Please feel free to provide feedback or file bugs here.

Allow Register-PSRepository to persist credentials

NuGet feeds allow security around both listing/retrieving packages as well as pushing packages. NuGet.exe and other clients further allow you to persist credentials for listing/retrieving packages using the "nuget sources" command. (https://docs.nuget.org/consume/command-line-reference#sources-command)

This persistence is important for two reasons:

1) When you push a package to a secured NuGet feed, NuGet clients generally do a list/read operation first. That list/read operation doesn't contain any API key that you pass along in the push operation. In order for a push to succeed with an API key, you also need to have credentials set for the read operation. You can read about some folks who have been affected by that here: http://inedo.com/support/questions/2319

2) In an unattended/build server scenario, you need the ability to provide credentials for list/read and push in a non-interactive way. If the only way to provide credentials is interactive (e.g., Get-Credential) then there's no way to, say, enable a build server agent to automatically install required scripts to execute a build.

This may somewhat overlap with this other note about Register-PSRepository failing against authenticated endpoints: http://windowsserver.uservoice.com/forums/301869-powershell/suggestions/11678499-register-psrepository-fails-against-authenticated

10 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Travis Illig shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Giovanni Bassi commented  ·   ·  Flag as inappropriate

        This is important. Corporate Nuget feeds will always be authenticated.
        Because of this problem we cannot use Myget to store our corporate powershell modules, which makes the whole packages story useless for us.

      Feedback and Knowledge Base