Using 2 VCS roots with different manual selected branches
Hello!
I know we had a similar topic before, but recently we started migration from GitLab CI to TeamCity because it provides much more flexibility and scalability. But one part of the system, which is extremely important for us, is missing at first glance. Let me make a brief about need, and maybe TeamCity has different approach how to solve it.
We have a main project repository which contains some basic graphics (in Git LFS) and code. Also, we have a bunch (up to 500) Git repositories with features' resources (graphics, sounds, etc.). To create a deliverable asset (for download from CDN) we need to build our feature resources inside the main project repository. So we need to clone the main project with specified branch, clone secondary project with specified branch and put inside the main project, perform build and deploy assets to the CDN.
The main key here - we need to clone 2 Git projects with different specified branches. We can't use same branch name and TeamCity 2 VCS feature, because the main project can be on release/v1.0.0, but feature resources repository on feature/new-feature. Creating feature/new-feature/some-feature-in-feature for 500+ repos will just clutter the project critical.
In GitLab, we used the empty checkout directory and job access token to manual clone, cache and manage those.
Do we have some good solution here? Can I make a feature request to adds with to VSC root, which will add its branch/revision selection to the build run window?
We are currently have 7 agent licenses, and plan to scale after figuring out all nuances like this.
Thanks for your support!
Please sign in to leave a comment.
You can use the same approach in TeamCity. In Build Configuration > Version Control Settings, select VCS checkout mode: Do not checkout files automatically to disable automatic checkout and checkout build sources manually in the build step (the working directory will still be created on a build agent). See https://www.jetbrains.com/help/teamcity/2024.07/vcs-checkout-mode.html?VCS+Checkout+Mode. This would be a recommended approach for such a scenario.
Best regards,
Anton
Anton, thanks!
But I'll be lacking great cache featuring TeamCity do with submodules and cleaning cache automatically, I wanted to avoid it with all costs. Also, there will be no list of branches to select from, this makes running the build just a nightmare on scale.
As I understand, you would like to run the build manually from the Run Custom Build dialog.
If that's the case, you can add parameters to your build configurations (let's say, MainBranch and FeatureBranch), and then reference them in the checkout script like %MainBranch% and %FeatureBranch%. These parameters will be available in the Run Custom Build > Parameters tab. But you're right, there won't be a list of branches to select from.
And the build checkout directory will not be cleaned automatically unless the directory expiration period is configured (https://www.jetbrains.com/help/teamcity/2024.07/build-checkout-directory.html#Automatic+Checkout+Directory+Cleaning).
Unfortunately, there seem to be no other options for "combining" the sources from two independent VCS roots with independent branches.
There is also a related feature request. Please upvote it and subscribe for updates: https://youtrack.jetbrains.com/issue/TW-25586. I also internally notified the team about your use case.
Best regards,
Anton
Thanks again for the details.
Yes, we want to perform a build composing 2 VCS roots with separate selected branches from the drop-down in Run Custom Build dialog, put one in the root of the build directory and the second in one of subfolder (supported already).
But for example, a custom parameter with type “VCS REF/BRANCH” also is a solid addition, which can fetch and show the list of refs.
Also, one more questions: how I can get GitLab oauth token during build process to clone the repositories with custom script? GitlabCI has a Job Token, do we have something similar? Don't found any info.
There are two ways to authenticate in the VCS from the script:
1. Use SSH and authenticate with the selected uploaded SSH key using the SSH Agent build feature: https://www.jetbrains.com/help/teamcity/2024.07/ssh-agent.html.
2. For HTTPS, you can save the password or token in the env.REPO_PASSWORD parameter of type 'Password', and use a git command like this:
git -c core.askpass=/path/to/aut_script -c credential.helper= <git_command>
where `aut_script` file content is something like this:
#!/usr/bin/env bash
echo $REPO_PASSWORD
Best regards,
Anton
Anton Vakhtel Hey!
Thanks for your response. We came back to this topic, and decided to try the easiest option we have: use 1 VCS with submodule and after Teamcity own checkout, checkout the same branch in the submodule. But we have no access to the repository from our script.
You mentioned the solution above, but it's highly unscalable and requires creating hundreds of access tokens, which now leaves only 1 year in the GitLab.
In GitLab CI you have access to Job Token which you can use to perform any authorization to the git with the right the same as the person who triggered the build. This token leaves until build finishes. This solution resolve 99% of the cases.
Do we have some similar options in the TeamCity? I'm sure we are not the first with this kind of question.
Which VCS do you use? And what authentication method are you using in the VCS root for it?
We have such a feature request for GitHub App VCS roots: https://youtrack.jetbrains.com/issue/TW-82657.
Best regards,
Anton
Hey,
For context about our VCS composition and processes:
For this feature, we are trying the following temporary approach:
I know, here isn't a place to discuss Teamcity solutions for our personal purposes, but maybe our case can help you grow in some directions, merging our cases and knowledge with your outstanding solution.
And how are your GitLab VCS roots are configured? Do you use GitLab connection (https://www.jetbrains.com/help/teamcity/2024.07/configuring-connections.html#GitLab)?
If you would use SSH for connecting to it, you could use SSH Agent build feature with the same key and authenticate your build steps with it.
Best regards,
Anton
Yes, we use connection and Commit Status Pusher is essential for our processes, not sure if it'll work with SSH only VCS. Also, SSH key require creation of a service account with read-only access to all our repositories and adding the new projects to it. Not perfectly scalable and introduces another block - point. Also for SSH the repo remote URL need to be adjust by adding ssh variant in the TeamCity or updating during build process.
It should be possible to use Commit Status Publisher with SSH authentication for VCS root (https://www.jetbrains.com/help/teamcity/commit-status-publisher.html#GitLab), but using the connection is the most convenient way for sure.
I have created a feature request for this: https://youtrack.jetbrains.com/issue/TW-89598. Please vote for it and subscribe to receive updates on its status. And please feel free to add comment with any information you may find important.
Best regards,
Anton
Anton,
Thanks a lot for your time and support!
We are still experimenting with our case and trying different options. I'll share results later.
While you are still here, do you have any recommendations how to work with big git repositories? Cloning one of them can take 4 hours due to the amount of commits and branches, even with full LFS. Do we have some options to clone only with latest 100 branches? Or provide depth?
What is your VCS root > Checkout policy? And do you use cloud (short-lived on-demand) build agents or regular long-lived build agents?
By default, TeamCity creates a mirror (https://help.github.com/en/github/creating-cloning-and-archiving-repositories/duplicating-a-repository), that is a copy, of your Git repository under the agent's `system/git` directory. To save time and disk space on fetching source files, TeamCity points to this mirror via the Git alternate mechanism when updating the checkout directory for a build.
This works out-of-the-box for regular build agents. For the cloud agents, please see the documentation: https://www.jetbrains.com/help/teamcity/2024.07/git.html#Git+mirrors+on+cloud+agents.
Please let me know if the above is applicable to your configuration.
Best regards,
Anton
We are using the own fleet of macOS + Windows machines set upped with the Puppet. Also, only the agent checkout with the mirrors. Our repositories are huge, and keeping the cache on the machine in the same directory is essential to keep building times under 30 minutes. That cache can be 30–200 GB, so we can't move it around or use short-lived agent. Also, all build steps should be done on the same agent and same folder to maximize speed (what we do).
Git mirroring is great, but it still clones the whole git history in the agent cache, which takes up to 5 hours due to huge amount of commits and branches (90% of which we use as an archive s to fork from, or to update older feature to new version of code).
1. Set the VCS root > Checkout Policy to Shallow Clone. But, as far as I could confirm, this option won't use mirrors.
2. There is a hidden property that you can add to the build parameters: teamcity.git.use.shallow.clone=true, and this one looks like it should work with the mirrors.
Please let me know if any of the above helps.
Best regards,
Anton
Unfortunately, the behavior is the same after starting the build with teamcity.git.use.shallow.clone=true on the machine without any cache. 1 hour and 7% in progress.
I think the total performance will be worse, because we'll lose mirrors. I'll try it later, but not sure if that is a solution.