The use of Git in continuous integration

Continuous Integration (CI) is an indispensable part of modern software development, and Git, as the core of version control tools, plays a pivotal role in the CI pipeline. From code submission to automated builds, testing, and deployment, the efficient use of Git directly impacts the stability and efficiency of CI.

Git Branching Strategies and Continuous Integration

In a continuous integration environment, a reasonable Git branching strategy is foundational. Common strategies include:

1. Trunk-Based Development:

   • All developers commit directly to the main branch.
   • Suitable for small teams or high-frequency integration scenarios.

   # Commit directly to the main branch
   git checkout main
   git commit -m "feat: add login validation"
   git push origin main
   

2. Git Flow:

   • A long-lived develop branch serves as the integration branch.
   • Feature branches are merged via Pull Requests.

   # Create a feature branch
   git checkout -b feature/login
   # After development, create a PR to merge into develop
   

Git Hooks in CI

Git Hooks can execute scripts when specific Git events are triggered, enabling deep integration with CI tools:

// .git/hooks/pre-push
#!/bin/sh
# Run tests before pushing
npm test || {
  echo "Tests failed, push aborted"
  exit 1
}

Typical use cases:

• pre-commit: Run code formatting.
• pre-push: Execute unit tests.
• post-receive: Trigger deployment scripts.

Git Operations in Automated Builds

CI servers typically perform the following Git operations:

1. Shallow Clone:

   git clone --depth 1 https://github.com/user/repo.git
   

   Reduces cloning time, especially useful for large repositories.

2. Fetching Specific Commits:

   git fetch origin pull/123/head:pr-123
   git checkout pr-123
   

   Used to validate Pull Requests.

3. Submodule Handling:

   git submodule update --init --recursive
   

   Ensures dependent submodules are correctly initialized.

Version Releases Based on Git Tags

Standard workflow for automated version releases in CI:

// package.json
{
  "scripts": {
    "release": "standard-version && git push --follow-tags"
  }
}

Typical workflow:

1. Developers submit commits of type feat: or fix:.
2. CI detects updates to the main branch and runs:

   npm run release
   

3. Automatically generates CHANGELOG.md and creates Git tags.

Resolving Common Git Issues in CI

Handling Merge Conflicts

Common solutions in CI environments:

# Add conflict resolution logic to CI scripts
git fetch origin
git rebase origin/main || {
  git rebase --abort
  exit 1
}

Large File Storage

Manage binary files with Git LFS:

# Configure after installation
git lfs install
git lfs track "*.psd"
git add .gitattributes

Partial Build Caching

Optimize build speed using Git's incremental updates:

# Check only changed files
git diff --name-only HEAD^ HEAD | grep '\.js$' | xargs eslint

Git Integration with Mainstream CI Tools

GitHub Actions Example

name: CI
on: [push]
jobs:
  build:
    steps:
    - uses: actions/checkout@v3
      with:
        fetch-depth: 0  # Fetch full history
    - run: git log --oneline -n 10

GitLab CI Configuration

test:
  script:
    - git diff-tree --no-commit-id --name-only -r $CI_COMMIT_SHA | grep '.js$' | xargs jest

Advanced Git Techniques in CI

1. Bisect for Troubleshooting:

   git bisect start
   git bisect bad HEAD
   git bisect good v1.0.0
   # CI automatically runs tests to identify problematic commits
   

2. Multi-Repository Workflow:

   # Reference a component library in the main repository
   git subtree add --prefix=libs/components https://github.com/team/components.git main
   

3. Commit Signature Verification:

   # Verify GPG signatures in CI
   git verify-commit HEAD
   

Monitoring and Optimizing Git Performance in CI

Key metrics to monitor:

• Clone time
• Checkout speed
• Repository size growth trends

Optimization measures:

# Regularly perform repository maintenance
git gc --aggressive
git repack -ad

Security Practices

1. Protected Branch Settings:

   # Reject force pushes
   git config receive.denyNonFastForwards true
   

2. Credential Management in CI:

   // Use environment variables instead of hardcoding
   const repoUrl = `https://${process.env.GIT_USER}:${process.env.GIT_TOKEN}@github.com/user/repo.git`;
   

3. Audit Logs:

   # View all modification records in the repository
   git reflog expire --expire=never --all