Skip to content

Instantly share code, notes, and snippets.

@xt0rted

xt0rted/README.md

Last active May 8, 2021 19:07
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save xt0rted/3d77fe4853c490c4532377839adf0acf to your computer and use it in GitHub Desktop.
Save xt0rted/3d77fe4853c490c4532377839adf0acf to your computer and use it in GitHub Desktop.
Download ZIP
Private NuGet feed with GitHub Actions
Raw
README.md

Private NuGet feed with GitHub Actions

GitHub Packages feeds always need to be authenticated. This means if your feed is public you still have to authenticate on your development machine and build server just like you would if it was a private feed.

Local

To setup the feed locally a Personal Access Token needs to be created with the repo and read:packages scopes. If you're going to be publishing packages with this token you'll also need the write:packages scope.

Next you'll add this source to your profile's nuget.config using your GitHub username and the PAT as your password.

dotnet nuget add source \
  https://nuget.pkg.github.com/xt0rted/index.json \
  --name github-xt0rted \
  --username gh-username
  --password ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Actions

If you're consuming packages from the same repo that they were published from you can use the runner provided GITHUB_TOKEN, otherwise we'll need to use a PAT with repo and read:packages scopes.

First you'll need to add a repository secret (in this example GPR_READ_TOKEN) with your PAT.

Next you'll configure the action workflow to use it.

- name: Setup .NET Core
  uses: actions/setup-dotnet@v1
  with:
    source-url: https://nuget.pkg.github.com/xt0rted/index.json
  env:
    NUGET_AUTH_TOKEN: ${{ secrets.GPR_READ_TOKEN }}

If you're publishing a package to GPR you can use the runner provided GITHUB_TOKEN instead of a PAT with the write:packages scope.

Due to how NuGet handles api token authentication you need to specify the token in the command. If you're only publishing packages it's not necessary to add the source in the actions/setup-dotnet step.

- name: Publish to GPR
  shell: bash
  run: |
    dotnet nuget push "./artifacts/*.nupkg" \
      --api-key ${{ secrets.GITHUB_TOKEN }} \
      --source https://nuget.pkg.github.com/${{ github.repository_owner }}
Raw
build.yml
name: Build
on: pull_request
env:
DOTNET_NOLOGO: true
NODE_VERSION: 15
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v2.3.4
- name: Setup Node
uses: actions/setup-node@v2.1.5
with:
node-version: ${{ env.NODE_VERSION }}
registry-url: "https://npm.pkg.github.com"
env:
NODE_AUTH_TOKEN: ${{ secrets.GPR_READ_TOKEN }}
- name: Setup .NET Core
uses: actions/setup-dotnet@v1.8.0
with:
source-url: https://nuget.pkg.github.com/xt0rted/index.json
env:
NUGET_AUTH_TOKEN: ${{ secrets.GPR_READ_TOKEN }}
- name: Yarn install
run: yarn install
- name: Yarn build
run: yarn build
env:
NODE_AUTH_TOKEN: ${{ secrets.GPR_READ_TOKEN }}
NODE_ENV: production
- name: .NET build
run: dotnet build --configuration Release
- name: Publish site to artifacts
run: dotnet publish --configuration Release --output artifacts
Raw
nuget.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear />
<add key="github-xt0rted" value="https://nuget.pkg.github.com/xt0rted/index.json" protocolVersion="3" />
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
</packageSources>
</configuration>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment