SVN - 如何保密核心源代码并仅允许自由职业者访问模块
我正在开发一个模块化的专有 PHP 应用程序。作为项目负责人和所有者,我希望对核心引擎保密。自由职业者将在模块上工作(比如 1 个自由职业者负责 1 个模块,但他们看不到其他模块)。
我为核心(1 个存储库)和模块(1 个模块的 1 个存储库)创建了存储库。 AFAIK 存储库应该放在 htdocs 之外。现在我考虑这个场景:使用 SVN,我将为自由职业者 A 授予对存储库 A 的访问权限,为自由职业者 B 授予对存储库 B 的访问权限,等等。当 A 签出时,他的计算机上将只有模块 A 可供编辑。为了测试他的模块,他会提交。但当它转到 svn dir 而不是 htdocs 时,他将无法立即测试它。然后,他需要将提交的代码导出到 htdocs。好吧,我想跳过这个导出步骤。
(1)有没有办法可以把他的代码直接提交到htdocs来测试,使其更加实用?
(2)是否有更好的方案来实现这一点(即自由职业者只允许读/写他所工作的模块,并且不能访问 - 甚至读取 - 其他模块和核心系统)?
I'm developing a modular propietary PHP application. As a project leader and owner, I want to keep the core engine confidential. The freelancers will work on modules (say 1 freelancer for 1 module where they can't see other's module).
I created repos for core (1 repo) and modules (1 repo for 1 module). AFAIK the repo should be placed outside htdocs. Now I think about this scenario: Using SVN, I'll give access to repo A for freelancer A, repo B for freelancer B, etc. When A checkout, he'll only have module A on his computer to edit. To test his module, he'll commit. But as it goes to svn dir instead of htdocs, he won't be able to test it instantly. He'll then need to export the commited code to htdocs. Well, I want to skip this export step.
(1) Is there a way he can commit his code to htdocs directly to test it to make it more practical?
(2) Is there any better scenario to achieve this (i.e. freelancer only allowed to read/write the module he worked on, and have no access - even read - to other module and core system)?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您正在谈论三个地方:
svnserve进程。让我们一次考虑这一点:使用 SVN 或 HTTP/HTTPS ,可以限制谁可以查看、签出代码并将代码提交到存储库中。在 Subversion 中,您可以将其指定为目录级别。因此,一名开发人员可以将代码签入到
http://myserver/svnrepos/module1,而另一名开发人员可以从http://myserver/svnrepos/module2签入和签出代码,并且都无法在http://myserver/svnrepos/core上看到您的代码,棘手的部分是将这些信息传输到服务器上进行测试。问题是如何允许开发人员进行提交而不必将代码放到服务器上。有几种方法可以做到这一点。
一种是创建一个服务器分支。如果开发人员想要 PHP 服务器上的代码,他们会将代码合并到 server 分支上。然后,您需要一种机制将代码从存储库移动到 PHP 服务器。
我不会为此目的使用提交后挂钩。您不希望开发人员等待挂钩将其代码复制到服务器。此外,您可能想要启动和关闭服务器。
相反,使用 crontab 来监视 Subversion 存储库(尤其是 server 分支),然后当它检测到更改时,关闭服务器,更新服务器中的文件,然后将服务器带入备份。我的方法是使用两个不同的目录。服务器上有directory1。使用
svn export将文件导出到directory2。因此服务器仍然处于运行状态。然后,关闭服务器,并将directory2移动到directory1,然后重新启动服务器。这可以将停机时间降至最低,并使服务器处于或多或少的稳定状态。但是,您应该查看 Jenkins 来帮助您完成项目。 Jenkins 将允许您和您的开发人员查看他们的更改(您可以限制谁看到什么),进行基本测试。例如,您可以运行 PHPMD (看看代码有多混乱)和 CPD(复制粘贴检测器)提交后,Jenkins 将显示结果。然后,您可以在 Jenkins 上放置一个“部署”按钮,开发人员可以将其构建部署到服务器。
Jenkins 的设置和使用都很简单。有大量用于各种缺陷跟踪系统、Subversion 和各种测试模块的 插件 。虽然我不知道 PHP 有多少可用,但你可以看一下。
There are three places you're talking about:
svnserveprocess running.Let's take this one at a time: With either SVN or HTTP/HTTPS, it is possible to limit who can see, checkout, and commit the code into the repository. In Subversion, you can specify this to a directory level. Thus, one developer can check in code to
http://myserver/svnrepos/module1while another can check in and out code fromhttp://myserver/svnrepos/module2, and neither can see your code athttp://myserver/svnrepos/core,The tricky part is getting this information onto the server for testing. The question is how to allow developers to do commits without necessarily putting the code onto the server. There are a couple of ways to do this.
One is to create a server branch. If the developer wants the code on the PHP server, they would merge the code onto the server branch. Then, you need a mechanism to move the code from the repository to the PHP server.
I would not use a post-commit hook for this purpose. You don't want the developer to wait around for the hook to copy their code to the server. Besides, you probably want to bring the server up and down.
Instead, use a crontab which will watch the Subversion repository (especially the server branches), and then when it detects a change, take the server down, update the files in the server, and then bring the server back up. My method is to use two different directories. Have directory1 on the server. Use
svn exportto export the files to directory2. Thus the server is still up. Then, take the server down, and movedirectory2todirectory1, and bring the server back up. This keeps downtime to a minimum and the server in a more or less stable state.However, you should look at Jenkins to help you with your project. Jenkins will allow you and your developers to see their changes (you can limit who sees what), do basic testing. For example, you can run PHPMD (see how messy the code is) and CPD (copy paste detector) after a commit, and Jenkins will show the results. You can then put a deploy button on Jenkins, and the developer can deploy their build to the server.
Jenkins is simple to setup and use. There are tons of plugins for various defect tracking systems, Subversion, and various testing modules. I don't know how much is available for PHP, though, but you can take a look.