Azure Artifacts Packages Tutorial

Understanding Azure Artifacts Packages

Azure Artifacts is a service that allows you to create, host, and share packages with your team and organization. It integrates seamlessly with Azure DevOps pipelines and supports various package formats like NuGet, npm, Maven, and Python. This tutorial will guide you through the fundamental concepts of managing packages within Azure Artifacts.

What are Software Packages?

Software packages are self-contained units of code and related assets (like metadata, documentation, and dependencies) that can be easily distributed, installed, and reused. They are crucial for efficient software development, enabling modularity, version control, and dependency management.

Key Concepts in Azure Artifacts

Feeds: A feed is a repository that hosts your packages. You can create multiple feeds to organize your packages based on project, team, or package type.
Packages: These are the actual software artifacts you publish to a feed. Each package has a name, version, and associated metadata.
Upstream Sources: Azure Artifacts allows you to connect to public registries (like nuget.org, npmjs.com) as upstream sources. This means you can proxy and cache packages from these public sources, providing a single point of access for all your dependencies.
Permissions: You can control who can view, publish, and manage packages within a feed, ensuring security and proper governance.

Setting up Your First Feed

Before you can publish packages, you need a feed. Here's how to set one up:

Navigate to your Azure DevOps project.

In the left-hand navigation pane, select Artifacts.

Click on Create Feed.

Provide a name for your feed (e.g., MyCompanyPackages), select the visibility, and choose whether to include upstream sources. Click Create.

Configuring Upstream Sources

To leverage public packages, configure upstream sources for your feed. This is done during feed creation or by editing an existing feed's settings.

Tip: Including upstream sources simplifies dependency management by allowing you to consume packages from both internal and public registries through a single Azure Artifacts feed.

Publishing Your First Package

Once your feed is set up, you can start publishing your own packages. The process varies slightly depending on the package type.

Publishing a NuGet Package (Example)

To publish a NuGet package, you'll typically use the dotnet CLI or nuget.exe. Ensure you have authenticated with Azure Artifacts.

First, install the Azure Artifacts Credential Provider:

dotnet tool install -g azure-artifacts-credential-provider

Then, pack and push your NuGet package:

                
# Navigate to your project directory
cd MyAwesomeLibrary

# Pack your NuGet package
dotnet pack --configuration Release

# Push the package to your Azure Artifacts feed
dotnet nuget push bin/Release/MyAwesomeLibrary.1.0.0.nupkg --source "https://pkgs.dev.azure.com/your-organization/your-project/_packaging/YourFeedName/nuget/v3/index.json" --api-key AzureDevOps

Replace YourOrganization, YourProject, and YourFeedName with your actual details.

Note: The --api-key AzureDevOps is a placeholder. The credential provider will handle authentication.

Publishing an npm Package (Example)

For npm packages, you'll configure your .npmrc file and use the npm publish command.

Add a feed configuration to your .npmrc file (typically in your user home directory or project root):

                
@your-scope:registry=https://pkgs.dev.azure.com/your-organization/your-project/_packaging/YourFeedName/npm/registry/
email=your-email@example.com

Publish the package:

npm publish

Ensure you are logged in using npm login if required by your feed's authentication settings.

Consuming Packages from Azure Artifacts

Consuming packages is as straightforward as publishing. You'll configure your project's package manager to use your Azure Artifacts feed as a source.

Consuming NuGet Packages

Your .csproj or .nuspec file can reference your feed, or you can configure it globally via NuGet.Config.

                
<!-- In your .csproj file -->
<ItemGroup>
  <PackageReference Include="MyAwesomeLibrary" Version="1.0.0" />
</ItemGroup>

<!-- Or in NuGet.Config -->
<packageSources>
  <add key="MyFeed" value="https://pkgs.dev.azure.com/your-organization/your-project/_packaging/YourFeedName/nuget/v3/index.json" />
</packageSources>
                
            

Consuming npm Packages

Ensure your .npmrc file is correctly configured with your feed as the registry, as shown in the publishing section.

npm install my-package

Managing Permissions

Securing your feeds is essential. Azure Artifacts allows fine-grained control over access.

Go to your Artifacts feed.

Click the Gear icon (Settings) in the top right corner.

Select Permissions from the left menu.

Add users or groups and assign appropriate roles (e.g., Reader, Contributor, Owner).

< Previous: Introduction to Azure Pipelines

Next: Integrating Azure Artifacts with Pipelines >