This was a tough one, which required a combination of answers on StackOverflow. When building in an Azure DevOps pipeline, you don’t have to worry about authentication for consuming or pushing to private NuGet feeds in the same Azure DevOps instance. But if you want to build inside a Docker container, it becomes an issue. You have to use a (personal) access token (PAT) and update the NuGet source i the Dockerfile:
ARG PAT
RUN dotnet nuget update source your-nuget-source-name --username "your-nuget-source-name" --password "$PAT" --valid-authentication-types basic --store-password-in-clear-textBoth options in the end there are necessary. Also, I had to modify NuGet.config. My feed has upstream sources enabled, so I had removed the nuget.org feed:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear/>
<add key="my-nuget-source-name" value="https://..." />
</packageSources>
</configuration>
But this didn’t work, so I had to change it to:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="my-nuget-source-name" value="https://..." />
</packageSources>
</configuration>
You can obtain a PAT by clicking on your profile image in Azure DevOps and selecting Security. It needs Packaging Read or Read & write. You can then pass the PAT argument to docker build:
docker build -t somename --build-arg PAT="your generated token" .In an Azure DevOps build step, you can use $(System.AccessToken) instead of your personal one.
Henrik Olsson's Computer Software Notes 