Clash between development and production config files

[lonix1]

Originally posted on StackOverflow, and in discussions page here on repo, without success. I can't believe I'm the only one with this issue. How is this typically done? Can someone please point me to an example or official docs that deal with this?

Discussed in #12824

Originally posted by lonix1 August 18, 2023
Originally posted on StackOverflow without success. Any help would be appreciated.

---

My .net project is built locally by me during development, and remotely by my ci/cd server.

The project has project-level config in myproject/nuget.config. It is used by my ci/cd server, which provides some environment variables:

<?xml version="1.0" encoding="utf-8"?>
<configuration>

  <packageSources>
    <clear />
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
    <add key="custom" value="https://example.com/api/nuget/index.json" />
  </packageSources>

  <packageSourceCredentials>
    <custom>
      <!-- env vars provided by pipeline -->
      <add key="Username" value="%USERNAME%" />
      <add key="ClearTextPassword" value="%API_KEY%" />
    </custom>
  </packageSourceCredentials>

  <packageSourceMapping>
    <!-- get other packages from nuget server -->
    <packageSource key="nuget.org">
      <package pattern="*" />
    </packageSource>
    <!-- get own packages from private server -->
    <packageSource key="custom">
      <package pattern="MyOrg.*" />
    </packageSource>
  </packageSourceMapping>

</configuration>

My local machine has user-level config in ~/.nuget/Nuget/Nuget.Config, which is the same, except for different credentials:

  <packageSourceCredentials>
    <custom>
      <add key="Username" value="my_username" />
      <add key="ClearTextPassword" value="my_personal_api_key" />
    </custom>
  </packageSourceCredentials>

That works in the ci/cd server, i.e. in production.

But locally (i.e. in development), I get 401/Unauthorized errors when running dotnet restore (etc.) - because the project-level config (which requires extra env vars) overwrites the user-level config. (I have many other repos with the same issue, so I don't want to export env vars or add stuff to my .bashrc: it's messy, I don't want to do that.)

This seems to be the opposite to how it's typically done, where there is some "default" checked into source control, and it can be customised during development (with overriding config files) and production (with config files or env vars).

How do I do this?

[lonix1]

Sorry, I don't know what is a type label, and that link is a 404.