I'm struggling with finding a good way not to check my secret passwords into my web.config.production type files (the ones that get transformed when Web Deploy publish is done). my workflow is that my team checks in and out of github and then when we are ready to do a production deployment, we have a custom web.config.deployment configuration that has all our real passwords in it. The problem is that all developers see those passwords.
I'm looking for suggestions for how to not have to put those passwords into our github repository with as a little friction as possible. That is, now, we have to rdp into our web server and manually change those passwords. Azure let's you set them in the azure portal, but we are not using azure.
One option is to store these app settings\connection strings in IIS. Then they will be applied to the web.config at start up and only members with access to your IIS administration can access them.
See these post:
http://forum.winhost.com/threads/setup-the-connection-string-in-web-config.7592/ http://technet.microsoft.com/en-us/library/cc753224(v=ws.10).aspx
app settings – Specify name/value pairs that will be loaded by your web application on start up. For .NET sites, these settings will be injected into your .NET configuration AppSettings at runtime, overriding existing settings.
connection strings – View connection strings for linked resources. For .NET sites, these connection strings will be injected into your .NET configuration connectionStrings settings at runtime, overriding existing entries where the key equals the linked database name.