Support

• 

  Add Documentation for Chocolatey Proxy feeds
  • steviecoaster  

  7
  0
  Votes
  7
  Posts
  11
  Views

  

  Ha! You are right. I had never once seen the octocat until you pointed it out :D I'll get something drafted up. Thanks!
• P

  Problem with setting up LDAP in ProGet
  • pg_user_8607  

  3
  0
  Votes
  3
  Posts
  3
  Views

  

  Hi @pg_user_8607 , Unfortunately, the only information we receive from the underlying library is LdapReferralException, so there's nothing else we can log. My understand is that the server is limiting the information and you ought to see more information from the LDAP/AD server's query logs (they are like HTTP access logs). That's the absolute best place to look. In our experience, a referral typically means the domain name is incorrect (e.g. user@domain.com instead of user@domain.local), but it could be any of the things you mentioned to. Unfortunately, LDAP/AD configuration can be a pain in rare cases (which it sounds like you are), and there's just no way around that. As for monitoring, here is what we recommend: periodic monitoring of the /health endpoint (every 5 minutes) (optional) HTTP access logs (retain for 7 days) There's nothing required beyond that. Those "container logs" (i.e. proget console output) that you see are primarily intended for us (product engineers) to troubleshoot problems and there's not much value in trying to use/storing them. For a tool like ProGet, trying to do extract/monitor detailed metrics is counter productive and leads to information overload. Many "errors" are not problems are a total waste of everyone's time to troubleshoot. For auditing, ProGet maintains internal audit logs (you can query them from the database if you really want to "export" them), or you can use webhooks if you want to publish events. But again, we don't think that's productive; they just become a "secondary log" that no one looks because it's harder to query than ProGet database. For authentication-related information, a combination of HTTP log monitoring (403 errors) and LDAP/AD server is the best thing to check. Cheers, Steve
• Y

  Can't able to upgrade Buildmaster 5.7 version through inedohub
  • ybaskar.temp_3339  

  2
  0
  Votes
  2
  Posts
  8
  Views

  

  Hi @ybaskar-temp_3339, Upgrading from BuildMaster 5.7 to 2025 has never been supported; you'll need to first upgrade to BuildMaster 6.1, and then you can upgrade to BuildMaster 2025. Please see: https://docs.inedo.com/docs/buildmaster-upgrading It's certainly possible there was a bug/oversight in newer versions of the Inedo Hub that didn't "block" the upgrade, but it should never have been possible. Also I do believe we removed really old versions from the Inedo Hub, so you may need to download the offline installer to get to BuildMaster 6.1. Another approach to consider is to just "start from scratch" with BuildMaster 2025, and maintain BuildMaster 5.7 as a separate instance... moving to read-only over time. If a lot of your applications are templatized anyway, you may find the built-in Build Scripts work with minimal configuration. And as long as you're on the latest version of Inedo Agent (on the servers), they should be able to both communicate fine. This approach is the lowest risk by far. Cheers, Steve
• N

  ProGet: implement Policies & Blocking support for Container feeds
  • Nils Nilsson  

  3
  0
  Votes
  3
  Posts
  14
  Views

  N

  Hi Alex, Thanks for taking the time to respond to my request. I fully agree that individual vulnerabilities are often not relevant for a container image. The problem arises when we can not make distinctions when assessing, as we might never be able to assess a vulnerability using the global scope. A scaled down example could be that we have two feed groups, each with their own Package Policy. 'External' which is used for the build/store of an application served to external users comprised of the general public(i.e. a web service), while 'Internal' is used for an identical but separately generated application that is run strictly for internal users with no exposure to the internet. External: Universal Feed, Nuget feed, Container feed Internal: Universal Feed, Nuget feed, Container feed Then we might have a vulnerability like PGV-255532C, assuming we in our application are using the functionality of sqlite which is affected. This would pose an unacceptable risk for an application reachable and used by external users, while it could be fine for an internal application. The current assessment structure for containers wouldn't allow us to continue using the container in the 'Internal' feed group, without also allowing the container in the 'External' feed group. I agree on the premise that an Image is more like a Build, than it is a Package. But even then sharing policies between containers and package feeds would remain relevant for our usecase. Best regards Nils Nilsson
• C

  Moving from IIS to Integrated Web Server
  • caterina  

  7
  0
  Votes
  7
  Posts
  25
  Views

  C

  Hi @stevedennis , using ?bypassIntegrated=false lets me download the package from the UI. Is this something you can fix? For now I can share this information with my colleagues. Offtopic (since we are already talking): We recieved your Inedo snackbox this week and we love it Thanks, Caterina
• D

  Promote a Release from one Workflow to the next
  • dwilson_7533  

  3
  0
  Votes
  3
  Posts
  7
  Views

  

  @dwilson_7533 that sounds about right! In modern versions of BuildMaster, it's possible to change Pipelines ("new" name for Workflows) a little easier, or even create builds without them. Speaking of, I'd recommend giving it a shot, we've got some pretty cool Git integration these days :)
• C

  Storage Account Connection String
  • certificatemanager_4002  

  2
  0
  Votes
  2
  Posts
  6
  Views

  

  Hi @certificatemanager_4002, I'm not sure I totally understand the question :) The ConnectionString property is marked as encrypted, which means that ProGet's Encryption Key will be used to store it to the database as encrypted, and obviously decrypt it. But this should happen automatic, when using the API or UI to save the settings. -- Dean
• Y

  Missing of Creating Legacy plans
  • ybaskar.temp_3339  

  2
  0
  Votes
  2
  Posts
  10
  Views

  

  Hi @ybaskar-temp_3339, Going off of memory here (this was like 10 years ago), but I believe that BuildMaster v5 would hide legacy options unless there was already legacy data. Since there's no legacy plans there's no button. However, it still should be possible if you can find the url of the page to navigate to. I would check other apps for that option, inspect the url, and just replace it with your applications Id. Let us know if that works! -- Dean
• M

  ProGet configuration as code (IaC)?
  • mikael  

  7
  0
  Votes
  7
  Posts
  74
  Views

  

  @pg_user_8607 very cool, great practical use of the new ".cs scripts" type applications! I think this could make a nice blog post... I'll point this to our technical writers!
• D

  Version matching / sorting fails for maven with string suffix
  • devops_8569  

  3
  0
  Votes
  3
  Posts
  6
  Views

  D

  Hi @dean-houston, thank you for the explanation. I understand, that you don't want to risk the implementation for these special version numbers. On dealing with these false positives, it would be great to ignore a vulnerability just for a specific version, therefore fixing just the version mismatch, rather than deactivating the vulnerability globally. But I'll gladly wait for ProGet 2026 and check out the changes done to the CV management. Best regards
• P

  This topic is deleted!
  • pg_user_8607  

  2
  0
  Votes
  2
  Posts
  5
  Views

  No one has replied

• A

  ProGet Package Download Statistics IP when behind Load Balancer
  • Ashley  

  2
  0
  Votes
  2
  Posts
  9
  Views

  

  Hi @Ashley , It sounds like you're definitely looking in the right place / setting the right configuration. X-Forwarded-For should do the trick, but something as silly as a typo (which I've done several times) will make it not work. Here are the settings we recommend: proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-Port $server_port; And as an FYI, here is the code we use to get the ClientIP adddress. public static string GetClientIPAddress(this AhHttpRequest request) { ArgumentNullException.ThrowIfNull(request); var forwardedFor = request.Headers["X-Forwarded-For"]; if (!string.IsNullOrWhiteSpace(forwardedFor)) { var ips = forwardedFor.Split(','); var clientIp = ips.FirstOrDefault(); if (!string.IsNullOrWhiteSpace(clientIp)) return stripIpv4OverIpv6(clientIp.Trim().Truncate(50)!); } return stripIpv4OverIpv6((request.NativeRequest?.HttpContext?.Connection?.RemoteIpAddress?.ToString() ?? request.UserHostAddress).Truncate(50)!); static string stripIpv4OverIpv6(string ip) { if (ip.StartsWith("::ffff:") && ip.Contains('.')) return ip["::ffff:".Length..]; return ip; } } Although I think the stripIpv4OverIpv6 bits may be relatively new. Thanks, Alana
• Y

  Direct upgrade to BuildMaster 6.2 is not supported at this time.
  • ybaskar.temp_3339  

  2
  0
  Votes
  2
  Posts
  8
  Views

  

  Hi @ybaskar-temp_3339 , The "root cause" is relatively easy to answer. The error was occurring on the 10. Block 6.2 Upgrades.sql script, which is simply this: IF OBJECT_ID('ActionGroups') IS NOT NULL EXEC sp_executesql N' IF NOT EXISTS(SELECT * FROM [Configuration] WHERE [Key_Name] = ''Legacy.NoLegacyFeaturesDetected'' AND [Value_Text] = ''True'') RAISERROR(''Cannot upgrade to BuildMaster 6.2 unless "Legacy.NoLegacyFeaturesDetected" in Advanced Settings is "True". This can be done by running the legacy features checker.'', 16, 1) ' Basically it will simply crash unless Legacy.NoLegacyFeaturesDetected is not set to "True". The "Legacy Feature detector" should have set that to "True" if there were no legacy features detected... but perhaps it didn't? Since you were able to bypass it, I wouldn't worry about it. In the "worse case", legacy data would have been purged during the delete. Thanks, Alana
• P

  Migrating from Sonatype Nexus to ProGet
  • pg_user_8607  

  8
  0
  Votes
  8
  Posts
  36
  Views

  

  @pg_user_8607 sorry I accidently deleted that when trying to fork it into a new topic... I briefly saw the logs and wanted to review w/ team to see if we can figure them out Can you repost them again as a new topic? Thanks, we can then track it separately.
• A

  NPM Incorrect Handling of min-release-age
  • Ashley  

  11
  0
  Votes
  11
  Posts
  64
  Views

  A

  Thanks @atripp, that makes sense. I was having another issue with pgutil which turned out to be my fault, however I believe there is a follow on issue to do with the compliance analysis for project builds that have yet to have been pulled to ProGet. More detail on my original post here: https://forums.inedo.com/topic/5733/proget-unable-to-publish-sbom-from-pgutil/4. @Dan_Woolf suggested continuing the topic here as it's related to non-compliant packages and what I believe to be the recently published rule. Is this something you can take a look at? Thanks!
• A

  ProGet Unable to publish SBOM from pgutil
  • Ashley  

  4
  0
  Votes
  4
  Posts
  39
  Views

  

  Hi @Ashley, Glad to hear that fixed the issue with the Project Name! You are partially right on the noncompliance. The publish date is definitely causing most of the packages to be noncompliant. Based on your logs, I'm also seeing at least one deprecated package as well. I see you already have another forums post about the recently published issue. I believe we can continue that issue there and close this one out. Thanks, Dan
• C

  Unhandled exception in execution #xxx: 42702: column reference "DatabasePath_Text" is ambiguous
  • cole.brand_2889  

  3
  1
  Votes
  3
  Posts
  19
  Views

  

  Hi @cole-brand_2889, I have identified the issue, PG-3268, and this should now be fixed in ProGet 2025.27. Please upgrade to 2025.27 and see if that resolves your issue. Thanks, Rich
• B

  Image-based Services (Containerized Builds) failing on "Build .NET Project"
  • brandon_owensby_2976  

  5
  0
  Votes
  5
  Posts
  12
  Views

  B

  The reason I'm using Docker.Desktop is not to run Linux on Windows but to run Docker. The goal was to mimic our dev and prod deployment which involves using helm files to update what version of a given image is deployed in a given environment. This part I have working. I just figured I'd try taking advantage of having docker installed to try out this feature of BuildMaster. I didn't expect it to be this troublesome though. When I was working on it this morning I tried updating the tag to pull a specific version of the image to ensure it was Linux but that didn't work either. In fact it didn't change anything. I'll look at it again on Monday. Maybe someone will have some insight before then and help me out. Let me know if there is anything I add to the post to help. If I see a response over the weekend I'll definitely update the post with any requested information.
• B

  Running InedoAgent on a Docker image
  • brandon_owensby_2976  

  7
  0
  Votes
  7
  Posts
  15
  Views

  B

  oh, and I will look up this docker run command. Unfortunately that doesn't allow me to use the built in test function in BuildMaster which could take away from part of my sales pitch. We'll see what I can do, and maybe you or someone else will think of something else.
• M

  Running ProGet with Group Managed Service Account
  • mhelp_5176  

  6
  0
  Votes
  6
  Posts
  36
  Views

  

  Thanks for sharing all the details @sgardj_2482. You shouldn't need to modify the Embedded Database like this when using a GMSA. It should continue to work just fine using a username/password as configured. If you ran into an issue when changing the service account, please let us know. Note that we don't support modifying the Embedded Database like this, so please be aware this may suddenly break in a future upgrade.