如何在 dotnet dockerfile 中添加私有 nuget 源？

Question

我尝试将私有 nuget 源添加（覆盖）到我的构建脚本中，以便添加用户/密码 - 并将其置于我的源代码控制之外。到目前为止我尝试过的：

• nuget 未被识别为图像内的命令
• dotnet nuget 没有添加其他源的命令
• 安装nuget没有效果 dotnet restore

FROM mcr.microsoft.com/dotnet/core/sdk:2.2 
RUN apt-get update && apt-get install -y nuget 
RUN nuget source Add -Name "Private Feed" -Source ".." -UserName "UserVAR" -Password "PassVAR"
RUN dotnet restore

Answer 1

我当前的解决方法是创建一个包含用户名和密码占位符的部分nuget.config的副本。packageSourceCredentials然后，我用此文件替换现有nuget.config文件，并用环境变量替换用户名和密码。

唯一的缺点是我需要保持两个配置文件同步。如果我nuget.config在项目中修改我的内容，我也需要记住更新副本。

nuget.config.template

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="GitHub private registry" value="https://nuget.pkg.github.com/your_orga/index.json" />
  </packageSources>
  <packageSourceCredentials>
    <GitHub_x0020_private_x0020_registry>
        <add key="Username" value="USER" />
        <add key="ClearTextPassword" value="PW" />
    </GitHub_x0020_nuget_x0020_registry>
</packageSourceCredentials>
</configuration>

Dockerfile

FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build-image
ARG NUGET_AUTH_TOKEN
ARG NUGET_USER_NAME

WORKDIR /app
COPY ./My.Project .

# Replace nuget.config
RUN rm nuget.config
COPY ./gitlab-ci/nuget.config.template ./nuget.config
RUN sed -i -e "s/USER/$NUGET_USER_NAME/g" -e "s/PW/$NUGET_AUTH_TOKEN/g" nuget.config

RUN dotnet restore

.gitlab-ci.yml

docker build
      --build-arg NUGET_USER_NAME=$NUGET_USER_NAME
      --build-arg NUGET_AUTH_TOKEN=$NUGET_AUTH_TOKEN
      --tag $CI_REGISTRY/organization/application:$CI_COMMIT_SHA
      --file gitlab-ci/Dockerfile
      .

Answer 2

通过将 nuget.config 添加到解决方案/项目并将其复制到 Docker 项目中：

WORKDIR /src
COPY ["nuget.config", ""]

您可以添加源代码，然后您的 docker 构建就会成功。

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
    <add key="Nellson Nuget Repo" value="http://private.source.local:123/v3/index.json" />
  </packageSources>
  <activePackageSource>
    <add key="NuGet official package source" value="https://api.nuget.org/v3/index.json" />
    <add key="Nellson Nuget Repo" value="http://private.source.local:123/v3/index.json" />
  </activePackageSource>
</configuration>

Answer 3

2023年的答案

没有安全保障

WebApplication3 的这段代码工作得很好。我们使用 BaGet NuGet 服务器在 Nuget.org 和我们的构建服务器之间建立代理，以便更快地加载我们使用的常用包。

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["WebApplication3/WebApplication3.csproj", "WebApplication3/"]

# !!!IMPORTANT PART HERE !!!

# Add your NuGet server here
RUN dotnet nuget add source https://nuget.yourdomain.com/v3/index.json
# For our purposes, to hide nuget.org behind a NuGet proxy we disable its source, you can skip that
RUN dotnet nuget disable source "nuget.org"

# Just to see if two lines above work
RUN dotnet nuget list source

RUN dotnet restore "WebApplication3/WebApplication3.csproj"

COPY . .
WORKDIR "/src/WebApplication3"
RUN dotnet build "WebApplication3.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "WebApplication3.csproj" -c Release -o /app/publish /p:UseAppHost=false

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "WebApplication3.dll"]

具有基本身份验证

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build

# !!!IMPORTANT PART HERE !!!

ARG NUGET_USERNAME
ARG NUGET_PASSWORD

ENV NUGET_USERNAME=${NUGET_USERNAME}
ENV NUGET_PASSWORD=${NUGET_PASSWORD}

# Adds this source with basic authentication, other authentication types exist but I'm not sure if they are applicable here in Linux based container
RUN dotnet nuget add source https://nuget.yourdomain.com/v3/index.json --name="Your source name" --username ${NUGET_USERNAME} --valid-authentication-types basic --store-password-in-clear-text --password ${NUGET_PASSWORD}


WORKDIR /src
COPY ["WebApplication3/WebApplication3.csproj", "WebApplication3/"]

RUN dotnet nuget disable source "nuget.org"

# Just to see if two lines above work
RUN dotnet nuget list source

RUN dotnet restore "WebApplication3/WebApplication3.csproj"

COPY . .
WORKDIR "/src/WebApplication3"
RUN dotnet build "WebApplication3.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "WebApplication3.csproj" -c Release -o /app/publish /p:UseAppHost=false

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "WebApplication3.dll"]

Answer 4

1. 在您的私人提要中，如果它是天蓝色工件，请创建具有完全访问权限的个人访问令牌。

   

2. 将 NuGet.Config 文件添加到项目的根目录

   <configuration>
     <packageSources>
       <add key="MyPrivateFeed" value="https://myfeed.url/index.json" />
     </packageSources>
     <packageSourceCredentials>
       <MyPrivateFeed>
         <add key="Username" value="myusername" />
         <add key="ClearTextPassword" value="xq6n4lvnayeo2f467osasdasdgj4nat7xw2mkm7qwowvqeutjdueq" />
         <add key="ValidAuthenticationTypes" value="basic" />
       </MyPrivateFeed>
     </packageSourceCredentials>
   </configuration>
   

   ClearTextPassword 密钥是您的 PAT

3. 将这两行添加到 docker 文件的复制部分

   COPY "NuGet.Config" "/"
   RUN ["cp", "/NuGet.Config", "/root/.nuget/NuGet/NuGet.Config"]
   

   最后运行你的 docker build 应该可以工作。