This a known issue that we are currently working through. It seems to be an issue with some bad/duplicate data in your database. The current workaround is to downgrade to ProGet 2023. We are hoping to have a fix ready soon.
Thanks,
Dan
This a known issue that we are currently working through. It seems to be an issue with some bad/duplicate data in your database. The current workaround is to downgrade to ProGet 2023. We are hoping to have a fix ready soon.
Thanks,
Dan
Hi @forbzie22_0253,
You can do this using our Bulk Import via a drop path feature. We have a helpful How To Bulk Import Packages Into A Feed From Disk article in our documentation.
Please let us know if you have any other questions!
Thanks,
Dan
Hi @itops_6398,
I'm very happy to hear that you got this working. You typically do not need the UPN because it will be automatically appended when searching for the user in your domain, but it doesn't hurt to be there. There are typically only two scenarios when the UPN is needed; when that username is already in the built-in directory or you have a multi-domain forest setup in Active Directory, then the UPN will tell it specifically where to look.
With all that said, if it is working for you now, then I would leave it as is because SAML and AD/LDAP are difficult enough as it is. We are going to add the transform information to our SAML docs in hopes of helping others later.
Thanks,
Dan
Hi @itops_6398,
Are you still using the defaults for the LDAP Overrides? Unfortunately, AD LDAP queries give very little log output. Right now you are seeing the amount of logging we receive from the AD server. The best way to see more details is to log into your Active Directory server and look in the Windows Event Log to see the errors found in the connection.
On a separate note, when it comes to configuring an Azure Enterprise Application SAML provider to link to your active directory. I have found that changing the nameidentifier claim to use a transformation of ExtractMailPrefix()
on the attribute user.userprincipalname
will extract the username and typically link well to Active Directory usernames.
Thanks,
Dan
Thanks for clarifying that for me. So that changes things a bit. When it comes to the LDAPS issue, the original suggestion for adding the certificate will not work. The LDAPS certificate needs to be added directly to the trusted certificates in the Container, not the app service. We don't have much advice on this as of yet, but let me talk internally on this and see what my colleagues say.
As for the actual SSL certificate in ProGet, you will need to follow the Configuring HTTPS without a Reverse Proxy guide in the Linux HTTPS Support. That will show you how to configure the SSL certificate within the container itself and not the app service. We also have more guidance on converting certificate files to different formats at the bottom of our HTTPS support on Windows documentation.
Thanks,
Dan
I didn't realize how you were running ProGet. Are you currently running the ProGet Docker Image using an Azure App Service?
Thanks,
Dan
The rejected certificate was from your Active Directory provider, not the Azure Web App itself. This is normally due to Active Directory generating its own certificates. I'm not exactly sure how to trust them in Azure, but it looks like you can register CA certificates on an Azure Web App using Microsoft's documentation: https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code
As an alternative, you can edit your User Directory in ProGet and on the Connection tab, you can change to "Use LDAPS and bypass the certificate errors". That will allow ProGet to bypass the certificate validation process.
Thanks,
Dan
Hi @k_2363,
We found an issue in our Native API related to our .NET 6 upgrade that was preventing certain values from converting properly. That has been resolved and will be released on Friday in ProGet 2023.18.
Thanks,
Dan
Hi @Jon,
Thanks for sending this over to us. It looks like there is an issue with the configuration API and it's causing it to always return a 404 error. I have added a ticket, OT-497, to fix this issue, and it should be released on Friday this week in Otter 2022.13.
Thanks,
Dan
Hi @caterina,
This has been an issue we see from time to time and it is related to NuGet's request caching. One thing to try first is to make sure you do not have IIS request caching enabled. To do this:
The next thing to try is to clear NuGet's HTTP cache. You can do that by running the following NuGet command:
nuget locals http-cache -clear
Typically the combination of these will resolve the issue. Can you please try these next time you have the issue?
Thanks,
Dan
Hi @guyk,
After some research, it looks like scope-mapped tokens require a custom authentication procedure. It looks like if you use an Admin User, it will then use the standard Docker authentication procedure. Would you be able to try that and see if it works with ProGet?
Thanks,
Dan
Hi @guyk,
Thanks for confirming that for me. On that same email you sent me, can you please send me a repository name that is available to that token?
Thanks,
Dan
Hi @guyk,
The error I'm getting is a 401 unauthorized exception. Can you confirm that the token you sent me is a token password? Following Micorosft's documentation https://learn.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions, you need to create a token password for the token. Then the docker login username is the name of the token and the password is the token password.
Thanks,
Dan
Hi @guyk,
Thanks, I have it and I'm testing now. I'll reach out shortly and let you know what I find.
Thanks,
Dan
Hi @chrisblankde,
Can you please tell me what metadata you are trying to update? If it is just the version, you can use the Repackage API. If it is something other than the version, in ProGet 2023, we added the ability to edit the upack metadata directly in ProGet. You can do that by navigating to the package version in your universal package feed and then click "Edit Package" in the upper right corner.
If neither of those options works for you, then what you suggested (download/extract/edit/repack/upload) would be the way to handle this.
Thanks,
Dan
Hi @guyk,
You are correct, the proxy settings are global, not at a feed level.
Would you be able to provide us with a URL and a scope-mapped token we can debug with? You can email these to support@inedo.com with the subject of [QA-1148]
. If so, we can easily debug this and see what is going on. Once we complete the fix, we can let you know and you can revoke access from us.
Thanks,
Dan
Hi @guyk,
Glad to hear that fixed your issue with the Docker hub connector. When it comes to "Attempt to search", this options does work on Microsoft's container registry, GitLab's container registry, and Google Cloud (gcr/k8s). It only actually affects searching for images though. When it is unchecked, it just requires exact image name searches.
The manifest error is definitely annoying, unfortunately, Docker itself filters out all returned errors and just displays that "not found: manifest unknown: manifest unknown" message. Along with that, when it comes to querying other Docker registries, they throw a lot of errors instead of just returning an empty dataset when an image is not found. That makes it hard to produce meaningful entries into our logs.
As for the Azure container registry. Are you using a public or private registry? One thing we have noticed is the Azure container registry can have multiple package types mixed into it. When you mix package types, ProGet has a hard time using that registry. If you can provide us with an example, we can quickly debug it and let you know what is wrong with the connection.
Thanks,
Dan
Hi @guyk,
Can you try using https://registry.hub.docker.com
for your connector URL and see if you have the same issue?
Thanks,
Dan
Hi @guyk,
I have a few questions for you. Can you please share the connector URL you use for your Docker connector? Also, on one of the images that failed with this message, when you look at them in ProGet, do you see if the image is cached? If so, can you try to delete the cached image and pull it again?
Thanks,
Dan
Hi @v-makkenze_6348,
When you enable the preview feature for ProGet Vulnerability Central, ProGet will add a vulnerability source name PGVC automatically, but it will not show under the vulnerability sources. It looks like after you enabled that, you added a new ProGet Vulnerability Center (which will default the name to "ProGet Vulnerability Central"). So the ProGet Vulnerability Center source should be left off and can probably be removed. That is definitely what was causing a duplicate vulnerability.
Thanks,
Dan
I think the issue here is that the link for the sample config in our docs is now pointing to the wrong sample configuration file. You will want to download the config sample from: https://raw.githubusercontent.com/quay/clair/v2.1.8/config.example.yaml
As Alana mentioned they are on Clair v4 now and it is a different product than version 2 and v4 has a completely different configuration file structure. If you use this older config example, you'll see in the first section has the database connection information. Use this configuration file base should fix your issue.
Thanks,
Dan
Hi @arozanski_1087,
We talked it over in our team meeting yesterday and decided to change ProGet to always create a new release when one doesn't exist and add new dependencies when the release does exist. This way that parameter will not be needed. So you will just need to upgrade ProGet to v2022.23 when it is released later today.
As for the Yarn support and scanning multiple package types in the initial scan, we plan to work on that early next week, so we should have something for you soon.
Thanks,
Dan
Hi @arozanski_1087,
We were able to get the fix in for the appending dependencies, PG-2294. This will be released tomorrow in ProGet 2022.23 and we will also be releasing a new pgscan, v1.4.2, that includes a new parameter, --append-dependencies
, that will allow you to append dependencies from multiple scans.
Thanks,
Dan
Hi @arozanski_1087,
I'm sorry I missed this earlier, but it looks like there was a typo on the GitHub page for the identify
documentation, it previously used --consumer-product-version
. That parameter should have been --version
. If you run the pgscan help identify
command, you will see it is appropriately listed there. My colleague updated the documentation to include the proper parameter. That should get you passed the error above.
I also noticed another issue. If you run the command twice, the dependencies that were found on the second run will not be added to the project. I'm working on getting this fixed, but as a workaround, you can do the following:
That will then add the missing packages to your release. To fix this, we will need to make a change to both pgscan and ProGet. I will do my bet to get this fix into tomorrow's release.
Thanks,
Dan
Hi @arozanski_1087,
Thanks for the additional information. I'll need to research this a little further because nothing is jumping out at me looking through the code. Please stay tuned!
Thanks,
Dan
Hi @arozanski_1087,
pgscan inspect
command will handle creating the project and/or release if it doesn't exist. If the project and release already exist, it will also update them with any changes it has.Thanks,
Dan
Hi @arozanski_1087,
I'll do my best to answer your questions:
input
parameter should be the path and name of the package.json
(ex: \wwwroot\package.json
). This will then parse the package-lock.json
for dependencies in that same folder. If this is what you are already doing, then can you please send over the command you are using and the full error you are receiving?inspect
command will work in an additive fashion and just append the new packages that were found into the ProGet project. This is something we are also looking to improve to add support to auto-scan both NuGet and NPM in one scan. As for the difference between inspect
and publish
inspect
is the new command for ProGet 2022 and higher. This will add the dependencies to a Project in ProGet's SCA feature and is an overall better way to see your dependencies and it will link them to packages, vulnerabilities, and licenses in all your feeds.publish
is the ProGet v6 and v7 command and it will only add the dependencies to a single feed at a time directly on the package itself. This command also requires the feed to be passed to record the results.I hope this answers all of your questions, but please let us know if you have more or need clarification on anything. Also, if you are interested in working to help us add improved support for the new features I mentioned, let us know and we can work together to get these features implemented.
Thanks,
Dan
Can you tell me what version of Windows you are running your ProGet instance on? An SSL error like this will typically happen if your SSL/TLS requirements are not configured to allow the newer schemes by default. Newer OS versions handle these for you, but older Windows versions need specific registry values.
Thanks,
Dan
Hi @nselezneva_7646,
I'm not sure I completely understand what you are asking, but I think you are referring to our connector filters feature. If that is not what you are looking for, could you please explain your use case in a little more detail?
Thanks,
Dan
Hi @lm,
Thanks for this request. We currently support some ways of hosting a symbol server in ProGet, but in ProGet v2023 we are looking to expand this support, including source links. I will bring the request for adding a symbol server proxy to ProGet to the products team to evaluate further and let you know what we decide.
Thanks,
Dan
Hi @lm,
Thanks for the notes on our documentation for HTTPS. We are actually working on providing better guidance on our preferred method for configuring SSL with ProGet. Also, we are in the process of implementing a way to configure this in the UI from within ProGet as well. So our documentation for this will be changing in multiple ways, but I'll at least get the typos fixed that you found. Thanks!
Thanks,
Dan
Hi @lm,
We currently do not have a variable for the base URL. Unfortunately, this is not a trivial thing to implement either. The best solution is to hard code your base URL as you are currently doing in your webhook.
Thanks,
Dan
Hi @lm,
We do not currently have any way to be actively notified on new ProGet releases outside of the notification in ProGet. We do, however, perform regular releases of ProGet and we typically release them every 2 weeks. The best place to check for updates would be the https://my.inedo.com/dowloads page or the Offline Installers page.
Thanks,
Dan
Hi @lm,
Thanks for the feature request! I'll bring this up with the products team and let you know what they say.
Thanks,
Dan
I'm not super familiar with JumpCloud, but it looks like they have a very nice tutorial on how to use Chocolate with JumpCloud: https://university.jumpcloud.com/courses/tutorial-using-chocolatey-for-windows-and-jumpcloud
I think the main things that you will need to do with ProGet are:
choco install 7zip --version 21.7 --source https://proget.yourserver.com/nuget/choco-demo-cached/
):Hope this helps!
Thanks,
Dan
Hi @boazyo_8097,
You are receiving this error because the URL you are using for NuGet to build your docker image is using a localhost URL. That means that the Docker client will try to connect to ProGet using the loopback address. You will most likely need to change out the URL to specify the server name instead of localhost (ex: http://proget-server.mydomain.local:8624/nuget/LocalNugetServer/v3/index.json
).
Thanks,
Dan
Hi @rehanh_0834,
Do you have ProGet installed on Windows or in Docker? If you have it installed on Windows, are you using the integrated web server or IIS to host ProGet?
Thanks,
Dan
Hello @stijn-peeters-external_8202,
Unfortunately, symbol packages are a bit complicated - and don't work quite as intuitively as NuGet packages.
Some quick configuration details:
Our symbol documentation has some advice on how to configure and set all this up:
https://docs.inedo.com/docs/proget-feeds-nuget-symbol-and-source-server#creating-symbol-packages
Hope this helps!
Thanks,
Dan
Hi @tcochran_0018,
This looks to be related to a known bug, PG-2193, that is expected to be released this week in version 2022.7. These errors shouldn't affect the operation of anything, but please let us know if it does.
Thanks,
Dan
Hi @brett-polivka,
We are currently looking into this issue and we should have an update for you soon.
Thanks,
Dan
Hi @a-diessl,
Looking at your request/response, it looks like the cookie domain is still using the IWS URL. I believe what you will need to add is rules in IIS to replace the cookie domain also.
<rewrite>
<outboundRules>
<rule name="Add Domain" preCondition="Domain">
<match serverVariable="RESPONSE_Set_Cookie" pattern=".*" negate="false" />
<action type="Rewrite" value="{R:0}; domain=proget.example.com" />
<conditions>
</conditions>
</rule>
<preConditions>
<preCondition name="Domain">
<add input="{RESPONSE_Set_Cookie}" pattern="." />
<add input="{RESPONSE_Set_Cookie}" pattern="; domain=.*" negate="false"/>
</preCondition>
</preConditions>
</outboundRules>
<inboundRules>
<rule name="Add Domain" preCondition="InDomain">
<match serverVariable="RESPONSE_Set_Cookie" pattern=".*" negate="false" />
<action type="Rewrite" value="{R:0}; domain=proget.intranet" />
<conditions>
</conditions>
</rule>
<preConditions>
<preCondition name="InDomain">
<add input="{RESPONSE_Set_Cookie}" pattern="." />
<add input="{RESPONSE_Set_Cookie}" pattern="; domain=.*" negate="false" />
</preCondition>
</preConditions>
</inboundRules>
</rewrite>
You may have to tweak this a bit to fit your site exactly, but this should be a good start.
Thanks,
Dan
Hi @pariv_0352,
I have a few questions to get us started.
docker pull {our_proget_url}/{feed_name}/library/mongo:5.0
(please not the inclusion of the library namespace)?Thanks,
Dan
Hi @inok_spb,
This error looks to be coming from SQL Server itself. I think the first thing to check would be your Index Fragmentation in SQL Server. We have some information about this in our SQL Server Implementations with Inedo Tools. If you run the following SQL, you should be able to identify any issues with index fragmentation.
SELECT dbschemas.[name] as 'Schema',
dbtables.[name] as 'Table',
dbindexes.[name] as 'Index',
indexstats.avg_fragmentation_in_percent,
indexstats.page_count
FROM sys.dm_db_index_physical_stats (DB_ID(), NULL, NULL, NULL, NULL) AS indexstats
INNER JOIN sys.tables dbtables on dbtables.[object_id] = indexstats.[object_id]
INNER JOIN sys.schemas dbschemas on dbtables.[schema_id] = dbschemas.[schema_id]
INNER JOIN sys.indexes AS dbindexes ON dbindexes.[object_id] = indexstats.[object_id]
AND indexstats.index_id = dbindexes.index_id
WHERE indexstats.database_id = DB_ID()
ORDER BY indexstats.avg_fragmentation_in_percent desc
Once you have pinpointed where your potential problems are you can address them with SQL Server Management Studio, under Tables > select table > Indexes > select index > Right-click > select Reorganize. See the Remove fragmentation using SQL Server Management Studio to learn more.
Please let me know if you have any questions.
Thanks,
Dan
Hi @v-makkenze_6348,
Starting in ProGet 2022, we have removed the Web folder and the web application is now included in the Service directory. You will need to update IIS to point to the Service directory now. This is typically handled as part of the upgrade in Inedo Hub. Are you using a multi-site setup in IIS?
Thanks,
Dan
Hi @john-selkirk,
What version of ProGet are you using? Also, is it running on Windows or Linux/Docker?
Thanks,
Dan
Hi @chris-f_7319,
Can you please give this a try?
docker exec -it proget dotnet /usr/local/proget/service/ProGet.Service.dll resetadminpassword
I may be off on the folder path, but that should allow you to run resetadminpassword on the container.
Thanks,
Dan
Hi @pegogif654_4423,
We have some great blog posts about this for NuGet and you can apply the same concepts to UPACK and Docker.
I believe you are looking to use our Repackaging feature and Package Promotion. Please note that in free editions of ProGet, you can only use the ProGet UI to repackage (for Docker it is Add Virtual Tag) and promote packages and containers. The APIs require a paid edition.
Hope this helps!
Thanks,
Dan
How were the files added to your Git repository? Were they initially added from Otter? When you navigate to Administration -> Raft Repositories and you click "browse" to the right of your Git raft, do you see any files that show there?
Thanks,
Dan