How to get APIKey for Nuke.Build Nuget push step to internal Azure DevOps feed?

Question

I am trying to do the Nuke.Build push to Azure DevOps internal feed. If I do it within Azure Pipelines, and add a step to publish the nuget, it will give me a step like this:

For the classic:

steps:
- task: DotNetCoreCLI@2
  displayName: 'dotnet push'
  inputs:
    command: push
    publishVstsFeed: 'faeeeeee-eeee-eeee-eeee-c48a92cb3804/2a06fd96-0000-0000-0000-643ff5710000'

for the yaml:

  - task: NuGetCommand@2
    inputs:
      command: 'push'
      packagesToPush: '$(Build.ArtifactStagingDirectory)/**/*.nupkg;!$(Build.ArtifactStagingDirectory)/**/*.symbols.nupkg'
      nuGetFeedType: 'internal'
      publishVstsFeed: 'faeeeeee-eeee-eeee-eeee-c48a92cb3804/2a06fd96-0000-0000-0000-643ff5710000'

In both cases it relies on the internal variable or token that is used to publish to the internal NuGet Feed.

Now, when I do it from Nuke, I have the Publish step like this:

Target Publish => _ => _
    .DependsOn(Pack)
    .Executes(() =>
    {
        DotNetTasks.DotNetNuGetPush(x => x
        .SetApiKey("????")
        .SetSource("https://pkgs.dev.azure.com/company/project/_packaging/feed/nuget/v3/index.json")
        .SetTargetPath(PackagesDirectory));
    });

I get from that:

error: Response status code does not indicate success: 401 (Unauthorized).

So the API Key is needed.

Where do I get the ApiKey from? There got to be a way of importing the secret from the pipeline, so I could use it from the Publish step in Nuke.Build (besides the PAT way) in a non-interactive way?

Answer 1

hopefully I'm not to late for your problem.

Here is how we are publishing nuget packages in our Azure Pipeline.

Given you are using parameters for NuGetSource and NuGetApiKey.

    Target NugetPublish => definition => definition
        .Requires(() => NuGetApiKey, () => NuGetSource)
        .Executes(() =>
        {
            DotNetNuGetPush(pushSettings => pushSettings
                .SetSource(NuGetSource)
                .SetApiKey(NuGetApiKey)
                .EnableNoSymbols()
                .EnableSkipDuplicate()
                .CombineWith(PushPackageFiles, (settings, path) => settings
                    .SetTargetPath(path)));
        });

In our Azure Pipeline I am using nuke like this

      # this authenticates the pipeline with the azure artifacts storage
      - task: NuGetAuthenticate@1

      # feedName is the name of the feed within your nuget.config, ApiKey is static AzureDevops to tell the preauthentication should be used
      - pwsh: './build.ps1 NugetPublish --NuGetSource feedName --NuGetApiKey AzureDevops'

In your nuget.config you define the feed:

<add key="feedName" value="https://org.pkgs.visualstudio.com/software/_packaging/feedName/nuget/v3/index.json" />

Best regards