Using Register-PackageSource to register a PowerShell repository

registerRepository.ps1

$patToken = $env:SYSTEM_ACCESSTOKEN | ConvertTo-SecureString -AsPlainText -Force

$credential = New-Object System.Management.Automation.PSCredential($env:SYSTEM_ACCESSTOKEN, $patToken)

Register-PackageSource -ProviderName 'PowerShellGet' -Name <YOUR_REPOSITORY_NAME> -Location <REPOSITORY_LOCATION> -Credential $Credentials

Find-Module -Name 'YOUR_MODULE_NAME' -Credential $credential

Install-Module -Name 'YOUR_MODULE_NAME' -Credential $credential

Hi Elliott!
Yes, it still works for me.

Here is the extract from my PSDepend definition:

MyModule = @{
    DependencyType = 'Command'
    Source         = '
    if (-not (Get-Module -Name "MyModule" -ListAvailable)) {
        $password = $env:PAT | ConvertTo-SecureString -AsPlainText -Force
        $credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $env:PAT, $password
        if (-not (Get-PackageSource -name "MyGallery" -ErrorAction SilentlyContinue)) {
            Register-PackageSource -Trusted -ProviderName "PowerShellGet" -Name "MyGallery" -Location "https://pkgs.dev.azure.com/NNNNN/YYYYY/_packaging/MyGAllery/nuget/v2/" -Credential $credentials
        }
        Install-Module -Name "MyModule" -Repository "MyGallery" -Credential $credentials
        Get-Module -Name "MyModule" -ListAvailable
    }
    '
}

And here is the Enter-Build section from the InvokeBuild script I use to build the module:

Enter-Build {
    if (-not (Get-Module -Name PSDepend -ListAvailable)) {
        Install-Module PSDepend -Force
    }
    Import-Module PSDepend
    # Set access token to be used for dependency handling
    if ($PAT) {
        $env:PAT = $PAT # Export to environment variable to be referenced in PSDepend configuration
    }
    Invoke-PSDepend -Force
    }
}

And, finally, here is how it is being invoked in the pipeline:

- task: PowerShell@2
  displayName: Analyze code with PSScriptAnalyzer
  inputs:
    targetType: 'inline'
    pwsh: true
    script: Invoke-Build -Task Analyze -PAT $(System.AccessToken) -Verbose
    workingDirectory: $(System.DefaultWorkingDirectory)

Note that you should grant your pipeline access to the feed with your private package so that it can authenticate to it by using the system access token.

P.S. It's not ideal to pass the access token insecurely via the environment variable, but as it is used in the pipeline context only, I'm okay with that.

Andrew thanks for the detailed response, it was helpful for my troubleshooting! I think my issue was with how I implemented your script which resulted in a scoping issue with the $Credential parameter. Seems to be working now, thanks!

Also I agree with your comment about using $(System.AccessToken) but I do like that I don't need to manage another PAT.

I like to do this download on my local machine. What to use as credentials ?

@Brilbroeder It depends on where your feed is hosted. If you use Azure DevOps Artifacts, then you should generate your access token: https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows

Hi @andrewmatveychuk

Here is the extract from my PSDepend definition:

And here is the Enter-Build section from the InvokeBuild script I use to build the module:

And, finally, here is how it is being invoked in the pipeline:

That's cool stuff.. i'm also using PSDepend & InvokeBuild but I never thought of using it like you did. GREAT Example.!! 🚀✨👍

Hey @ckolumbus,
Thanks for the feedback! 🍻