我在 Azure DevOps 中有 Artifacts,并尝试创建 Docker 构建。
- 平台:Microsoft .NET Core 3.1
- Docker(本地):12.03.19
我所做的步骤:
- 在 Azure DevOps 中创建了 PAT(具有完全权限)
- 使用 Visual Studio 2019 生成 Dockerfile
- 将其添加到 Dockerfile 中:
ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
"{"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json", "username":"USER", "password":"GENERATED_PAT"}]}"
RUN dotnet restore -s "https://https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json" "Project/ProjectName.csproj"
但是当我运行: docker build 时收到“未经授权”错误。 -t mydockerfile:v1
/usr/share/dotnet/sdk/3.1.401/NuGet.targets(128,5): error : Unable to load the service index for source https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json. [/src/Project/ProjectName.csproj] /usr/share/dotnet/sdk/3.1.401/NuGet.targets(128,5): error : Response status code does not indicate success: 401 (Unauthorized). [/src/Project/ProjectName.csproj] The command '/bin/sh -c dotnet restore -s "https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json" "Project/ProjectName.csproj"' returned a non-zero code: 1
Dockerfile
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS base
WORKDIR /app
EXPOSE 80
ENV NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED true
ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS \
"{"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json", "username":"USER", "password":"GENERATED_PAT"}]}"
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
COPY ["MyAPP.Api/MyAPP.Api.csproj", "MyAPP.Api/"]
COPY ["MyAPP.DI/MyAPP.DI.csproj", "MyAPP.DI/"]
COPY ["MyAPP.Application/MyAPP.Application.csproj", "MyAPP.Application/"]
COPY ["MyAPP.Domain/MyAPP.Domain.csproj", "MyAPP.Domain/"]
COPY ["MyAPP.Infrastructure/MyAPP.Infrastructure.csproj", "MyAPP.Infrastructure/"]
RUN dotnet restore -s "https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json" "MyAPP.Domain/MyAPP.Domain.csproj"
COPY . .
WORKDIR "/MyAPP.Api"
RUN dotnet build "MyAPP.Api.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "MyAPP.Api.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "MyAPP.Api.dll"]
最佳答案
问题的主要原因:
dotnet restore 命令无法实际访问您通过 ENV 设置的凭据。
您可以添加RUN printenv来打印ENV变量。
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS base
WORKDIR /app
EXPOSE 80
ENV NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED true
ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS \
"{"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json", "username":"USER", "password":"GENERATED_PAT"}]}"
RUN printenv
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
RUN printenv
检查第一个printenv和第二个printenv命令的日志,可以发现运行dotnet Restore的环境无法访问凭据。
解决方案:
您可以在 RUN dotnet Restore 步骤之前移动/复制 define ENV 步骤。
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
...
ENV NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED true
ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS \
"{"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json", "username":"USER", "password":"GENERATED_PAT"}]}"
RUN dotnet restore -s "https://pkgs.dev.azure.com/MYCOMPANY/_packaging/MYPROJECT/nuget/v3/index.json" "MyAPP.Domain/MyAPP.Domain.csproj"
关于azure - 构建 docker 镜像时无法在 Azure DevOps (Artifacts) 中授权,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63699778/