How do we authenticate against a secured NuGet ser

2019-03-25 15:53发布

问题:

We are working on automating our builds using Cake Build and we use NuGet packages from nuget.org but we also have our own NuGet Feed server which has a username/password authentication to access. How do we utilize Cake Build with a custom NuGet feed server with authentication?

回答1:

Cake utilizes the NuGet.exe for installing tools, addins and the NuGet aliases.

Unless you have a source specified in the #tool/#addin directives or provided to the NuGet aliases, then NuGet.exe will look for nuget.config in current path and eventually end up at current users global settings (%AppData%\NuGet\NuGet.config).

You have a couple of options, if you don't want to change anything in Cake files or your repository, then you can store your credentials for your user globally and NuGet.exe will pick these up example:

nuget sources Update -Name [name of source] -Source [uri to your source] -UserName [your username] -Password [your password]

disclaimer some versions of NuGet.exe and dotnet CLI have issues with encrypted passwords, an workaround for this is adding the -StorePasswordInClearText like this:

nuget sources Update -Name [name of source] -Source [uri to your source] -UserName [your username] -Password [your password] -StorePasswordInClearText

Then your credentials are saved in plain text, which works with the drawback that your credentials are saved in plain text.

You can also override nuget.config settings by specifying a specific source for #tool/#addin directives and NuGet aliases.

#tool directive

Below is an example to illustrate providing a source for the #tool directive

#tool "NUnit.ConsoleRunner"
or
#tool nuget:?package=NUnit.ConsoleRunner&version=3.4.0

becomes

#tool nuget:[source]?package=NUnit.ConsoleRunner
or
#tool nuget:[source]?package=NUnit.ConsoleRunner&version=3.4.0

and i.e. for the official V2 nuget feed

#tool nuget:https://www.nuget.org/api/v2?package=NUnit.ConsoleRunner
or
#tool nuget:https://www.nuget.org/api/v2?package=NUnit.ConsoleRunner&version=3.4.0

#addin directive

Below is an example to illustrate providing a source for the #addin directive

#addin "Cake.Slack"
or
#addin nuget:?package=Cake.Slack&version=0.4.0

becomes

#addin nuget:[source]?package=Cake.Slack
or
#addin nuget:[source]?package=Cake.Slack&version=0.4.0

and i.e. for the official V2 nuget feed

#addin nuget:https://www.nuget.org/api/v2?package=Cake.Slack
or
#addin nuget:https://www.nuget.org/api/v2?package=Cake.Slack&version=0.4.0

NuGet aliases

The NuGet aliases have commands like NuGetAddSource and NuGetHasSource for working directly with sources, these are great if you for example wish to add sources to a CI before a NuGet restore step like below:

var source = new {
                Name = EnvironmentVariable("PRIVATE_FEED_NAME"),
                Source = EnvironmentVariable("PRIVATE_FEED_SOURCE"),
                ApiUserName = EnvironmentVariable("PRIVATE_FEED_USERNAME"),
                ApiKey = EnvironmentVariable("PRIVATE_FEED_PASSWORD")
             };

if (!NuGetHasSource(source.SourceUrl))
{
    NuGetAddSource(
        source.Name,
        source.SourceUrl,
        new NuGetSourcesSettings {
            UserName = source.ApiUserName,
            Password = source.ApiKey
        }
    );
}

The above will just add sources to your existing nuget.config, but you can also override the NuGet source for the NuGetInstall & NuGetRestore aliases.

NuGetInstall

The NuGetInstall alias has overloads that take an NuGetInstallSettings tool settings class which has an Source property which you can use to override which feeds are used, example:

NuGetInstall("MyNugetPackage", new NuGetInstallSettings {
    Source = new []{ "https://api.nuget.org/v3/index.json" }
});

NuGetRestore

Similarly the NuGetRestore alias has overloads that lets you specify an NuGetRestoreSettings which has an Source property which you can use to override which feeds are used, example:

var solutions = GetFiles("./**/*.sln");
// Restore all NuGet packages.
foreach(var solution in solutions)
{
    Information("Restoring {0}", solution);
    NuGetRestore(
        solution,
        new NuGetRestoreSettings {
            Source = new []{ "https://api.nuget.org/v3/index.json" }
        }
    );
}

Conclusion

There's a few ways to address your issue.

Also you can get improved NuGet restore/install performance by specifying a source when you have multiple sources configured on your machine, but the current project only uses official ones as it then skips looking thru all configured feeds and goes streight to the source.

But if your feed has authentication then you will need to add credentials for those using nuget.exe or NuGetAddSource alias.

Tip for those using MyGet, it has pre-authenticated url:s you could use without adding a source, but just specifying the Source property for Restore/Install, this is sensitive information so don't store them in your build scripts but rather as i.e. environment variables.