Add .Net 6 telerik nuget feed to Github action

Question

I have a Blazor wasm project in .Net 6 and I am trying to use Github action for CI/CD. I am getting following error, when running github action

Run dotnet restore Client/Client.csproj --runtime any
  dotnet restore Client/Client.csproj --runtime any
  shell: /usr/bin/bash -e {0}
  env:
    DOTNET_ROOT: /home/runner/.dotnet
    TELERIK_USERNAME: ***
    TELERIK_PASSWORD: ***
  Determining projects to restore...
/home/runner/work/fleetBASE/fleetBASE/Client/Client.csproj : error NU1101: Unable to find package Telerik.UI.for.Blazor. No packages exist with this id in source(s): nuget.org
  Failed to restore /home/runner/work/fleetBASE/fleetBASE/Client/Client.csproj (in 8.94 sec).
Error: Process completed with exit code 1.

FYI, I tried sample Blazor wasm project in .Net 6 without telerik, and it worked perfectly. My github action looks like this:

name: Azure Static Web Apps CI/CD

on:
  push:
    branches:
      - Poc_ADB2C
  pull_request:
    types: [opened, synchronize, reopened, closed]
    branches:
      - Poc_ADB2C

jobs:
  build_and_deploy_job:
    if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
    runs-on: ubuntu-latest
    name: Build and Deploy Job
    steps:
      - uses: actions/checkout@v2
        with:
          submodules: true
      - name: Setup .NET Core SDK
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: '6.0.x'
      - name: Restore NuGet Packages
        run: dotnet restore Client/Client.csproj --runtime any
        env:
            TELERIK_USERNAME: ${{ secrets.MyTelerikAccountUsername }}
            TELERIK_PASSWORD: ${{ secrets.MyTelerikAccountPassword }}

      - name: Build And Deploy
        env:
            TELERIK_USERNAME: ${{ secrets.MyTelerikAccountUsername }}
            TELERIK_PASSWORD: ${{ secrets.MyTelerikAccountPassword }}
        id: builddeploy
        uses: Azure/static-web-apps-deploy@v1
        with:
          azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WONDERFUL_HILL_0F2E3E10F }}
          repo_token: ${{ secrets.GITHUB_TOKEN }} # Used for Github integrations (i.e. PR comments)
          action: "upload"
          ###### Repository/Build Configurations - These values can be configured to match your app requirements. ######
          # For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig
          app_location: "Client" # App source code path
          output_location: "wwwroot" # Built app content directory - optional
          ###### End of Repository/Build Configurations ######

  close_pull_request_job:
    if: github.event_name == 'pull_request' && github.event.action == 'closed'
    runs-on: ubuntu-latest
    name: Close Pull Request Job
    steps:
      - name: Close Pull Request
        id: closepullrequest
        uses: Azure/static-web-apps-deploy@v1
        with:
          azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WONDERFUL_HILL_0F2E3E10F }}
          action: "close"

I couldn't find option to add telerik nuget feed in GitHub action. What am I missing here?

Answer 1

You answered your own question and maybe things have changed since then, but putting your credentials in the clear in a project file is a bad thing and isn't required (at least it isn't required today, maybe it was in 2021). Here are the steps to do this securely:

1. First you browse in GitHub to your project page.
2. Then you click on the Settings tab.
3. Then you find, on the left, the Secrets and Variables, and then Actions.
4. Now, on the right you’ll find a section marked “Repository secrets”.
5. Create two new repository secrets, one for your Telerik UserId and one for your password.
   • You don't have to do both and even though your UserId may not be a secret it seemed like a good idea to keep the two values together, and out of repository history, and inject both pieces of information into the process.
   • Note that, annoyingly, all developers who trigger your action will be using your Telerik login for CI, which also means your action will break when you leave the company. I don't know if it's possible to get a "company" Telerik user for CI, but you may not want to use your company's Telerik admin login either.
6. Now, you need to put a NuGet.config file in your project. You can copy it from your global, or you can create a custom one just for GitHub actions, but so far, I haven’t figured out a way to do without having a NuGet.config in the project. I still want my global one to be used for development, so I called mine NuGet_for_GitHub.config and I put it next to the solution.
7. Make sure all packages that your project uses are attached to one of the package repositories in the NuGet.config file.
   • If not, you’ll get errors from the restore. At least, I got a bunch of errors from the restore that I didn’t see when building locally and had to add quite a few packages that I didn’t have in my global NuGet.config.
8. You probably don’t have your Telerik credentials in your NuGet.config file, so you’ll have to add the following section:

      <packageSourceCredentials>
          <Telerik_x0020_Package_x0020_source>
              <add key="Username"          value="%TELERIKUSERNAME%" />
              <add key="ClearTextPassword" value="%TELERIKPASSWORD%" />
          </Telerik_x0020_Package_x0020_source>
      </packageSourceCredentials>

9. Note that the element “Telerik_x0020_Package_x0020_source” matches with the name that I gave the Telerik package source and so it must match your name with spaces replaced by x0020. My Telerik source looks like this:

    <add key="Telerik Package source" value="https://nuget.telerik.com/v3/index.json" />

10. The replaceable values that I have in there surrounded by %xx% are environment variables. So, now you must make sure the secrets get copied into the environment where the action is running. You modify your action yaml file to do this. In this case I’ve named the secrets and the environment variables the same, but that’s not a requirement.

- name: Restore dependencies
  run: dotnet restore --configfile NuGet_for_GitHub.config
  env:
    TELERIKUSERNAME: ${{ secrets.TELERIKUSERNAME }}
    TELERIKPASSWORD: ${{ secrets.TELERIKPASSWORD }}

11. This gets the secrets from GitHub, copies them into the environment, then the packageSourceCredentials above copies them into the keys to use to authenticate you into Telerik and Bob’s your uncle. Note that you could also do this locally, but it’s not necessary with Visual Studio as it caches your login information encrypted with your computer cert.
12. That’s it, you should be able to restore Telerik packages for CI.

Answer 2

Finally I figured it out, I had to add telerik feed through NuGet.Config and pass it in dotnet restore command in the workflow. Also I had to add telerik credentials in Nuget.Config in ClearTextPassword.

Sample Nuget.Config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
     <packageSources>
       <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
       <add key="telerik.com" value="https://nuget.telerik.com/nuget" />
      </packageSources>
      <packageSourceCredentials>
        <telerik.com>
          <add key="Username" value="XXXXXXX" />
          <add key="ClearTextPassword" value="XXXXXXX" />
        </telerik.com>
      </packageSourceCredentials>   
</configuration>

Sample github action workflow:

name: Azure Static Web Apps CI/CD

on:
  push:
    branches:
      - dev
  pull_request:
    types: [opened, synchronize, reopened, closed]
    branches:
      - dev

jobs:
  build_and_deploy_job:
    if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
    runs-on: ubuntu-latest
    name: Build and Deploy Job
    steps:
      - uses: actions/checkout@v2
        with:
          submodules: true
      - name: Setup .NET Core SDK
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: '6.0.x'
      - name: Restore NuGet Packages
        run: dotnet restore Client/Client.csproj --configfile Client/NuGet.Config --runtime any
      - name: Build And Deploy
        id: builddeploy
        uses: Azure/static-web-apps-deploy@v1
        with:
          azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WONDERFUL_HILL_0F2E3E10F }}
          repo_token: ${{ secrets.GITHUB_TOKEN }} # Used for Github integrations (i.e. PR comments)
          action: "upload"
      ###### Repository/Build Configurations - These values can be configured to match your app requirements. ######          
          app_location: "Client" # App source code path
      #api_location: "Api" # Api source code path - optional
          output_location: "wwwroot" # Built app content directory - optional
      ###### End of Repository/Build Configurations ######

  close_pull_request_job:
    if: github.event_name == 'pull_request' && github.event.action == 'closed'
    runs-on: ubuntu-latest
    name: Close Pull Request Job
    steps:
      - name: Close Pull Request
        id: closepullrequest
        uses: Azure/static-web-apps-deploy@v1
        with:
          azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WONDERFUL_HILL_0F2E3E10F }}
          action: "close"

Note: Sometimes Github action fails for unknown reason, so just re run the workflow.