Nuget 在 Docker 从私人订阅源恢复
[英]Nuget restore on Docker from private feed
问题描述
I have my application defined by this Dockerfile
我的应用程序由这个 Dockerfile 定义
FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 80
FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
COPY ["MyCertificate.cer", "/usr/local/share/ca-certificates/cacert.crt"]
RUN update-ca-certificates
WORKDIR /src
COPY ["nuget.config", "MyApplication.API/"]
COPY ["MyApplication.API/MyApplication.API.csproj", "MyApplication.API/"]
RUN dotnet restore --configfile MyApplication.API/nuget.config MyApplication.API/MyApplication.API.csproj -v d
COPY . .
WORKDIR "/src/MyApplication.API"
RUN dotnet build "MyApplication.API.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "MyApplication.API.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "MyApplication.API.dll"]
this is my nuget.config这是我的 nuget.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="MY-PRIVATE-FEED" value="https://my.private.repository.net/collections/_packaging/MY-PRIVATE-FEED/nuget/v3/index.json" />
</packageSources>
<config>
<add key="signatureValidationMode" value="accept" />
</config>
<packageSourceCredentials>
<MY-PRIVATE-FEED>
<add key="Username" value="valerielinc" />
<add key="ClearTextPassword" value="myPATtokenGeneratedFromAzureDevOps" />
</MY-PRIVATE-FEED>
</packageSourceCredentials>
<trustedSigners>
<author name="MY-PRIVATE-FEED">
<certificate fingerprint="ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" hashAlgorithm="SHA256" allowUntrustedRoot="true" />
</author>
<repository name="MY-PRIVATE-FEED" serviceIndex="https://my.private.repository.net/collections/_packaging/MY-PRIVATE-FEED/nuget/v3/index.json">
<certificate fingerprint="ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" hashAlgorithm="SHA256" allowUntrustedRoot="true" />
<owners>ownerfeed</owners>
</repository>
</trustedSigners>
</configuration>
when I try to restore my project that contains 1 package that is coming from my private feed I have this error:当我尝试恢复包含来自我的私人提要的 1 package 的项目时,出现此错误:
error : The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
Stacktrace:堆栈跟踪:
1>/usr/share/dotnet/sdk/5.0.400/NuGet.targets(131,5): error : Unable to load the service index for source https://my.private.repository.net/collections/_packaging/MY-PRIVATE-FEED/nuget/v3/index.json. [/src/MyApplication.API/MyApplication.API.csproj]
#17 2.778 /usr/share/dotnet/sdk/5.0.400/NuGet.targets(131,5): error : The SSL connection could not be established, see inner exception. [/src/MyApplication.API/MyApplication.API.csproj]
#17 2.778 /usr/share/dotnet/sdk/5.0.400/NuGet.targets(131,5): error : The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot [/src/MyApplication.API/MyApplication.API.csproj]
#17 2.789 OK https://api.nuget.org/v3-flatcontainer/microsoft.applicationinsights.aspnetcore/index.json 123ms
#17 2.797 NuGet.Protocol.Core.Types.FatalProtocolException: Unable to load the service index for source https://my.private.repository.net/collections/_packaging/MY-PRIVATE-FEED/nuget/v3/index.json.
#17 2.797 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
#17 2.797 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot
#17 2.797 at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)
#17 2.797 at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)
#17 2.797 at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
#17 2.797 --- End of inner exception stack trace ---
#17 2.797 at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
#17 2.797 at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
#17 2.797 at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
#17 2.797 at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
#17 2.797 at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
#17 2.798 at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, Boolean async, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)
#17 2.798 at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
#17 2.799 at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
#17 2.799 at NuGet.Protocol.ServerWarningLogHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
#17 2.799 at NuGet.Protocol.HttpSourceAuthenticationHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
#17 2.799 at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)
#17 2.799 at NuGet.Protocol.HttpRetryHandler.<>c__DisplayClass2_1.<<SendAsync>b__0>d.MoveNext()
#17 2.799 --- End of stack trace from previous location ---
#17 2.799 at NuGet.Protocol.TimeoutUtility.StartWithTimeout[T](Func`2 getTask, TimeSpan timeout, String timeoutMessage, CancellationToken token)
#17 2.799 at NuGet.Protocol.HttpRetryHandler.SendAsync(HttpRetryHandlerRequest request, String source, ILogger log, CancellationToken cancellationToken)
#17 2.800 at NuGet.Protocol.HttpSource.GetThrottledResponse(Func`1 requestFactory, TimeSpan requestTimeout, TimeSpan downloadTimeout, Int32 maxTries, Boolean isRetry, Boolean isLastAttempt, Guid sessionId, ILogger log, CancellationToken cancellationToken)
#17 2.800 at NuGet.Protocol.HttpSource.<>c__DisplayClass15_0`1.<<GetAsync>b__0>d.MoveNext()
#17 2.800 --- End of stack trace from previous location ---
#17 2.800 at NuGet.Common.ConcurrencyUtilities.ExecuteWithFileLockedAsync[T](String filePath, Func`2 action, CancellationToken token)
#17 2.800 at NuGet.Common.ConcurrencyUtilities.ExecuteWithFileLockedAsync[T](String filePath, Func`2 action, CancellationToken token)
#17 2.801 at NuGet.Protocol.HttpSource.GetAsync[T](HttpSourceCachedRequest request, Func`2 processAsync, ILogger log, CancellationToken token)
#17 2.801 at NuGet.Protocol.ServiceIndexResourceV3Provider.GetServiceIndexResourceV3(SourceRepository source, DateTime utcNow, ILogger log, CancellationToken token)
#17 2.801 --- End of inner exception stack trace ---
#17 2.801 at NuGet.Protocol.ServiceIndexResourceV3Provider.GetServiceIndexResourceV3(SourceRepository source, DateTime utcNow, ILogger log, CancellationToken token)
#17 2.801 at NuGet.Protocol.ServiceIndexResourceV3Provider.TryCreate(SourceRepository source, CancellationToken token)
#17 2.801 at NuGet.Protocol.Core.Types.SourceRepository.GetResourceAsync[T](CancellationToken token)
#17 2.801 at NuGet.Protocol.Core.Types.SourceRepository.GetResourceAsync[T]()
#17 2.801 at NuGet.Protocol.HttpFileSystemBasedFindPackageByIdResourceProvider.TryCreate(SourceRepository sourceRepository, CancellationToken token)
#17 2.802 at NuGet.Protocol.Core.Types.SourceRepository.GetResourceAsync[T](CancellationToken token)
#17 2.802 at NuGet.Protocol.Core.Types.SourceRepository.GetResourceAsync[T]()
#17 2.802 at NuGet.Commands.SourceRepositoryDependencyProvider.EnsureResource()
#17 2.802 at NuGet.Commands.SourceRepositoryDependencyProvider.FindLibraryCoreAsync(LibraryRange libraryRange, SourceCacheContext cacheContext, ILogger logger, CancellationToken cancellationToken)
#17 2.802 at NuGet.Commands.SourceRepositoryDependencyProvider.<>c__DisplayClass19_0.<<FindLibraryAsync>b__0>d.MoveNext()
#17 2.803 --- End of stack trace from previous location ---
#17 2.803 at NuGet.Commands.SourceRepositoryDependencyProvider.FindLibraryAsync(LibraryRange libraryRange, NuGetFramework targetFramework, SourceCacheContext cacheContext, ILogger logger, CancellationToken cancellationToken)
#17 2.803 at NuGet.DependencyResolver.ResolverUtility.<>c__DisplayClass9_1.<<FindLibraryFromSourcesAsync>b__0>d.MoveNext()
#17 2.803 --- End of stack trace from previous location ---
#17 2.804 at NuGet.DependencyResolver.ResolverUtility.FindLibraryFromSourcesAsync(LibraryRange libraryRange, IEnumerable`1 providers, Func`2 action)
#17 2.804 at NuGet.DependencyResolver.ResolverUtility.FindLibraryByVersionAsync(LibraryRange libraryRange, NuGetFramework framework, IEnumerable`1 providers, SourceCacheContext cacheContext, ILogger logger, CancellationToken token)
#17 2.805 at NuGet.DependencyResolver.ResolverUtility.FindPackageLibraryMatchAsync(LibraryRange libraryRange, NuGetFramework framework, IEnumerable`1 remoteProviders, IEnumerable`1 localProviders, SourceCacheContext cacheContext, ILogger logger, CancellationToken cancellationToken)
#17 2.805 at NuGet.DependencyResolver.ResolverUtility.FindLibraryMatchAsync(LibraryRange libraryRange, NuGetFramework framework, String runtimeIdentifier, IEnumerable`1 remoteProviders, IEnumerable`1 localProviders, IEnumerable`1 projectProviders, IDictionary`2 lockFileLibraries, SourceCacheContext cacheContext, ILogger logger, CancellationToken cancellationToken)
#17 2.806 at NuGet.DependencyResolver.ResolverUtility.FindLibraryEntryAsync(LibraryRange libraryRange, NuGetFramework framework, String runtimeIdentifier, RemoteWalkContext context, CancellationToken cancellationToken)
#17 2.806 at NuGet.DependencyResolver.RemoteDependencyWalker.CreateGraphNode(LibraryRange libraryRange, NuGetFramework framework, String runtimeName, RuntimeGraph runtimeGraph, Func`2 predicate, GraphEdge`1 outerEdge, TransitiveCentralPackageVersions transitiveCentralPackageVersions)
#17 2.806 at NuGet.DependencyResolver.RemoteDependencyWalker.CreateGraphNode(LibraryRange libraryRange, NuGetFramework framework, String runtimeName, RuntimeGraph runtimeGraph, Func`2 predicate, GraphEdge`1 outerEdge, TransitiveCentralPackageVersions transitiveCentralPackageVersions)
#17 2.807 at NuGet.DependencyResolver.RemoteDependencyWalker.WalkAsync(LibraryRange library, NuGetFramework framework, String runtimeIdentifier, RuntimeGraph runtimeGraph, Boolean recursive)
#17 2.807 at NuGet.Commands.ProjectRestoreCommand.WalkDependenciesAsync(LibraryRange projectRange, NuGetFramework framework, String runtimeIdentifier, RuntimeGraph runtimeGraph, RemoteDependencyWalker walker, RemoteWalkContext context, CancellationToken token)
#17 2.807 at NuGet.Commands.ProjectRestoreCommand.TryRestoreAsync(LibraryRange projectRange, IEnumerable`1 frameworkRuntimePairs, NuGetv3LocalRepository userPackageFolder, IReadOnlyList`1 fallbackPackageFolders, RemoteDependencyWalker remoteWalker, RemoteWalkContext context, Boolean forceRuntimeGraphCreation, CancellationToken token, TelemetryActivity telemetryActivity, String telemetryPrefix)
#17 2.807 at NuGet.Commands.RestoreCommand.ExecuteRestoreAsync(NuGetv3LocalRepository userPackageFolder, IReadOnlyList`1 fallbackPackageFolders, RemoteWalkContext context, CancellationToken token, TelemetryActivity telemetryActivity)
#17 2.808 at NuGet.Commands.RestoreCommand.ExecuteAsync(CancellationToken token)
#17 2.808 at NuGet.Commands.RestoreRunner.ExecuteAsync(RestoreSummaryRequest summaryRequest, CancellationToken token)
#17 2.808 at NuGet.Commands.RestoreRunner.ExecuteAndCommitAsync(RestoreSummaryRequest summaryRequest, CancellationToken token)
#17 2.808 at NuGet.Commands.RestoreRunner.CompleteTaskAsync(List`1 restoreTasks)
#17 2.809 at NuGet.Commands.RestoreRunner.RunAsync(IEnumerable`1 restoreRequests, RestoreArgs restoreContext, CancellationToken token)
#17 2.809 at NuGet.Commands.RestoreRunner.RunAsync(RestoreArgs restoreContext, CancellationToken token)
#17 2.809 at NuGet.Build.Tasks.BuildTasksUtility.RestoreAsync(DependencyGraphSpec dependencyGraphSpec, Boolean interactive, Boolean recursive, Boolean noCache, Boolean ignoreFailedSources, Boolean disableParallel, Boolean force, Boolean forceEvaluate, Boolean hideWarningsAndErrors, Boolean restorePC, Boolean cleanupAssetsForUnsupportedProjects, ILogger log, CancellationToken cancellationToken)
#17 2.810 at NuGet.Build.Tasks.RestoreTask.ExecuteAsync(ILogger log)
#17 2.811 Done executing task "RestoreTask" -- FAILED.
it looks like that the certificate added into看起来证书已添加到
/usr/local/share/ca-certificates/
it's not recognized.它不被认可。 I have tried also different locations:我也尝试过不同的位置:
- /usr/share/ca-certificates/ /usr/share/ca-证书/
- /etc/ssl/certs/ca-certificates/ /etc/ssl/certs/ca 证书/
but it does not work.但它不起作用。
The certificate that I am using (MyCertificate.cer) I have exported from Chrome and added into my application project tree.我使用的证书 (MyCertificate.cer) 我已从 Chrome 导出并添加到我的应用程序项目树中。 The fingerprint into the nuget.config it's also the one that I could see checking the certificate properties. nuget.config 中的指纹也是我在检查证书属性时可以看到的指纹。
1 个解决方案
解决方案1
1 2021-08-23 20:04:18
you need to install the root CA that signed your private Nuget repository public SSL certificate in the container.您需要在容器中安装签署私有 Nuget 存储库公共 SSL 证书的根 CA。
PAY ATTENTION 1 make sure that the certificate that you're trying to add to the container (the one that signed your private repository public certificate with) is the one you extract from chrome and save to the container.注意 1确保您尝试添加到容器中的证书(用于签署您的私有存储库公共证书的证书)是您从 chrome 中提取并保存到容器中的证书。
PAY ATTENTION 2 also notice that some distributions may need a specific certificate format and so you might need to also convert your .cer file to .crt format (they basically have the same data but are a bit different nevertheless ).注意 2还注意到某些发行版可能需要特定的证书格式,因此您可能还需要将.cer文件转换为.crt格式(它们基本上具有相同的数据,但还是有一点不同)。 Some explanation and here's an example on how to convert the between the files.一些解释,这里有一个关于如何在文件之间转换的例子。
To do so for your container (which uses Debian GNU/Linux 10 (buster) ) you need to:要为您的容器(使用Debian GNU/Linux 10 (buster) )执行此操作,您需要:
- copy the rootCA to
/usr/local/share/ca-certificates/将 rootCA 复制到/usr/local/share/ca-certificates/ - run in the container
update-ca-certificates在容器中运行update-ca-certificates
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
使用 Visual Studio 2017 构建 Docker 失败,因为使用私有 nuget 源在 dotnet 还原期间超时 - Docker build with Visual Studio 2017 failed because timeout during dotnet restore using private nuget feed
私有 NuGet 提要和 docker 缓存(Windows) - Private NuGet feed and docker cache (windows)
使用私有NuGet提要(VSTS CI Build),.NET Core NuGet还原失败 - .NET Core NuGet restore fails with private NuGet feed (VSTS CI Build)
如何从 Windows 上的 devcontainer 中的私有 NugetFeed 恢复 Nuget 包? - How do I restore Nuget Packages from a private NugetFeed in a devcontainer on Windows?
NuGet 恢复在 Docker 容器内停止工作 - NuGet restore stopped working inside Docker Container
无法使用 Azure 管道中的 Paket 恢复 NuGet 包(工件馈送) - Cannot restore NuGet packages using Paket in Azure Pipelines (Artifacts feed)
如何在运行 dotnet restore 时使用私有 nuget package 源进行身份验证 - How to authenticate with private nuget package source while running dotnet restore
如何将.NET标准库打包/发布到私有VSTS Nuget订阅源? - How to pack/publish a .NET Standard Library to a private VSTS Nuget feed?
在Mac OS X上设置Private NuGet Feed API密钥 - Set Private NuGet Feed API Key on Mac OS X
从私有 nuget 服务器下载私有 nuget 包 - Download private nuget packages from private nuget server
相关标签