问题
Presumably there are lots of companies who are facing the same struggle we are.
For any microservice, before running a dotnet restore we need to first ensure we've successfully configured our ADO package feeds with an active token.
To achieve this we have a script which downloads and runs the CredentialProvider.VSS.exe (as suggested by Microsoft), using the output to build credentials which then register the feeds on the user's computer. This needs to happen daily as the tokens generated will expire.
The script above is ugly and worse yet, every repository needs it in order to ensure feeds are configured with active tokens. Even if we moved the ugly script to a PowerShell module for example, how would we authenticate against the PS feed in order to download that module?
I don't see why the CredentialProvider is neccessary, why can't nuget just prompt us for credentials whenever our token expires? Has anyone come up with a cleaner solution out there which manages authentication to ADO feeds across multiple repositories?
回答1:
How to cleanly automate authentication for Azure Devops feeds?
To authentication for Azure Devops feeds, you could try to use the NuGet authenticate task, which configure NuGet tools to authenticate with Azure Artifacts and other NuGet repositories.
Then we could create a new NuGet service connection with PAT:
You can use a longer-term PAT for certification, so you don't have to change certification every day.
回答2:
another approach using nuget.confg as below
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="AzureDevOpsFeed" value="https://pkgs.dev.azure.com/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/index.json" />
<add key="nuget" value="https://xxxxxxxxxxxxxxxxxxxxx/index.json" />
</packageSources>
<packageSourceCredentials>
<VSTSFeed>
<add key="UserName" value="#{PAT_UserName}#" />
<add key="ClearTextPassword" value="#{PersonalAccessToken}#" />
</VSTSFeed>
</packageSourceCredentials>
</configuration>
来源:https://stackoverflow.com/questions/64151482/how-to-cleanly-automate-authentication-for-azure-devops-feeds