RE: Proget PGScan - How does this work with Dotnet SPA and NPM?

Hi @arozanski_1087,

We talked it over in our team meeting yesterday and decided to change ProGet to always create a new release when one doesn't exist and add new dependencies when the release does exist. This way that parameter will not be needed. So you will just need to upgrade ProGet to v2022.23 when it is released later today.

As for the Yarn support and scanning multiple package types in the initial scan, we plan to work on that early next week, so we should have something for you soon.

Thanks,
Dan

Hi @arozanski_1087,

We were able to get the fix in for the appending dependencies, PG-2294. This will be released tomorrow in ProGet 2022.23 and we will also be releasing a new pgscan, v1.4.2, that includes a new parameter, --append-dependencies, that will allow you to append dependencies from multiple scans.

Thanks,
Dan

Hi @arozanski_1087,

I'm sorry I missed this earlier, but it looks like there was a typo on the GitHub page for the identify documentation, it previously used --consumer-product-version. That parameter should have been --version. If you run the pgscan help identify command, you will see it is appropriately listed there. My colleague updated the documentation to include the proper parameter. That should get you passed the error above.

I also noticed another issue. If you run the command twice, the dependencies that were found on the second run will not be added to the project. I'm working on getting this fixed, but as a workaround, you can do the following:

1. Navigate to your Project & Release in ProGet
2. Navigate to the "Imported SBOMs" tab
3. Download the latest SBOM (please note that viewing the XML in the browser removes the XML namespace which will prevent future uploads)
4. Click the "Upload SBOM" button
5. Copy and paste the contents from your downloaded SBOM into the "SBOM file" field
6. Check the "Overwrite release" option.
7. Click Import

That will then add the missing packages to your release. To fix this, we will need to make a change to both pgscan and ProGet. I will do my bet to get this fix into tomorrow's release.

Thanks,
Dan

Hi @arozanski_1087,

Thanks for the additional information. I'll need to research this a little further because nothing is jumping out at me looking through the code. Please stay tuned!

Thanks,
Dan

Hi @arozanski_1087,

1. No problem!
2. I will discuss this with the team further, but basically, we may ask some questions about how you use yarn and we'll send over some pre-release versions of pgscan to test with your setup. I'll have more details on what will be needed later this week once I talk with the products team.
3. The pgscan inspect command will handle creating the project and/or release if it doesn't exist. If the project and release already exist, it will also update them with any changes it has.

Thanks,
Dan

Hi @arozanski_1087,

I'll do my best to answer your questions:

1. When scanning an NPM project, the input parameter should be the path and name of the package.json (ex: \wwwroot\package.json). This will then parse the package-lock.json for dependencies in that same folder. If this is what you are already doing, then can you please send over the command you are using and the full error you are receiving?
2. We currently do not support yarn, but we are definitely interested in expanding our support to include it. Would you have any interest in working with us on implementing this feature?
3. Currently you will need to run the command twice; once for NuGet and once for NPM. The inspect command will work in an additive fashion and just append the new packages that were found into the ProGet project. This is something we are also looking to improve to add support to auto-scan both NuGet and NPM in one scan. As for the difference between inspect and publish
   • inspect is the new command for ProGet 2022 and higher. This will add the dependencies to a Project in ProGet's SCA feature and is an overall better way to see your dependencies and it will link them to packages, vulnerabilities, and licenses in all your feeds.
   • publish is the ProGet v6 and v7 command and it will only add the dependencies to a single feed at a time directly on the package itself. This command also requires the feed to be passed to record the results.
   • You can also view the implementation differences furthur in our pgscan GitHub repository, https://github.com/Inedo/pgscan, if you would like to see more details.

I hope this answers all of your questions, but please let us know if you have more or need clarification on anything. Also, if you are interested in working to help us add improved support for the new features I mentioned, let us know and we can work together to get these features implemented.

Thanks,
Dan

Hi @florian-haid_9440,

Can you tell me what version of Windows you are running your ProGet instance on? An SSL error like this will typically happen if your SSL/TLS requirements are not configured to allow the newer schemes by default. Newer OS versions handle these for you, but older Windows versions need specific registry values.

Thanks,
Dan

Hi @nselezneva_7646,

I'm not sure I completely understand what you are asking, but I think you are referring to our connector filters feature. If that is not what you are looking for, could you please explain your use case in a little more detail?

Thanks,
Dan

Hi @lm,

Thanks for this request. We currently support some ways of hosting a symbol server in ProGet, but in ProGet v2023 we are looking to expand this support, including source links. I will bring the request for adding a symbol server proxy to ProGet to the products team to evaluate further and let you know what we decide.

Thanks,
Dan

Hi @lm,

Thanks for the notes on our documentation for HTTPS. We are actually working on providing better guidance on our preferred method for configuring SSL with ProGet. Also, we are in the process of implementing a way to configure this in the UI from within ProGet as well. So our documentation for this will be changing in multiple ways, but I'll at least get the typos fixed that you found. Thanks!

Thanks,
Dan

Hi @lm,

We currently do not have a variable for the base URL. Unfortunately, this is not a trivial thing to implement either. The best solution is to hard code your base URL as you are currently doing in your webhook.

Thanks,
Dan

Hi @lm,

We do not currently have any way to be actively notified on new ProGet releases outside of the notification in ProGet. We do, however, perform regular releases of ProGet and we typically release them every 2 weeks. The best place to check for updates would be the https://my.inedo.com/dowloads page or the Offline Installers page.

Thanks,
Dan

Hi @lm,

Thanks for the feature request! I'll bring this up with the products team and let you know what they say.

Thanks,
Dan

Hi @p-pawlowski_8446,

I'm not super familiar with JumpCloud, but it looks like they have a very nice tutorial on how to use Chocolate with JumpCloud: https://university.jumpcloud.com/courses/tutorial-using-chocolatey-for-windows-and-jumpcloud

I think the main things that you will need to do with ProGet are:

1. Make sure that your ProGet instance is accessible to the machines that you are installing the chocolate packages on
2. In that tutorial, they showed the choco install command. You should replace that command with the one that shows in ProGet (ex: choco install 7zip --version 21.7 --source https://proget.yourserver.com/nuget/choco-demo-cached/):
   

Hope this helps!

Thanks,
Dan

Hi @boazyo_8097,

You are receiving this error because the URL you are using for NuGet to build your docker image is using a localhost URL. That means that the Docker client will try to connect to ProGet using the loopback address. You will most likely need to change out the URL to specify the server name instead of localhost (ex: http://proget-server.mydomain.local:8624/nuget/LocalNugetServer/v3/index.json).

Thanks,
Dan

Hi @rehanh_0834,

Do you have ProGet installed on Windows or in Docker? If you have it installed on Windows, are you using the integrated web server or IIS to host ProGet?

Thanks,
Dan

Hello @stijn-peeters-external_8202,

Unfortunately, symbol packages are a bit complicated - and don't work quite as intuitively as NuGet packages.

Some quick configuration details:

• We recommend a single package (using the "embedded symbols" approach)
• Push the package to the normal /nuget endpoint not /symbols
• ProGet can strip symbols automatically, this can be configure on the Manage Feed page

Our symbol documentation has some advice on how to configure and set all this up:
https://docs.inedo.com/docs/proget-feeds-nuget-symbol-and-source-server#creating-symbol-packages

Hope this helps!

Thanks,
Dan

Hi @proget_3280,

Can you please tell me what version of ProGet you are using?

Thanks,
Dan

Hi @tcochran_0018,

This looks to be related to a known bug, PG-2193, that is expected to be released this week in version 2022.7. These errors shouldn't affect the operation of anything, but please let us know if it does.

Thanks,
Dan

Hi @brett-polivka,

We are currently looking into this issue and we should have an update for you soon.

Thanks,
Dan

Hi @a-diessl,

Looking at your request/response, it looks like the cookie domain is still using the IWS URL. I believe what you will need to add is rules in IIS to replace the cookie domain also.

<rewrite>  
<outboundRules>    
<rule name="Add Domain" preCondition="Domain">
     <match serverVariable="RESPONSE_Set_Cookie" pattern=".*" negate="false" />
     <action type="Rewrite" value="{R:0}; domain=proget.example.com" />
     <conditions>
     </conditions>
    </rule>
    <preConditions>
     <preCondition name="Domain">
      <add input="{RESPONSE_Set_Cookie}" pattern="." />
      <add input="{RESPONSE_Set_Cookie}" pattern="; domain=.*"  negate="false"/>
     </preCondition>
    </preConditions>
  </outboundRules>

<inboundRules>    
<rule name="Add Domain" preCondition="InDomain">
     <match serverVariable="RESPONSE_Set_Cookie" pattern=".*" negate="false" />
     <action type="Rewrite" value="{R:0}; domain=proget.intranet" />
     <conditions>
     </conditions>
    </rule>
    <preConditions>
     <preCondition name="InDomain">
      <add input="{RESPONSE_Set_Cookie}" pattern="." />
      <add input="{RESPONSE_Set_Cookie}" pattern="; domain=.*" negate="false" />
     </preCondition>
    </preConditions>
  </inboundRules>
 </rewrite>

You may have to tweak this a bit to fit your site exactly, but this should be a good start.

Thanks,
Dan

Hi @pariv_0352,

I have a few questions to get us started.

• What version of ProGet are you using?
• When did this start happening?
• What is your Docker Hub connector URL
• Does it work if you try to pull using docker pull {our_proget_url}/{feed_name}/library/mongo:5.0 (please not the inclusion of the library namespace)?

Thanks,
Dan

Hi @inok_spb,

This error looks to be coming from SQL Server itself. I think the first thing to check would be your Index Fragmentation in SQL Server. We have some information about this in our SQL Server Implementations with Inedo Tools. If you run the following SQL, you should be able to identify any issues with index fragmentation.

SELECT dbschemas.[name] as 'Schema',
        dbtables.[name] as 'Table',
        dbindexes.[name] as 'Index',
        indexstats.avg_fragmentation_in_percent,
        indexstats.page_count
        FROM sys.dm_db_index_physical_stats (DB_ID(), NULL, NULL, NULL, NULL) AS indexstats
        INNER JOIN sys.tables dbtables on dbtables.[object_id] = indexstats.[object_id]
        INNER JOIN sys.schemas dbschemas on dbtables.[schema_id] = dbschemas.[schema_id]
        INNER JOIN sys.indexes AS dbindexes ON dbindexes.[object_id] = indexstats.[object_id]
        AND indexstats.index_id = dbindexes.index_id
        WHERE indexstats.database_id = DB_ID()
        ORDER BY indexstats.avg_fragmentation_in_percent desc

Once you have pinpointed where your potential problems are you can address them with SQL Server Management Studio, under Tables > select table > Indexes > select index > Right-click > select Reorganize. See the Remove fragmentation using SQL Server Management Studio to learn more.

Please let me know if you have any questions.

Thanks,
Dan

Hi @v-makkenze_6348,

Starting in ProGet 2022, we have removed the Web folder and the web application is now included in the Service directory. You will need to update IIS to point to the Service directory now. This is typically handled as part of the upgrade in Inedo Hub. Are you using a multi-site setup in IIS?

Thanks,
Dan

Hi @john-selkirk,

What version of ProGet are you using? Also, is it running on Windows or Linux/Docker?

Thanks,
Dan

Hi @chris-f_7319,

Can you please give this a try?

docker exec -it proget dotnet /usr/local/proget/service/ProGet.Service.dll resetadminpassword

I may be off on the folder path, but that should allow you to run resetadminpassword on the container.

Thanks,
Dan

Hi @pegogif654_4423,

We have some great blog posts about this for NuGet and you can apply the same concepts to UPACK and Docker.

• 5 Quick Tips for NuGet Versioning
• How to use CI/CD pipelines for your NuGet Packages

I believe you are looking to use our Repackaging feature and Package Promotion. Please note that in free editions of ProGet, you can only use the ProGet UI to repackage (for Docker it is Add Virtual Tag) and promote packages and containers. The APIs require a paid edition.

Hope this helps!

Thanks,
Dan

Hi @marc-ledent_9164,

Thanks for letting us know this is now resolved.

Thanks,
Dan

Hi @gurdip-sira_1271,

How were the files added to your Git repository? Were they initially added from Otter? When you navigate to Administration -> Raft Repositories and you click "browse" to the right of your Git raft, do you see any files that show there?

Thanks,
Dan

Hi @chris_5235,

Can you please tell us what version of ProGet you are running? Also just to make sure I understand this correctly, you have a private PowerShell repository and this error is happening when you call Install-Module in PowerShell?

Would you be able to to share how you configured PowerShell to use ProGet as your repository as well as an example of how you are calling Install-Module?

Thanks,
Dan

Hi @marc-ledent_9164,

The notification link is a little misleading. It redirects to the BuildMaster service page so you can manually run the "Server Checker" and see a live output. To see which servers are in an error state, you will need to hover over the gear icon and click on "Servers". Then you will be able to see which servers are in an error state. If you click on the server, you will also see a "Server Errors" section and the connection errors will show there.

Thanks,
Dan

Hi @naresh-busireddy_1974,

We do not currently have a specific BitBucket extension, but access to a repository should be done using the Git extension. The error you are seeing is that the operation is trying to use a secure resource named BitBucket, but one does not exist. Can you navigate to Administration -> Secure Resources and verify their is a secure resource that exists named BitBucket?

Thanks,
Dan

Hi @marc-ledent_9164,

Thanks for following up and letting everyone know that this fixed your issue!

Thanks,
Dan

Hi @marc-ledent_9164,

Thanks for following up and letting us know that fixed the issue. We are currently in the process of cleaning up our activation process in the v2022 versions of our products. This issue should be corrected in the next major version of our products.

Thanks,
Dan

Hi @marc-ledent_9164,

Each container will run a service and web server. The web application will connect to the service over tcp on that port specified (in this case 4242). We call this the Service Messenger. The container will also communicate to the other container's services in the cluster via that that port as well (4242 in your case). When you have BuildMaster configured as a cluster, it will not only provide high availability that way, but it also will distribute the background processes (like deployment plans) amongst all the services to orchestrate the communication to the Inedo Agents.

You can customize the connection on each container's service by clicking the [change] button on each service. Once that has been changed, it will then use the specific configuration instead of the global configuration.

With all of that being said, we have fond that certain rootless container systems (lik podman) will run into port conflicts if you have two containers trying to share the same port on the same server. I'm not sure if open shift has the same restriction, but that may be the reason you are seeing the communication error.

Hope this helps!

Thanks,
Dan

Hi @ales-bahnik_2824,

Your command looks correct. Have you noticed this happen with any other package you are attempting to delete? Does it work if you delete the package from the UI? Also, are you using a personal API Key or a global key?

Thanks,
Dan

Hi @dm-sidelnikov_5266,

I see the email, thanks for sending this over! Please give me some time to review and I'll let you know what I find.

@pieter-mertens_0372, your issue may be related. Although both products are owned by Microsoft, they still differ in their implementation. Does this happen for all packages or just a specific subset?

Thanks,
Dan

Hi @kichikawa_2913,

Glad to hear it is working now. I know the NuGet client does a lot of caching on it's side, so it is very possible that resetting the credentials for Visual Studio forced a reset of that, but I'm not positive. Either way, I'm happy it is working for you now! Please let us know if you find any other issues with it.

Thanks,
Dan

Hi @kichikawa_2913,

For managing the AD Credentials, that will be fixed in ProGet 6.0.11. Unfortunately, that was not caught in time for the release, but it is fixed in a current development branch.

So I just want to make sure I understand the current state.

• You have updated the AD Credentials to use a user that can query groups.
• When you test the permission in ProGet it shows view/download.
• When one of those users logs into the ProGet UI, they can view and download the packages fine.
• When they try to view and download from Visual Studio, it does not work.

Can you confirm that is correct?

When the user is using visual studio, are they logging in with their domain username and password? Or are they using an API key (username api the key as their password)? Can you try resetting the credentials used for visual studio? We have a walk through on how in our troubleshooting section of the how to add a repository to Visual Studio How To.

Thanks,
Dan

Hi @Russell-Kahler_4399,

If you open InedoHub you should see logs for the failed upgrade. Can you please look in there and tell us what database scripts failed to run?

Thanks,
Dan

Hi @mcascone,

Can you go to your Profile settings and tell me what your Homepage is set to?

Thanks,
Dan

Hi @mcascone,

Thanks for bringing this to our attention. It seems to default to support for me. Does it default as empty or Off Topic for you?

Thanks,
Dan

Hi @kichikawa_2913,

I would agree that does not look like a ProGet error. Please let us know what you find.

Thanks,
Dan

Hi @kichikawa_2913,

Do you happen to have multiple groups with the same name in different OUs? Your log output looks like it found the group, but then the search for the users is not returning any users. If you look at the last line of the debug statement you sent, it shows the group name and OUs it is using when searching. That starts at memberOf=CN=<Group_Name>,OU=.

Thanks,
Dan

Hi @dm-sidelnikov_5266,

This is most likely related to either something missing in the package's metadata or a feature missing in the Azure DevOps NuGet API. We have found that Azure DevOps can be a little loose when it comes to the NuGet API spec.

The easiest way for us to solve this would be to share access to your Azure DevOps registry, we can debug this and get a fix out pretty quickly for it. If that will not work for you, could you run Fiddler on your ProGet server and record the connector requests and send us the exported saz file to review? You can email these too us via support@inedo.com with a subject of "[QA-786] Azure DevOps Null Reference" and we can review it from there.

Thanks,
Dan

Also, I just reviewed the email you sent about the view effective privilege's and it looks like something is not linking up correctly for your users group. Would you be able to run the our AD Test tool 1.13.1 from a windows computer and see if your users show up when searching for members in that group? You will see a tab in that tool called "Get Group's Users". It will allow you to verify we are pulling those users back in that group.

Thanks,
Dan

Hi @kichikawa_2913,

When you are on the "Domains / User Directories" tab, you should see a link at the top that says "revert to single-directory mode". Steve is requesting that you click that link and see if the problems with the groups still exists.

Thanks,
Dan

Hi @marc-ledent_9164,

BuildMaster requires SQL Server to run and cannot be replaced with PostgreSQL. But, you can use BuildMaster to manage the change scripts for a PostgreSQL database. You will just need to install the PostgreSQL extension and create a PostgreSQL database connection. You can learn more by reviewing our CI/CD for Databases documentation.

Please let us know if you have any other questions!

Thanks,
Dan

Hi @kichikawa_2913,

Could you try two things for me?

1. Temporarily disable the Built-In directory and see if it works?
2. Re-enable Built-In and login with the user name in the format of "user@domail.local"?

Thanks,
Dan

Hi @kichikawa_2913,

I think I see what is happening. You currently have both the Built-in and the LDAD user directory enabled. I'm guessing you have users added to the Built-In directory with the same username and it is favoring them. Since those are not in the LDAP group, it is not accepting the permissions. Since you are currently only using the LDAP user directory, I would suggest disabling the Built-In directory.

The other options would be to remove those users from the built-in directory or add groups to the Built-In with the same name as the LDAP groups and give those groups permissions.

Thanks,
Dan