In my last posts, I published my NuGet package to a private NuGet feed. This is a good solution if you want to use your NuGet packages only internally. If you want to share them, you need a public NuGet feed. The by far biggest one (also the default feed) is nuget.org.
In this post, I will extend my previously created Azure DevOps pipeline and deploy the NuGet package to nuget.org so everyone can download and use it.
Create a Nuget.org API Key
To be able to push NuGet packages to nuget.org, you have to obtain an API key first. Go to nuget.org and signup or login and then click on your profile and select API Keys.
This opens the API keys page of your account. There click on + Create and enter a name and expiry date. Additionally, select which packages you want to associate with your key. I uploaded the NuGet package by hand before, therefore I can see it in the list. Click Create and the API key gets generated.
Make sure that you click Copy after the API key is generated. This is the only time you can access the key. If you don’t copy it, you have to refresh it to get a new one.
Create a NuGet Connection in Azure DevOps
The next step is to use the previously created API key to connect Azure DevOps with nuget.org. In your Azure DevOps project, click on Project settings and then Service connections. There click on New service connection and select NuGet. Select ApiKey as the authentication method, enter https://api.nuget.org/v3/index.json as the feed URL, and paste the previously create NuGet API key in the ApiKey textbox. Provide a name and then click Save.
Publish to Nuget.org using an Azure DevOps Pipeline
You can find the code of the demo on Github.
The last step is to use the previously created service connection to extend the Azure DevOps pipeline and push the NuGet package to nuget.org. Publishing to nuget.org is almost the same as publishing to a private NuGet feed.
First, I create a name stage in which I download the previously created NuGet package.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 - stage: publishpublic dependsOn: publishinternal condition: and(succeeded(), ne(variables['Build.Reason'], 'PullRequest')) displayName: 'Nuget - Publish Public Packages' jobs: - deployment: publishpublic displayName: 'Nuget - Publish packages to public feed' environment: nuget-publish-public strategy: runOnce: deploy: steps: - download: current artifact: '$(ArtifactNugetName)' displayName: 'Download nuget packages'
Next, I push the NuGet package to nuget.org using the dotnet core nuget push command. The only difference to push to the internal feed is that I use as feed type external and as publishFeedCredentials the previously created service connection.
1 2 3 4 5 6 7 - task: DotNetCoreCLI@2 displayName: "Publish nuget packages to public feed" inputs: command: 'push' packagesToPush: '$(Agent.BuildDirectory)/$(ArtifactNugetName)/*.nupkg' nuGetFeedType: 'external' publishFeedCredentials: 'PrimeNumber'
For more details about the steps see my post Publish to an Internal NuGet Feed in Azure DevOps.
That’s all you have to do. Save the pipeline and run it. You can find the finished pipeline on Github.
DotNetCore currently does not support using an encrypted Api Key
When you run the pipeline, you will get an error while publishing the NuGet package to nuget.org.
Everything is set up correctly but there is a bug (or missing feature) in Dotnet Core and therefore you can’t use an API key to push packages. There is an open Github issue which was created in 2018 but Microsoft has ignored the problem so far.
Luckily there is a workaround until (if ever) Microsoft fixes the problem. You can use a dotnetcore custom command and provide the appropriate arguments to push to nuget.org.
1 2 3 4 5 6 7 8 9 - task: DotNetCoreCLI@2 displayName: Push Nuget Package inputs: command: custom custom: nuget arguments: > push $(Agent.BuildDirectory)/$(ArtifactNugetName)/*.nupkg -s https://api.nuget.org/v3/index.json -k $(NuGetApiKey)
You tell the command which packages it should push, -s declares the destination, and -k provides the nuget.org API key. The best practice for secret variables is to create a new variable inside the pipeline by clicking on Variables on the top right corner and then click + on the pop-out. Provide a name and previously copied API key. Additionally, check “Keep this value secret” so no user can read the value. Click on OK and run the pipeline again.
This time the publish worked.
Publishing a NuGet package to nuget.org works almost as the publish to a private Azure DevOps feed. Unfortunately, Microsoft has a bug in their dotnetcore task and therefore it is not working as expected. This post showed how you still can use an Azure DevOps pipeline to push a NuGet package to nuget.org using a small workaround.
You can find the code of the demo on Github.
This post is part of “Microservice Series - From Zero to Hero”.