Azure Web Apps: Package Restore against a private NuGet Feed
Microsoft Azure Web Apps (formerly known as Azure Websites) has a very useful inbuilt continuous integration and deployment engine called Kudu (it's also open source; under an Apache 2.0 license, and you can also host it outside of Azure). Kudu supports a continuous integration and deployment workflow against VSO, GitHub, TeamCity, Hudson and BitBucket.
If you package any of your tools or libraries as private NuGet packages, exposed publically via authenticated private feeds using TeamCity, MyGet, ProGet or a custom NuGet Server, performing a package restore as part of the build process will fail as NuGet requires valid credentials to access the private feed.
A workaround is to add a custom NuGet.config file, stored at the same level as your .SLN file which will contain an entry for your private NuGet feed and also credentials stored in plain text. You cannot use encrypted credentials as the encryption is generated on a per-machine basis. It is also advisable to create a unique set of credential per application you are deploying with only enough rights to see the packages they require.
When you deploy via Kudu, this should allow the build process to discover your private feed, authenticate & restore your packages.
If you do not require authentication against your private feed, remove the <packageSourceCredentials>
element.
In NuGet v3.0 the ability to read credentials from environmental variables has been added. This allows you to add your credentials via the app settings UI in the Azure Portal. This is a much better approach to take as it ensures that your NuGet feed credentials are not committed to your source control repo.