WorkerExtensions.csproj trying to restore from private nuget feed, unsuccessfully #1252
Comments
|
Are you having trouble when trying to build/restore packages using Visual studio? Do you have the nuget.org package source (https://api.nuget.org/v3/index.json) enabled?
If you are trying to restore using "Manage Nuget packages" tab of the project, do you have "nuget.org" package source selected?
|
|
This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. |
|
@kshyju Regular restore works fine. This is only trying to build our project if our private repo is enabled:
In the above, I usually have to disable our package source for it to work. |
ghost
added
Needs: Attention 👋
and removed
Needs: Author Feedback
no-recent-activity
labels
|
@1kevgriff I believe the issue is that part of the build process will create a temporary project and invoke |
|
Hi @1kevgriff, I could resolve similar issue by following the below work around steps.
One more alternative is :
I hope these steps would help you resolve the issue. |
I installed Nuget Credential Provider but it looks like I'm still having the same issue. I'm not entirely sure if there is another step after the install. After the install, I removed the private repo and re-added it within VS 2022. But no help. |
|
@1kevgriff I had the same issue and was able to resolve by adding PackageSourceCredentials with a Personal Access Token created from Azure DevOps to the NuGet.config file under C:\Users\username\AppData\Roaming\NuGet Adding a PAT I got from here https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows#create-a-pat Hope that works for you as well |
|
This is my It seems like I have everything where it is supposed to be, but VS building WorkerExtensions.csproj on the fly isn't using any of it. |
|
Also noticed this in the build output for the project: |
|
It definitely needed a change from Password to ClearTextPassword when I put the token in, it didn't work for me either using the key as just Password |
|
I need to review again, but moving %APPDATA% Nuget.Confg to ClearTextPassword didn't work. |
|
Flagging this for investigations and ensure the following scenarios are handled:
|
|
@1kevgriff as a temporary workaround, moving your private feed entry from the global |
|
Linking this here so it is not lost: this comment also brings up another way in which the nuget restore on the inner build is problematic. Maybe we can address both issues at once. |
This worked for me. I had the |
|
I'm running into this as well. In my case, I wrote a custom target to copy in the nuget.config from the restore step into the temp directory for the generated project: <Project>
<!-- Workaround for https://github.com/Azure/azure-functions-dotnet-worker/issues/1252 -->
<!-- Target to copy the nuget.config from the root of the repo to the generated WorkerExtensions project. -->
<!-- _GetRestoreSettings sets up @(_OutputConfigFilePaths) -->
<!-- _FunctionsPostBuild sets up the $(ExtensionsCsProjFilePath) -->
<!-- $(_OutputConfigFilePaths) *should* have the nuget.config file that should be used first, so we get the first with a simple regex -->
<Target Name="CopyFirstNugetConfigToGeneratedDirectory" BeforeTargets="_WorkerExtensionsRestore" DependsOnTargets="_GetRestoreSettings;_FunctionsPostBuild">
<PropertyGroup>
<NugetConfig>$([System.Text.RegularExpressions.Regex]::Replace("$(_OutputConfigFilePaths)", ";.*$", "", "System.Text.RegularExpressions.RegexOptions.ECMAScript"))</NugetConfig>
</PropertyGroup>
<Copy SourceFiles="$(NugetConfig)" DestinationFolder="$(ExtensionsCsProjFilePath)" SkipUnchangedFiles="true" />
</Target>
</Project> |
|
I am actively working on this issue now. My current plan is to provide a mechanism to include the worker extension project as part of source control and let it be restored at the same time as the function app csproj it is for. This will allow it to inherit the same feed authentication as the function app. Alternatively, the way to address it now is that however you authenticate in your restore step, make sure you provide the same authentication to your build step as well (as it will include the inner restore as well). |
Try including this in your build step also: env:
TELERIK_API_KEY: $(telerikApiKey) |
|
@jviau This wont fix the issue for this usecase: |
|
@jakobwi I can't say for sure, but I imagine the |
|
Perhaps this is a daft question but why does the SDK even need to run its own private And as people have mentioned, it's problematic because it doesn't go through the normal routes. Unless you happen to run into this problem with private feeds, you would likely be entirely unaware that this extra package fetch was happening, and that's a real problem if you're trying to create an accurate SBOM to track what components you are using. (And that's a vital part of supply chain integrity.) The DLL it builds seems to contain no code anyway. Why is this necessary? And could you find some way of doing it that doesn't operate outside the purview of tools designed to ensure supply chain integrity? |
This is necessary as part of constructing the webjobs extension payload that the host will load. When you use a worker extension, it declares what WebJobs extensions are associated with it (which are additional nuget packages). We do not know these packages until nuget restore is already complete and we need to combine multiple extensions together and consolidate dependencies. This necessitates an inner build which will fetch and process these packages. We have discussed this with the nuget, dotnet, and msbuild team and there is no alternative for us. As far as SBOM goes, you should be running that on your final output contents. Everything this process uses in the end is part of your projects output directory in the |
|
Any update on this? I was running into the same issue with Microsoft.Azure.Functions.Worker.Sdk" Version="1.18.1. Builds succeeded locally but would fail in the ADO pipeline. This was incredibly frustrating and I spent hours trying to understand why this was happening before coming across this article and ultimately downgrading back to version 1.17.2. My organization enforces the use of a private nuget feed, so adding nuget.org to our list of sources to the pipeline is not acceptable even if it does fix the issue. |
@jdinardofsl thanks. I had the same issue. Downgrading back to version 1.17.2 works. |
|
I too have the problem. Obviously it is a bug, so please threat is as one! This simple pipeline will fail on ubuntu-20.04: name: 'Build Solution'
description: 'Build .NET solution'
inputs:
VS_PAT:
description: 'The PAT token for the feed'
required: true
runs:
using: 'composite'
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup .NET
uses: actions/setup-dotnet@v2
with:
dotnet-version: '8.x'
- name: Restore dependencies
run: dotnet restore --configfile NuGet.Config
shell: bash
- name: Build
run: dotnet build --no-restore --configuration Release
shell: bashNuGet.config |
Could you do it as part of |
This comment has been minimized.
This comment has been minimized.
We would love to, but unfortunately there are many things which prevent that from being feasible.
|
|
So is there a solution here, please? I upgraded Azure Function to the new version I need for Aspire and it returns the error described here. It's really awkward,because I can't use Aspire without the upgrade. Please help. Thanks Pipeline Log |
|
@jviau For example:
Would you be able to determinate the correct targeting version and add the same as target in yours temporary project (WorkerExtensions.csproj) ? Would help a lot, as those ref packages comes with used .net sdk... |
|
More issues with
|
|
I could make it work with a workaround, the idea is to continue on the first build, then add a script that : |
|
I have 2 function applications 1 that run with the DurableTask 1.2.2 package included and 1 without. The application withOUT the Durable Task library builds fine with Microsoft.Azure.Functions.Worker.Sdk 1.18.1, but if I include the DurableTask package, then the csproj file gets generated. This results in failed ADO builds because we use a private Nuget feed that fails to restore. Downgrading the SDK package to 1.17.2 allows the build to succeed as @lovelangy stated. Here are my working and not working csproj files. WORKING: DOES NOT WORK (the only difference is the inclusion of the DurableTask package) |
|
I'm facing the same issue. When using .NET 9 with "Microsoft.Azure.Functions.Worker.Sdk" Version="2.0.0" I have the same error. When using .NET 8 with "Microsoft.Azure.Functions.Worker.Sdk" Version="1.17.2" everything works as expected. It's not possible to use .NET 9 with "Microsoft.Azure.Functions.Worker.Sdk" Version="1.17.2" because of Invalid combination of TargetFramework and AzureFunctionsVersion is set. error in build time. It will be appreciated if a fix is available soon. Thanks. |
## Summary of changes Attempt to fix flakiness in Azure Functions multi-sample build ## Reason for change #6472 added multi-version building for Azure Functions samples. Unfortunately, this caused the build stage to be flaky, because Azure Functions apparently generates and builds a [completely separate _.csproj_](Azure/azure-functions-dotnet-worker#1252). Unfortunately, it also ignores all the artifact output stuff, which means when we restore/build multiple versions of the app (with different api versions, it stomps over itself. e.g. we can see the sample app build itself doing the right thing: ``` 08:59:05 [DBG] Samples.AzureFunctions.V4Isolated -> /project/artifacts/bin/Samples.AzureFunctions.V4Isolated/release_net6.0_1.6.0/Samples.AzureFunctions.V4Isolated.dll 08:59:06 [DBG] Samples.AzureFunctions.V4Isolated -> /project/artifacts/publish/Samples.AzureFunctions.V4Isolated/release_net6.0_1.6.0/ ``` But there's also the "WorkerExtensions" thing which is going completely off the rails, ignores all of the Directory.Build.props etc and just does its own thing ``` 08:59:07 [DBG] WorkerExtensions -> /tmp/oh4iajvh.kcj/publishout/ 08:59:07 [DBG] WorkerExtensions -> /tmp/zv30zzl2.cxz/publishout/Microsoft.Azure.Functions.Worker.Extensions.dll 08:59:08 [DBG] WorkerExtensions -> /tmp/zv30zzl2.cxz/publishout/ ``` Unfortunately, this shows it's trying to build two separate versions to the same location, and things break. ## Implementation details My initial attempt in #6521 failed. In this attempt I split the v1 SDK and v2 SDK into two separate projects. The SDK versions are tracked separately. I was thinking that as long as we only build a _single_ version per project we _should_ be ok. It was not OK. So in the end I tore out the Azure Functions version tracking. We could/should consider adding it back in some way, but right now this is causing too many issues An alternative is to just remove the Azure Functions samples from the "auto-updating multi version". I kept the split between v1 and v2 of the Azure Functions SDK to give us a _little_ more coverage; I think it's about the best we can do. ## Test coverage If this all finally passes, we should be good. ## Other details An important thing to note is that _currently_, even though we will now get dependabot notifactions about updates to the azure functions libs, these _aren't_ tested automatically. That's because currently our testing on Windows does _not_ run the "multi version" tests like we do on Linux. And we _only_ test Azure functions on Windows. This is something I'd like to address longer term with PRs like #6498, but for the meantime, we'll need to manually keep the samples up to date with the latest SDK version when there's a dependabot PR
We are using Error details: C:\Users\ContainerAdministrator\AppData\Local\Temp\mrnjchtq.emz\WorkerExtensions.csproj : error NU1301: Unable to load the service index for source https://api.nuget.org/v3/index.json. |
Hi @campelo, Are you sure it worked for you ? we are also using .NET 8 with "Microsoft.Azure.Functions.Worker.Sdk" Version="1.17.2" but still hitting same issue in our pipeline. C:\Users\ContainerAdministrator\AppData\Local\Temp\mrnjchtq.emz\WorkerExtensions.csproj : error NU1301: Unable to load the service index for source https://api.nuget.org/v3/index.json. |
@sunnynagavo this is what the latest package versions aim to solve: they will respect your nuget.config and no longer only use nuget.org. But if your nuget.config points to authenticated feeds, you will need to ensure you are authenticated to them before building your function app. |
I would also love to know why, I have a custom trigger with references to net8.0 packages that I cannot update because WorkerExtensions.csproj is still targetting net6.0, even though the in-process model is supposed to be out for net8.0 now... Can we expect an update on that? |
Can you explain how this is blocking? If you are referring to The reason we have not updated WorkerExtensions.csproj to net8 is that it is not crucial at the moment: this project is only for package resolution & unification. The net6 runtime is not actually used outside of compilation. The runtime is determined by the function host, which is net8. I have opened an issue #2924 to explore updating to net8, which will be a better place to discuss that than this issue. |
Yes, everything works. Our application is in production using .NET 8 since it was released. We are facing the error when using .NET 9. |
and others
I hope this is the right place for this question.
I have this recurring problem with our local Functions app trying to build. We recently moved to .NET 6 Isolated to support some future product features.
On build, I get this error:
I'm not sure why
WorkerExtensions.csprojis trying to look at our private Nuget feed for that package.Functions.csproj
The text was updated successfully, but these errors were encountered: