You get: two matrices, bundle and shallow flags, verify and alternates notes, cache keys.
Related: Bazel fetch matrix, Gradle cache keys, Ansible Git roles. Canonical: this slug.
Pain points before you blame Xcode or the runner CPU
- Packfile drops. Resumes help but wide graphs still stretch tail latency.
- Shallow traps. Depth one hides blobs tags or submodules need later.
- Alternates races. Cleaners must not unlink parents while readers mount them.
Transfer comparison plus decision matrix for bundle plus shallow
First table contrasts modes. Second shows when staged bundles earn their upkeep.
| Mode | WAN upside | Mac ops cost |
|---|---|---|
| HTTPS clone | Resume plus delta when Git is current | index-pack still spikes CPU |
| Bundle slice | Checksum one file replay without upstream | Trusted builder must see both SHAs |
| Shallow partial | Small graph defer blobs | Deepen needs discipline |
| Signal | Bundle plus shallow | Direct fetch |
|---|---|---|
| Tight upstream SLO | Hourly or merge-group bundles | CDN colocated with Mac VLAN |
| Monorepo sparse | Bundles track pool tips | Filters already tiny |
| Many short branches | Rolling day windows | Wider depth plus prune |
Cross-border unstable bandwidth: what remote Mac CI measures first
Measure ref advertisement delay, index-pack time, and resume counts before widening depth.
Fail slow sockets fast then reuse validated bundle bytes on retry.
export GIT_HTTP_LOW_SPEED_LIMIT=5000 export GIT_HTTP_LOW_SPEED_TIME=600
Enable packet trace only during short repro windows.
Git bundle slicing strategy: commit windows versus moving baselines
Build on wired hosts name bundles with old and new SHA hints audit drift fast.
git bundle create ci-main.bundle origin/main~200..origin/main git bundle verify ci-main.bundle
Chain ordered files when verify lists missing commits you expect from earlier slices.
Object store reuse: alternates, GIT_OBJECT_DIRECTORY, and read-only parents
Region-local mirror feeds alternates or GIT_ALTERNATE_OBJECT_DIRECTORIES so shallow trees skip ancient blobs.
Block cleaners until jobs detach parents or snapshot mirrors read-only.
echo /var/lib/git-mirrors/org.git/objects > .git/objects/info/alternates git fetch origin main --depth=20 --filter=blob:none
Failure retries and CI cache keys for Git transfer stages
Retry git fetch with two four eight sleeps cap attempts so queues do not stall forever.
Key cache on pool plus origin main SHA plus bundle digest plus depth plus filter plus Git semver.
CACHE_SLUG="${POOL}-$(git rev-parse origin/main)-${DIGEST}-d${DEPTH}"
Executable runbook: hydrate, verify, deepen, then build
git clone --depth 1 --filter=blob:none file:///…/ci.bundle ws then set origin HTTPS.objects/info/alternates at mirror export env for tools.git fetch --depth=50 --no-tags until tag or submodule SHA resolves stop there.git fsck --connectivity-only fail on surprise promisor gaps.Citable facts for design reviews
- Slow guard: five thousand bytes per second six hundred seconds.
- Backoff: two four eight seconds cadence.
- Depth: start one widen fifty before full history unless LFS blocks.
Summary and public next steps
Author bundles on stable uplinks, hydrate shallow workspaces on the Mac, attach alternates, run connectivity checks, then deepen with a fixed cap so Apple Silicon spends time compiling instead of re-downloading identical packfiles.
NVMe-backed remote Mac for Git bundle staging
Keep bundle drops colocated with shallow workspaces, attach alternates on fast local disks, and scale runner pools without fighting transcontinental Git alone.