If you are working with .NET Core, containers, and Azure DevOps Pipelines (or whatever they are called now), you may come across a common scenario where you are using private Nuget packages and you need to restore them from inside a Docker container. There is a related thread on GitHub here. The devops pipeline yaml file uses sed to update a nuget.config on the fly with credentials from the build agent.

Here is a sample nuget.config that would be checked into the base of your repository. On your devbox, it could be used as-is without credentials in it.

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <clear />
    <add key="myrepo" value="https://X.pkgs.visualstudio.com/_packaging/XYZ/nuget/v3/index.json" />
    <add key="NuGet" value="https://api.nuget.org/v3/index.json" />
  </packageSources>
</configuration>

Here is a sample azure-pipeline.yaml:

name: "$(Year:yyyy).$(Month).$(DayOfMonth)$(Rev:.r)"

resources:
- repo: self

variables:
  fullImageName: 'X.azurecr.io/XYZ:$(Build.BuildId)'

stages:
  - stage: stage1
    displayName: "Build XYZ"
    jobs:
      - job: myjob
        displayName: "Docker images"
        pool:
          vmImage: 'Ubuntu-16.04'
        steps:
          - bash: |
              set -exo pipefail
              sed -i 's;</packageSources>;</packageSources><packageSourceCredentials><myrepo><add key="Username" value="any" /><add key="ClearTextPassword" value="$(System.AccessToken)" /></myrepo></packageSourceCredentials>;' nuget.config              
              docker build --file Dockerfile --tag $(fullImageName) .
            displayName: 'Build Docker images'

          - task: Docker@1
            displayName: push docker image with build tag
            inputs:
              command: push
              azureContainerRegistry: 'X.azurecr.io'
              azureSubscriptionEndpoint: 'X'
              imageName: $(fullImageName)

Here is a sample Dockerfile (There is nothing special here):

FROM mcr.microsoft.com/dotnet/core/sdk:3.0 as build
WORKDIR /app/myapp
COPY . .
RUN dotnet publish myapp/myapp.csproj -c release -r linux-x64 -o /out/build


FROM mcr.microsoft.com/dotnet/core/runtime-deps:3.0 as runtime
WORKDIR /app/myapp
COPY --from=build /out/build/* ./
ENTRYPOINT [ "./myapp" ]