've tried supplying the credentials in three ways, one is using commands, the other using a nuget.config file, the third with VSS_NUGET_EXTERNAL_FEED_ENDPOINTS, all fail:

dotnet nuget add source -name feed
dotnet nuget update source feed --valid-authentication-types basic --username "feed" --password xxxxx --store-password-in-clear-text
dotnet nuget list source

 dotnet nuget list source
Registered Sources:
  1.  <feed>-feed [Enabled]
      <url>/feed/nuget/v3/index.json

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <clear />
    <add key="feed" value="<url>/feed/nuget/v3/index.json" />
  </packageSources>
  <packageSourceCredentials>
    <feed>
      <add key="Username" value="feed" />
      <add key="ClearTextPassword" value="xxxxxxxxxxxx" />
    </feed>
  </packageSourceCredentials>
</configuration>

export VSS_NUGET_EXTERNAL_FEED_ENDPOINTS="{\"endpointCredentials\": [{\"endpoint\":\"<url>/feed/nuget/v3/index.json\", \"username\":\"feed\", \"password\":\"xxxx\"}]}"
dotnet restore --configfile /root/.nuget/NuGet/NuGet.Config
  Determining projects to restore...
/src/Common.csproj : error NU1301: Unable to load the service index for source h<url>/feed/nuget/v3/index.json.

dotnet  add package nuget
  Determining projects to restore...
  Writing /tmp/tmpDytL4u.tmp
info : X.509 certificate chain validation will use the fallback certificate bundle at '/usr/share/dotnet/sdk/8.0.403/trustedroots/codesignctl.pem'.
info : X.509 certificate chain validation will use the fallback certificate bundle at '/usr/share/dotnet/sdk/8.0.403/trustedroots/timestampctl.pem'.
info : Adding PackageReference for package 'nuget' into project '/src/Common.csproj'.
error: Unable to load the service index for source <url>/feed/nuget/v3/index.json.
error:   The SSL connection could not be established, see inner exception.
error:   The remote certificate is invalid because of errors in the certificate chain: PartialChain

more details:

when i run with disableTLSCertificateValidation="true":

root@82398c569468:/src/Common# cat nuget.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <clear />
    <add key="feed" value="<url>/feed/nuget/v3/index.json" disableTLSCertificateValidation="true" />
  </packageSources>
</configuration>

i get

error NU1202: Package Microsoft.AspNetCore.Grpc.Swagger 0.9.0 is not compatible with net8.0 (.NETCoreApp,Version=v8.0). Package Microsoft.AspNetCore.Grpc.Swagger 0.9.0 supports: net9.0 (.NETCoreApp,Version=v9.0)

root@82398c569468:/src/Common# dotnet restore
  Determining projects to restore...
/src/Common/Common.csproj : error NU1202: Package Microsoft.AspNetCore.Grpc.Swagger 0.9.0 is not compatible with net8.0 (.NETCoreApp,Version=v8.0). Package Microsoft.AspNetCore.Grpc.Swagger 0.9.0 supports: net9.0 (.NETCoreApp,Version=v9.0)
  Failed to restore /src/Common/Common.csproj (in 8.33 min).

when i run

dotnet restore --configfile nuget.config --verbosity detailed

it just gets stuck like this:

         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.Packaging, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.Packaging.dll, MVID: c3569465-2284-4cdc-80fa-53f23ad5a901, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.LibraryModel, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.LibraryModel.dll, MVID: 9c74e240-a36b-4261-ae2d-466984d97095, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.Versioning, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.Versioning.dll, MVID: 0ff30a8a-7983-4ede-bc2f-f9d2f526b309, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.Frameworks, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.Frameworks.dll, MVID: 36fa17a1-abb6-4cce-b85c-dd32a6dcc45f, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.Protocol, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.Protocol.dll, MVID: 65288774-e726-408e-8bb6-d22100f75eed, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.Credentials, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.Credentials.dll, MVID: 07a91a3f-265a-4226-985e-876d1036d338, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Security.Cryptography.X509Certificates, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (location: /usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.10/System.Security.Cryptography.X509Certificates.dll, MVID: babd25b1-dd98-4c86-b2b5-fa9a5f94ffc1, AssemblyLoadContext: Default)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Formats.Asn1, Version=8.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51 (location: /usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.10/System.Formats.Asn1.dll, MVID: 4f606ed3-8b57-4dbe-8e7a-4ec241436b9b, AssemblyLoadContext: Default)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Runtime.Numerics, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (location: /usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.10/System.Runtime.Numerics.dll, MVID: 12ecf9da-16be-489d-b9c2-184fdd323547, AssemblyLoadContext: Default)
         X.509 certificate chain validation will use the fallback certificate bundle at '/usr/share/dotnet/sdk/8.0.403/trustedroots/codesignctl.pem'.
         X.509 certificate chain validation will use the fallback certificate bundle at '/usr/share/dotnet/sdk/8.0.403/trustedroots/timestampctl.pem'.
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): NuGet.DependencyResolver.Core, Version=6.11.1.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35 (location: /usr/share/dotnet/sdk/8.0.403/NuGet.DependencyResolver.Core.dll, MVID: 70f2641a-4895-4758-a37b-70be48187b22, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Running restore with 2 concurrent jobs.
         Reading project file /src/Common/Common.csproj.
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed (location: /usr/share/dotnet/sdk/8.0.403/Newtonsoft.Json.dll, MVID: 7e62198b-eab2-4380-bbac-29171862d1d8, AssemblyLoadContext: MSBuild plugin /usr/share/dotnet/sdk/8.0.403/NuGet.Build.Tasks.dll)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Runtime.Serialization.Primitives, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (location: /usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.10/System.Runtime.Serialization.Primitives.dll, MVID: 8be68a72-9db8-4eb5-9241-92109545e51d, AssemblyLoadContext: Default)
         Restoring packages for /src/Common/Common.csproj...
         Restoring packages for .NETCoreApp,Version=v8.0...
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Security.Cryptography.Algorithms, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (location: /usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.10/System.Security.Cryptography.Algorithms.dll, MVID: b2d08e03-619c-4317-8587-9ac3f8a7b71e, AssemblyLoadContext: Default)
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Security.Cryptography.Primitives, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a (location: /usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.10/System.Security.Cryptography.Primitives.dll, MVID: 0117ccad-7047-48e5-9ddb-84d8ee641a37, AssemblyLoadContext: Default)

I would appreciate any assistance.

Which .NET image(s) are you using?

mcr.microsoft.com/dotnet/sdk:8.0

Steps to reproduce

FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
ARG BUILD_CONFIGURATION=Release

WORKDIR /src
COPY ["Common/", "Common/"]

RUN dotnet nuget add source /nuget/v3/index.json --name feed
RUN dotnet nuget update source feed --valid-authentication-types basic --username "-feed" --password xxx --store-password-in-clear-text
RUN dotnet nuget list source
RUN dotnet restore "./Common/Common.csproj"

Other information

No response

Output of docker version

docker version
Client:
 Version:           25.0.5
 API version:       1.44
 Go version:        go1.22.5
 Git commit:        5dc9bcc
 Built:             Wed Aug 21 00:00:00 2024
 OS/Arch:           linux/amd64
 Context:           default

Server:
 Engine:
  Version:          25.0.6
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.22.5
  Git commit:       b08a51f
  Built:            Wed Aug 21 00:00:00 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.22
  GitCommit:        7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
 runc:
  Version:          1.1.14
  GitCommit:        2c9f5602f0ba3d9da1c2596322dfc4e156844890
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Output of docker info

docker info
Client:
 Version:    25.0.5
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.0.0+unknown
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx

Server:
 Containers: 81
  Running: 0
  Paused: 0
  Stopped: 81
 Images: 123
 Server Version: 25.0.6
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
 runc version: 2c9f5602f0ba3d9da1c2596322dfc4e156844890
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.1.112-122.189.amzn2023.x86_64
 Operating System: Amazon Linux 2023.6.20241010
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 7.629GiB
 Name: ip-10-18-8-203.il-central-1.compute.internal
 ID: f06a87e8-e7bb-4174-b68a-40dcbfa93d67
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
@embetten
Copy link
Contributor 

root@82398c569468:/src/Common# dotnet restore
  Determining projects to restore...
/src/Common/Common.csproj : error NU1202: Package Microsoft.AspNetCore.Grpc.Swagger 0.9.0 is not compatible with net8.0 (.NETCoreApp,Version=v8.0). Package Microsoft.AspNetCore.Grpc.Swagger 0.9.0 supports: net9.0 (.NETCoreApp,Version=v9.0)
  Failed to restore /src/Common/Common.csproj (in 8.33 min).

Is Microsoft.AspNetCore.Grpc.Swagger a dependency of your Common.csproj ? From the error message it looks like you need to be using dotnet 9 sdk instead of dotnet 8 to use this package. The fact that you got past the Unable to load the service index for source makes me think this isn't an authentication issue.

@embetten embetten added invalid This doesn't seem right question Further information is requested labels Nov 14, 2024
@UriZafrir
Copy link
Author

I got past this error by downgrading the swagger to 8.11. and I still get the Unable to load the service index for source.
what can i do?

@embetten
Copy link
Contributor

If adding the password directly to the nuget.config with the add source command didn't work, using this cred provider with the external endpoints variable would not be expected to work either. I would recommend looking at the password.
 
Are there any exception or error messages from the credprovider in the detailed logs after downgrading and with disableTLSCertificateValidation="true"? If so, please add them here and we can investigate further.

@UriZafrir
Copy link
Author

Hi
Thanks for the answer!
When running with credprovider I got exactly the same thing.
I wanted to somehow check it, so I tried to use NuGetAuthenticate@1.
I preinstalled the CredentialProvider.Microsoft plugin from your readme (downloaded this, and untarred)
Microsoft.NuGet.CredentialProvider.tar.gz

I get this error - I think it's a new one, I've searched for it on issues here and on dotnet-docker and found nothing

##[error]Error: unable to verify the first certificate

I would really appreciate any assistance.

2024-11-17T08:51:16.2867456Z ##[section]Starting: Authenticate with Azure Artifacts
2024-11-17T08:51:16.2872944Z ==============================================================================
2024-11-17T08:51:16.2873070Z Task         : NuGet authenticate
2024-11-17T08:51:16.2873133Z Description  : Configure NuGet tools to authenticate with Azure Artifacts and other NuGet repositories. Requires NuGet >= 4.8.5385, dotnet >= 6, or MSBuild >= 15.8.166.59604
2024-11-17T08:51:16.2873307Z Version      : 1.213.0
2024-11-17T08:51:16.2873364Z Author       : Microsoft Corporation
2024-11-17T08:51:16.2873427Z Help         : https://aka.ms/NuGetAuthenticateTask
2024-11-17T08:51:16.2873509Z ==============================================================================
2024-11-17T08:51:17.9047644Z Installing the Azure Artifacts Credential Provider (.NET Framework) to '/home/ec2-user/.nuget/plugins/netfx/CredentialProvider.Microsoft'. This credential provider is compatible with nuget.exe 4.8.0.5385 or later, and MSBuild 15.8.166.59604 or later.
2024-11-17T08:51:17.9072748Z The credential provider is already installed. If there are package related authentication failures in later steps, consider setting this task's input 'forceReinstallCredentialProvider' to true to force reinstallation.
2024-11-17T08:51:17.9075593Z 
2024-11-17T08:51:17.9076669Z Installing the Azure Artifacts Credential Provider (.NET Core) to '/home/ec2-user/.nuget/plugins/netcore/CredentialProvider.Microsoft'. This credential provider is compatible with .NET SDK 6 or later.
2024-11-17T08:51:17.9206628Z The credential provider is already installed. If there are package related authentication failures in later steps, consider setting this task's input 'forceReinstallCredentialProvider' to true to force reinstallation.
2024-11-17T08:51:17.9208847Z 
2024-11-17T08:51:20.0947753Z ##[error]Error: unable to verify the first certificate
2024-11-17T08:51:20.7798145Z ##[section]Finishing: Authenticate with Azure Artifacts

@embetten
Copy link
Contributor

embetten commented Nov 18, 2024
edited
Loading

is disableTLSCertificateValidation="true" in the pipeline as well? Can you also confirm that the direct usage of a certificate using the ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS is not set?

As a FYI, the NugetAuthenticateV1 Task downloads a version of the credprovider onto the pipeline agent machine if it isn't already present. The only reason to manually install is if you want a specific version installed on the agent.

Either way, this looks like an ado/on-prem configuration issue as I do not yet see any errors specific to the artifacts-credprovider itself in these logs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid This doesn't seem right question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@UriZafrir @embetten