How to Pass Parameters to a Dockerfile in Visual Studio Publish Profiles

Tony Pitman 76 Reputation points
2025-01-22T15:37:20.7466667+00:00

I have an ASP.NET solution in Visual Studio 2022 with Docker support enabled. I created a publish profile to deploy my application to Azure Container Apps.

When I right-click the project and select publish, I see a window for publishing to Azure.

In my Dockerfile, I need to provide a username and password to add a company internal NuGet source. I want to supply these credentials without including them directly in the Dockerfile due to source control security concerns.

I have added ARG and ENV in the Dockerfile, which allow me to inject the username and password when using the Docker command line for the build. However, I'm unable to figure out how to inject these credentials during the publish process initiated through Visual Studio.

How can the username and password be injected into the publish process in Visual Studio?

Azure Container Apps
Azure Container Apps
An Azure service that provides a general-purpose, serverless container platform.
550 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Pasindu Dinuranga 5 Reputation points
    2025-01-22T23:16:19.2666667+00:00

    To inject sensitive credentials like a username and password into your Docker build process during the publish process in Visual Studio, you can use the following approaches:

    1. Use Environment Variables

    You can set environment variables in your system or in the Visual Studio project settings. Here's how to do it:

    Step 1: Set Environment Variables

    Windows Environment Variables:

    • Right-click on "This PC" or "My Computer" and select "Properties".
      • Click on "Advanced system settings".
        • Click on "Environment Variables".
          • Add new variables for your NuGet username and password (e.g., NUGET_USERNAME and NUGET_PASSWORD).
          Visual Studio Project Settings:
          - Right-click on your project in Solution Explorer and select "Properties".
          
             - Go to the "Debug" tab.
          
                - In the "Environment variables" section, add your variables (e.g., **`NUGET_USERNAME`** and **`NUGET_PASSWORD`**).
          

    Step 2: Modify Your Dockerfile

    In your Dockerfile, you can reference these environment variables using the ARG and ENV commands:

    dockerfile
    1ARG NUGET_USERNAME
    2ARG NUGET_PASSWORD
    3
    
    1. Use Docker Secrets (for production)

    If you're deploying to a production environment, consider using Docker secrets. However, this is more complex and typically used in Docker Swarm or Kubernetes environments.

    1. Use a .env File

    You can also create a .env file in your project directory to store your credentials. This file should not be checked into source control (add it to .gitignore).

    1. Create a .env file in your project directory:
    RunCopy code
    1NUGET_USERNAME=your_username
    2NUGET_PASSWORD=your_password
    
    1. Modify your Dockerfile to read from the .env file:
    dockerfile
    1# Load environment variables from .env file
    2ARG NUGET_USERNAME
    3ARG NUGET_PASSWORD
    4
    
    1. Modify the Publish Profile

    If you are using a publish profile, you can also modify it to include the necessary environment variables. Open the .pubxml file associated with your publish profile and add the following:

    xml
    1<PropertyGroup>
    2  <DockerBuildArgs>NUGET_USERNAME=$(NUGET_USERNAME);NUGET_PASSWORD=$(NUGET_PASSWORD)</DockerBuildArgs>
    3</PropertyGroup>
    

    Summary

    By using environment variables or a .env file, you can securely inject your NuGet credentials into the Docker build process without hardcoding them in your Dockerfile. Make sure to keep your credentials secure and avoid checking them into source control.

    1 person found this answer helpful.

  2. LeelaRajeshSayana-MSFT 17,291 Reputation points
    2025-01-22T22:27:44.3633333+00:00

    Hi @Tony Pitman Thank you for posting the question on this forum. This is an interesting use case.

    Looks like the Visual Studio publish option does not let you customize or configure the build options which is required to achieve what you are looking for. You would have to consider deploy using GitHub actions which lets you add secrets on the GitHub repository and refer them in the YAML file during the build and then deploy to the container apps.

    You can follow the below steps to store the secrets in the repository

    • Go to your GitHub repository.
    • Navigate to Settings > Secrets and variables > Actions.
    • Add secrets for NUGET_USERNAME, NUGET_PASSWORD, ACR_USERNAME, and ACR_PASSWORD.

    You can then refer the above secrets in the YAML file as follows

    name: Build and Deploy to Azure Container Apps
    
    on:
      push:
        branches:
          - main
    
    jobs:
      build-and-deploy:
        runs-on: ubuntu-latest
    
        steps:
        - name: Checkout code
          uses: actions/checkout@v2
    
        - name: Set up Docker Buildx
          uses: docker/setup-buildx-action@v1
    
        - name: Log in to Azure Container Registry
          uses: azure/docker-login@v1
          with:
            login-server: <your-registry-name>.azurecr.io
            username: ${{ secrets.ACR_USERNAME }}
            password: ${{ secrets.ACR_PASSWORD }}
    
        - name: Create secrets.env file
          run: |
            echo NUGET_USERNAME=${{ secrets.NUGET_USERNAME }} > secrets.env
            echo NUGET_PASSWORD=${{ secrets.NUGET_PASSWORD }} >> secrets.env
    
        - name: Build and push Docker image
          run: |
            docker build -f Dockerfile --env-file secrets.env -t <your-registry-name>.azurecr.io/<your-image-name> .
            docker push <your-registry-name>.azurecr.io/<your-image-name>
    
        - name: Deploy to Azure Container Apps
          uses: azure/CLI@v1
          with:
            inlineScript: |
              az containerapp create --name <your-container-app-name> --resource-group <your-resource-group> --image <your-registry-name>.azurecr.io/<your-image-name> --environment <your-environment-name>
    
    
    

    You can add the above YAML file to your A GitHub Actions workflow and once the workflow runs, it should start to build and deploy your container app.

    Please refer the documentation Deploy to Azure Container Apps with GitHub Actions for reference. Please let us know if you have any additional questions or need further assistance.

    0 comments No comments

  3. Tony Pitman 76 Reputation points
    2025-01-24T15:24:30.32+00:00

    @Pasindu Dinuranga 's suggestion got me looking into the pubxml values.

    I found one that does work.

    I added this to my pubxml.user file:

    <DockerfileBuildArguments>--build-arg NUGET_PASSWORD=mypasswordhere</DockerfileBuildArguments>

    When I do this the ARG value I have in my docker file is replaced properly.

    Thank you for @Pasindu Dinuranga for pointing me in the right direction.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.