Skip to content

Using the package(s) from the Hackney.Core repository

Jump to bottom
Mirela Georgieva edited this page Oct 19, 2022 · 3 revisions

The GitHub Nuget Package Repository cannot be accessed anonymously, meaning that to use it in your projects you must add or update the NuGet.Config file to include an authorisation token.

The Token Value

The token used to access the package feed is a GitHub Personal Accesss Token, with 'read:packages' permissions scope.

For local testing, please generate a personal GitHub PAT token.

Never use a personal token as part of pipeline configurations or other means for deployment.

For automation purposes, a GitHub PAT token has been generated for Hackney's GitHub machine user. The token is stored in

  1. Hackney's 1Password Development team vault for a centralised reference point to the tokens' value stored under the names lbhautomation NuGet WRITE GitHub PAT and lbhautomation NuGet READ-ONLY GitHub PAT
  2. CircleCI's api-nuget-token-context Context - use this in your pipeline configuration for building the project.
  3. As a global GitHub actions secret so any NuGet package can be successfully built and deployed.

The Github Actions organisation-level secret can only be used across current repositories used to manage packages. If a new package repository is introduced, please post a message in the #hackit-dev-team slack channel so the secret's scope can be expanded to the new repository.

NuGet.Config

If there isn't one there already, create a file in the root of the repository called NuGet.Config (this filename is case-sensitive, see below). Its contents should look similar to the example below:

<configuration>

  <packageSources>
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
    <add key="github-hackney" value="https://nuget.pkg.github.com/LBHackney-IT/index.json" />
  </packageSources>

  <packageSourceCredentials>
    <github-hackney>
      <add key="Username" value="PublicToken" />
      <add key="ClearTextPassword" value= "%LBHPACKAGESTOKEN%" />
    </github-hackney>
  </packageSourceCredentials>

  <activePackageSource>
    <add key="All" value="(Aggregate source)" />
  </activePackageSource>

</configuration>

The token value here is replaced by the environment variable LBHPACKAGESTOKEN.

Environment variable

The value of the environment variable should be the token value (see here).

Local

To build locally you will need to create a local system environment variable (using the "User" scope is fine) for the key LBHPACKAGESTOKEN. You can use the system UI or the the following PowerShell command will also do it:

[System.Environment]::SetEnvironmentVariable('LBHPACKAGESTOKEN','<TOKEN VALUE GOES HERE>',[System.EnvironmentVariableTarget]::User)

CircleCi Pipeline

If the project was created using either the lbh-base-api or lbh-base-listener templates then this may already be done for you, but in case it is not the CircleCi config.yml file should be updated as below.

The following workflow jobs must have the api-nuget-token-context context applied to them:

  • check-and-deploy-development
    • check-code-formatting
    • build-and-test
    • deploy-to-development
  • check-and-deploy-staging-and-production
    • check-code-formatting
    • build-and-test
    • deploy-to-staging
    • deploy-to-production

For example:

workflows:
  check-and-deploy-development:
    jobs:
      - check-code-formatting:
          context: api-nuget-token-context
      - build-and-test:
          context: api-nuget-token-context

Also, if there is an environment variable configured within the CircleCi project settings called LBHPACKAGESTOKEN, then this should be deleted as it will conflict with the value set by the context.

Docker changes

For services created using the lbh-base-api project template there are a number of changes required to the dockerfiles used during the CircleCi pipelines in order to make the LBHPACKAGESTOKEN environment variable available within the container.

docker-compose.yaml

The added sections specific to using the nuget package(s) are the addition of the args parameter for each container.

version: "3.2"

services:
  notes-api:
    image: notes-api
    build:
      context: .
      dockerfile: NotesApi/Dockerfile
      args:
      - LBHPACKAGESTOKEN=${LBHPACKAGESTOKEN}
      ...

  notes-api-test:
    image: notes-api-test
    build:
      context: .
      dockerfile: NotesApi.Tests/Dockerfile
      args:
      - LBHPACKAGESTOKEN=${LBHPACKAGESTOKEN}
      ...

Note also that the context for the api container is '.' (i.e. the container root) - this was previously set to the service project folder.

Service project dockerfile

The paths here have been updated from those taken from the base api template to reflect the context change in the docker-compose file. The sections specific to using the nuget package(s) are:

  • The addition of the arg and environment variable for LBHPACKAGESTOKEN.
  • The copying of the NuGet.Config file to the correct place in the container so that it will be used. The filenames here are case sensitive (as they are being used within a Linux container), so...
    • The source filenames for the config file must match that used within the Git repository, otherwise it will not be found.
    • The destination filename must be "NuGet.Config" otherwise it will not be recognised.
FROM mcr.microsoft.com/dotnet/core/sdk:3.1

ARG LBHPACKAGESTOKEN
ENV LBHPACKAGESTOKEN=$LBHPACKAGESTOKEN

WORKDIR /app

# Copy csproj and nuget config and restore as distinct layers
COPY ./NotesApi/NotesApi.csproj ./
COPY /NuGet.Config /root/.nuget/NuGet/NuGet.Config

RUN dotnet restore ./NotesApi.csproj

# Copy everything else and build
COPY ./NotesApi ./

RUN dotnet build -c Release -o out ./NotesApi.csproj
RUN dotnet publish -c Release -o out ./NotesApi.csproj

EXPOSE ${PORT:-3000}
CMD ASPNETCORE_URLS=http://+:${PORT:-3000} dotnet ./out/NotesApi.dll

Tests project dockerfile

The sections specific to using the nuget package(s) are:

  • The addition of the arg and environment variable for LBHPACKAGESTOKEN.
  • The copying of the NuGet.Config file to the correct place in the container so that it will be used. The filenames here are case sensitive (as they are being used within a Linux container), so...
    • The source filenames for the config file must match that used within the Git repository, otherwise it will not be found.
    • The destination filename must be "NuGet.Config" otherwise it will not be recognised.
FROM mcr.microsoft.com/dotnet/core/sdk:3.1

# disable microsoft telematry
ENV DOTNET_CLI_TELEMETRY_OPTOUT='true'

ARG LBHPACKAGESTOKEN
ENV LBHPACKAGESTOKEN=$LBHPACKAGESTOKEN

WORKDIR /app

# Copy csproj and nuget config and restore as distinct layers
COPY ./NotesApi.sln ./
COPY ./NotesApi/NotesApi.csproj ./NotesApi/
COPY ./NotesApi.Tests/NotesApi.Tests.csproj ./NotesApi.Tests/
COPY /NuGet.Config /root/.nuget/NuGet/NuGet.Config

RUN dotnet restore ./NotesApi/NotesApi.csproj
RUN dotnet restore ./NotesApi.Tests/NotesApi.Tests.csproj

# Copy everything else and build
COPY . .

RUN dotnet build -c debug -o out NotesApi.Tests/NotesApi.Tests.csproj

CMD dotnet test

Using the docker containers locally

It is of course possible to build and run these docker containers locally. The commands (shown below) should be executed in a command window and not a PowerShell window as the environment variable syntax is not recognised by PowerShell. If for some reason the commands fail due to the fact that the system environment variable is not recognised, replace %LBHPACKAGESTOKEN% with that actual token value.

Service container

  • To build the container:
docker-compose build --build-arg LBHPACKAGESTOKEN=%LBHPACKAGESTOKEN% notes-api
  • To run the built container:
docker-compose run -p 3000:3000/tcp notes-api

Service tests container

  • To build the container:
docker-compose build --build-arg LBHPACKAGESTOKEN=%LBHPACKAGESTOKEN% notes-api-test
  • To run the built container:
docker-compose run notes-api-tests
Clone this wiki locally