Is it possible to allow Continua to briefly elevate permissions for a single Action?
For instance when registering COM components within a Visual Studio Solution, the administrator role is required to access various registry hives. From memory FinalBuild includes some "RunAs" options, but I'm not sure how easy that would be in an "Agent" configuration that Continua uses.
Unfortunately it’s not actually possible to elevate a process programattically on windows without it having the UAC dialog pop up. You have to use shellexecute, which means there’s no way to capture stdout, which is practially useless. I spent several weeks on this with FinalBuilder, trying all sorts of tricks (like running the process from a service which runs as admin), nothing I tried was reliable enough.
Unfortunately windows security and UAC are not really compatible with automated builds. If this was on linux, it would be trivial to implement.
I figured something like that would be the case in the windows world of security. I know that .net applications can create app domains and I was under the impression they could be forced to run under different credentials, but I’ve not done this in practice, so I’ll take your work about the impact of UAC with services.
Moving forward, working within Continua and Agents, would we need to have a Continua Agent running on a PC/Server in an Admin role and force “admin” stages to execute on that agent? This way we don’t have all the continua agents running with “god” roles. Would that be best practice?
You will never get me to advise running anything as admin (for fear of reprisals when their agent machine is compromised) You could do what you are suggesting, create an Agent property that indicates it’s running as admin, and then for stages that need it, add that as an Agent Requirement on the stage. In that case though, I would keep the stage as short as possible, ie only run the parts that actually require admin on that stage.
I agree that the stages would only ever include the actions that require “admin” and nothing else. I could apply other security to that agent machine to minimise the likelihood of compromise. It would be a similar security configuration for any digital certificate signing processes for software to be released.