Does anyone have any methods for deploying to change-control environments (eg, UAT, Production) with protection over passwords?
We have created build-and-deploy Ant scripts that can and do work for any of our environments, but, as you can imagine, DBAs do not want to issue production passwords (necessary for deployment) to developers, so we can only take this so far at present.
I have tried using "System properties", and have shown that passwords can be entered using these in Custom Run builds to override the Ant password properties. This works well, except the Build Parameters log clearly shows the System properties (ie, passwords) that were used in the run.
I am considering using this method, and simply preventing developer access to the Projects/Configurations that use this method for deployment, thereby preventing access to read passwords.
But is there a better way that anyone knows to do this? For example, by somehow getting the deployment script to read the password from a deployment-target server file?