As stated before, CCB approval must occur prior to promotion. Promotion must also be a secure process only accessible by Managers or other designated personnel.
During the process of moving CIs through the States you want to be sure that the security of those CIs increases as you move towards the Production State (see Figure 11).
Security is a resultant of risk. Whenever you make changes to an Application you are inherently introducing a certain amount of risk. Risk that changes will break your stable Production State as well as create problems in other States. In the earlier States you need developers who have access to the SCM system to be able to move CIs freely between Development and Integration. Risk here is low, but still present. After you leave the development area you need to have escalating levels of Security. This could take the form of having more Senior levels of management be part of your CCBs to approve promotion/demotion of CIs and implementation of standard Builds. However you want to manage it, Security is an important factor that you must address.
This Design Pattern is very good at managing complex applications that reside on the same computer as the SCM system through a multiple State concept. The notion of controlling lifecycle activities (promotion, demotion, testing, incremental/complete Builds) is supported by this Design Pattern very well. The ability to generate reports on all these
activities is also important. SCM tools need to support these functions with a well designed user interface and a database that can track all the lifecycle activities. Close interaction between the SCM tool file system and the file systems of the developers is also key. However one critical function is lacking....Deployment. This is what our next Design Pattern will address.
Read Part 1 at SCM Design Patterns: Paper Forms
Read Part 3 at SCM Design Patterns: Build and Deployment
About the Author
Jim Johnston has worked in the IT industry for over 20 years. He has held multiple positions including CAD/CAM programming, applications integration coordinator, manager of a application launch center for testing and integration verification of PC applications, and testing architect for major web systems. Jim has been involved with SCM for over 6 years primarily in the areas of enterprise web applications, retail web sites, SCM process development and J2EE build and deployment methodologies.