How can I restore nuget packages hosted in GitHub packages within a Dockerfile?
When I create a NuGet.config file, I need to set a token there (only a readonly token) to access GitHub Packages, even on public repositories :-( . This password will be deleted by GitHub immediately. Is there another way?
Dockerfile:
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
COPY ["Deploy_O_Mat.API/Deploy_O_Mat.API.csproj", "Deploy_O_Mat.API/"]
COPY ["NuGet.config", "Deploy_O_Mat.API/"]
RUN dotnet restore "Deploy_O_Mat.API/Deploy_O_Mat.API.csproj"
COPY . .
WORKDIR "/src/Deploy_O_Mat.API"
RUN dotnet build "Deploy_O_Mat.API.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "Deploy_O_Mat.API.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Deploy_O_Mat.API.dll"]
Action (build - restore works without NuGet.config file):
name: .NET Core
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Setup .NET Core
uses: actions/setup-dotnet#v1
with:
dotnet-version: 3.1.100
source-url: https://nuget.pkg.github.com/Marcel-B/index.json
env:
NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Install dependencies
run: dotnet restore
- name: Build
run: dotnet build --configuration Release --no-restore
- name: Test
run: dotnet test --no-restore --verbosity normal
Action (Docker image build and deply without NuGet.config - doesn't work):
name: Publish Docker
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#master
- name: Publish to Registry
uses: elgohr/Publish-Docker-Github-Action#master
with:
name: millegalb/deploy-o-mat
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
source-url: https://nuget.pkg.github.com/Marcel-B/index.json
env:
NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
Related
a Github Actions workflow stopped working throwing a 401 error when publishing a repo's package to the Github package registry. Within the workflow (detailed below) I am using semantic-release to publish the artefact to the registry. This is the last step in the yml. The permissions for the GITHUB_TOKEN have not been changed since initial setup of the action. It used to run just fine with these permissions.
./github/workflow.yml
name: ci
on:
push:
branches: [ main, dev ]
paths:
- src/**
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
issues: write
steps:
- uses: actions/checkout#v3
- uses: actions/setup-dotnet#v2
with:
dotnet-version: '6.x.x'
- name: Build that shit
run: dotnet build ./src/project.csproj --configuration Release --nologo
- uses: actions/setup-node#v3
with:
node-version: 'lts/*'
- name: Release that shit
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: npm ci && npx semantic-release
The GITHUB_TOKEN is mapped to an environment variable GH_TOKEN which then is referenced by semantic-release in the publishCmd.
./.releaserc
{
"branches": [
"main",
{
"name": "dev",
"prerelease": "dev"
}
],
"plugins": [
"#semantic-release/commit-analyzer",
"#semantic-release/release-notes-generator",
"#semantic-release/github",
[
"#semantic-release/exec", {
"prepareCmd": "dotnet pack ./src/project.csproj --no-restore --nologo --configuration Release /p:Version=${nextRelease.version}",
"publishCmd": "dotnet nuget push ./src/bin/Release/project.${nextRelease.version}.nupkg --source https://nuget.pkg.github.com/MY_ORG/index.json --api-key ${process.env.GH_TOKEN}"
}
]
]
}
The logs show the last step failing
[11:05:13 AM] [semantic-release] › ℹ Start step "publish" of plugin "#semantic-release/exec"
[11:05:13 AM] [semantic-release] [#semantic-release/exec] › ℹ Call script dotnet nuget push ./src/bin/Release/project.2.8.6.nupkg --source https://nuget.pkg.github.com/MY_ORG/index.json --api-key [secure]
error: Unable to load the service index for source https://nuget.pkg.github.com/MY_ORG/index.json.
error: Response status code does not indicate success: 401 (Unauthorized).
This is a repo owned by the organization I am employed with. There are no dependencies to private packages registries, only public NUGET. So the GITHUB_TOKEN should suffice according to the docs. And also according to previous successful execution history.
Does someone spot something I am missing?
The only way I made this work again on GH is using a PAT.
Created a PAT in my user/developer settings
Added a secret in my repo called NUGET_PAT
Updated my yaml file to this
name: "Push to main"
on:
push:
tags:
- '*'
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- uses: actions/setup-dotnet#v3
with:
dotnet-version: '7.0.x'
- name: Add source
run: |
dotnet nuget add source \
--username THE_USER_OWNER_OF_THE_PAT --password "${{ secrets.NUGET_PAT }}" \
--store-password-in-clear-text --name github "https://nuget.pkg.github.com/YOUR_ORG/index.json"
- name: Restore packages
run: dotnet restore
- name: Build
run: dotnet build --configuration Release -p:Version=${{github.ref_name}} --no-restore
- name: Run tests
run: dotnet test --configuration Release --no-restore --no-build --verbosity normal
- name: Create nuget packages
run: dotnet pack --configuration Release -p:Version=${{github.ref_name}} --no-restore --no-build
- name: Publish nuget packages
run: dotnet nuget push **/*.nupkg -s "https://nuget.pkg.github.com/YOUR_ORG/index.json"
It pushes with warnings
I'm trying to publish 3 projects as a nuget package. The following GitHub workflow works fine publishing Project1, but it doesn't publish src/Project2/Project2.csproj and src/Project3/Project3.csproj.
I tried to create 3 files with the exact same code but for each one of the projects and there is a conflict in versionize. The first project is being published just fine but the rest of them fail because of the versions.
How can I make it work that way?
name: Publish
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
with:
fetch-depth: 0
- name: Setup .NET
uses: actions/setup-dotnet#v2
with:
dotnet-version: 6.0.x
source-url: https://nuget.pkg.github.com/Xnt/index.json
env:
NUGET_AUTH_TOKEN: ${{ secrets.PERSONAL_GITHUB_TOKEN }}
- name: Install dotnet tools
run: dotnet tool install --global Versionize
- name: Restore
run: dotnet restore
- name: Build
run: dotnet build -c Release --no-restore
- name: Setup git
run: |
git config --global user.name 'GitHub actions'
git config --global user.email '...'
- name: Version
run: versionize
- name: Push tags
run: |
git push --follow-tags
- name: Pack
run: dotnet pack --no-build -c Release -o . src/Project1/Project1.csproj
- name: Publish
run: dotnet nuget push *.nupkg
I try to update a JSON file with Github build information and add it to my docker container. A sample buildinfo.json is part of the C# project. When the build is done, the JSON file in the container remains the sample one and I cannot see what goes wrong here.
Thanks for your help!
My action looks like this:
env:
# Project to publish
BASE_FOLDER: src/WebService
PROJECT_NAME: removed
PROJECT_DOCKERFILE: Dockerfile
PROJECT_CONTAINERNAME: api/removed
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
# Version settings
NETCORE_VERSION: '6.0.x'
# Docker settings
DOCKER_REGISTRY: removed
DOCKER_NAMESPACE: removed
DOCKER_BUILDKIT: 1
jobs:
build:
runs-on: 'ubuntu-latest'
steps:
- name: Checkout
uses: actions/checkout#v2
with:
token: ${{ secrets.REPOSITORY_PAT }}
lfs: 'true'
submodules: 'recursive'
fetch-depth: 0
- name: Setup .NET Core ${{ env.NETCORE_VERSION }}
uses: actions/setup-dotnet#v1
with:
dotnet-version: ${{ env.NETCORE_VERSION }}
include-prerelease: false
env:
NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Emit build details as JSON
run: |
echo -e -n "{\"buildNumber\":\"${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }}\",\"buildId\":\"${{ github.run_id }}\",\"branchName\":\"${{ github.ref_name }}\",\"commitHash\":\"${{ github.sha }}\"}" > "${{ env.BASE_FOLDER }}/${{ env.PROJECT_NAME }}/buildinfo.json"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action#v1
- name: Log in to registry
uses: docker/login-action#v1
with:
registry: removed
username: ${{ secrets.AZURE_ACR_USERNAME }}
password: ${{ secrets.AZURE_ACR_PASSWORD }}
- name: Build and push container image to registry
uses: docker/build-push-action#v2
with:
push: true
tags: ${{ env.DOCKER_REGISTRY }}.azurecr.io/${{ env.DOCKER_NAMESPACE }}/${{ env.PROJECT_CONTAINERNAME }}:${{ github.sha }}
file: ${{ env.BASE_FOLDER }}/${{ env.PROJECT_NAME }}/${{ env.PROJECT_DOCKERFILE }}
With this dockerfile:
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["nuget.config", "."]
COPY ["src/WebService/PROJECTNAME/PROJECTNAME.csproj", "src/WebService/PROJECTNAME/"]
RUN dotnet restore "src/WebService/PROJECTNAME/PROJECTNAME.csproj"
COPY . .
WORKDIR "/src/src/WebService/PROJECTNAME"
RUN dotnet build "PROJECTNAME.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "PROJECTNAME.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "PROJECTNAME.dll"]
I am using github to host private nuget packages, and the project I am trying to build an image for uses one of those packages. When image is being built via a github action I successfully add the nuget source, but restore fails to find it. However if I run it locally everything works just fine.
Action yaml:
name: Docker
on:
release:
branches: [ master, qa ]
tags: [ 'v*.*.*' ]
types: [ published ]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ph/logging-api #<------------------------Container name
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout#v2
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action#79abd3f86f79a9d68a23c75a09a9a85889262adf
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action#28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action#ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
file: api.Dockerfile #<----------------------------------------- Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
REGISTRY_USER=${{ github.actor }}
REGISTRY_TOKEN=${{ secrets.GITHUB_TOKEN }}
Dockerfile:
FROM mcr.microsoft.com/dotnet/aspnet:6.0-focal AS base
WORKDIR /app
EXPOSE 5000
ENV ASPNETCORE_URLS=http://+:5000
# Creates a non-root user with an explicit UID and adds permission to access the /app folder
# For more info, please refer to https://aka.ms/vscode-docker-dotnet-configure-containers
RUN adduser -u 5678 --disabled-password --gecos "" appuser && chown -R appuser /app
USER appuser
FROM mcr.microsoft.com/dotnet/sdk:6.0-focal AS build
WORKDIR /src
ARG REGISTRY_USER
ARG REGISTRY_TOKEN
RUN dotnet nuget add source --username $REGISTRY_USER --password $REGISTRY_TOKEN --store-password-in-clear-text --name github "https://nuget.pkg.github.com/ph/index.json"
COPY ["ph.LogApi/ph.LogApi.csproj", "ph.LogApi/"]
RUN dotnet restore "ph.LogApi/ph.LogApi.csproj"
COPY . .
WORKDIR "/src/ph.LogApi"
RUN dotnet build "ph.LogApi.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "ph.LogApi.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "ph.LogApi.dll"]
If I execute the docker file directly and pass in the build-args it works great. However in the github action it successfully adds the nuget source and then fails to find the package in either of them.
#10 [build 3/8] RUN dotnet nuget add source --username h-w -*** --store-password-in-clear-text --name github "https://nuget.pkg.github.com/ph/index.json"
#10 0.305 Package source with Name: github added successfully.
#10 DONE 0.3s
#11 [build 4/8] COPY [ph.LogApi/ph.LogApi.csproj, ph.LogApi/]
#11 DONE 0.0s
#12 [build 5/8] RUN dotnet restore "ph.LogApi/ph.LogApi.csproj"
#12 0.792 Determining projects to restore...
#12 4.158 /src/ph.LogApi/ph.LogApi.csproj : error NU1101: Unable to find package ph.Configuration. No packages exist with this id in source(s): github, nuget.org
#12 4.343 Failed to restore /src/ph.LogApi/ph.LogApi.csproj (in 3.35 sec).
#12 ERROR: process "/bin/sh -c dotnet restore \"ph.LogApi/ph.LogApi.csproj\"" did not complete successfully: exit code: 1
------
> [build 5/8] RUN dotnet restore "ph.LogApi/ph.LogApi.csproj":
#12 0.792 Determining projects to restore...
#12 4.158 /src/ph.LogApi/ph.LogApi.csproj : error NU1101: Unable to find package ph.Configuration. No packages exist with this id in source(s): github, nuget.org
#12 4.343 Failed to restore /src/ph.LogApi/ph.LogApi.csproj (in 3.35 sec).
------
api.Dockerfile:18
--------------------
16 | RUN dotnet nuget add source --username $REGISTRY_USER -*** --store-password-in-clear-text --name github "https://nuget.pkg.github.com/PhoeniqsTech/index.json"
17 | COPY ["ph.LogApi/ph.LogApi.csproj", "ph.LogApi/"]
18 | >>> RUN dotnet restore "ph.LogApi/ph.LogApi.csproj"
19 | COPY . .
20 | WORKDIR "/src/ph.LogApi"
--------------------
error: failed to solve: process "/bin/sh -c dotnet restore \"ph.LogApi/ph.LogApi.csproj\"" did not complete successfully: exit code: 1
Error: buildx call failed with: error: failed to solve: process "/bin/sh -c dotnet restore \"ph.LogApi/ph.LogApi.csproj\"" did not complete successfully: exit code: 1
Any input as to what the problem could be is greatly appreciated!
I'm using .NET Core 3.1. using drone to do C/D.
My .drone.yml is
kind: pipeline
type: docker
name: deployment
steps:
- name: build
image: registry.cn-hangzhou.aliyuncs.com/yoyosoft/dotnet/core/sdk
commands:
- dotnet restore src/YOGA.Api
- dotnet restore src/YOGA.MIniProgram.API
- dotnet publish src/YOGA.Api --framework netcoreapp3.1 --configuration Release --output src/YOGA.Api/dist
- dotnet publish src/YOGA.MIniProgram.API --framework netcoreapp3.1 --configuration Release --output src/YOGA.MIniProgram.API/dist
- echo "$(pwd)"
- ls
- cd src
- ls
- cd YOGA.Api
- ls
- name: YOGA.Api to AliyunHub
image: plugins/docker
settings:
dockerfile: src/YOGA.Api/Dockerfile
tags: latest
insecure: true
registry: "registry.cn-qingdao.aliyuncs.com"
repo: "registry.cn-qingdao.aliyuncs.com/yoga_images/mrt_backend_api/mrt_backend_api"
username:
from_secret: username
password:
from_secret: userpassword
- name: YOGA.Mini to AliyunHub
image: plugins/docker
settings:
dockerfile: src/YOGA.MIniProgram.API/Dockerfile
tags: latest
insecure: true
registry: "registry.cn-qingdao.aliyuncs.com"
repo: "registry.cn-qingdao.aliyuncs.com/yoga_images/mini_mrt_backend_api"
username:
from_secret: username
password:
from_secret: userpassword
- name: deploy
image: appleboy/drone-ssh
pull: true
settings:
host: ...
port: ...
username: ...
password: ...
script:
- echo start deploy- echo pulling images from AliyunHub
- docker login --username=...registry.cn-qingdao.aliyuncs.com --password=...
- docker pull docker pull registry.cn-qingdao.aliyuncs.com/yoga_images/mini_mrt_backend_api:latest
- docker tag registry.cn-qingdao.aliyuncs.com/yoga_images/mini_mrt_backend_api:latest mini-mrt-api:latest
- docker run --name mrt-mini-api -d -p xxx:80 mini-mrt-api
- docker pull registry.cn-qingdao.aliyuncs.com/yoga_images/mrt_backend_api:latest
- docker tag registry.cn-qingdao.aliyuncs.com/yoga_images/mrt_backend_api:latest mrt-api:latest
- docker run --name mrt-api -d -p xxx:5000 mrt-api
Drone works fine.
Here is my dockerfile which looks similar...
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1
RUN echo "PWD is: $PWD"
COPY src/YOGA.Api/dist /app
WORKDIR /app
EXPOSE 5000
ENTRYPOINT ["dotnet","YOGA.Api.dll"]
Here's the output from the the ls command
enter image description here
Everything looks fine.
After drone finishes, the container does not start up,
Here's the error from the docker logs...
docker logs 57c728d627cd
It was not possible to find any installed .NET Core SDKs
Did you mean to run .NET Core SDK commands? Install a .NET Core SDK from:
https://aka.ms/dotnet-download
Anyone know the solution?
thx a lot
it works
i'm pushing to my repository has failed.