Using 2 VCS roots with different manual selected branches

Hello!

I know we had a similar topic before, but recently we started migration from GitLab CI to TeamCity because it provides much more flexibility and scalability. But one part of the system, which is extremely important for us, is missing at first glance. Let me make a brief about need, and maybe TeamCity has different approach how to solve it.

We have a main project repository which contains some basic graphics (in Git LFS) and code. Also, we have a bunch (up to 500) Git repositories with features' resources (graphics, sounds, etc.). To create a deliverable asset (for download from CDN) we need to build our feature resources inside the main project repository. So we need to clone the main project with specified branch, clone secondary project with specified branch and put inside the main project, perform build and deploy assets to the CDN.

The main key here - we need to clone 2 Git projects with different specified branches. We can't use same branch name and TeamCity 2 VCS feature, because the main project can be on release/v1.0.0, but feature resources repository on feature/new-feature. Creating feature/new-feature/some-feature-in-feature for 500+ repos will just clutter the project critical.

In GitLab, we used the empty checkout directory and job access token to manual clone, cache and manage those.

Do we have some good solution here? Can I make a feature request to adds with to VSC root, which will add its branch/revision selection to the build run window?

We are currently have 7 agent licenses, and plan to scale after figuring out all nuances like this.

Thanks for your support!

0
19 comments
Hi Vladislav,

You can use the same approach in TeamCity. In Build Configuration > Version Control Settings, select VCS checkout mode: Do not checkout files automatically to disable automatic checkout and checkout build sources manually in the build step (the working directory will still be created on a build agent). See https://www.jetbrains.com/help/teamcity/2024.07/vcs-checkout-mode.html?VCS+Checkout+Mode. This would be a recommended approach for such a scenario.

Best regards,
Anton
0

Anton, thanks!

But I'll be lacking great cache featuring TeamCity do with submodules and cleaning cache automatically, I wanted to avoid it with all costs. Also, there will be no list of branches to select from, this makes running the build just a nightmare on scale.

0
Dear Vladislav,

As I understand, you would like to run the build manually from the Run Custom Build dialog.
If that's the case, you can add parameters to your build configurations (let's say, MainBranch and FeatureBranch), and then reference them in the checkout script like %MainBranch% and %FeatureBranch%. These parameters will be available in the Run Custom Build > Parameters tab. But you're right, there won't be a list of branches to select from.
And the build checkout directory will not be cleaned automatically unless the directory expiration period is configured (https://www.jetbrains.com/help/teamcity/2024.07/build-checkout-directory.html#Automatic+Checkout+Directory+Cleaning).

Unfortunately, there seem to be no other options for "combining" the sources from two independent VCS roots with independent branches.

There is also a related feature request. Please upvote it and subscribe for updates: https://youtrack.jetbrains.com/issue/TW-25586. I also internally notified the team about your use case.

Best regards,
Anton
0

Thanks again for the details.

Yes, we want to perform a build composing 2 VCS roots with separate selected branches from the drop-down in Run Custom Build dialog, put one in the root of the build directory and the second in one of subfolder (supported already).

But for example, a custom parameter with type “VCS REF/BRANCH” also is a solid addition, which can fetch and show the list of refs.

Also, one more questions: how I can get GitLab oauth token during build process to clone the repositories with custom script? GitlabCI has a Job Token, do we have something similar? Don't found any info. 

0
Dear Vladislav,

There are two ways to authenticate in the VCS from the script:
1. Use SSH and authenticate with the selected uploaded SSH key using the SSH Agent build feature: https://www.jetbrains.com/help/teamcity/2024.07/ssh-agent.html.
2. For HTTPS, you can save the password or token in the env.REPO_PASSWORD parameter of type 'Password', and use a git command like this:
git -c core.askpass=/path/to/aut_script -c credential.helper= <git_command>
where `aut_script` file content is something like this:
#!/usr/bin/env bash
echo $REPO_PASSWORD

Best regards,
Anton
1

Anton Vakhtel Hey!

Thanks for your response. We came back to this topic, and decided to try the easiest option we have: use 1 VCS with submodule and after Teamcity own checkout, checkout the same branch in the submodule. But we have no access to the repository from our script.

You mentioned the solution above, but it's highly unscalable and requires creating hundreds of access tokens, which now leaves only 1 year in the GitLab.

 In GitLab CI you have access to Job Token which you can use to perform any authorization to the git with the right the same as the person who triggered the build. This token leaves until build finishes. This solution resolve 99% of the cases.

Do we have some similar options in the TeamCity? I'm sure we are not the first with this kind of question.

0
Hi Vladislav,

Which VCS do you use? And what authentication method are you using in the VCS root for it?
We have such a feature request for GitHub App VCS roots: https://youtrack.jetbrains.com/issue/TW-82657.

Best regards,
Anton
0

Hey,

For context about our VCS composition and processes:

  • We have Unity game engine based projects hosted in Git (with LFS) repositories on the Self Hosted GitLab.
  • Each game has one main Git repository with game engine files, project dependent game play code and build in resources.
  • Each main Git repository can contain up to 100 Git submodules of two main assets types: code library or game resources (images, sounds, etc.).
  • Each main Git repository mostly contain ~5 resources submodules, and each can have thousands of branches and hundreds of gigabytes of LFS files.
  • Each day, each project can have tens of new features with only resources changes, but with the same project configuration and code. So we create a feature branch in a selected resource submodule and build resources archive using a main (last release) branch of our main Git repository.
  • Each build needs to check out the main project branch, checkout on of selected resources submodules with selected branch, build the archive and deploy to a CDN folder.
  • Worth to note that each first build with main project open can take up to 1–2 hours to build a cache of all build in resources and code compilations. So having a lot of folders on the Agents for the same project is no go for us. That cache can be up to 200gb per project. So we make clean checkout only for the release builds. Imagine having 30 projects and 30 agents.

 

For this feature, we are trying the following temporary approach:

  • We've deleted submodules inside the project.
  • We've added them as 3 secondary VCS.
  • We've configured them to check out inside the main VCS folder structure (to be a part of Unity project).
  • We'll try to change development process to use same branch in main repository as on secondaries. But in 90% cases we are using main branch in main repository and a feature branch in submodules (sometimes it's 10–20 branches per day to build resources with same code base). Sometimes we need to build some older feature, and keeping all branches is a hell.


I know, here isn't a place to discuss Teamcity solutions for our personal purposes, but maybe our case can help you grow in some directions, merging our cases and knowledge with your outstanding solution.

0
Vladislav, thanks!

And how are your GitLab VCS roots are configured? Do you use GitLab connection (https://www.jetbrains.com/help/teamcity/2024.07/configuring-connections.html#GitLab)? 

If you would use SSH for connecting to it, you could use SSH Agent build feature with the same key and authenticate your build steps with it.

Best regards,
Anton
0

Yes, we use connection and Commit Status Pusher is essential for our processes, not sure if it'll work with SSH only VCS. Also, SSH key require creation of a service account with read-only access to all our repositories and adding the new projects to it. Not perfectly scalable and introduces another block - point. Also for SSH the repo remote URL need to be adjust by adding ssh variant in the TeamCity or updating during build process.

0
Dear Vladislav,

It should be possible to use Commit Status Publisher with SSH authentication for VCS root (https://www.jetbrains.com/help/teamcity/commit-status-publisher.html#GitLab), but using the connection is the most convenient way for sure.
I have created a feature request for this: https://youtrack.jetbrains.com/issue/TW-89598. Please vote for it and subscribe to receive updates on its status. And please feel free to add comment with any information you may find important.

Best regards,
Anton
0

Anton,

Thanks a lot for your time and support!

We are still experimenting with our case and trying different options. I'll share results later.

While you are still here, do you have any recommendations how to work with big git repositories? Cloning one of them can take 4 hours due to the amount of commits and branches, even with full LFS. Do we have some options to clone only with latest 100 branches? Or provide depth?

0
Dear Vladislav,

What is your VCS root > Checkout policy? And do you use cloud (short-lived on-demand) build agents or regular long-lived build agents?
By default, TeamCity creates a mirror (https://help.github.com/en/github/creating-cloning-and-archiving-repositories/duplicating-a-repository), that is a copy, of your Git repository under the agent's `system/git` directory. To save time and disk space on fetching source files, TeamCity points to this mirror via the Git alternate mechanism when updating the checkout directory for a build.
This works out-of-the-box for regular build agents. For the cloud agents, please see the documentation: https://www.jetbrains.com/help/teamcity/2024.07/git.html#Git+mirrors+on+cloud+agents.
Please let me know if the above is applicable to your configuration.

Best regards,
Anton
0

We are using the own fleet of macOS + Windows machines set upped with the Puppet. Also, only the agent checkout with the mirrors. Our repositories are huge, and keeping the cache on the machine in the same directory is essential to keep building times under 30 minutes. That cache can be 30–200 GB, so we can't move it around or use short-lived agent. Also, all build steps should be done on the same agent and same folder to maximize speed (what we do).

Git mirroring is great, but it still clones the whole git history in the agent cache, which takes up to 5 hours due to huge amount of commits and branches (90% of which we use as an archive s to fork from, or to update older feature to new version of code).

0
Some other options that you might want to test and see if it'll speed up the process for you: 
1. Set the VCS root > Checkout Policy to Shallow Clone. But, as far as I could confirm, this option won't use mirrors.
2. There is a hidden property that you can add to the build parameters: teamcity.git.use.shallow.clone=true, and this one looks like it should work with the mirrors.
Please let me know if any of the above helps.

Best regards,
Anton
0

Unfortunately, the behavior is the same after starting the build with teamcity.git.use.shallow.clone=true on the machine without any cache. 1 hour and 7% in progress.

0
Vladislav, what about the first option? Did you try it as well?
0

I think the total performance will be worse, because we'll lose mirrors. I'll try it later, but not sure if that is a solution.

0
I just want to check all options, see the results, and proceed from there. Thank you!
0

Please sign in to leave a comment.