Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
NuGet Package Management Done Right
1. NuGet package management done right
Consolidating NuGet package management via Nexus Repository Manager
2. Mario Majčica
• .Net development for 10+ years
• Busy with ALM and related DevOps practices for the past 5 years
• Focused mostly on Microsoft tooling, especially on TFS
• Live in The Netherlands since 2010
About me:
4. Difficulties in
implementing
the best
practices
Getting
NuGet to
work
Integrating the package restore with the build
Changes in the way Automatic Package Restore works
No clear guidelines and changes in tooling (internal repository)
Setup
complexity
Build servers behind proxy (special accounts and permissions necessary)
Customization of build tasks
Unclear documentation
Simply No
Time to
implement
No PBI’s on the board in regard to application infrastructure setup
Apparent “no business value”
Feeling that there is no need to
5. A plan for
regaining
the control
Consolidate Get information about the current processes and practices
Discover if custom components are built by teams
Select a repository management strategy
Comply to security policies
Educate Establish the guidelines for package usage and creation
Help teams in discovering components that qualify for packaging
Document most common operations (at example package restore in build,
creation of packages, versioning, etc.)
Maintain Keep the repositories under control
Ensure the availability and reliability
Evolve the documentation
7. Types of
repository
Proxy
repository
Proxy toward NuGet.org
Reduces duplicate downloads
Improves speed
Repository Health Check available
Overcomes internet access issues
Hosted
repository
Local repository for private packages
Multiple instances are possible based on your strategy
Replication via Smart Proxy
Group
repository
Grouping multiple repositories under a single feed
Simplifies client configuration
Eases the maintenance
Over the last several years software development has evolved in all segments, especially when it comes to making usage of binary components. .Net development ecosystem is no exception.
In 2010 NuGet Gallery and package management was introduced and soon became a standard, mostly thanks to IDE integration and Microsoft adoption of it.
On client side, NuGet is distributed as a Visual Studio extension. Starting with Visual Studio 2012, NuGet comes preinstalled by default.
While there are many benefits to using NuGet there are still many challenges in implementing the best practices around the usage and tooling.
In the past 5 years I saw systems and practices in many companies of all sizes, across The Netherlands. None of them had a well defined practices when it came to NuGet package management.
Starting with the idea that packages should not be stored in the source control and considering it a good practice, following are some of the most common answers and problems developers went through.
This also relates to having a local NuGet repository
Some of major “excuses” impediments where the ju stification for package management went wild.
You will also see that if written down, these problems seems trivial.
Package Management if often underestimated.
Developers are allowed to add and use packages without any control over licensing or threats. By adopting a Repository Manager you can ensure that your developers only access reliable 3rd party resources that have been approved.
Three different types of repositories are available in Nexus. All of them meant to solve a specific type of challenges.