CruiseControl secure a build project node - cruisecontrol.net

Is there a way to secure a build project node in cruisecontrol? I would like to restrict the use of force build to specific users.

This can be done by adding a <security> tag in the project config.
<project name="TestProject">
<security type="defaultProjectSecurity" defaultRight="Deny">
<permissions>
<rolePermission name="TestProjectAdmin" ref="FractionFactionAdmin" />
</permissions>
</security>
</project>
<internalSecurity>
<cache type="inMemoryCache" duration="30" mode="sliding"/>
<users>
<passwordUser name="user1" password="change"/>
<passwordUser name="user2" password="change"/>
</users>
<permissions>
<rolePermission name="TestProjectAdmin" defaultRight="Allow" forceBuild="Allow" viewProject="Allow" startProject="Allow">
<users>
<userName name="user1"/>
<userName name="user2"/>
</users>
</rolePermission>
</permissions>
</internalSecurity>
try like this

Related

How to modify manually web application SharePoint web.config file when using asmx web service in an EventReceiver project?

First of all, I need to use an asmx web service in an EventReceiver project in Visual Studio.
Then, as common, I add a web reference by right click on the project and then Add menu then Service Reference... menu and finally web service url something like
and this my app.config project:
`
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="IntegrationService_UserSoap">
<security mode="Transport" />
</binding>
<binding name="IntegrationService_UserSoap1" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://???.???.??/services/???????/???.asmx"
binding="basicHttpBinding" bindingConfiguration="IntegrationService_UserSoap"
contract="ServiceReference1.IntegrationService_UserSoap" name="IntegrationService_UserSoap" />
</client>
</system.serviceModel>
</configuration>`
Then I'm going to modify web.config of the web application as I used to do like this:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<bindings>
<basicHttpBinding>
<binding name="IntegrationService_UserSoap">
<security mode="Transport" />
</binding>
<binding name="IntegrationService_UserSoap1" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://???.???.??/services/???????/???.asmx"
binding="basicHttpBinding" bindingConfiguration="IntegrationService_UserSoap"
contract="ServiceReference1.IntegrationService_UserSoap" name="IntegrationService_UserSoap" />
</client>
</system.serviceModel>
now, when I'm going to deploy the project by visual studio I've got this error:
"Error occurred in deployment step 'Activate Features': Operation is not valid due to the current state of the object."
What is wrong?

Wix MSI Installer:How to allow anonymous authentication when set to override="deny" in applicationHost.Config

I have a web application that we install via a Wix MSI project. The web.config includes the authentication nodes below. Everything installs correctly but after installation, I get the error message:
"The configuration section cannot be used at this path". This is due to the configuration locking in applicationHost.config .
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<basicAuthentication enabled="true" />
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
How can I override the applicationHost.config settings during the installation? I do install required Windows Features during the install, but am I missing one?
This is the solution that worked for me, calling appcmd from a custom action, before InstallFinalize.
<CustomAction Id="UnlockAnonymousAuthentication"
Execute="deferred"
Impersonate="no"
Return="check"
Directory="TARGETDIR"
ExeCommand="[SystemFolder]inetsrv\appcmd unlock config /section:anonymousAuthentication" />
<CustomAction Id="UnlockBasicAuthentication"
Execute="deferred"
Impersonate="no"
Return="check"
Directory="TARGETDIR"
ExeCommand="[SystemFolder]inetsrv\appcmd unlock config /section:basicAuthentication" />
<CustomAction Id="UnlockWindowsAuthentication"
Execute="deferred"
Impersonate="no"
Return="check"
Directory="TARGETDIR"
ExeCommand="[SystemFolder]inetsrv\appcmd unlock config /section:windowsAuthentication" />
<InstallExecuteSequence>
<Custom Action="UnlockAnonymousAuthentication" Before="InstallFinalize"><![CDATA[NOT Installed]]></Custom>
<Custom Action="UnlockBasicAuthentication" Before="InstallFinalize"><![CDATA[NOT Installed]]></Custom>
<Custom Action="UnlockWindowsAuthentication" Before="InstallFinalize"><![CDATA[NOT Installed]]></Custom>
</InstallExecuteSequence>
Hope this helps someone.
Here is currently a way to do this directly using the WiX IIS extension WebDirProperties element:
https://wixtoolset.org/documentation/manual/v3/xsd/iis/webdirproperties.html
Something similar to this should work. Notice the critical piece is the WebDirProperties
element that specifies the
AnonymousAccess="yes" BasicAuthentication="no" WindowsAuthentication="no" which modify
the IIS properties you are looking to change during installation.
<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi"
xmlns:iis="http://schemas.microsoft.com/wix/IIsExtension" >
<Fragment>
<!-- Install to default web site -->
<iis:WebSite Id="DefaultWebSite" Description='Default Web Site'>
<iis:WebAddress Id="AllUnassigned" Port="80" />
</iis:WebSite>
<!-- References the installation folder specified in the Product.wxs file under the INSTALLFOLDER -->
<DirectoryRef Id="WEB_INSTALLFOLDER">
<!-- Configure virtual dir -->
<Component Id="VirtualDirectoryComponent"
Guid="{INSERT-YOUR-OWN-GUID-2C27-427A-A7B1-DA4DBCC79117}"
KeyPath="yes" >
<iis:WebVirtualDir Id="VirtualDirectory"
Alias="[WEB_DIRECTORY_ALIAS]" Directory="WEB_INSTALLFOLDER"
WebSite="DefaultWebSite">
<iis:WebDirProperties Id="VirtualDirectoryProperties"
AnonymousAccess="yes" BasicAuthentication="no"
WindowsAuthentication="no" />
<iis:WebApplication
Id="MyWebApplication"
Name="MyWebApplication" />
</iis:WebVirtualDir>
</Component>
</DirectoryRef>
</Fragment>
</Wix>

Not able to see the FxCop Report embeded in the Email using CruiseControl.Net

I have installed Cruise Control 1.5 on my machine and trying to configure the automated build. Everything is working fine. Application is building, i receive an email but I don't see the FXCop result embedded in the Build Email. What am i missing?
ccnet.config file
<cruisecontrol xmlns:cb="urn:ccnet.config.builder">
<project name="SampleProject">
<webURL>http://localhost/ccnet</webURL>
<workingDirectory>E:\\NewProject\\DevBuilds</workingDirectory>
<artifactDirectory>E:\\NewProject\\DevBuilds\Artifacts</artifactDirectory>
<modificationDelaySeconds>600</modificationDelaySeconds>
<category>Dev Build</category>
<sourcecontrol type="svn">
<trunkUrl>https://mycompany.com/svn/trunk/MyApplication</trunkUrl>
<workingDirectory>E:\\NewProject\\DevBuilds\SourceCode</workingDirectory>
<autoGetSource>false</autoGetSource>
<executable>C:\Program Files\Subversion\bin\svn.exe</executable>
<username>username</username>
<password>password</password>
</sourcecontrol>
<initialState>Started</initialState>
<startupMode>UseInitialState</startupMode>
<triggers>
<intervalTrigger seconds="3600" buildCondition="IfModificationExists" />
</triggers>
<state type="state" directory="E:\\NewProject\\DevBuilds" />
<labeller type="iterationlabeller">
<prefix>1.0</prefix>
<duration>1</duration>
<releaseStartDate>2012/04/11</releaseStartDate>
<separator>.</separator>
</labeller>
<tasks>
<nant>
<executable>E:\NewProject\Installables\nant\bin\nant.exe</executable>
<baseDirectory>E:\\NewProject\\Build Files</baseDirectory>
<buildFile>Build.xml</buildFile>
<targetList>
<target>Run</target>
</targetList>
<buildTimeoutSeconds>5000</buildTimeoutSeconds>
</nant>
</tasks>
<publishers>
<merge>
<files>
<file>E:\NewProject\DevBuilds\FxCopOutput\FxCop-results.xml</file>
</files>
</merge>
<xmllogger logDir="E:\\NewProject\\DevBuilds\Artifacts\\buildlogs" />
<email from="Checkins#symphonysv.com" mailhost="smtp.gmail.com" includeDetails="true" useSSL="false">
<users>
<user name="dev1" group="buildmaster" address="myname#gmail.com"/>
</users>
<groups>
<group name="buildmaster">
<notifications>
<notificationType>Always</notificationType>
</notifications>
</group>
</groups>
</email>
</publishers>
</project>
</cruisecontrol>
Build.xml
<?xml version="1.0"?>
<project name="Test" default="Run" basedir=".">
<property name="BuildNumber" value="1.0.0.0"/>
<property name="SourceControlURL" value="https://mycompany.com/svn/trunk/MyApplication/"/>
<property name="BuildFile" value=".\Build.xml"/>
<property name="TagBuild" value="false"/>
<property name="BuildType" value="Release"/>
<property name="BuildTargetDir" value="E:\NewProject\DevBuilds\Executables"/>
<property name="BuildWorkDir" value="E:\NewProject\DevBuilds\SourceCode"/>
<property name="MSBUILD" value="C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319"/>
<property name="FxCopOutPutDirectory" value="E:\NewProject\DevBuilds\FxCopOutput" />
<property name="FxCopInputDirectory" value="E:\NewProject\DevBuilds" />
<target name="Run" description="Starting ThinkPets Build">
<call target="GetLatestCode"/>
<call target="BuildCode"/>
<call target="BuildASPWebSite"/>
<call target="runFxCop"/>
</target>
<target name="GetLatestCode">
<echo message="Updating Code From SVN to ${BuildWorkDir}"/>
<exec program="svn.exe">
<arg line="checkout ${SourceControlURL} ${BuildWorkDir} -q"/>
</exec>
</target>
<target name="BuildCode">
<echo message="Building VS10 Projects Web" />
<exec program="${MSBUILD}\msbuild.exe" failonerror="true">
<arg line=" "${BuildWorkDir}\Application.sln" /t:Rebuild /p:Configuration=Release /V:q"/>
</exec>
</target>
<target name="BuildASPWebSite">
<echo message="Building ASP Web Site" />
<exec program="${MSBUILD}\aspnet_compiler.exe" failonerror="true">
<arg line=" -v / -p "${BuildWorkDir}\MyDir" -f -c "${BuildTargetDir}" "/>
</exec>
</target>
<target name="runFxCop" depends="BuildCode">
<exec program="C:\Program Files\Microsoft FxCop 1.36\FxCopCmd.exe" failonerror="false">
<arg line="/p:${FxCopInputDirectory}\SampleProject.FxCop /o:${FxCopOutPutDirectory}\FxCop-results.xml"/>
</exec>
</target>
</project>
There are a few points you missed:
You need to add <includeDetails>true</includeDetails> to your e-mail publisher block. This will give you HTML e-mails.
In order to transform your XML build results into HTML you need to add an <xslFiles> section to your e-mail publisher block. The elements of this block point to XSL transformation files in [CCNET_INSTALL_DIR]\server\xsl.
So for including the FxCop summary just as appears in CCNET webdasboard this is your e-mail publisher block:
<email from="Checkins#symphonysv.com" mailhost="smtp.gmail.com" includeDetails="true" useSSL="false">
<users>
<user name="dev1" group="buildmaster" address="myname#gmail.com"/>
</users>
<groups>
<group name="buildmaster">
<notifications>
<notificationType>Always</notificationType>
</notifications>
</group>
</groups>
<includeDetails>true</includeDetails>
<xslFiles>
<file>xsl\fxcop-summary_1_36.xsl</file>
</xslFiles>
</email>
Thanks Chairman for your valuable time. I think my mistake was that I did not host the "ccnet" application on my machine which resulted in not able to find the xsls for the publishers. When I used the same settings and config file on the Server machine with "ccnet" application hosted, I was able to see the FxCop summary in the email. Please correct my understanding if wrong.

Unused node detected when configuring schedule block with ant for CruiseControl.NET

I'm developing a ccnet.config script for CruiseControl.net that invokes an Ant script, and I'm getting the following error while executing the CruiseControl.NET service:
Error: "Unused node detected:schedule block"
This is my ccnet.config:
<cruisecontrol xmlns:cb="urn:ccnet.config.builder" xmlns="http://thoughtworks.org/ccnet/1/5">
<project name="testprj">
<webURL>http://localhost/ccnet</webURL>
<modificationDelaySeconds>10</modificationDelaySeconds>
<sourcecontrol type="cvs" autoGetSource="true">
<executable>C:\dev\ccnet\ccnet\tools\cvs.exe</executable>
<cvsroot>:ext:exortech#ccnet:/cvsroot/ccnetcontrib</cvsroot>
<module>ccnet</module>
<workingDirectory>C:\dev\Copy of FAT\</workingDirectory>
<webUrlBuilder type="viewcvs">
<url>http://localhost:7899/viewcvs/ccnet/NUnitDemo/</url>
</webUrlBuilder>
</sourcecontrol>
<schedule>
<ant>
<antscript>C:\Apache\apache-ant-1.8.1\bin\ant.bat</antscript>
<antworkingdir>C:\Apache</antworkingdir>
<buildfile>internalpush.xml</buildfile>
<uselogger>true</uselogger>
<usedebug>false</usedebug>
</ant>
</schedule>
<publishers>
<merge>
<files>
<file>C:\dev\ccnet\ccnet\build\ccnet.exe-results.xml</file>
</files>
</merge>
<xmllogger>
<logDir>log</logDir>
</xmllogger>
<email mailhost="foo" from="sreekanth#foo.com" includeDetails="true">
<users>
<user name="BuildGuru" group="buildmaster" address="buildguru#mycompany.com"/>
<user name="JoeDeveloper" group="developers" address="joedeveloper#thoughtworks.com"/>
</users>
<groups>
<group name="developers">
<notifications>
<NotificationType>Change</NotificationType>
</notifications>
</group>
<group name="buildmaster">
<notifications>
<NotificationType>Change</NotificationType>
</notifications>
</group>
</groups>
</email>
</publishers>
</project>
</cruisecontrol>
There is no "schedule" element available under the "project" element: http://confluence.public.thoughtworks.org/display/CCNET/Project+Configuration+Block

Configuring security settings in CC.NET 1.5

Below is the ccnet.config file I am having, where I am using the new security features of CC.NET 1.5. Can anybody let me know what I am doing wrong.
I have two groups in a DOMAIN and I want to let one group to only view and the other group Full Access.
<cruisecontrol>
<project>
<name>Introvert</name>
<!-- Security Settings -->
<security type="defaultProjectSecurity" defaultRight="Deny">
<permissions>
<!-- Grant permissions to this project -->
<rolePermission name="ViewOnly" ref="ViewOnly"/>
<rolePermission name="FullAccess" ref="FullAccess"/>
</permissions>
</security>
</project>
<!-- Security Settings -->
<internalSecurity>
<users>
<simpleUser name="DOMAIN\GROUP1\*" />
<simpleUser name="DOMAIN\GROUP2\*" />
</users>
<permissions>
!-- Roles -->
<rolePermission name="FullAccess" forceBuild="Allow" startProject="Allow" >
<users>
<userName name="DOMAIN\GROUP1\"/>
</users>
</rolePermission>
<rolePermission name="ViewOnly" forceBuild="Deny" startProject="Deny">
<users>
<userName name="DOMAIN\GROUP2\"/>
</users>
</rolePermission>
</permissions>
</internalSecurity>
</cruisecontrol>
<!-- Security Settings -->
<internalSecurity>
<users>
<simpleUser name="DOMAIN\GROUP1\*" />
<simpleUser name="DOMAIN\GROUP2\*" />
</users>
<permissions>
**!-- Roles -->** <-- mising a "<", bad formatted XML
<rolePermission name="FullAccess" forceBuild="Allow" startProject="Allow" >
<users>
<userName name="DOMAIN\GROUP1\"/> <-- shouldn't it be DOMAIN\GROUP1\*?
</users>
</rolePermission>
<rolePermission name="ViewOnly" forceBuild="Deny" startProject="Deny">
<users>
<userName name="DOMAIN\GROUP2\"/>
</users>
</rolePermission>
</permissions>
</internalSecurity>

Resources