Search code examples
webdeployappveyormicrosoft-web-deploy

Hiding artifacts or deploying from something else than artifacts?

Background and problem

I have this open source repository that I have an AppVeyor build configuration for.

This configuration creates an artifact for a website that needs to get published. This is because it only seems to be possible for AppVeyor to do Web Deploy using an artifact, and not a path.

This poses a problem, because my website (before it gets deployed), needs to write some secret values (like API secrets for a Patreon API) down into a file before deploying to production using Web Deploy. But if I do this before creating the artifacts, the secrets will be part of the artifact as well.

The questions

How can I set specific configuration values that my website application can read without exposing it to the viewers of the build configuration and yet still deploy it to production using AppVeyor?

If I could deploy a path instead of an artifact I could mutate the files before deploying, but since an artifact is public to everyone, I don't want to do that. Is this possible?

Alternatively it would be great if I could hide artifacts from others or prevent them from being shown via permissions or something similar, but I haven't found anything that allows me to do that. Is this possible?

What I've tried and more technical details

I have already encrypted the values in my appveyor.yml file:

environment:
  patreon_client_id:
    secure: PLU/ujLWtFY+Tw/UN6vbHoUSgxeykAIa7dJfLeuHyAyLtnhMqJCARZjN7G6zhO3m9yjr2pClq+VRScJEL+4vSTcJSndZWCqBA5YLFhM6xeE=
  patreon_client_secret:
    secure: tHr/9QE88kYtxaqdLM332mB3xD+4QRNg8y06DY5qAWf155NtSqi7G4zNpjeFCiTPa86f0LDdPAAjyrWZsLEXoCKZmA7PDBxU5kcllrub2cE=
  patreon_creators_access_token:
    secure: viBR0QyoO8HxK9X/n93AHhF0SNPs9hG0BEqoQKWV688=
  patreon_creators_refresh_token:
    secure: qJzAlyrpLkpWxEb7zL17uYnC0HLAwU8M3xcxzI7vkGc=

Here's the part where I create my artifact.

- path: build\website\Website.zip
  name: Website
  type: WebDeployPackage

As you can see, a Website artifact is created. I then publish this artifact with Web Deploy:

- provider: WebDeploy
  server: https://shapeshifter.scm.azurewebsites.net:443/msdeploy.axd?site=shapeshifter
  website: shapeshifter
  username: $shapeshifter
  password:
    secure: 5Urzbp6Aj24/wHED9+Q/CtH4EjN7nv9PGdCdBDr5XECq8wnDxQcHK5YoS246hOqcEBNCU2OZ4rq26LVWCRbfbw==
  artifact: Website
  aspnet_core: true
  remove_files: true
  app_offline: true
  aspnet_core_force_restart: true
Solution

  • Please take a look at Web Deploy Parametrization