How do I download and install a regular DPKG package in a cloud-init script?

I'm spinning up lightweight containers on a Linux Host using LXD/LXC.

The sole purpose of these containers is to host "Dotnet & Dotnet core apps"

For a while I've been using Ansible, but recently I found that I could actually embed an init script into the user data of the container configuration, and cloud-init would execute it.

This is great, and allows me to set up a given container with exactly the packages it needs except for one problem.

Microsoft

(I know, I know... save the jokes and slurs :-D)

Unlike most 3rd party package providers, MS package their entire addition of their deb source and GPG key in a standalone dpkg package file, this package file is not listed via the normal repos, so it basically has to be "wget" downloaded and then installed using a regular dpkg command.

Right now, this is how I'm doing things:

#cloud-config

# apply updates using apt
package_update: true
package_upgrade: true

# set hostname
hostname: ****
fqdn: ****
manage_etc_hosts: true

# Install 3rd party software repos
# NOTE: This is done using run command due to the way microsoft distribute things using a raw dpkg
runcmd:
  - [wget, "https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb", -O, /root/packages-microsoft-prod.deb]
  - dpkg -i /root/packages-microsoft-prod.deb
  - rm /root/packages-microsoft-prod.deb
  - apt update
  - apt-get install dotnet-sdk-3.1 -y
  - apt-get install dotnet-sdk-5.0 -y

# Install standard packages
packages:
  - apt-transport-https
  - python3
  - python-is-python3
  - mc
  - gnupg
  - nginx
  - git

# Add users
users:
  - name: ****
    ssh-authorized-keys:
      - ssh-rsa **** rsa-key-BLAH
    sudo: ['****']
    groups: sudo
    shell: /bin/bash

final_message:
  - "Container initialisation complete."

The key part is the "runcmd" section.

Because I'm using "runcmd" this runs AFTER everything else including the normal package install part where I put in all the standard packages I need to use.

What I would ideally LIKE to do, is to install the dpkg file, then just add the package names to be installed in the normal package part, for example

# Something here to download and install the dpkg

# Install standard packages
packages:
  - apt-transport-https
  - python3
  - python-is-python3
  - mc
  - gnupg
  - nginx
  - git
  - dotnet-sdk-3.1
  - dotnet-sdk-5.0

I did try ONLY putting that bit in the runcmd, but because it runs as the very last step, it causes the packages part to fail, due to not having the repo for dotnet installed.

I also tried using the "Apt" module, to install the "microsoft-prod.list" into "/etc/apt/sources.list.d" but that also failed, because MS don't publish their GPG key, and addition of the source causes a fail when an apt update is performed due to it being an untrusted source.

I've scoured the module docs for cloud-init, and I can't find anything that seems to suggest a regular dpkg file can be downloaded and added, hence why I'm asking here :-)

A little tweak to the last line of the answer given by Mart10: "focal main" duplicate

apt:
    preserve_sources_list: true
    sources:
        microsoft:
            keyserver: https://packages.microsoft.com/keys/microsoft.asc
            keyid: BC52 8686 B50D 79E3 39D3 721C EB3E 94AD BE12 29CF
            source: 'deb https://packages.microsoft.com/ubuntu/20.04/prod focal main'

Microsoft publishes information about its linux repositories here, this includes how to get their gpg key

The following config should add the microsoft repository for Ubuntu 20.04

apt:
    preserve_sources_list: true
    sources:
        microsoft:
            keyserver: https://packages.microsoft.com/keys/microsoft.asc
            keyid: BC52 8686 B50D 79E3 39D3 721C EB3E 94AD BE12 29CF
            source: 'deb https://packages.microsoft.com/ubuntu/20.04/prod focal main'focal main'