TFS政策 - 当代码不符合自定义指南时阻止签入

Question

在我们的组织中，我们使用TFS 2018和Visual Studio 2017 Enterprise。

据我所知，有一种方法是“客户端”，从Visual Studio进行配置，选择Team \ Team Project Settings \ Source Control \ Check-in Policy \ Code Analysis，我应该定义自定义规则集。

我需要两件事：

1. 设置自定义指南，其中包含默认Microsoft指南和其他工具指南，如Roslynator或StyleCop。

2. 如果代码不符合这些准则，请创建自定义策略服务器端，以防止从Visual Studio（或我们能想到的任何客户端）签到。

首先，我将举一个简单明了的例子。 Visual Studio中嵌入了指南。 但它们并不完整，我想扩展它们，在这里和那里采取措施或从头开始定义新的。

我想使用例如：

• CA1500：变量名称不应与字段名称匹配（来自默认的Visual Studio托管二进制分析）
• RCS1145：删除多余的'as'运算符（来自Roslynator）
• RCS1204使用EventArgs.Empty（来自Roslynator）
• SA1302：InterfaceNamesMustBeginWithI（来自StyleCop）
• SA1305：FieldNamesMustNotUseHungarianNotation（来自StyleCop）

我该怎么办？我是否可以在没有让我在项目级别定义它的情况下（比如为每个.csprj合并stylecop文件），但至少在解决方案或团队项目级别更多？

关于第二点，我已经定义了附加的强制性评论和强制性工作项目。 我甚至可以定义新政策，这是真的，但它们都可以被客户端覆盖。

是否有可能阻止这种情况？

Answer 1

The best solution for this is two part:

1. Educate your users to configure the right policies and editor settings. Creating custom project templates and distributing those can help (or deploying a custom build target onto the machine which enforces good defaults.. Having a good local policy will help people do the right thing and people who are supported to do the right thing will likely not try to get around that.

2. Setup a CI build for your projects. VSTS and TFS have a nice feature which will run a build whenever code is changed. You can even set it up as a Gated Checkin build which will check the sources before they're checked in. This check happens on the server and is much harder to by-pass. You can also configure the build to always override the code analysis settings, even if they're not configured in the project. My MsBuild Helper tasks will help you setup the right MsBuild properties to do that.

As to your more specific questions:

• You cannot setup Code Analysis Rules at the Team Project level without also configuring the ruleset for all Visual Studio Projects. Otherwise the checkin policy will cause the check-in to fail, but the developer will then still have to update all projects in the solution with the right ruleset.

• You cannot prevent people from by-passing the local check-in policy. The best you can do is to use Reporting Services and Alerts to detect the breach of policy and take corrective action.

Answer 2

1. You could add the Rule Set into TFS source control and then select it from Code Analysis Policy Editor. Check the screenshot below:

2. Check-in policy is already applied to a team project, not a single project.

3. To edit check-in policy, you must have the Edit project-level information permission. You could deny this permission for the users to prevent them from editing the check-in policy.