的NuGet企业 - 已包不同成熟度的最佳实践 [英] NuGet Enterprise - best practices for different maturity levels of packages

问题描述

我们要使用的NuGet到开发商之间在我们的组织共享组件。目前，我们正在寻找设置了三个的NuGet源，是这样的：

We want to use NuGet to share assemblies amongst developers in our organisation. We are currently looking at setting up three NuGet feeds, like this:

• 发布 - 饲料：稳定的发行质量的组件的版本。
• QA-饲料：建在主支集（我们的集成分支）。
• 发展饲料：建在任何功能分支组件（共享进步）。

• Release-feed: Stable release-quality versions of the assemblies.
• QA-feed: Assemblies built in the master-branch (our integration branch).
• Development-feed: Assemblies built in any of the feature branches (sharing progress).

本地建立在开发者的机器不应该被发送到任何这些饲料。只有建立在构建服务器做的是做这些。我们构建服务器执行三种不同类型的版本，根据不同的分支，开发，QA​​和发布分支。所有这些与相应的编译配置信息源的变化触发。在构建他们每个人将推内置汇编的NuGet，包其相应的饲料。开发，建造将增加-dev的版本。质量保证建立将增加-qa的版本，而发布版本将有一个纯粹的版本号。

Local builds on the developers' machines should not be sent to any of these feeds. Only the builds done by the build-server is to do these. Our build server performs three different types of builds, depending on the branch, Development, QA and Release branches. Each of these with corresponding build-configurations that triggers on source changes. On build each of them will push the built assembly-nuget-packages to their corresponding feed. The Development-builds will add "-dev" to the version. The QA builds will add "-qa" to the version, while the Release builds will have a "pure" version number.

现在，问题：

1. 什么是对开发来控制包使用的最佳解决方案？的我猜的开发必须手动编辑的依赖源参数明确定义什么饲料，从获取组件：有时你想要的释放组件，有时QA组装，有时你甚至想最前沿的开发版本。

1. What would be the best solution for the dev to control what packages to use? I guess the dev manually have to edit the dependency source param to explicitly define what feeds to get the assemblies from: Sometimes you want the release assembly, sometimes the QA assembly and sometimes you even want the bleeding edge Development version.

我们也正在考虑推动地方共建的包，在每个开发者自己的计算机的本地民营饲料，以帮助加速比的基础之上。 请问这其中饲料（S）便可获得？方面是有问题的的

We are also considering pushing local build packages to a local private feed on each devs' own machine, to help speedup the builds. Would that be problematic in terms of which feed(s) to get from?

如果这些定义是由依赖文件的开发（这也是必然的版本控制）发那么该设置将被带入发展饲料当源承诺回购（相同的焦点为建设作为开发人员，只是与他人分享）。 这可能是也可能不是正确的事情的发展饲料？的

If those definitions are made by the dev in the dependencies-file (which is also necessarily version controlled) then that setting would be brought into the Development feed when the source is committed to the repo (same focus for the build as the developer, just sharing with others). This may or may not be the right thing for the Development feed?

在源，然后合并成一个QA-分支，在依赖中定义的饲料仍然是作为开发让他们，可能获得组件的开发饲料。对于QA建立，我认为这很可能不是我们想要的。 QA建立或许应该约束的饲料只释放组件，只要你想，看看是否改变运行正常与发布的组件。你不希望与其他未经检验的QA组件进行测试。 这是否有道理给其他人吗？的

When the source is then merged into a qa-branch the feeds defined in the dependencies would still be as the dev made them, possibly getting assemblies from Development feeds. For the QA builds I think this would probably not be what we want. QA builds should probably constraint the feeds to Release assemblies only, as you want to see if the changes works as expected with Release components. You don't want to test it with other "untested" QA assemblies. Does this make sense to others too?

在发布分支的发布版本只应使用释放进料组件，我猜？的我有一种感觉，有可能是在这样的共识，所以也许不是不是一个真正的质询：）

In the release branch the release builds should use only release feed assemblies, I guess? I have a feeling that there might be consensus on this, so maybe not not really a question at all :).

所以，总结的过程中建议......在建立我们要：

---

So, to sum up the process suggested... During builds we are to:

• 按照通过的依赖，规格为本地和发展建立的开发设置的来源。
• 当进行QA和发布版本进料应限于该推出进料。

作为一个侧面说明，在质量保证的饲料实际上不会被其他的构建。但是，他们将被用于QA部门，因为他们将利用这些用于测试的

推荐答案

在我看来，你的建议的过程过于复杂，既为您的团队现在大小和团队规模提前一年。

In my view, the process you suggest is too complicated, both for your team size now and for the team size a year ahead.

我明白为什么你的认为原因的，你需要三个独立的饲料（开发，QA​​，发布），但我predict这将在一年的时间内成为痛苦的为您服务。我想到的是要增加信心包的稳定性/质量，因为他们从开发进度到质量保证到发布 - 一个完全合理的要求。然而，单独的分支，尤其是独立的建立的用于开发，质量保证，并释放被许多人认为是一个反模式。具体而言，在重要著作的持续交付的用谦卑和法利，我们强烈建议您只有一个code碱基从哪个版本是采取和的任意的那些构建应该能够升级到生产，如果测试通过：建立你的code只有一次的关键

I understand the reasons why you think you need three separate feeds (Dev, QA, Release), but I predict this will become painful for you in a year's time. I expect that you want to increase the confidence in the stability/quality of the packages as they progress from Dev to QA to Release - a completely reasonable requirement. However, separate branches and especially separate builds for Dev, QA, and Release is considered by many to be an anti-pattern. Specifically, in the seminal book Continuous Delivery by Humble and Farley, it's strongly recommended to have only a single code base from which builds are taken, and any of those builds should be capable of being promoted to Production if tests pass: "Build your code only once" is the key.

而不是你勾勒出图案，我建议你：

Instead of the pattern you outline, I would recommend that you:

1. 使用一个CI工具，它可以让你建模的 部署管道 ：詹金斯，TeamCity的，TW GO等，这树立了良好的precedent直接从最初的CI流动文物建一路生产无需重新构建
2. 使用语义版本（称为 SemVer 在.NET世界中），以防止重大更改套餐的消费者，并进行沟通封装变化的性质其他球队。
3. 在 packages.config 使用版本范围的限制，以便建立不被包的主要新版本打破（以最新变化）
4. 请负责从code特定的软件包开发团队致力于生产 - 如果他们保持软件包之一有问题，他们需要迅速地提供修复，这样其他球队都不会被阻止。团队还需要纪律，以确保它们通过SemVer通信包变更的性质（是不是一个重大更改？一个新的功能？一个bug修复？）
5. 如果您觉得有必要，可以使用的NuGet的$ P $租赁前的功能，下游构建和测试，以隐藏新包的版本。这可能使开发团队能够更有效地做出改变，但是如果你使用的部署管道，允许新的包版本的提出和快速交付可能不会是必要的。

1. Use a CI tool which allows you to model a deployment pipeline: Jenkins, TeamCity, TW GO, etc. This sets a good precedent for flowing artifacts directly from the initial CI build all the way to Production without a re-build
2. Use semantic versioning (called SemVer in the .NET world) to protect package consumers from breaking changes, and to communicate the nature of package changes to other teams.
3. Use version range constraints in packages.config so that builds are not broken by new Major versions of packages (with breaking changes)
4. Make dev teams responsible for specific packages from code commit to Production - if one of the packages they maintain has problems, they need to provide a fix rapidly so that other teams are not blocked. Teams also need discipline to ensure that they communicate the nature of package changes via SemVer (is it a breaking change? a new feature? a bug fix?)
5. If you feel it's necessary, use the Prerelease feature of NuGet to 'hide' new package versions from downstream builds and testing. This might allow dev teams to make changes more effectively, but will probably not be necessary if you use deployment pipelines which allow new package versions to be made and delivered rapidly.

总之，只有建立自己的源代码code一次，并建立自动化，使得任何修复，以现有的包可以铺开迅速使用部署流水线。

In short, only build your source code once, and set up automation such that any fixes to existing packages can be rolled out rapidly using the deployment pipeline.

这篇关于的NuGet企业 - 已包不同成熟度的最佳实践的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！