Reputation: 840
Azure Devops Can't push nuget package, permissions problem
Trying to set up a .net core Nuget package. Everything in the pipeline works except the last step to push the package into our private Nuget feed. Every push fails with:
Response status code does not indicate success:
403 (Forbidden - User 'xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx'
lacks permission to complete this action. You need to have 'AddPackage'.
This is an on prem linux (centos 7) server that it's pushing too. I have tried re-installing the agent with a new PAT. The agent has full permissions which should include the "AddPackage" permission. This build server works fine for other projects although I can't say for certain that it has pushed another nuget package. I installed the git credential provider, but that didn't seem to make a difference.
If I go directly to the server and execute the command it tries to execute but add the --interactive switch it works. So this:
/home/mydevopsuser/agent/_work/_tool/dotnet/dotnet nuget push /home/mydevopsuser/agent/_work/9/a/MyNugetPackage.1.0.0.nupkg --source https://myazuredevopsaccount.pkgs.visualstudio.com/_packaging/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx/nuget/v3/index.json --api-key VSTS --interactive
works just fine.
All of my searches on this topic seem to indicate either a problem with the PAT or with permissions on the nuget feed but my account has permissions over the feed and the PAT should override that anyway (I think). It seems like the a full permissions PAT used by the agent should just work. What am I missing?
Upvotes: 4
Views: 3723
Answers (1)
Reputation: 840
OK, this was fixed by adding the "Build Service" user to the nuget feed? So apparently there is a user that gets created some how named:
[project name] Build Service (organization name)
I added this user (level/role "contributor") in the feeds permissions and now it works fine. This doesn't feel like the right way to do this but it did work. I couldn't find any documentation that tells me where this user comes from or that it's the one that needs to be added to the feed in order to push packages.
Upvotes: 5
Related Questions
- Azure Artifacts gives 401 error on publishing a nuget package
- Azure DevOps: User lacks permission to complete this action. You need to have 'AddPackage'
- Cannot push packages to azure artifacts feed, keeps asking for credentials
- Azure DevOps nuget push fails but task shows as success
- Azure DevOps private nuget repo Unauthorized when building with docker
- Nuget.exe push **\*.nupkg & Azure DevOps Artifacts
- Azure DevOps dotnet build doesn't have access to nuget packages
- error with push nuget package to azure devops artifact repository
- error while trying to push nuget package from VSTS
- Azure DevOps NuGet Package not found