This is the base "devtools" image I've used in the past for authenticating to private Azure DevOps NuGet and NPM feeds. The PAT needs to be Base64 encoded for NPM, but not for NuGet. It's a little weird. I can't guarantee there's not a better way to do this.
ARG SDKVersion=3.1
FROM mcr.microsoft.com/dotnet/core/sdk:${SDKVersion} AS build-env
# Contains NPM/NodeJS for webpack and all appropriate PATs/configuration for pulling NPM and NuGet packages from private feeds
ARG NugetPAT
ARG B64PAT
ARG SDKVersion=3.1
ENV Configuration Release
ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS \
"{\"endpointCredentials\": [{\"endpoint\":\"https://pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/nuget/v3/index.json\", \"username\":\"docker\", \"password\":\"${NugetPAT}\"}]}"
RUN curl -L https://raw.githubusercontent.com/Microsoft/artifacts-credprovider/master/helpers/installcredprovider.sh | bash
RUN apt-get update -yq \
&& apt-get install curl gnupg -yq \
&& curl -sL https://deb.nodesource.com/setup_12.x | bash \
&& apt-get install nodejs -yq
WORKDIR /app
RUN echo '<?xml version="1.0" encoding="UTF-8"?><configuration><packageSources><add key="public" value="https://api.nuget.org/v3/index.json" /><add key="projectname-common" value="https://pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/nuget/v3/index.json" /></packageSources></configuration>' > NuGet.config
RUN echo \; begin auth token > /root/.npmrc && \
echo //pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/npm/registry/:username=orgname >> /root/.npmrc && \
echo //pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/npm/registry/:_password=${B64PAT} >> /root/.npmrc && \
echo //pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/npm/registry/:email=npm requires email to be set but doesn''t use the value >> /root/.npmrc && \
echo //pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/npm/:username=orgname >> /root/.npmrc && \
echo //pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/npm/:_password=${B64PAT} >> /root/.npmrc && \
echo //pkgs.dev.azure.com/orgname/projectname/_packaging/projectname-common/npm/:email=npm requires email to be set but doesn''t use the value >> /root/.npmrc && \
echo \; end auth token >> /root/.npmrc
Thanks Daniel, this helped solve the problem. I added a line to the dockerfile to convert the NPM_TOKEN argument to base64:
RUN echo -n ${NPM_TOKEN} | base64 > ~/.token64I then referred to that encoded token in the root.npmrcas you outlined, and I can now access my private ADO feed. Thank you!@gt-downunder Glad to help! It took me hours to get it working the first time. Major pain.