Dotnet restore GitHub Packages in Dockerfile

How can I restore nuget packages hosted in GitHub packages within a Dockerfile?

When I create a NuGet.config file, I need to set a token there (only a readonly token) to access GitHub Packages, even on public repositories :frowning: . This password will be deleted by GitHub immediately. Is there another way?

Dockerfile:

FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src

COPY ["Deploy_O_Mat.API/Deploy_O_Mat.API.csproj", "Deploy_O_Mat.API/"]
COPY ["NuGet.config", "Deploy_O_Mat.API/"]

RUN dotnet restore "Deploy_O_Mat.API/Deploy_O_Mat.API.csproj"
COPY . .
WORKDIR "/src/Deploy_O_Mat.API"

RUN dotnet build "Deploy_O_Mat.API.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "Deploy_O_Mat.API.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Deploy_O_Mat.API.dll"]

Action (build - restore works without NuGet.config file):

name: .NET Core

on:
  push:
    branches: [master]
  pull_request:
    branches: [master]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - name: Setup .NET Core
      uses: actions/setup-dotnet@v1
      with:
        dotnet-version: 3.1.100
        source-url: https://nuget.pkg.github.com/Marcel-B/index.json
      env:
        NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
    - name: Install dependencies
      run: dotnet restore
    - name: Build
      run: dotnet build --configuration Release --no-restore
    - name: Test
      run: dotnet test --no-restore --verbosity normal

Action (Docker image build and deply without NuGet.config - doesn’t work):

name: Publish Docker
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Publish to Registry
      uses: elgohr/Publish-Docker-Github-Action@master
      with:
        name: millegalb/deploy-o-mat
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_PASSWORD }}
        source-url: https://nuget.pkg.github.com/Marcel-B/index.json
      env:
        NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}

@marcel-b ,

In your workflow, you can set  GITHUB_TOKEN  as an environment variable on the runner machine, and then in the  nuget.config file, set the value of the password to reference this environment variable.

The GITHUB_TOKEN  is automatically created by GitHub and it expires after 60 minutes.

What username would be set then? 

        <github>
            <add key=“Username” value="???WHAT GOES HERE???" />
            <add key=“ClearTextPassword” value="%GITHUB_TOKEN%" />
        </github>