Newly Implemented Functionality
Earlier today we released support for checking out source code from AzureDevOps hosted Git repositories using Personal Access Tokens. This functionality is not yet available to configure from the DevOps dashboard, but can be manually configured using the Cloud Build APIs.This means that after setting Azure manually, the Source Control and Project Settings portion of the UI will still appear blank. You can find instructions for this below.
We also released support for adding the verbose flag to the fastlane execution of iOS builds. To enable this add the FASTLANE_VERBOSE environment variable in your target configuration and set the value to true. This is most useful when your build is running into issues.
In addition, a few customers were running into issues related to our usage of cygwin when checking out Git repositories. Unfortunately, cygwin can occasionally run into fork() failures. We have only seen these failures when checking out git repositories. In the background we have implemented most of the fixes recommended by the developers of cygwin, with the last one being to add a retry of failed processes. When a git checkout fails, it will now attempt to re-clone the repository instead of resulting in a failed build. We hope to move off of cygwin in the future to completely eliminate these types of errors.
Now, back to the main purpose of this post; Azure DevOps support. Below you will find a short guide on manually configuring your project to work with AzureDevOps hosted Git repositories.
Generating a PAT
Head over to your dev.azure.com org and log in with the account that you wish to generate the access token from. This access token is used to create/remove webhooks (used for auto-building) as well as checking out source code. Once logged in, click on the User Profile Icon at the top right and then the ellipsis (three dots) and select User Settings. From here select Personal Access Tokens.
Click New Token
Enter a name, select the organization that the token will be granted access to, and set an expiration date for the token. Cloud build will not notify you when the token is about to expire. It is important to either set a reminder or use a long lived token so that builds and checks don’t start failing.
From the list of scopes, I believe the bare minimum requirement is read. However, if you plan on doing things with Git tags, etc. I would recommend providing Full access on the scope so that you can run those commands during the build.
When you have finished with the form click create and be sure to copy down the generated PAT.
Get the Repo ID
Part of configuring Cloud Build requires the repository id from Azure. Normally, the UI would make the call to get this info but we need to get it ourselves. Create a new GET api request to https://dev.azure.com/:org/:project/_apis/git/repositories/, replacing rg with your Azure Org and :project with your Azure Project. Set the authorization to Basic with the username being your Azure username and then for the password use the newly generated PAT.
From the response look for the repository your project will be using and mark down the id of the repository. This will be used later as the provider_id when making a request to Cloud Build.
Get the Clone URL
Go to your repository in Azure DevOps. Click the clone button and copy down the HTTPS clone url. This is used in the request to Cloud Build.
Get the Cloud Build API Key
Head over to the Unity Dashboard. Then go to Cloud DevOps → Cloud Build → Settings. From there copy your API Key.
Setting the SCM to Azure
Create a new request to the Cloud Build API using Postman, Insomnia, or some other tool for executing API requests. You’ll be hitting two endpoints to make things simple. The first is a GET request to /orgs/{orgid}/projects/{projectid} endpoint. This will return your project’s current configuration. The Authorization header should be set to Basic with your API key as the value.
Take the response from your configuration and paste it into a text editor. We are going to focus on the scm portion of the settings.
Your settings may look something like this right now:
“settings”: {
“remoteCacheStrategy”: “library”,
“scm”: {
“type”: “git”,
“url”: “git@ssh.dev.azure.com:v3/bcgooding/Personal/Personal.git”,
}
},
We are going to update that SCM portion of the JSON to represent what we need for the checking out with a PAT in Azure. Copy the settings below and update the fields where it is called for.
“scm”: {
“type”: “oauth”,
“oauth”: {
“scm_provider”: “azure”,
“azure”: {
“azureOrg”: “AZURE ORG”,
“azureProject”: “AZURE PROJECT”,
“token”: “PERSONAL ACCESS TOKEN”,
“repository”: {
“clone_url”: “clone url”,
“full_name”: “AzureOrg/Repository”,
“name”: “Repository”,
“scm”: “git”,
“provider_id”: “Azure Repository Id”
}
}
}
}
Make a PUT request to /orgs/{orgid}/projects/{projectid} using the new SCM settings as part of the body of your request.
Verify the Configuration
After making the PUT request if you go to Cloud Build Configuration and then Project and Source Control settings you will still see a blank value. This is perfectly fine, as long as making the GET request for project details returns the correct information for your repository and you are able to configure a target.
You can also double check that the configuration worked in AzureDevOps. In Azure DevOps go to the project the repository belongs to and select Project Settings.
From there select Service Hooks:
You should see one that says “to host build-api.cloud.unity3d.com” with the PAT account as the owner. Similar to the screenshot from my setup.
You should now be able to configure a target and select from the list of available branches for your Azure Repository.
Additional Notes
-
Auto Build and the performance of Azure Service Hooks communicating to our Cloud Build APIs is still a work in progress. We cannot guarantee that builds will start immediately after a push has been made. (EDIT: As of 9/27 10:45am Central auto builds “should” work, you may need to clear and reset your Azure configuration in order for the hooks to work correctly if you configured the source prior to this)
-
LFS support hasn’t been validated yet