在asking on the GCM Github issues page之后,事实证明GCM不支持从文件读取证书。
但是我的目标是允许非交互式的证书群体,它确实支持以编程方式向GCM使用的Windows Credential Store添加证书。通过使用bundled libraries(binaries here)我是能够把一个PowerShell脚本,使我们的厨师添加机配置中的凭据:
Add-Type -Path 'c:\path\to\gcm-v1.4.0\Microsoft.Alm.Authentication.dll'
$credentials = New-Object -TypeName Microsoft.Alm.Authentication.Credential('someuser', 'secret')
$targetUri = New-Object -TypeName Microsoft.Alm.Authentication.TargetUri('https://git.example.com/projects')
$namespace = "git"
$secretStore = New-Object -TypeName Microsoft.Alm.Authentication.SecretStore($namespace, $null, $null, $null)
$foundCredentials = $null
$secretStore.ReadCredentials($targetUri, [ref] $foundCredentials)
if ($foundCredentials -ne $null) {
echo "Credentials already found, not inserting"
} else {
echo "Inserting stored credentials"
$secretStore.WriteCredentials($targetUri, $credentials)
}
这使得詹金斯奴隶,而无需用户交互进行Git的克隆。
注:您需要的“无限制”执行策略运行PowerShell脚本,以及包含在GCM unblock的DLL文件,否则他们将不会加载。