Configuring Connections
TeamCity allows storing presets of connections to external services. You can reuse these presets in various places on the server: when creating projects, configuring notifications, integrating with issue trackers, and more. This article gives instructions on how to add each type of connection.
To add a connection, go the target project's settings, open the Connections page, and click Add Connection. Select the connection type, set its Display name to distinguish it from the others, and configure it as described below.
When created, a connection can be used in all the nested subprojects of the current project. If you add a connection in the Root project, it will become available on the whole server.
Azure DevOps
A connection to Azure DevOps Services (or Azure DevOps Server, formerly Team Foundation Server) can be used to:
create a project from URL;
create a VCS root from URL;
create a TFS VCS root;
integrate with a Team Foundation Work Items issue tracker;
automatically apply an access token when configuring Commit Status Publisher for Git repositories.
Before configuring this connection, you need to sign in to your Azure DevOps account and create a personal access token with All scopes as described here
Then, go back to the connection form in TeamCity:
- Enter your Azure server URL:
https://{account}.visualstudio.com
for Azure DevOpshttps://{server}:8080/tfs/
for VSTS
Paste your Azure token.
Save the connection.
An Azure DevOps icon will become active in several places where a repository URL can be specified. Click it to authorize TeamCity in your Azure profile. TeamCity will be granted full access to all the Azure resources available to you. If you configure multiple Azure connections, the server URL will be displayed next to each icon, so it is easier to distinguish the server in use.
Bitbucket Cloud
A connection to Bitbucket Cloud can be used to:
create a project from Bitbucket URL;
create a VCS root from URL;
create a Mercurial VCS root;
integrate with a Bitbucket Cloud issue tracker;
enable BitBucket Cloud authentication.
The Bitbucket Cloud connection form provides multiple parameters. You need to use them for creating a new OAuth consumer in Bitbucket.
After the consumer is created:
Copy its key and secret.
Go back to the connection form in TeamCity.
Paste the key and secret.
Save the connection.
A Bitbucket icon will become active in several places where a repository URL can be specified. Click it to authorize TeamCity in your Bitbucket profile. TeamCity will be granted access to your public repositories. For private repositories, you will need to provide Bitbucket credentials to be used for authentication by TeamCity, as Bitbucket Cloud does not provide non-expiring access tokens. See the related discussion. If you configure multiple Bitbucket connections, the server URL will be displayed next to each icon, so it is easier to distinguish the server in use.
GitHub
There are two types of GitHub connections: GitHub Enterprise and GitHub.com. Choose it depending on your GitHub account type.
A connection to GitHub can be used to:
create a project from GitHub URL;
create a VCS root from URL;
create a Git VCS root;
integrate with a GitHub issue tracker;
enable GitHub.com authentication.
The GitHub connection form provides multiple parameters. You need to use them to create a new OAuth application in GitHub.
After the app is created:
Copy its client ID and secret.
Go back to the connection form in TeamCity.
Paste the GitHub server URL (only for Enterprise) and the app ID and secret.
Save the connection.
If you use a GitHub Enterprise server with HTTPS, you need to also upload its HTTPS certificate as described here.
A GitHub icon will become active in several places where a repository URL can be specified. Click it to authorize TeamCity in your GitHub profile. TeamCity will be granted full control of your private repositories and get the Write repository hooks permission. If you configure multiple GitHub integrations, the server URL will be displayed next to each icon, so it is easier to distinguish the server in use.
GitLab
There are two types of GitLab connections: GitLab CE/EE and GitLab.com. Choose it depending on your GitHub account type.
A connection to GitLab can be used to:
create a project from GitLab URL;
create a VCS root from URL;
enable GitLab.com authentication.
The GitLab connection form provides multiple parameters. You need to use them to create a new OAuth application in GitLab.
After the app is created:
Copy its client ID and secret.
Go back to the connection form in TeamCity.
Paste the GitLab server URL (only for CE/EE) and the app ID and secret.
Save the connection.
If you use a GitLab CE/EE server with HTTPS, you need to also upload its HTTPS certificate as described here.
A GitLab icon will become active in several places where a repository URL can be specified. Click it to authorize TeamCity in your GitLab profile. TeamCity will be granted access to your repositories. If you configure multiple GitLab connections, the server URL will be displayed next to each icon, so it is easier to distinguish the server in use.
Docker Registry
A connection to Docker Registry can be used to:
sign in to an authenticated Docker registry before running a build / sign out after the build;
clean up published images after the build.
See more information in the dedicated article.
Amazon ECR
An Amazon ECR (Elastic Container Registry) connection allows accessing private AWS registries. With its help, the Docker Support build feature can store Docker images produced by a build to a private registry.
Connection settings:
Setting | Description |
---|---|
AWS region | Select an AWS region where the target resources are located. |
Credentials type |
|
IAM role ARN (only for Temporary credentials) | Specify a role to be used for generating temporary credentials. You need to create this role in advance in your AWS console and assign it to all the permissions you need. |
External ID (only for Temporary credentials) | Specify an external ID. We strongly recommend that you always define it when using temporary credentials. This ensures that only TeamCity will be able to use the specified IAM role. |
Default credential provider chain | Enable this option to automatically find access credentials according to the default chain. This approach is recommended if you do not want to store the credentials anywhere in the TeamCity environment. By default, it will use the values of |
Access key ID | Specify the access key ID. See how to get it here. |
Secret access key | Specify the secret access key. See how to get it here. |
Registry ID | Enter your account ID number. |
Slack
This type of connection is used to enable notifications via Slack.
Before configuring a Slack connection, you need to create a Slack app with the following bot token scopes: channels:read
, chat:write
, im:read
, im:write
, users:read
, team:read
, groups:read
. You can add these in Features | OAuth & Permissions | Scopes of your Slack app.
To ensure your TeamCity server can connect to Slack, specify all the possible endpoint addresses of the server as Redirect URLs in Features | OAuth & Permissions. In most cases, it would be enough to specify the Server URL set in Global Settings in TeamCity. However, if you use a proxy for your TeamCity server but access this server directly, the authentication in Slack might not work unless the server's IP address is also specified in Redirect URLs.
Now you can return to TeamCity, add a new Slack connection, and enter the following connection parameters:
client ID and secret from the app's Basic Information page;
a bot user token of your app.
Save the connection and proceed with adding a Notifier build feature.
JetBrains Space
This type of connection can be used to publish build statuses in JetBrains Space with the help of Commit Status Publisher.
Before configuring this connection, you need to create a dedicated application in JetBrains Space:
Go to Administration | Applications and click New application.
Enter a convenient name (for example, TeamCity-to-Space publisher) and save the application.
Open the app's Requested rights tab and enable the Git Repositories | Report external check status permission.
Open the Authentication tab and enable Client Credentials Flow.
In the Authentication tab, copy the app's Client ID and Client secret.
Open the Authorization tab and add projects where this app will be authorized. Alternatively, you can authorize this app in the settings of every required project.
Now you can return to TeamCity, add a new JetBrains Space connection, and enter the following connection parameters:
URL of the Space server;
client ID and secret of your Space application.
Save the connection and proceed with adding a Commit Status Publisher build feature.
NPM Registry
This type of connection allows accessing a private npm registry during a build.
Connection settings:
Setting | Description |
---|---|
Scope | Specify an npm user/organization's scope to associate with the connected registry. If you want to use multiple registries per project, you need to specify a scope for each of them. Leave empty if you want to use only one registry in this project. It will be used by |
Registry URL | Specify the npm registry URL in the following format: |
Access token | Specify a token, if it's needed for accessing the registry. Leave empty for anonymous access. Note that token-based authentication could differ depending on a registry type. See instructions for npm Enterprise, Space Packages, or GitHub Packages. |
Save the connection and proceed with adding an NPM Registry Connection build feature.
Perforce Administrator Access
This type of connection allows processing task streams on your Perforce server. In the connection settings, enter the host and user credentials for accessing the Perforce server (the user must have the admin permission).