![]() directories - the absolute path to the local TeamCity artifact storage. the TeamCity server's address (protocol, host, and port). Configuration Fileīefore you can run the artifacts migration tool, you need to specify the following settings in the config/application.properties file. Note that you need this tool to be on the same machine where the TeamCity server is installed. You can download this tool from the Project Settings | Artifacts Storage page. If you are attending HashiConf in Austin, TX, USA next week, visit the JetBrains sponsor booth for the demonstration of this plugin and our other plugins for integrating Packer and Terraform with TeamCity and IntelliJ-based IDEs.The artifacts migration tool is a command-line tool that allows you to transfer build artifacts from one storage to another.Ĭurrently, the tool accepts only Amazon S3 as a migration target. ![]() The plugin is open-sourced, and published on GitHub. This is an initial release, and we continue to improve features and user experience, and encourage you to give it a try and tell us what do you think! However, it is a good practice to encrypt all traffic between the server and agents. Only one-time tokens are transferred over network, and if they are stolen, credentials will be immediately revoked. Make sure build agent machines are connected to the TeamCity server via HTTPS. To minimize the risks, split build configurations for CI and deployments into separate projects with different permissions. Dynamic credentials are revoked after a build, but for generic secrets this may cause more risks. If a person can modify build configuration settings in a TeamCity project, they can get access to the secrets. It is advised that you limit access to TeamCity project settings. Right after the build finish, the credentials are explicitly revoked in Vault.If secret values appear in a build log, they are automatically replaced by asterisks. ![]()
0 Comments
Leave a Reply. |