I am trying to create a TeamCity build configuration that will react to new pull requests from Bitbucket by performing a local merge of the branch into master. This is for a private repository, so no worries about random people creating unsafe pull requests.
I use the ArcBee bitbucket plugin for the pull request trigger: https://github.com/ArcBees/teamcity-plugins/wiki/Configuring-Bitbucket-Pull-Requests-Plugin.
I am trying to use the following guide to set up the merge operation: http://blog.brendan-mcmahon.com/articles/2014/09/02/building-bitbucket-pull-requests-with-teamcity.html.
The basic idea is to install Git on the agent and use agent-side checkout, so that I can run additional git commands in the initial build step. For that I use the command line runner.
But the trouble is that the fetch command needs the SSH key to my private repo. After A LOT of fumbling about with Windows batch scripting and git/ssh commands, I now know how to tell git to use an alternate SSH key for auth.
The remaining issue I have, is that I use a TeamCity-managed SSH key, for reducing agent setup. But I cannot figure out how to get to the key during the build process. The documentation states that the key is downloaded to a file on the agent and deleted after use, to minimize risk of leaking it. But where is it placed? The only relevant build parameter seems to be %vcsroot.teamcitySshKey%. During build, this parameter contains the name of my SSH key. But it is not placed in the work folder under that name.
Is there any way to perform a build pre-merge operation with TeamCity-managed keys?