aws-toolkit-azure-devops
aws-toolkit-azure-devops copied to clipboard
Published
20 hours ago •
aws
aws
LambdaNETCoreDeploy cannot access nuget credentials from credential provider
Describe the bug
Our project level nuget.config defines a GitHub package source. When the LambdaNETCoreDeploy task runs, we get a page full of warnings that the request cannot be authenticated by the GitHub Packages service. This may be the same issue as #316, but the symptoms seem different.
To reproduce
- Create a project level nuget.config with a github packages source:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<config>
<add key="repositoryPath" value="packages.dir"/>
</config>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
<add key="nuget v2" value="https://www.nuget.org/api/v2" />
<add key="GitHub" value="https://nuget.pkg.github.com/Organization/index.json" />
</packageSources>
</configuration>
- Configure azure pipelines to use the nuget credential provider and build a lambda package:
- task: NuGetToolInstaller@1
inputs:
checkLatest: true
- task: NuGetAuthenticate@0
inputs:
nuGetServiceConnections: 'GitHub Packages'
forceReinstallCredentialProvider: true
- task: DotNetCoreCLI@2
inputs:
command: 'build'
projects: 'Solution.sln'
- task: LambdaNETCoreDeploy@1
inputs:
awsCredentials: '$(awsCredentials)'
regionName: '$(awsRegion)'
command: 'deployFunction'
packageOnly: true
packageOutputFile: 'output.zip'
lambdaProjectPath: 'path/to/project'
functionName: 'lambda-name'
additionalArgs: '--configuration Debug'
Expected behavior
The lambda zip file builds without warnings.
Screenshots
Console output:
2020-11-23T19:17:30.9000302Z ##[section]Starting: LambdaNETCoreDeploy
2020-11-23T19:17:30.9118743Z ==============================================================================
2020-11-23T19:17:30.9119346Z Task : AWS Lambda .NET Core
2020-11-23T19:17:30.9119998Z Description : Builds, packages and deploys a .NET Core AWS Lambda function or serverless application. Optionally, the task can create a deployment package for subsequent deployment in another build or release pipeline
2020-11-23T19:17:30.9120629Z Version : 1.8.0
2020-11-23T19:17:30.9120961Z Author : Amazon Web Services
2020-11-23T19:17:30.9123011Z Help : Please refer to [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/) for more information on working with AWS Lambda.
More information on this task can be found in the [task reference](https://docs.aws.amazon.com/vsts/latest/userguide/lambda-netcore-deploy.html).
####Task Permissions
This task requires permissions to call the following AWS service APIs (depending on selected task options, not all APIs may be used):
* lambda:CreateFunction
* lambda:UpdateFunctionCode
* lambda:GetFunctionConfiguration
* cloudformation:CreateChangeSet
* cloudformation:ExecuteChangeSet
* cloudformation:DescribeStackEvents
* cloudformation:DeleteStack
* cloudformation:DescribeChangeSet
* cloudformation:DescribeStacks
* s3:CreateBucket
* s3:GetBucketLocation
The task also requires permissions to upload your Lambda function or serverless application content to the specified Amazon S3 bucket. Depending on the size of the application bundle, either putObject or the S3 multi-part upload APIs may be used.
2020-11-23T19:17:30.9126006Z ==============================================================================
2020-11-23T19:17:31.2333914Z Configuring credentials for task
2020-11-23T19:17:31.2338573Z ...configuring AWS credentials from service endpoint '52706ebc-f0ab-454f-bd46-f29cbc5df496'
2020-11-23T19:17:31.2339309Z ...endpoint defines standard access/secret key credentials
2020-11-23T19:17:31.2426111Z Processing Lambda project at D:\a\1\s\path\to\project
2020-11-23T19:17:31.2432106Z Configuring region for task
2020-11-23T19:17:31.2434141Z ...configured to use region us-east-1, defined in task.
2020-11-23T19:17:31.2467515Z [command]"C:\Program Files\dotnet\dotnet.exe" tool install -g Amazon.Lambda.Tools
2020-11-23T19:17:32.7989951Z C:\Program Files\dotnet\sdk\5.0.100\NuGet.targets(131,5): warning : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. [C:\Users\VssAdministrator\AppData\Local\Temp\md2fr3yt.1kq\restore.csproj]
2020-11-23T19:17:42.4332803Z You can invoke the tool using the following command: dotnet-lambda
2020-11-23T19:17:42.4334684Z Tool 'amazon.lambda.tools' (version '4.3.0') was successfully installed.
2020-11-23T19:17:42.4393223Z
2020-11-23T19:17:42.4467941Z [command]"C:\Program Files\dotnet\dotnet.exe" restore
2020-11-23T19:17:43.0921336Z Determining projects to restore...
2020-11-23T19:17:43.5234584Z All projects are up-to-date for restore.
2020-11-23T19:17:43.5496776Z
2020-11-23T19:17:43.5559080Z Beginning Lambda Deployment
2020-11-23T19:17:43.5561379Z Performing package-only build of function, output package will be placed in D:\a\1\s\output.zip
2020-11-23T19:17:43.5586396Z [command]C:\Users\VssAdministrator\.dotnet\tools\dotnet-lambda.exe package -o D:\a\1\s\output.zip --region us-east-1 -fn lambda-name --disable-interactive true --configuration Debug
2020-11-23T19:17:43.6284508Z Amazon Lambda Tools for .NET Core applications (4.3.0)
2020-11-23T19:17:43.6286208Z Project Home: https://github.com/aws/aws-extensions-for-dotnet-cli, https://github.com/aws/aws-lambda-dotnet
2020-11-23T19:17:43.6287036Z
2020-11-23T19:17:44.4300336Z Executing publish command
2020-11-23T19:17:44.4357414Z ... invoking 'dotnet publish', working folder 'D:\a\1\s\path\to\project\bin\Debug\netcoreapp3.1\publish'
2020-11-23T19:17:44.4434941Z ... dotnet publish --output "D:\a\1\s\path\to\project\bin\Debug\netcoreapp3.1\publish" --configuration "Debug" --framework "netcoreapp3.1" /p:GenerateRuntimeConfigurationFiles=true --runtime linux-x64 --self-contained false
2020-11-23T19:17:44.7358710Z ... publish: Microsoft (R) Build Engine version 16.8.0+126527ff1 for .NET
2020-11-23T19:17:44.7361934Z ... publish: Copyright (C) Microsoft Corporation. All rights reserved.
2020-11-23T19:17:45.1532665Z ... publish: Determining projects to restore...
2020-11-23T19:17:45.8045755Z ... publish: Restored D:\a\1\s\path\to\other\project\dependency.csproj (in 257 ms).
2020-11-23T19:17:46.8217825Z ... publish: C:\Program Files\dotnet\sdk\5.0.100\NuGet.targets(131,5): warning : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. [D:\a\1\s\path\to\project\project.csproj]
That message is repeated 50 times as packages are restored.
Your Environment
- On-prem or cloud based?: Cloud
- Azure DevOps version: No idea how I find that. Happy to let you know if you can point me in the right direction
- AWS Toolkit for Azure DevOps version: 1.8.0
Additional context
- When running the equivalent command on my PC, everything appears to run fine.
- If I do a
dotnet publishin Azure, there are no warnings
