Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to configure TeamCity with private files?

I'm setting up TeamCity for Continuous Integration and (hopefully) Continuous Deployment. Some of the build steps will involve private files, e.g.

  • .snk files for strong naming .NET assemblies
  • password/token files for publishing artifacts (for example to NuGet or CodePlex)

Since these files contain private data I don't want to put them into the (publicly accessible) source control system.

I'm setting up http://teamcity.codebetter.com for AutoFixture so I don't have physical access to the server. I was hoping for a feature that would let me upload such files, but can't find anything of the kind.

What would be the most appropriate solution?

like image 488
Mark Seemann Avatar asked Jul 16 '11 23:07

Mark Seemann


People also ask

How do I Create a build configuration in TeamCity?

Go to Administration | Projects and open the required project. Alternatively, open the project using the Projects pop-up menu and click Edit Project Settings. The Project Settings page will open. On the Project Settings page, click Create build configuration under the Build Configurations section.

How do I give access to TeamCity?

Unless explicitly configured, the simple authorization mode is used in TeamCity Professional and per-project is used in TeamCity Enterprise. To change the authorization mode, go to Administration | Authentication and enable/disable the Enable per-project permissions option.

What is a personal build in TeamCity?

A personal build is a build-out of the common build sequence which typically uses the changes not yet committed into the version control. Personal builds are usually initiated from one of the supported IDEs via the Remote Run procedure.


2 Answers

TeamCity supports multiple VCS roots, so you could just add an extra VCS root with these private files.

Obviously this would require that the second repository is private - but that is what you want any way. Having those files in source control is a great thing.

like image 103
mbp Avatar answered Oct 01 '22 20:10

mbp


I would put the files I needed in source control but I would first encrypt them. I would then set up a parameter in the build which was the passphrase or key required to decrypt the files. The build would decrypt the files do whatever signing or publishing was needed with them and then delete them (wipe them if the system allows for such). This should be enough to keep things safe unless team city is compromised and if it is you're basically sunk anyway.

Depending on the source control tools you use it might be possible to set the files to only be visible by certain authenticated users. Perforce certainly has this capability but I've never seen anything for the more popular DVCS systems.

like image 27
stimms Avatar answered Oct 01 '22 21:10

stimms