15

I'm trying to push and then consume a NuGet package using GitHub packages (documentation here). As a newcomer, after experimenting a bit I managed to push a sample NuGet package to a public GitHub repository.

Yet, I'm missing the final part, i.e. consume the package from some Visual Studio project. When I try to add the package, I first get a "Restoring packages for..." notification, and then the error "Unable to load the service index for source... : The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters".

So, it seems my endpoint for NuGet is not configured as expected, yet I could not find a clear direction about this. To help newbies like me starting with GPR, and detail my procedure so that readers can spot my errors, here is what I learnt until now:

Setup

Before using GPR, you must create a token in your GitHub account.

Creating and Publishing Packages

  1. set the RepositoryUrl and RepositoryType properties in your .csproj file to your target repository URL and git respectively, e.g.:
<Project Sdk="Microsoft.NET.Sdk"> <PropertyGroup> <!-- omissis ... --> <RepositoryUrl>https://github.com/USERNAME/PROJECTNAME</RepositoryUrl> <RepositoryType>git</RepositoryType> </PropertyGroup> </Project>
  1. open the GitHub bash in your project folder, and create the package like this:
dotnet pack NAME.csproj -c Release -p:IncludeSymbols=true -p:SymbolPackageFormat=snupkg

where -c selects the configuration. See creating snupkg for more, and the dotnet pack reference.

  1. open the GitHub bash in your project folder, and publish like this: dotnet nuget push "bin/Release/NAME.1.0.0.nupkg" --source "github".

Note: you first need to register (once) the GPR feed with:

nuget sources add -name "github" -Source https://nuget.pkg.github.com/YOURGITHUBUSERNAME/index.json -Username YOURGITHUBUSERNAME -Password YOURGITHUBTOKEN

If you need to install nuget.exe, download it from https://www.nuget.org/downloads. If you place it e.g. in C:\Exe, you can invoke it from the Windows Git Bash with /c/Exe/nuget.exe.

Also, you need to set the nuget API key:

nuget setapikey YOURGITHUBTOKEN -Source https://nuget.pkg.github.com/YOURGITHUBUSERNAME/index.json

This encrypts the key and saves it in a config file under your %APPDATA% folder. e.g. mine ends up in C:\Users\USERNAME\AppData\Roaming\NuGet\NuGet.Config.

Using Packages

<?xml version="1.0" encoding="utf-8"?> <configuration> <packageSources> <clear /> <add key="github" value="https://nuget.pkg.github.com/OWNER/index.json" /> </packageSources> <packageSourceCredentials> <github> <add key="Username" value="YOURUSERNAME" /> <add key="ClearTextPassword" value="YOURTOKEN" /> </github> </packageSourceCredentials> </configuration>

This comes from the documentation sample. Yet, to avoid storing token in this file, which would be saved in the repo, I rather use a per-user or per-machine NuGet setting (reference): e.g. per-user:

nuget config -set GITHUB_PACKAGES_TOKEN=YOURTOKEN

This saves the setting per-user (the default option). Now, consume it like this (see Setting an environment variable in a NuGet.Config file):

<add key="Password" value="%GITHUB_PACKAGES_TOKEN%" />
  1. to use a package, execute dotnet add YOURPROJECT.csproj package YOURPACKAGE --version YOURPACKAGEVERSION.

Yet, at this last point I get the above error. Where is my NuGet source config wrong?

Improve this question

2 Answers 2

Reset to default
13

The documentation for pushing NuGet packages to Github is outdated. The steps that worked for me:

  • Go to GitHub
    • Click your avatar (top-right)
    • Settings
    • Developer settings
    • Personal access tokens
    • Generate
      • write:packages
      • read:packages
      • delete:packages
      • This will automatically check the repo permissions for your OAuth token
    • Click Generate token
  • Open cmd
    • Navigate to your project directory or the directory containing your NuGet package
    • Add a new nuget source:
      • dotnet nuget add source --username [GithubUserName] --password [YourApiKey] --name github https://nuget.pkg.github.com/[UsernameOrOrganizationName]/index.json
    • Push the package to the github source
      • dotnet nuget push --source github bin\Release\MyAwesomePackage.1.0.0.nupkg

Verify that the Github API key is not stored inside a Nuget.config file inside your solution before committing your code to source control.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks, that did it! Only issue: how can I add .snupkg symbols? Tried with dotnet nuget push --source github .\bin\Release\...snupkg, it gives no error, but then the package consumer has no symbols available so I can't step into code with debugger, even if disabling "just my code".
I'm still looking into these things myself. I haven't found any documentation/guides for publishing symbol packages yet. If you try to run the same command with your snupkg instead, you get no console output and no symbol package is pushed to GPR. When you'd look at a package from Microsoft (eg. github.com/microsoft/TeamCloud/packages/115501) you'll see that there aren't any symbol packages either. Another thing that's not yet possible either is installing packages without authenticating (github.community/t/…)
So helpful, thank you. You can also use the default ${{ secrets.GITHUB_TOKEN }}. My workflow example: github.com/soccerjoshj07/Wolfringo-github-packages/blob/master/…
Hi. If you must use GPR, I recommend that you try installing the Microsoft.SourceLink.Github nuget package in your library. This package adds an xml tag in the generated nuspec file containing 1) a reference to your github git repository 2) the specific git commit SHA checksum. Visual Studio will then be able to pull the source code files which were used to build the package from github and let you step into them. If you want to experiment, try unzipping the nuget package, open the nuspec file and notice the <repository> tag.
0

First create a Personal Access Token with packages:read.

Second use the token to pull packages.

 steps: - uses: actions/checkout@v2 - name: Add Nuget Register uses: actions/setup-dotnet@v3 with: dotnet-version: 3.1.x source-url: https://nuget.pkg.github.com/<owner|org>/index.json env: NUGET_AUTH_TOKEN: ${{ secrets.PAT_READ_PACKAGE_TOKEN }} - name: Restore dependencies env: NUGET_AUTH_TOKEN: ${{ secrets.PAT_READ_PACKAGE_TOKEN }} run: dotnet restore
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.