如何为 Web 应用程序开发配置 Subversion 以限制开发人员对源代码的访问
我的团队一直在开发基于 php、msql 的后端和 html、css、jquery 的前端的 Web 应用程序。我们已经在没有版本控制的情况下工作了一段时间了。现在项目已经变得相当大和复杂,感觉是时候使用某种版本控制(vc)了。
我们已经阅读了大量有关 vc 的内容,并发现了人们建议的几种技术。尽管这对他们来说可能是一个完美的方法。它并不有效地适用于我们的案例。
我们的应用程序分为不同的模块,并且我们已将工作外包给一些自由职业者。自由职业者根据他们的技能在前端或后端独立工作。 到目前为止,工作一直在专用网络上进行,我们希望转向在线系统。
现在的问题是我们无法将整个项目的源代码分发给所有开发人员。开发人员只能使用一些公共库及其各自的模块。
因此,我们不能允许将整个项目下载到每个开发人员的本地计算机上。因此,我们需要找到一种方法,让所有开发人员都可以在同一个分支或主干上工作。能够仅访问代码的某些部分,并且在保存/提交时能够检查它们的更改如何立即生效。
有没有办法可以实现上述任务?对于网络应用程序?使用像 subversion 这样的版本控制?
总而言之,我们正在尝试实现的功能如下。
保存/提交时的即时效果 (当每个开发人员保存/提交时,它们应该是能够像平常一样通过浏览器立即测试效果)
访问受限 (每个开发者只能访问项目的特定部分,而不是整个项目。)
在线存储库/在线副本 - (我们正在开发 VPN 连接,并且希望拥有该网站在在线副本上工作,因此当提交时,开发人员可以在线查看他的更改,而不是 VPN )
经过大量在线搜索后,我们能够找到以下可能性。但不确定这是否是正确的方法。
- 对于即时效果 --> 整个系统都会在 webroot 文件夹(例如 wamp/www/projectName )中检出,每次提交时都会使用 post-commit 挂钩调用一个 bat 文件来更新 webroot 中的当前系统。
- 访问受限 --> 所有开发人员的所有开发都发生在主干或开发分支中,开发人员可以访问各自的部分,根据需要锁定它,并在准备好查看其效果时提交更改(注意仍在开发分支中)。
- 每当创建稳定版本时都会创建标签。这些带标签的副本永远不会被修改。
使用 subversion 可以实现这样的配置吗?还是应该考虑其他开源版本控制工具?
My team has been working on a web application based on php, msql for backend and html,css,jquery for front end. We have been working for quite sometime now without version control. The project has become quite large and complicated now and feel that it is time to use some sort of version control ( vc ).
We have been reading quite a lot about vc and have found several techniques that people have suggested. although it might be a perfect method for them. it does not effectively apply to our case.
our application is split up into various modules and we have outsourced work to a few freelancers. freelancers work independently over front end or back end depending on their skill. The work has been happening over a Private Network so far and we would like to shift to an online system.
Now the problem is that we cannot distribute the source code for the entire project to all developers. developers are only allowed to work on some common libraries and their respective modules.
Hence we cannot allow the entire project to be downloaded onto each developers Local machine. Thus we need to find a way for all developers to be working on the same branch OR on the trunk. to be able to access only certain sections of the code and on saves/commits be able to check how their changes have effected instantly.
Is there a way the above task can be achieved ? for a web application ? using a version control like subversion?
To summarize, the features we are trying to implement are as follows.
Instant effects on save/commit ( When each developer saves/commits they should be able to test the effects like normal through the browser instantly )
Limited access ( Each developer can access only a specific part of the project and not the whole project. )
Online repository / Online copy - ( we are working on a VPN connection, and would like to have the website work on an online copy. so when a commit is made, the developer can view his changes online instead of the VPN )
after a lot of searching online we were able to find the below possibilities. But not sure if it is the right way to go.
- For instant effects --> Entire system is checked out in a webroot folder ( eg. wamp/www/projectName ), a bat file is called to update the current system in the webroot, everytime a commit is made, by using the post-commit hook.
- Limited access --> All development for all developers happen in the trunk OR a Development branch, developers can access their respective sections, lock it if needed and commit changes when they are ready to see its effects ( note still in dev branch ).
- tags are created whenever a stable release is created. these Tagged copies are never modified.
Is such a configuration achievable using subversion or should we look at other open-source version control tools ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
试图阻止开发人员访问整个源代码树对我来说似乎有点误导。这是公司政治吗?你不相信你的开发商吗?
无论如何......
实现你想要的最简单的方法可能是将每个模块放入它自己的存储库(svn,git,等等)。然后您可以有选择地选择谁有权访问哪个存储库。
Trying to prevent devs from accessing the entire source tree seems a bit misguided to me. Is it company politics? Don't you trust your developers?
In any case..
The easiest way to achieve what you want would probably be to put each module into its own repository (svn, git, whatever). Then you can selectively choose who has access to which repo.
首先,我建议阅读“持续交付”一书(网站此处)。它提供了许多关于如何设置此类事物的示例。
其次,是的,SVN 允许您在文件夹级别分配权限< /a> 以及回购级别(但请阅读“你真的想这样做吗”部分)。
第三,确保开发人员拥有最新的副本是您应该通过纪律灌输的内容 - “在开始工作之前,在提交之前,运行 svn update”)。提交后挂钩有破坏东西的坏习惯,并且您无法阻止破坏构建的提交。
第四,我会考虑设置一个持续集成服务器(也在《持续交付》一书中进行了描述)。这可以确保每当您将开发人员的工作放在一起时,您都会有一个干净、可工作的构建。
Firstly, I'd recommend reading the "Continuous Delivery" book (website here). It provides many examples for how to set up this kind of thing.
Secondly, yes, SVN allows you to assign permissions on a folder level as well as repo level (but read the "do you really want to do this" section).
Thirdly, making sure developers have up to date copies is something you should instill by discipline - "before starting work, and before committing, run svn update"). Post-commit hooks have a nasty habit of breaking stuff, and you're not preventing commits which break the build.
Fourthly, I'd consider setting up a continuous integration server (also described in the Continuous Delivery book). This makes sure you have a clean, working build whenever you put together the work of your developers.