Now that nuget allows to set the api key in a file which is awesome, but I think it stll would be a problem for those using in CI.
Here is what I think would solve a problem.
Many linux tools like git first gets their config from local file, then the user profile and then the environment variable.
As for nuget i think we dont need the local file stuffs, the nuget.config is more then enough, but now it needs to support environment variables.
I believe all CI allows us to modify the environment variables. So I belive the best way to pass the api key is using the environment variable.
Here is my sample powershell profile that I use.
It sets the default editor using the environment variable.
$env:EDITOR = "vim"
So I think nuget needs something like this.
$env:NUGETAPIKEY = "...."
But again we can have some problems. What if I want to specify muliple nuget ap (I might want to push it to different nuget servers). Then this wouldnt work.
So we should have another feature to allow users to pass the environment variable.
nuget push ..... -env=env_var1
This solve the problem of saving arbitary number of api keys in the environment variables which can be used by NuGet safely.
But we need to be careful as CI like TeamCity exposes any additonal environment variables that is passed which would lead to exposure of the api key.
TeamCity has something called ConfigurationParamter (though i have not personally used it, the config parameters are not passed to build) But Build parameters can reference config parameters. So might be there is a way to pass the apikey without exposing.
Will need to first check all major CI (TeamCity,hudson,cruise control and so on) how they allow it before implementing this feature.