0

My project requires a couple of parameters that are confidential and must be loaded into the configuration on startup.

Locally I can use UserSecrets and define the parameters in the secrets.json.

Using a build system and publishing a package onto a remote IIS server using webdeploy (msdeploy), I have to set or modify these parameters during the build or deployment step.

I could not find a way how to do this, so I need help with this.

The approaches that I've tried so far:

1. appsettings.json This makes it possible to define all kind of parameters and using appsettings.{Environment}.json it is good to specify specific parameters for each environment. Problem is: how to set/modify the parameters from command line on build? I guess this is not possible.

2. web.config Allows me to set environment variables that are available after being published to IIS.

web.config:
[...]
<aspNetCore processPath="dotnet"
    arguments=".\MyWebApi.dll"
    stdoutLogEnabled="false"
    stdoutLogFile=".\logs\stdout"
    hostingModel="inprocess">
    <environmentVariables>
        <environmentVariable name="TEST_ENV" value="default" />
    </environmentVariables>
</aspNetCore>

But how can I modify the value during deployment (or build)? I tried something like dotnet deploy MyWebApi.csproj [...] /p:TEST_ENV="secret" but the web.config has not been modified on deployment. Same for dotnet build ...

3. publish profile I've read that using publish profiles (*.pubxml) for deployment it is possible to configure parameters, including Environment Variables that are pushed into the web.config.

production.pubxml:
<Project>
    <PropertyGroup>
        <Environment>
            <TEST_ENV>Will be set in gitlab ci.</TEST_ENV>
        </Environment>
    </PropertyGroup>
</Project>

But calling dotnet publish PEAM.API.csproj /p:WebPublishMethod=Package /p:PublishProfile="\Properties\PublishProfiles\production.pubxml" /p:PackageLocation="publish" /p:TEST_ENV="secret" /p:Warnings=0 seems to have no effect.

4. MyWebApi.SetParameters.xml As I am able to modify the "IIS Web Application Name" during deployment using msdeploy with the -setParam:name="IIS Web Application Name",value="MyWebApi" I tried to set additional parameters (e.g by -setParam:name="TEST_ENV",value="secret") to be deployed. This also had no effect (maybe because there is no such parameter with name 'TEST_ENV' in the file).

(5. Environment Settings in IIS) Of course, I can set Environment Variables directly in IIS for MyWebApi but I'd like to separate the server configuration from deployment parameters as this are two different roles in the company. And giving Dev-Ops access to the server seems to be only a workaround if there is no better option.

So, what am I doing wrong. How can I achieve this?

Daiim
  • 1
  • 1
  • as you mentioned you could try Azure DevOps release pipeline or you can use msbuild command. [link](https://stackoverflow.com/questions/41546943/how-to-set-aspnetcore-environment-to-be-considered-for-publishing-an-asp-net-cor) – Jalpa Panchal Jun 22 '23 at 05:41
  • Have you considered using Azure KeyVault for "confidential" configuration values? – bdcoder Jun 23 '23 at 01:46
  • I am NOT using Azure! I've to deploy the app to a remove virtual machine running IIS. Thats why I am using msdeploy. The eployment is not the problem - it works fine. The problem is to somehow modify the web.config or appsettings.json or setting files for deployment such that the secrets are inserted during the deployment process. – Daiim Jun 27 '23 at 07:44

0 Answers0