Using Deploy Keys with TeamCity and Git
Had a number of TeamCity projects connecting to the Git repo using my user account. Was thinking I should really request for service accounts to do the connection. This becomes a pain when I change my user password as I have to remember to go in to TeamCity and Octopus Deploy to update the passwords on anything using my user account. Really bad practice!
After doing a bit of digging I stumbled across “Deploy Keys” whereby you can gen ssh keys to configure Git and TeamCity to play nicely with each other so that deploy keys are then used to establish a read only connection from Team City to Git to pull down the repository.
Steps as follows:
- Generate ssh keys ssh-keygen -t rsa -C “firstname.lastname@example.org”
- Go to Git project settings. Click on Deploy Key – Add the public key – I had to paste the full contents of public key here although I believe some versions will allow upload of file.
- Go to TeamCity. Click on the Project. “Edit Project Settings”…….”SSH Keys”…..”Upload SSH Key” – Upload the private SSH key.
- Now go into the Team City project settings and “Edit Configuration Settings” ….. “Version Control Settings” …..”Edit”…..Under “Authentication Settings” change the “Authentication Method” to “Uploaded Key” and select the “Uploaded Key” to the key you uploaded in step 3.
- Depending on how you had the Version Control Settings configured previously you may need to now switch to the SSH version of the “Fetch URL” in the configuration settings.
All done. No more dodgy personal accounts used for TeamCity and Git interaction.