It would be nice if it was possible to store the credentials for private NuGet feeds in environment variables, instead of in the NuGet.config file. This would help when running NuGet package restore on a build server. Right now to do this you have two
- Store all NuGet config info on each buildagent in the AppData folder. This is annoying because we want to avoid state on build agents.
- Store a NuGet.config in the repository with a cleartext password. It can't be encrypted because the encryption is done at the user level so if I encrypt on my machine it will not work on the build server. Storing passwords in plain text in repositories
is bad, so I definitely don't want to do that.
Most (all?) CI systems allow you to specify environment variables to pass to the build. The good ones also allow "secure" environment variables, so their values won't be logged anywhere. This is where I want to keep my credentials for private feeds,
in the CI server configuration.
I have written the code for this myself, so a pull request is on the way. Maybe there are other better ways to do this, but a pull request with working code is at least a starting point to discuss this and figure out if it's useful.