VS2012 Publish Profiles - Encrypted Password

About

Asked 3/10, 2012 at 7:54 Answered 9/10, 2012 at 6:44

Solved continuous-integration visual-studio-2012 publish-profiles

I've loved using the new VS 2012 Publishing Profiles, but when using them on a build server i'm unsure how to store the password.

When I tick the box the "save the password" it creates a .pubxml.user file and encrypts the password in an XML node.

When i run the deployment on a build server the password file always seems to be ignored.

I can get away with storing the password in a

<PropertyGroup>
    <Password>NotMyRealPassword>
</PropertyGroup

But given they are already encrypting it i'd love to use the VS Encryption if I can.

How do i unecrypt and fill the <Password> property without building a custom task to do so?

Also - if I did have to build a custom MSBUILD task, what type of encryption is in use in this SUO file?

Interlinear answered 3/10, 2012 at 7:54 Comment(0)

As I was trying to write an answer to your question I realized that I'm not well suited to answer the quetsion, but I did want to make some comments on the .pubxml.user file.

When you save a web publish profile in Visual Studio we encrypt the password and store the encrypted value in the .pubxml.user file for the given publish profile. We encrypt this value on a per-user/per-machine basis. So if you take the same file to a different machine (or if a different user logged into the same machine) it would not decrypt to the correct value. Because of this it's not worth investigating if you can decrypt the value which is stored by VS on a build server.

Gesso answered 9/10, 2012 at 6:44 Comment(6)

Ahhh what a shame... I believe in cases like this that CI is the best place to put this infoas being able to test what your CI server is doing it pretty critical to avoid any CI/CD friction. diaryofaninja.com/blog/2011/03/27/… P.s thanks for being awesome and answering! – Interlinear 9/10, 2012 at 11:13

So, after reading another of your posts Sayed, I should be passing it on the command line? This feels a little "code smelly" to me. – Saucy 20/1, 2015 at 9:36

Late to the party here, @Doug, but you can store msdeploy password in Windows Credential Manager and use the getCredential parameter of msdeploy (unsupported by the msbuild tasks though) – Soy 3/2, 2015 at 11:34

Interesting. If you're following the "build server holds the keys" model that's a really nice hack - although the publish profile has no way to include that. – Interlinear 4/2, 2015 at 17:11

Trying to automate publishing with msbuild, wanting to use credentials saved by Visual Studio (on the same machine and user), but so far that seems impossible? @Sayed am I right that this isn't supported, and if so where do I file a bug report (or is Microsoft actually recommending use of clear-string passwords on the commandline?) – Goins 23/8, 2018 at 20:20

@nikize you can report it using Report a Problem learn.microsoft.com/en-us/visualstudio/ide/… – Gesso 23/8, 2018 at 23:6

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags