void EnsureSecrets(IActivityMonitor m)
{
if (_secretEnsured)
{
return;
}
_secretEnsured = true;
string secret;
var secretOrName = Feed.Credentials?.PasswordOrSecretKeyName;
if (Feed.Credentials.IsSecretKeyName)
{
secret = Client.SecretKeyStore.GetSecretKey(m, secretOrName, false);
if (secret == null)
{
m.Error($"Missing secret key. No available secret available for {secretOrName}.");
throw new InvalidOperationException();
}
}
else
{
secret = secretOrName;
}
NuGetClient.EnsureVSSFeedEndPointCredentials(m, PackageSource.Source, secret);
}
internal NuGetRepositoryBase(
NuGetClient c,
PackageSource source,
PackageQualityFilter qualityFilter)
: base(c, source)
{
QualityFilter = qualityFilter;
UniqueRepositoryName = NuGetClient.NuGetType.Name + ':' + source.Name;
}
internal NuGetStandardRepository(
NuGetClient c,
string url,
string name,
PackageQualityFilter qualityFilter,
string secretKeyName)
: base(c, new PackageSource(url, name), qualityFilter)
{
SecretKeyName = secretKeyName;
}
public bool CheckSecret(IActivityMonitor m, bool throwOnMissing)
{
if (_checkedSecret.HasValue)
{
return(_checkedSecret.Value);
}
// If we are bound to a repository that has a secret, its configuration, if available, is the one to use!
INuGetRepository repo = _baseFeed as INuGetRepository;
bool isBoundToProtectedRepository = repo != null && !String.IsNullOrEmpty(repo.SecretKeyName);
if (isBoundToProtectedRepository)
{
var fromRepo = !String.IsNullOrEmpty(repo.ResolveSecret(m, false));
if (fromRepo)
{
m.Trace($"Feed '{Name}' uses secret from repository '{repo.Name}'.");
_checkedSecret = true;
return(true);
}
}
if (Credentials != null)
{
string secret;
if (Credentials.IsSecretKeyName == true)
{
secret = _baseFeed.Client.SecretKeyStore.GetSecretKey(m, Credentials.PasswordOrSecretKeyName, throwOnMissing);
_checkedSecret = secret != null;
if (_checkedSecret == true)
{
m.Trace($"Feed '{Name}' uses its configured credential '{Credentials.PasswordOrSecretKeyName}'.");
}
}
else
{
secret = Credentials.PasswordOrSecretKeyName;
_checkedSecret = true;
m.Trace($"Feed '{Name}' uses its configured password.");
}
if (_checkedSecret == true)
{
NuGetClient.EnsureVSSFeedEndPointCredentials(m, Url, secret);
}
else
{
m.Error($"Feed '{Name}': unable to resolve the credentials.");
}
}
else
{
// There is no credential: let it be and hope it works.
m.Trace($"Feed '{Name}' has no available secret. It must be a public feed.");
}
return(_checkedSecret ?? false);
}
internal NuGetAzureRepository(
NuGetClient c,
string name,
PackageQualityFilter qualityFilter,
string organization,
string feedName,
string label,
string projectName)
: base(c, new PackageSource(
projectName != null ?
$"https://pkgs.dev.azure.com/{organization}/{projectName}/_packaging/{feedName}{label}/nuget/v3/index.json"
: $"https://pkgs.dev.azure.com/{organization}/_packaging/{feedName}{label}/nuget/v3/index.json"
, name), qualityFilter)
{
Organization = organization;
FeedName = feedName;
Label = label;
ProjectName = projectName;
}
protected async Task <T> SafeCall <T>(IActivityMonitor m, Func <SourceRepository, MetadataResource, NuGetLoggerAdapter, Task <T> > f)
{
EnsureSecrets(m);
bool retry = false;
var logger = new NuGetLoggerAdapter(m);
NuGetClient.Initalize(logger, out var mustRefresh);
if (mustRefresh || _sourceRepository == null)
{
_sourceRepository = new SourceRepository(PackageSource, NuGetClient.StaticProviders);
}
again:
MetadataResource meta = null;
try
{
meta = await _sourceRepository.GetResourceAsync <MetadataResource>();
return(await f(_sourceRepository, meta, logger));
}
catch (MissingRequiredSecretException)
{
throw; //It's useless to retry in this case
}
catch (Exception ex)
{
if (meta != null && !retry)
{
retry = true;
if (CanRetry(meta, logger, ex))
{
goto again;
}
}
throw;
}
}
private protected NuGetFeedBase(NuGetClient c, PackageSource packageSource)
{
Client = c;
PackageSource = packageSource;
}
internal NuGetFeedBase(IActivityMonitor m, NuGetClient c, string url, string name, SimpleCredentials creds)
: this(c, new PackageSource(url, name))
{
HandleFeed(c.SecretKeyStore, url, name, creds);
}
protected override void OnSecretResolved(IActivityMonitor m, string secret)
{
NuGetClient.EnsureVSSFeedEndPointCredentials(m, Url, secret);
}
