Git

Fetch URL

The URL of the remote Git repository used for fetching data from the repository.

Push URL

The URL of the target remote Git repository used for pushing annotated tags created via VCS labeling build feature to the remote repository. If blank, the fetch URL is used.

Default branch

Configures default branch. Parameter references are supported here. Default value is refs/heads/master.

note

You can configure Git-plugin to fetch all heads by [adding a build configuration parameter](configuring-build-parameters.md#Custom+Build+Parameters) `teamcity.git.fetchAllHeads=true`.

Branch specification

Lists the patterns for branch names, required for feature branches support. The matched branches are monitored for changes in addition to the default branch. The syntax is similar to checkout rules: +|-:branch_name, where branch_name is specific to the VCS, i.e. refs/heads/ in Git (with the optional * placeholder).

tip

Here, the pipe symbol | represents the OR command, as in regular expressions: use + for including, OR - for excluding.

Use tags as branches

Allows monitoring / checking out git tags as branches making branch specification match tag names as well as branches (for example,+|-:refs/tags/<tag_name>). By default, tags are ignored.

Username style

Defines a way TeamCity reports username for a VCS change. Changing the username style will affect only newly collected changes. Old changes will continue to be stored with the style that was active at the time of collecting changes.

Submodules

Select whether you want to ignore the submodules, or treat them as a part of the source tree. Submodule repositories should either not require authentication or use the same protocol and accept the same authentication as configured in the VCS root.

Username for tags/merge

A custom username used for labeling.

Anonymous

Select this option to clone a repository with anonymous read access.

Password / personal access token

Specify a valid username (if there is no username in the clone URL; the username specified here overrides the username from the URL) and a password to be used to clone the repository.
For the agent-side checkout, it is supported only if Git 1.7.3+ client is installed on the agent. See TW-18711.
For Git hosted from Team Foundation Server 2013, specify NTLM credentials here.

You can use a personal access token instead of a password to authenticate in GitHub, Azure DevOps Services, GitLab, JetBrains Space, and Bitbucket. When connecting to Azure DevOps, remember to set the Code access scope to Code (read) / Code (read and write) for versioned settings in the repositories you are about to access from TeamCity.

warning

Beginning August 13, 2021, GitHub will no longer accept passwords when authenticating Git operations on GitHub.com.
We highly recommend that you use an access token or SSH key instead of password when configuring a VCS root for a GitHub.com repository.

When using an existing Bitbucket Cloud, Bitbucket Server, GitLab or Azure DevOps Services connection to create a VCS Root, TeamCity will use a refreshable token instead of the password.

Refreshable token

If a VCS root that fetches data from a GitHub, GitHub App, Bitbucket Server, Bitbucket Cloud, Azure DevOps, GitLab, or JetBrains Space was configured using a TeamCity connection, refreshable tokens are enabled by default. Such tokens are short-lived providing more security than passwords or personal access tokens: the TeamCity server refreshes them automatically without sharing any related data with agents.

The Token field displays information about the user who obtained the token and the connection that provided the token.

You can specify a username here if there is no username in the clone URL (the username specified here overrides the username from the URL).

For Azure DevOps, GitHub App, Bitbucket Server, Bitbucket Cloud, JetBrains Space and GitLab connections you can click the Acquire new button to instantly reissue the token used by the VCS root with a token issued for the current user.

Private Key

Valid only for SSH protocol. A private key must be in the OpenSSH format.

note

Recent versions of OpenSSH no longer generate keys in PEM format by default. The new OpenSSH format is not yet supported by TeamCity (see TW-53615). Use the following command to generate TeamCity-compatible keys: ssh-keygen -t rsa -m PEM.

Select one of the options from the Private Key list and specify a valid username (if there is no username in the clone URL; the username specified here overrides the username from the URL).
Available Private Key options:

• Uploaded Key — select this option to utilize the key(s) uploaded to the project.

• Default Private Key — select this option to utilize the keys available on the file system in the default locations used by common ssh tools: the mapping specified in <USER_HOME>/.ssh/config if the file exists or the private key file <USER_HOME>/.ssh/id_rsa (the files are required to be present on the server and also on the agent if the agent-side checkout is used).

• Custom Private Key — supported only for server-side checkout. Fill the Private Key Path field with an absolute path to the private key file on the server machine. If the key is encrypted, specify the passphrase in the corresponding field.

Convert line-endings to CRLF

Convert line-endings of all text files to CRLF (works as setting core.autocrlf=true in a repository config). When not selected, no line-endings conversion is performed (works as setting core.autocrlf=false). Affects the server-side checkout only. A change to this property causes a clean checkout.

Path to Git

Provide the path to a Git executable to be used on the agent. When set to %env.TEAMCITY_GIT_PATH%, the automatically detected Git will be used, see Git executable on the agent for details.

Checkout policy

This setting defines how TeamCity performs a checkout to a build agent.

• Use mirrors: recommended for long-lived agents. With this option selected, TeamCity creates a remote repository cache on the agent machine under the system/caches/git directory. The cache is then added as alternates when updating the build checkout directory. To speed up the following checkouts of this repository, the agent will reuse the cache in all the builds with the same fetch URL. This also speeds up clean checkout (as only the build working directory is cleaned) and saves disk space (as the mirror is the only clone of the given repository on the agent).

• Do not use mirrors: choose to check out right into the build checkout directory, without creating a mirror. Less optimal in terms of disk usage than mirrors, but preserved for backwards compatibility with existing configurations.

• Shallow clone: recommended for short-lived agents; for example, for disposable cloud agents being terminated after every build. Creates a shallow clone by fetching only one required revision, which allows saving time on the build start. Choose this option only if you do not require a Git commit history in your builds and if your cloud image does not contain a fresh Git mirror. You can enforce this option on certain agents by specifying the teamcity.git.shallowClone=true agent configuration property.

• Auto: TeamCity will automatically apply one of the above approaches depending on the teamcity.cloud.agent.terminate.after.build agent configuration property and on the mirror presence on the agent.

Clean Policy/Clean Files Policy

Specify here when the git clean command is to run on the agent, and which files are to be removed.

If a build configuration depends on multiple VCS roots, we suggest that you configure separate agent checkout directories for each of these roots, using VCS checkout rules. This way, git clean will never delete these checkout directories during cleaning.