There is currently no way to do this, but there are workarounds involving using SSH.
In our CI setup, we have a passphraseless ssh keypair set up for the CI user on all the CI server/agents (we copy the same keypair to each agent, but if you want to you could create a separate one for each) .
We have created a user who has read-only permissions to the repositories we need CI to access and add the public key to the user in Stash.
Once this is set up, the CI server can use the ssh url to clone from and we do not need to specify a username and password. Ssh will automatically use the keypair in the CI users ~/.ssh directory to authenticate with stash.
The only gotcha is that if it is the first time the CI user has checked code out from stash, it will prompt the user to accept a previously unknown host certificate - the workaround for that is to manuall try and clone as the CI user first (on each agent, or copying over the ~/.ssh/known_hosts file to each agent) or to disable checking (a potential security issue (see http://askubuntu.com/questions/123072/ssh-automatically-accept-keys).
We advise consulting with your IT security staff to help and audit this approach for your site.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.