Does the Tentacle support pulling packages from private Nuget Feeds directly?

I set up a dedicated nuget server with some private feeds (with credentials) to host my packages, because there is only limited space granted on Octopus Cloud.

In the step template (e.g. deploy a package), I get the option to choose whether the package shall be transferred via the Octopus Server or whether the Tentacle should pull the package directly from the Nuget feed. It seems to work with the ‘via Server’ option, but not with the ‘directly to Tentacle’ option: The error message in the deployment log says: 403 Unauthorized.

Thus I wonder whether this case, private feed credentials (basic auth), was really considered in the tentacle implementation…? Or does someone have other clues why it doesn’t work?

Hi Fabian,

Thanks for getting in touch! I’m sorry to hear you’re hitting this unexpected behavior. When selecting a feed (built-in or external) on a package step, this option certainly is available so it should work as advertised.

Are there any more details around this error in the deployment log? Would you be willing to send that through for me to have a look at? (This will also include some more details on your environment like server version which will be good to see.)

If the log has sensitive details, feel free to mark this thread as private, or you can email us at support@octopus.com and I can pick it up from there. :slight_smile:

I look forward to hearing back!

Best regards,

Kenny

Strange, I cannot reproduce it anymore. And unfortunately I deleted the failed deployment with the direct pulls already, so I can’t give you the full stack trace.

My first thought realizing this was that it may have been an issue with propagating the credentials to the tentacle somehow. But then I remembered that in I also adjusted the feed URL (in Octopus > External Feeds) slightly in the meantime: I noticed that it was http://, so I switched it to https:// … it seems likely that our nuget server didn’t really work right in plain HTTP plus credentials (it should return a 301 to HTTPS in this case). In case it’s of any interest to someone else reading this: I’m using baget and nginx on that private nuget server, both running in docker containers.

Anyway, cool, it now works. Thanks for your confirmation and your support!
Maybe I should get a rubber duck. :wink:

Hi Fabian,

Thank you for keeping me in the loop on this one! Well that’s good news at least that it works now. :slight_smile:

If you hit this issue again, or have any other questions or concerns in the future, please don’t hesitate to reach out.

Best regards,

Kenny