Visual Studio Unit testing and command line arguments to avoid passwords in source control

Question

I'm trying to test my ability to login to an API. Naturally, that means I need my test classes to access my username and password. However, I'd like to put this project on public source control, so I can't share my username and password in the code (one would imagine). I would use command line arguments, since they're stored in a .user file (which can be kept out of source control without breaking the project for other users). However, those don't seem to actually get passed to test classes (at least, when I use Environment.GetCommandLineArgs(), I don't see them). So how can I store my passwords locally without breaking the project for other users? Is there a way?

Answer 1

A common way to do is is as follows:

1. Add a template file to your project, with the same contents as the file you want to store these things in, just without the actual values. Place empty or dummy values in their place.
2. Add this template file to source control
3. Remove the file that must contain the actual values from source control and ask it to ignore future copies of this file. Do not, however, remove it from your project.

4. Add a pre-build build event that contains a command like this:

   IF NOT EXIST "$(ProjectDir)\App.config" COPY "$(ProjectDir)\App-template.config" "$(ProjectDir)\App.config"
   

This now has this effect:

1. A template of the configuration file is now in source control, without the sensitive information
2. When you clone or check out a fresh copy of the project, the actual file where you would store the sensitive information will be missing on disk, and Visual Studio will flag it, ignore this
3. Do a build, this will execute the command above, effectively checking if the actual file is present, which it isn't, and then copy a fresh copy from the template file.
4. Edit the newly created actual file, adding the sensitive information.
5. Do another build
6. Run unit-tests or the program

It is imperative for this method to work that you can ask your source control tool to ignore files that are present on disk or even in the project itself so that it doesn't automatically add it to a commit later after you've modified it.