How to use private packages in Azure Pipelines During CI/CD builds

I am open to being shown a better way but these are the steps I took to solve this issue a little while ago.

Assuming you are referencing the package in your pubspec.yaml using git over ssh on azure devops like:

  repo_name:
    git:
      ref: 'tag or other identifier'
      url: [email protected]:v3/you/project/repo_name

• Generate a new ssh key pair on your machine.
• Upload the private key to the library secure files section on azure devops.
• Add the install ssh key task to your azure pipelines build, using the key pair generated in the previous steps and referencing the private key uploaded to the secure files library. link
• Upload the public key to your list of public keys. (This step I'm not 100% sure is necessary but I did it initially and things have worked so I haven't changed removed it)

So in my azure-pipelines.yaml the install ssh key step looks kinda like this where id_rsa is the name of the private key in my secure files.

          - task: InstallSSHKey@0
            inputs:
              knownHostsEntry: 'vs-ssh.visualstudio.com, ...etc'
              sshPublicKey: 'ssh-rsa ...etc'
              sshKeySecureFile: id_rsa

A private feed is created with permissions such that only you have access.

The build agent run with user(build service account), give to this user permissions in the feed. From Feed settings->Permissions, assign your build service account owner permission.

Also verify the token is working, make sure you have selected sufficient scopes for this token to authorize for your specific tasks.

Besides try adding a variable system.debug with a value of true you’ll get more information in the failure. That might help pinpoint the problem.