What's New in TeamCity 2023.05
Dark Theme
In this release cycle we implemented one of the most upvoted requests: TeamCity Dark Theme. In addition, you can select the "System theme" option that automatically applies either Light or Dark theme depending on your current OS settings.
Interactive Agent Terminals
With this update you can open remote terminals to agent machines directly from the TeamCity UI. These terminals allow project administrators to maintain local and cloud agents and troubleshoot issues.
With this new terminal in place, we removed the older Open SSM Terminal action link from agent pages.
Learn more: Install and Start TeamCity Agents.
Multinode Setup Enhancements
Round-Robin
Version 2023.05 introduces a new requests distribution logic that spreads the load more effectively between TeamCity nodes and minimizes the number of negatively affected users when a node is down due to a planned maintenance or an unexpected failover.
This new logic is based on sending new requests to a random node that has the Handling UI actions and load balancing user requests responsibility. After this initial draw, TeamCity memorizes which node was selected and relegates subsequent requests to the same node.
Learn more: Round-Robin.
Assign the VCS Polling Responsibility to Multiple Nodes
Prior to version 2023.05, the "VCS repositories polling" responsibility (allows nodes to poll repositories for new commits and detect changes) was available for a single node in the entire cluster. Starting with this version, you can assign this responsibility to multiple nodes. This enhancement allows you to evenly distribute the load across nodes and reduce the delay before triggering new builds.
To specify which node should handle your current requests (for instance, adding a new build to the build queue), use the node selector in the bottom right corner of the TeamCity UI. The currently selected node is marked with the star icon on the Nodes Configuration page.
Learn more: VCS Repositories Polling.
Disable Main Node Responsibilities
Previously, the main TeamCity node automatically re-gained the "Processing data produced by running builds", "VCS repositories polling", and "Processing build triggers" responsibilities when a TeamCity cluster had no nodes with such responsibilities. In addition, when you switched the "Main TeamCity node" responsibility to another node, this new node automatically inherited all other responsibilities.
Starting with version 2023.05, main nodes do not automatically accept "missing" responsibilities. This change grants you more control over main nodes and allows you to reduce their load and CPU/memory consumption. The only main node responsibilities you cannot disable in TeamCity UI are "Main TeamCity node" (you can clear this checkbox only by enabling this responsibility on another node) and "Handling UI actions and load balancing user requests".
Launch TeamCity Backup and Clean-Up from Any Node
You can now create backups on any node with the Handling UI actions and load balancing user requests responsibility.
Clean-ups can now also be scheduled from any node with this responsibility. However, clean-ups are always executed on main nodes. This task can be performed while secondary nodes perform their regular tasks.
VCS Integrations Enhancements
Connect to GitHub via GitHub Apps
Starting with this release, TeamCity can work with GitHub and GitHub Enterprise instances via connections that utilize GitHub Apps. GitHub Apps is the superior way to provide access to your personal and organization repositories. It boasts fine-grained permissions, grants you more control over which repositories the app can access, and does not require keeping a dedicated "service" user to produce OAuth access tokens.
GitHub App connections allow you to check out GitHub.com and GitHub Enterprise repositories, set up webhooks that GitHub uses to notify TeamCity about a repository change, and enable the related authentication module.
Learn more: Configuring Connections.
Ignore GitHub Draft Pull Requests
Starting from this version, you can configure the Pull Requests build feature to ignore GitHub draft pull requests by checking the Ignore Drafts box in the build feature settings. TeamCity will ignore draft pull requests until their status changes.
By default, the Pull Requests build feature loads the GitHub draft pull request information and runs builds on draft pull requests. The build page displays the "Draft" status and grayed-out icon next to the pull request number:
When the status of the draft pull request changes to "Ready for review" in GitHub, the build page reflects the change:
Reissue Refreshable Tokens for VCS Roots
If a VCS root is configured via TeamCity connections to access Git repositories hosted in Bitbucket Server, Bitbucket Cloud or GitLab, the "Authentication Settings" section of this root's settings now displays the Acquire new button. This button allows you to instantly replace the refreshable token used by the VCS Root with a new token issued for the current user.
Short-lived refreshable tokens provide more security compared to passwords or personal access tokens since the TeamCity server refreshes them automatically without sharing any related data with agents.
Learn more: Refreshable tokens.
Integration with Bitbucket Server and Data Center
In addition to Bitbucket Cloud, TeamCity now supports Bitbucket Server and Data Center. The corresponding option is available in the connection types list, and on the Create Project page.
Learn more: Configuring Connections | Creating and Editing Projects
Podman Support
Starting with version 2023.05, you can connect to image registries, run build steps inside containers, and push/pull images (via the Command Line runner) using Podman instead of Docker.
The Container Wrapper extension (previously known as "Docker Wrapper") now pulls images via either
docker pull
orpodman pull
, depending on which Container Manager is installed on the build agent.The Docker Support build feature can now use Podman to log in to container registries.
If you use the Command Line runner to execute
podman ...
commands, utilize newcontainer.engine
,podman.version
, andpodman.osType
parameters to specify agent requirements that ensure your builds run only on build agents with installed Podman.
Learn more: Integrating TeamCity with Container Managers.
HTTPS Access Enhancements
Fetch HTTPS Certificates via Let's Encrypt
Let's Encrypt is a non-profit Certificate Authority (CA) that provides TLS certificates trusted by all modern browsers. Starting with version 2020.05, TeamCity can contact this CA to automatically issue and set up a valid certificate.
Certificates issued by Let's Encrypt are automatically renewed 30 days before expiration, and cover both your TeamCity server domain and if configured, the artifacts isolation domain.
Learn more: HTTPS Server Settings.
Specify the Required Encryption Protocol for HTTPS Connection
If your TeamCity server allows access via HTTPS, the server's default protocol for communicating with clients is currently TLS Version 1.2. Starting with version 2023.05, you can specify the list of available encryption protocols or force TeamCity to use one specific protocol.
Learn more: Specify Available Encryption Protocols.
New Service Messages
Send Slack Messages and Emails via Service Messages
TeamCity Service Messages allow you to report various information about the build by adding special messages to your build scripts. The list of available service messages now includes the ##teamcity[notification ...]
message that sends emails, Slack direct messages, and posts updates to Slack channels.
Built-in security features ensure messages cannot be sent to wrong recipients and cannot include links to external web resources that are not configured as trusted.
Learn more: Slack Messages | Emails.
Add and Remove Build Tags via Service Messages
You can now send TeamCity service messages to add and remove build tags.
To add and remove tags, send the following messages:
Learn more: Service Messages.
AWS-Related Updates
EC2 Instance Metadata Service v2 Support
IMDSv2 is the new version of the Amazon EC2 Instance Metadata Service that addresses a number of IMDSv1 vulnerabilities.
TeamCity 2023.05 supports EC2 instances and Amazon Machine Images (AMIs) with both "Optional" and "Required" IMDSv2 settings. TeamCity always attempts to use IMDSv2 first, but supports older AMIs as well.
EC2 Launch Templates Customization
Starting from this version, TeamCity allows customizing Amazon EC2 launch templates. You can now use the same launch template to run various instances that differ in some parameters only. Check the Customize Launch Template box and modify the launch template's values as required.
Learn more: Amazon EC2 Launch Templates support.
Two-Factor Authentication Enhancements
Additional Verification for Critical Settings
Starting with version 2023.05, users who pass the two-factor authentication have one hour to perform security-related actions: disable 2FA, change user password and/or email, and generate access tokens. Once this period expires, users must re-confirm their identities and pass a new 2FA verification before proceeding with these actions.
This new behavior adds an extra layer of protection for your TeamCity server.
Learn more: Critical Settings Protection.
Force 2FA for Specific User Groups
If the global two-factor authentication mode is "Optional", you can now force individual user groups to use 2FA. To do so, add the teamcity.2fa.mandatoryUserGroupKey
internal property and set its value to the required group key.
Learn more: Force 2FA for Individual User Groups.
ARM Docker Images
TeamCity Server and Agent images include options for ARM-based devices starting with version 2023.05.1. See the following Docker Hub registries for the list of available image tags:
REST API Updates
Manage SSH Keys
Starting with version 2023.05, you can perform the full range of operations on projects' SSH keys via REST API: upload and generate new keys, modify VCS authentication settings, set passphrases for encrypted keys, and browse and remove uploaded keys. To do this, send required requests to the /app/rest/projects/<project_locator>/sshKeys
endpoint.
Learn more: SSH Keys Management.
Manage Versioned Settings
Our REST API now allows you to manage settings related to storing project settings in VCS. You can use this new API to modify these settings, check for changes, and load/commit changes from/to the related VCS. Explore the /app/rest/projects/{locator}/versionedSettings/
endpoint to view available requests.
Learn more: Manage VCS Settings.
Manage User Roles
The new /app/rest/roles
endpoint allows you to obtain, modify, and remove existing roles, as well as create new ones.
Learn more: Manage Roles and Permissions.
Manage Server Authentication Settings
You can now send GET
and PUT
requests to the /app/rest/server/authSettings
endpoint to manage server authentication settings.
Learn more: Manage Server Authentication Settings.
.NET 8 Support
TeamCity 2023.05 now supports .NET 8.0 framework by Microsoft. This means TeamCity agents correctly recognize the corresponding SDK installed on agent machines and the .NET build runner successfully builds projects that target .NET 8.0.
The Sakura UI Improvements
The "Chains" Tab for Build Configurations
Build configuration pages now display the "Chains" tab. The page allows you to browse Sankey-like diagram of builds linked into a Build Chain.
Previously, this page was available only in Classic UI.
Reorder Builds
You can now manually reorder builds in the build queue by dragging them to the desired position in the Sakura UI.
Improved Changes Visibility
The Change Log tab is now available for projects and build configurations.
The Show graph option has been implemented on all pages and tabs related to changes. With this option enabled, the changes are displayed as a graph of commits to the related VCS roots.
Updated Parameters Tab on the Build Results Page
We have overhauled the Parameters tab on the Build Results Page. You can now use a search box to find required parameters, view only those parameters that were added/modified during a custom build, and hide parameters reported by dependent builds.
Learn more: Parameters Tab.
Run Steps Only for Failed Builds
You can now choose the "Only if build status is failed" execution policy for individual steps. This policy allows you to create steps that will be ignored when your build finishes successfully and executed only when it fails.
Kotlin DSL: Build Failure Conditions on Custom Metrics
You can now use Kotlin DSL to configure a build failure condition on a custom statistic value reported by the build. You do not need to edit the main-config.xml file for this, which means that configuring a build failure condition on a custom metric no longer requires system administrator privileges.
The sample Kotlin DSL code is as follows:
We are working on improving the web UI representation of the build failure condition on custom metrics added via DSL.
Server Health
Health Reports for Archived Projects
You can now generate Server Health reports for archived projects. To do this, select the <Archived Projects> scope.
New Endpoints to Check the Server Status
Added two new endpoints that you can check by sending GET requests to obtain the current server status:
the
<server_URL>/healthCheck/healthy
endpoint returns "200" if a server is running, even if it is still initializing or in maintenance mode.the
<server_URL>/healthCheck/ready
endpoint returns "200" if a server is fully initialized and ready to accept user requests. If the server is still initializing or awaits for a data upgrade, the endpoint returns "503".
Miscellaneous
The Notifications build feature now allows you to enter multiple recipient addresses.
Added
env.BUILD_URL
to the list of predefined environment variables. This variable returns a link to the current build.The SSH Keys page now displays the button that allows you to generate a new key. Generating keys on TeamCity server is faster and more secure (compared to running
ssh-keygen
locally and manually uploading the keys).Added new
teamcity-commit-status.log
andteamcity-pull-requests.log
log files that contain information related to the Commit Status Publisher and Pull Requests build features. Each log has a corresponding preset that allows TeamCity to write DEBUG-level events.TeamCity Enterprise users can now click Help | Support to quickly navigate to the new request form at teamcity-support.jetbrains.com.
Upgrade Notes
Before upgrading, we highly recommend reading about important changes in version 2023.05 compared to 2022.10.x.
Fixed Issues
Roadmap
See the TeamCity roadmap to learn about future updates.
We'd Love to Hear From You
We place a high value on your feedback and encourage you to share your thoughts and suggestions. See this link for more information: Feedback.