Question
I'm deploying a web app into DEV, TEST and PROD environments. One of the variables on the Octopus server holds the appPool user and password.
It makes sense for developers to edit this value within DEV, but they should not be able to see the values for TEST or PROD etc.
It looks like the permissions defined within Octopus allow "variables - view" to be scoped to Project, but not environment...
Is there a better way around this problem.
Solution
This is a supported feature in recent versions of Octopus - please see this blog post for details:
http://octopusdeploy.com/blog/environment-specific-variable-permission
Using this, you can set up a rule like "Developers cannot view or edit variables in the Production environment".
OTHER TIPS
I think you could encrypt a version of your password and use that in the octopus variable and then in you deploy.ps1 script as you create the app pool dencrypt it.
You can give variables the same name and scope to each to its respective Environment to get exactly what you want. http://docs.octopusdeploy.com/display/OD/Variables
Taking a step back, you could also revisit Windows Authentication\NTLM integrated security for ACLs, NTFS permissions, database access and such. If this is an IIS Application Pool, for example, you can look into granting the Windows Domain machine account access, if it is using Network Service. See the bottom of this page https://www.iis.net/learn/manage/configuring-security/application-pool-identities
https://stackoverflow.com/questions/14371620
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian