Reputation: 743
Nuget package verification is taking too long on a build machine
I have a build step in my CI pipeline where I restore the NuGet packages for my solution. I am retrieving my NuGet packages from a NuGet hosted repository on Sonatype Nexus. The package restore itself is running smooth enough, but it hangs in a step where it takes almost 2 to 3 minutes to verify some packages(in this case packages provided by Microsoft). The build agent where I have this restore done does not have internet access. And that's why I am also using a NuGet proxy on my Sonatype Nexus. For example the step that it gets hanged on is:
PackageSignatureVerificationLog: PackageIdentity: Microsoft.Owin.3.1.0 Source: ...nuget\packages\ PackageSignatureValidity: True
I have considered adding a list of trusted-signers to the nuget configuration of my builds. But since my machine does not have internet access, this wouldn't be very helpful. As described in the Microsoft documentation: https://learn.microsoft.com/en-us/nuget/reference/cli-reference/cli-ref-trusted-signers
As described in the https://learn.microsoft.com/en-us/nuget/reference/nuget-config-file
I also tried setting the signitureValidationMode to <add key="signatureValidationMode" value="accept" /> which in this case will verify the packages by default. Even though this is the default case, and accepts them if it does not succeeds to connect. But this does not change the speed of my NuGet restore.
Besides opening up network access for all the NuGet verification URLs my solution would need.
Is there a way that I can set the NuGet configuration to not verify the certificates of the NuGet packages in an offline mode for my build agent?
Upvotes: 7
Views: 2939
Answers (1)
Reputation: 743
After some digging around I found the following Microsoft document.
Which explains the possible slow down issue that might occur on an offline machine(such as a build agent) and a possible solution.
The issue can be resolved by implementing the Environment variable NUGET_CERT_REVOCATION_MODE to offline.
NUGET_CERT_REVOCATION_MODE = 'offline'
In a tool as Jenkins, you can declare it in the environment variables, or you can run a command on the build machine to set the environment variable.
Upvotes: 9
Related Questions
- Fetching Nuget update list takes very long time
- NuGet package restore extremely slow when creating new ASP.NET Core MVC app in Docker
- NuGet Package Restore on build extremely slow (~10sec per project)
- Nuget Update-Package command extremely slow
- How to make the Nuget restore work faster?
- TeamCity restores nuget package - running too long in restoring the packages
- Unable to restore nuget packages in Visual Studio for Mac & dotnet core with slow (Bolivian) internet
- NuGet Package Restore fails with error message - can't build solution
- NuGet Restoration Never Works on Build Server
- Builds on TFS take ages when restoring Nuget packages