2

We want to manually add git tags to some of our builds, and for reasons that are out of scope for this question, we cannot use the built-in VCS Labeling build feature. We want to manually do this as part of a script. The tag is an optional parameter the user can supply after pressing "Run", which is then picked up by the shell script like this in the build configuration's command line script:

export TAG=%system.TagName%
export BUILD_NUMBER=%dep.Company_Project1.build.number%
export SHA=$(git rev-parse --short %dep.Company_Project1.build.vcs.number%)

scripts/release/ci-release-build.sh

Everything in the script works except for the final git push --tags, which results in this error and an exit code of 128:

[11:20:48][Step 1/1] fatal: could not read Password for 'https://company_machine_account@github.com': No such device or address
[11:20:48][Step 1/1] Process exited with code 128
[11:20:48][Step 1/1] Process exited with code 128 (Step: Command Line)
[11:20:48][Step 1/1] Step Command Line failed

The error is due to how Git is configured in TeamCity and how this works with the script. The TC build config uses a VCS Configuration that uses HTTPS authentication (username and password). It seems that no "session" that would cache the password is stored anywhere, so git fails when prompted for a password.

  1. Is it possible to use a remote configured as using a HTTPS transport when it needs to be invoked from a script?
  2. Is there another way of configuring this script so that the CI invoked script can do git push --tags origin and successfully push locally created tags to the remote?

I see there are tons of ways of getting around this if you are a normal user with a normal git repo, but I am not sure how to apply this in this situation. I want to avoid stuff like the script dynamically modifying the remote to use a personal access token, for instance. It should re-use some existing, pre-configured access method.

I have also found the article TeamCity to Access Private GitHub Repositories Securely, which mentions Deploy Keys and Oauth, but neither of these seem to be available in my TC 2019 VCS Config settings.

oligofren
  • 20,744
  • 16
  • 93
  • 180
  • Does TeamCity provide the token in an environment variable for use? – bk2204 Aug 27 '20 at 01:31
  • Not that I know of. – oligofren Aug 27 '20 at 09:56
  • If you can acquire a valid token that can be exported into the environment, then there's an easy way to do this for HTTPS; otherwise, you're probably better off using a deploy key. I don't use TeamCity so I can't tell you how such a token would be extracted from TeamCity. – bk2204 Aug 27 '20 at 23:57

0 Answers0