Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to use Reference Token with Azure DevOps Service Connection even though the connection Validates using a Reference Token #509

Open
fourpastmidnight opened this issue Oct 16, 2024 · 1 comment
Open

Unable to use Reference Token with Azure DevOps Service Connection even though the connection Validates using a Reference Token #509

fourpastmidnight opened this issue Oct 16, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@fourpastmidnight
Copy link

fourpastmidnight commented Oct 16, 2024
edited
Loading

Describe the bug

Important

Please see my comment below. I'm leaving the original issue as stated for broader context purposes, but the issue is not what it at first seemed. What follows below is the original issue, but please see my comment for the real issue at hand.

I have an Azure DevOps Server ServiceConnection to Artifactory which is using token-based authentication for the connection.

However, when using the JfrogDotNetCore@1 task in an Azure DevOps YAML pipeline with the following configuration:

- task: JFrogDotNetCore@1
  displayName: Restore NuGet Packages
  inputs:
    command: restore
    artifactoryConnection: ${{ parameters.artifactoryConnection }}
    targetResolveRepo: ${{ parameters.artifactoryRepository }}
    rootPath: ${{ parameters.solutionOrProjectPathGlob }}
    collectBuildInfo: ${{ parameters.collectBuildInfo }}
    ${{ if eq(parameters.collectBuildInfo, true) }}:
      buildName: '$(Build.DefinitionName)'
      buildNumber: '$(Build.BuildNumber)'

running the build results in the following error output:

D:\Agent04\_work\_tool\dotnet\sdk\9.0.100-rc.1.24452.12\NuGet.targets(751,5): error : Value cannot be null or empty string. (Parameter 'username') [D:\Agent04\_work\111\s\src\MyProject\MyProject.csproj]
16:21:50 [Error] exit status 1
##[error]Error: Command failed: D:\Agent04\_work\_tool\jf\2.53.1\x64\jf.exe dotnet restore --build-name="my-project" --build-number="v8.0.0-ci.4.24290.73267.6360"

If I'm using a ServiceConnection, then I should not need to provide a username input to the task.

Current behavior

If you don't specify a username input to the JfrogDotNetCore@1 task in a YAML pipeline even though you are using a ServiceConnection, the task ends in an error.

Reproduction steps

Run a build pipeline with a valid task configured as shown below:

- task: JFrogDotNetCore@1
  displayName: Restore NuGet Packages
  inputs:
    command: restore
    artifactoryConnection: ${{ parameters.artifactoryConnection }}
    targetResolveRepo: ${{ parameters.artifactoryRepository }}
    rootPath: ${{ parameters.solutionOrProjectPathGlob }}
    collectBuildInfo: ${{ parameters.collectBuildInfo }}
    ${{ if eq(parameters.collectBuildInfo, true) }}:
      buildName: '$(Build.DefinitionName)'
      buildNumber: '$(Build.BuildNumber)'

When using a ServiceConnection with token-based authentication, a username should not be required. (The Classic build pipeline editor does not prompt for a Username whin using a ServiceConnection.)

Expected behavior

The task does not require a username input when using a ServiceConnection.

Azure DevOps extension name and version

2.92 I think.....

JFrog CLI version

2.53.1

Operating system type and version

Windows Server 2019

JFrog Artifactory version (if relevant)

No response

JFrog Xray version (if relevant)

No response

JFrog Distribution version (if relevant)

No response
@fourpastmidnight fourpastmidnight added the bug Something isn't working label Oct 16, 2024
@fourpastmidnight
Copy link
Author

Never mind. So, when I created the user account for build server integration, I also created an access token, both a JWT and a Reference token. The help bubble for the Reference Token says that it can be used anywhere as a password, API Key, or, and this is the important one, a Bearer token. That, apparently, is not true, at least, not for Nuget. Here's more of the log from a failing build:

21:08:19 [Warn] couldn't extract payload from Access Token.
The provided access token is not a valid JWT, probably a reference token.
Some package managers only support basic authentication which requires also a username.
If you plan to work with one of those package managers, please provide a username.
  Determining projects to restore...
D:\Agent04\_work\_tool\dotnet\sdk\9.0.100-rc.1.24452.12\NuGet.targets(751,5): error : Value cannot be null or empty string. (Parameter 'username') [D:\Agent04\_work\111\s\src\MyProject\MyProject.csproj]
21:08:20 [Error] exit status 1
##[error]Error: Command failed: D:\Agent04\_work\_tool\jf\2.53.1\x64\jf.exe dotnet restore --build-name="my-project" --build-number="v8.0.0-ci.4.24291.4057.6362"

So, I cannot use the reference token as a bearer token, I have to use the full JWT token. But here's the thing, I validated the ServiceConnection in Azure DevOps with the Reference token and it validated just fine—the connection to the API could be established. This seems like a bug to me—perhaps in Azure DevOps Server. So, I'm going to change the title of this issue and let someone else decide whether this is not a Jfrog problem. (It's possible it's a littel of both.)

@fourpastmidnight fourpastmidnight changed the title JfrogDotNetCore Restore Task requires username parameter in YAML pipeline Unable to use Reference Token with Azure DevOps Service Connection even though the connection Validates using a Reference Token Oct 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fourpastmidnight