I want to use a token to access the Telerik NuGet feed for my CI/CD builds, instead of using credentials.
At the moment, the options for that are:
- Have an account in your company that is assigned a license and is used for builds. A trusted human developer can also use it to access the components and do their daily work. They should make sure to not change their password, or to notify the people who can update it in the secrets in the CI/CD pipeline immediately.
- Make your own private nuget feed and ensure the Telerik packages you want in it are available there. It can be as simple as a network location internal to your company. Make sure that this feed is not publicly available, however. When you need to upgrade, make sure to copy the new packages to that feed too so automated builds can access them.
You can read more details and some troubleshooting tips in the CI and CD Automated Builds section of our documentation.
The goal of this request is to provide a way to detach the user credentials from the builds so that they can use their accounts freely, and only provide necessary keys to the build pipeline, and those keys can be updated/revoked as needed. This would also avoid manual work on downloading and copying new nuget packages to a custom feed.