Windows Mercurial全局钥匙串 [英] Windows Mercurial global keychain
问题描述
我正试图在Windows构建服务器上工作,而遇到了问题.我麻烦设置了Mercurial钥匙扣(我必须安装tortoisehg),并且它是基于每个用户的.
I'm in the middle of trying to get mercurial working on a windows build server and am having issues. I went to the trouble of setting up the mercurial keychain (I had to install tortoisehg), and it works on a per-user basis.
问题是我正在使用Bamboo来运行构建,并且它作为SYSTEM拥有的NT服务运行.因此,无论何时尝试使用hg做任何事情,都会提示您输入密码.
The problem is that I'm using Bamboo to run the builds, and it runs as an NT service owned by SYSTEM. Thus, any time it tries to do anything with hg, it gets prompted for a password.
很显然,我可以将密码放入配置文件中,但是我想避免只是使用纯文本密码.
Obviously, I could put the password into a config file, but I want to avoid a plaintext password just sitting around.
据我所知,有两种方法可以解决此问题.我都不知道该怎么做:
As far as I can tell, there are two ways of attacking this problem. Neither of which I know how to do:
- 使Mercurial钥匙串具有全局性,而不是每个用户.这甚至是不可能的.
- 以某种方式以SYSTEM用户身份登录并对其执行一些辅助命令,以便其钥匙串中包含用户/密码信息.
- 有些完全不同...?
在此先感谢您提供任何见解!
Thanks in advance for any insights you might have!
-本
推荐答案
我知道您已经找到了解决方案,但是以防万一将来Google员工涌向这里,我会发表我的所作所为.
I realize you've already found a solution, but in case future Googlers wind up here, I'll post what I did.
首先,您可以让Bamboo服务以您想要的任何用户身份运行.我需要它以普通用户身份运行,以便编译器需要的某些注册表项可用.要为Bamboo服务设置用户,您需要编辑wrapper.conf(在常规安装中为C:\Program Files\Bamboo\conf\wrapper.conf.)显然,在编辑此文件之前,您需要卸载现有的服务(如果已安装).
First, you can have the bamboo service run as any user you want. I needed it to run as a normal user so that some of the registry entries that my compiler needs were available. To set the user for the bamboo service, you need to edit the wrapper.conf (C:\Program Files\Bamboo\conf\wrapper.conf on a normal install.) Obviously, before editing this, you'll need to uninstall the existing service if it is installed.
设置登录帐户的最简单方法是将其添加到文件底部
The easiest way to set the login account is by adding this to the bottom of the file
wrapper.ntservice.account=domain\username
wrapper.ntservice.password=s3cr3t.p@ssw0rd
很显然,您可能不希望将登录密码存储在纯文本文件中.有几种解决方法,因此,我只为您指出: http://wrapper.tanukisoftware.com/doc/english/props-nt.html . wrapper.ntservice.password.prompt可能特别令人感兴趣.
Obviously, you may not want your login password in a plain text file. There are several ways around this, so I'll just point you to: http://wrapper.tanukisoftware.com/doc/english/props-nt.html . wrapper.ntservice.password.prompt may be of particular interest.
如果将ssh用于Mercurial,则还有另一个选择:您可以在Mercurial.ini中设置ssh命令.对于构建服务器,我通过在C:\ Program Files \ TortoiseHg \ hgrc.d中的文件中配置它们,一次为整个系统设置了大多数命令.我有一条看起来像这样的线:
If you use ssh for Mercurial, there is another option: you can set your ssh command in a Mercurial.ini. For the build server, I set most of these commands for the entire system at once by configuring them in a file in C:\Program Files\TortoiseHg\hgrc.d . I have a line that looks like:
ssh=TortoisePlink.exe -batch -i "C:/Users/autobuilder/hgPrivKey.ppk" -l autobuilder
对我来说,autobuilder是事物运行的普通用户. hgPrivKey.ppk是使用PuttyGen创建的私钥文件.我在服务器上的authorized_keys文件中有公钥.
For me, autobuilder is the normal user that things run as. The hgPrivKey.ppk is a private key file created with PuttyGen. I have the public key in the authorized_keys file on the server.
希望这些建议能使正确的人走上正轨.
Hopefully, these suggestions will get somebody on the right track.
这篇关于Windows Mercurial全局钥匙串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
