How to Pass Parameters to a Dockerfile in Visual Studio Publish Profiles

Tony Pitman 76

I have an ASP.NET solution in Visual Studio 2022 with Docker support enabled. I created a publish profile to deploy my application to Azure Container Apps.

When I right-click the project and select publish, I see a window for publishing to Azure.

In my Dockerfile, I need to provide a username and password to add a company internal NuGet source. I want to supply these credentials without including them directly in the Dockerfile due to source control security concerns.

I have added ARG and ENV in the Dockerfile, which allow me to inject the username and password when using the Docker command line for the build. However, I'm unable to figure out how to inject these credentials during the publish process initiated through Visual Studio.

How can the username and password be injected into the publish process in Visual Studio?

LeelaRajeshSayana-MSFT 17,021

Hi @Tony Pitman Thank you for posting the question on this forum. This is an interesting use case.

Looks like the Visual Studio publish option does not let you customize or configure the build options which is required to achieve what you are looking for. You would have to consider deploy using GitHub actions which lets you add secrets on the GitHub repository and refer them in the YAML file during the build and then deploy to the container apps.

You can follow the below steps to store the secrets in the repository

Go to your GitHub repository.
Navigate to Settings > Secrets and variables > Actions.
Add secrets for NUGET_USERNAME, NUGET_PASSWORD, ACR_USERNAME, and ACR_PASSWORD.

You can then refer the above secrets in the YAML file as follows

name: Build and Deploy to Azure Container Apps

on:
  push:
    branches:
      - main

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v2

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v1

    - name: Log in to Azure Container Registry
      uses: azure/docker-login@v1
      with:
        login-server: <your-registry-name>.azurecr.io
        username: ${{ secrets.ACR_USERNAME }}
        password: ${{ secrets.ACR_PASSWORD }}

    - name: Create secrets.env file
      run: |
        echo NUGET_USERNAME=${{ secrets.NUGET_USERNAME }} > secrets.env
        echo NUGET_PASSWORD=${{ secrets.NUGET_PASSWORD }} >> secrets.env

    - name: Build and push Docker image
      run: |
        docker build -f Dockerfile --env-file secrets.env -t <your-registry-name>.azurecr.io/<your-image-name> .
        docker push <your-registry-name>.azurecr.io/<your-image-name>

    - name: Deploy to Azure Container Apps
      uses: azure/CLI@v1
      with:
        inlineScript: |
          az containerapp create --name <your-container-app-name> --resource-group <your-resource-group> --image <your-registry-name>.azurecr.io/<your-image-name> --environment <your-environment-name>

You can add the above YAML file to your A GitHub Actions workflow and once the workflow runs, it should start to build and deploy your container app.

Please refer the documentation Deploy to Azure Container Apps with GitHub Actions for reference. Please let us know if you have any additional questions or need further assistance.

Tony Pitman 76 Reputation points

2025-01-22T22:34:32.14+00:00

Thank you for the information.

Do you know if the same kind of thing can be done in DevOps? That is the git and CI server system we use.
Pasindu Dinuranga 0 Reputation points

2025-01-22T23:11:35.53+00:00
To inject sensitive credentials like a username and password into your Docker build process during the publish process in Visual Studio, you can use the following approaches:

Use Environment Variables

You can set environment variables in your system or in the Visual Studio project settings. Here's how to do it:

Step 1: Set Environment Variables

Windows Environment Variables:

Right-click on "This PC" or "My Computer" and select "Properties".

Click on "Advanced system settings".

Click on "Environment Variables".

Add new variables for your NuGet username and password (e.g., NUGET_USERNAME and NUGET_PASSWORD).

Visual Studio Project Settings:
- Right-click on your project in Solution Explorer and select "Properties". - Go to the "Debug" tab. - In the "Environment variables" section, add your variables (e.g., **`NUGET_USERNAME`** and **`NUGET_PASSWORD`**).

Step 2: Modify Your Dockerfile

In your Dockerfile, you can reference these environment variables using the ARG and ENV commands:

dockerfile 1ARG NUGET_USERNAME 2ARG NUGET_PASSWORD 3

Use Docker Secrets (for production)

If you're deploying to a production environment, consider using Docker secrets. However, this is more complex and typically used in Docker Swarm or Kubernetes environments.

Use a .env File

You can also create a .env file in your project directory to store your credentials. This file should not be checked into source control (add it to .gitignore).

Create a .env file in your project directory:

RunCopy code 1NUGET_USERNAME=your_username 2NUGET_PASSWORD=your_password

Modify your Dockerfile to read from the .env file:

dockerfile 1# Load environment variables from .env file 2ARG NUGET_USERNAME 3ARG NUGET_PASSWORD 4

Modify the Publish Profile

If you are using a publish profile, you can also modify it to include the necessary environment variables. Open the .pubxml file associated with your publish profile and add the following:

xml 1<PropertyGroup> 2 <DockerBuildArgs>NUGET_USERNAME=$(NUGET_USERNAME);NUGET_PASSWORD=$(NUGET_PASSWORD)</DockerBuildArgs> 3</PropertyGroup>

Summary

By using environment variables or a .env file, you can securely inject your NuGet credentials into the Docker build process without hardcoding them in your Dockerfile. Make sure to keep your credentials secure and avoid checking them into source control.
Tony Pitman 76 Reputation points

2025-01-23T17:15:34.6566667+00:00

I have the environment variables defined in Windows. I added the DockerBuildArgs to my pubxml file. I have the ARG statements in my dockerfile and I use them in the RUN command.

I still get the error on the RUN command and the command has this:

--password ${NUGET_PASSWORD}

So it isn't replacing that with the value defined in my environment variable.

How do I diagnose this and fix it?

2 answers

Pasindu Dinuranga 0 Reputation points

2025-01-22T23:16:19.2666667+00:00
To inject sensitive credentials like a username and password into your Docker build process during the publish process in Visual Studio, you can use the following approaches:

Use Environment Variables

You can set environment variables in your system or in the Visual Studio project settings. Here's how to do it:

Step 1: Set Environment Variables

Windows Environment Variables:

Right-click on "This PC" or "My Computer" and select "Properties".

Click on "Advanced system settings".

Click on "Environment Variables".

Add new variables for your NuGet username and password (e.g., NUGET_USERNAME and NUGET_PASSWORD).

Visual Studio Project Settings:
- Right-click on your project in Solution Explorer and select "Properties". - Go to the "Debug" tab. - In the "Environment variables" section, add your variables (e.g., **`NUGET_USERNAME`** and **`NUGET_PASSWORD`**).

Step 2: Modify Your Dockerfile

In your Dockerfile, you can reference these environment variables using the ARG and ENV commands:

dockerfile 1ARG NUGET_USERNAME 2ARG NUGET_PASSWORD 3

Use Docker Secrets (for production)

If you're deploying to a production environment, consider using Docker secrets. However, this is more complex and typically used in Docker Swarm or Kubernetes environments.

Use a .env File

You can also create a .env file in your project directory to store your credentials. This file should not be checked into source control (add it to .gitignore).

Create a .env file in your project directory:

RunCopy code 1NUGET_USERNAME=your_username 2NUGET_PASSWORD=your_password

Modify your Dockerfile to read from the .env file:

dockerfile 1# Load environment variables from .env file 2ARG NUGET_USERNAME 3ARG NUGET_PASSWORD 4

Modify the Publish Profile

If you are using a publish profile, you can also modify it to include the necessary environment variables. Open the .pubxml file associated with your publish profile and add the following:

xml 1<PropertyGroup> 2 <DockerBuildArgs>NUGET_USERNAME=$(NUGET_USERNAME);NUGET_PASSWORD=$(NUGET_PASSWORD)</DockerBuildArgs> 3</PropertyGroup>

Summary

By using environment variables or a .env file, you can securely inject your NuGet credentials into the Docker build process without hardcoding them in your Dockerfile. Make sure to keep your credentials secure and avoid checking them into source control.
Please sign in to rate this answer.
Tony Pitman 76 Reputation points

2025-01-23T17:35:52.15+00:00

I posted the following comment, but it didn't seem to save, so posting it again. If it shows up twice I am sorry.

I have done as you said to try to use the environment variables and the DockerBuildArgs in the pubxml. I want to use pubxml and the publish feature of Visual Studio.

When I do this I get an error and the command line for the docker command has this in it:

--password ${NUGET_PASSWORD}

That seems to indicate something is not expanding as it should.

I have verified the names are all spelled the same and I have the actual environment variables in Windows and can see them when I do a "set" command at a command prompt.

I also have the ARG and ENV entries (tried it without the ENV) in the docker file.

I have the DockerBuildArgs in the pubxml.

What now?
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.
Tony Pitman 76 Reputation points

2025-01-24T15:24:30.32+00:00

@Pasindu Dinuranga 's suggestion got me looking into the pubxml values.

I found one that does work.

I added this to my pubxml.user file:

<DockerfileBuildArguments>--build-arg NUGET_PASSWORD=mypasswordhere</DockerfileBuildArguments>

When I do this the ARG value I have in my docker file is replaced properly.

Thank you for @Pasindu Dinuranga for pointing me in the right direction.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

How to Pass Parameters to a Dockerfile in Visual Studio Publish Profiles

2 answers

Your answer