Automatically auth package source mapping that match source-url
Description:
When NuGet.Config contains a package source that matches source-url, automatically auth that source correctly.
Justification: Currently a user may have the following step in their Action:
- uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.x.x
source-url: https://nuget.pkg.github.com/example/index.json
env:
NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
And a NuGet.Config with the following:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="github" value="https://nuget.pkg.github.com/example/index.json" />
</packageSources>
<packageSourceMapping>
<packageSource key="nuget.org">
<package pattern="*" />
</packageSource>
<packageSource key="github">
<package pattern="Example.*" />
</packageSource>
</packageSourceMapping>
</configuration>
Nuget restore will fail with authorization errors, which is unexpected since they provided a source-url and NUGET_AUTH_TOKEN.
They have to manually auth the mapping:
- name: dotnet
run: dotnet ...
env:
NuGetPackageSourceCredentials_github: Username=${{ github.actor }};Password=${{ secrets.GITHUB_TOKEN }}
The setup-dotnet should automatically fixup the auth for mappings that match the provided source-url
Hi @CoenraadS 👋, Thank you for the feature request. We'll investigate it and come back to you with the details!
@priyagupta108 Is it any ETA for this issue? Another way to solve this, may be to add support for configuration of Package Source Mapping using dedicated action parameter.
@CoenraadS @priyagupta108 I've verified this, and it looks like this is already implemented 😁
Is this fixed? It doesn't work for me.
Is your nuget.config stored in the root of your repository, or in a subfolder? By default the action will look for configurations in the root, not in subfolders. Specifying the path of my nuget.config using the config-file option solved this issue for me.