Managing software dependencies, whether those created in-house or from third parties can be a pain in the behind. Whether dependencies feel like wild chickens or people run around like chickens dealing with dependencies, the NuGet package manager can be a cure. Let us guide you to creating enterprise (chicken) NuGets and dealing with them in a structured, easy-to-maintain manner. From developer workstation to build server, NuGet tastes great! We'll provide you the dip sauce.

1. Organize Your Chickens - NuGet for the Enterprise
Maarten Balliauw
@maartenballiauw
RealDolmen

2. Organize Your Chickens
NuGet for the Enterprise

3. Who am I?
• Maarten Balliauw
• Antwerp, Belgium
• www.realdolmen.com
• Focus on web
– ASP.NET, ASP.NET MVC, PHP, Azure, …
– MVP Windows Azure (formerly ASP.NET)
• http://blog.maartenballiauw.be
• @maartenballiauw
• Author: Pro NuGet - http://amzn.to/pronuget

4. Agenda
• NuGet
• Scenarios
– Host your own NuGet repository Chickens?!
– Continuous Package Integration
– Abusing NuGet
– NuGet Inception
• Conclusion

5. NuGet

6. Welcome to Dependency Hell
frustration
“A term for the of software users who have
installed software packages which have dependencies on
specific versions of other software packages.” (Wikipedia)

7. Cause and Effect
• Reinventing the wheel
– We don’t need that dependency
– “If they can do it, we can do it, but better”
 What happened to reuse of components?
• Marketing-Driven Versioning
– People are waiting for v2 to buy
– Let’s call it v4 Platform Update SP3 November Edition
KB2348063 RTW Refresh
 We lost ownership of AssemblyVersion ?

8. Package Management
• NuGet to the Rescue!
“NuGet is a Visual Studio extension that makes
it easy to install and update open source
libraries and tools in Visual Studio.”
• Simple concept
– Find Packages
– (Re)Use Packages
– Produce Packages

9. DEMO
Finding & consuming a NuGet package

10. DEMOpublishing a NuGet package
Creating &

11. Semantic Versioning
• Think about your versioning! (semver.org)
Major Breaking changes
Minor Backwards compatible API additions/changes
Patch Bugfixes not affecting the API
– Always specify lowerbound
– Use a version range (lowerbound + upperbound)
when versioning of package you depend on is messed
up

12. Hosting a repository

13. Hosting your own repository
• NuGet = public feed
– Privacy
– Intellectual property
• NuGet maintained by package authors
– Author removes v1.0.45 and you depend on it

14. Solutions
• Folder / File share
• NuGet.Server package
• NuGet Gallery (or Orchard Gallery)
• MyGet

15. DEMO
NuGet.Server

16. NuGet.Server limitations
• Only 1 feed per installation
• No UI
– up to you to build it
• No granular security
– only 1 API-key for entire feed
• Conclusion: requires you to develop if you want
something more useful

17. Meet MyGet
• www.myget.org
• NaaS
– Register and off you go!
• Supports Enterprise scenarios
– Granular security
– Package mirroring
– Proxying

18. DEMO
MyGet

19. Continuous Package
Integration

20. Typical source control...
• Contains /References (if you are lucky)
– ...and also
Project/_bin_deployable_assemblies
– ...and also /References/old
– ...and also /..././../.././References
• Usually references GAC-ed assemblies

21. Dependencies
• Software has dependencies. Deal with it.
• But are those YOUR intellectual property?
– YOUR reason to build software?
– YOUR product?
• No. They are dependencies. And they don’t
belong in source control.

22. Continuous Package Integration
• Can I get rid of all these referenced assemblies
duplicated all-over my source control system?
Yes!
• Do I need to install and maintain NuGet on all my
build agents?
No!

23. DEMO
Package Restore

24. 3rd parties don’t belong in your VCS
• Replace them with NuGet packages
• Do commit packagesrepositories.config file
• Use Enable-PackageRestore

25. Problem!
• NuGet feed is subject to change...
– PackageSource msbuild property to the rescue
(NuGet.settings.targets in $(SolutionDir).nuget folder)
• Now what...
– Host your own feed and mirror packages
– Or use MyGet for that 

26. Organize your chickens
• Feed structuring
– Scoped by quality: Build, QA, Production, …
– Scoped by audience: public, restricted access
– Other:
• Scoped by product version, milestone…
• Scoped by target platform

27. Guidance
• Publishing a package brings great
responsibility
– Breaking changes in your packages should be
versioned accordingly!
– Consumers might choose to no longer consume
any packages you published

28. Guidance
• Package Integration ≠ Integration Testing
– CI builds reflect output of source control input
– Same input always produces same output
 Do not auto-update packages during automated builds

29. Abusing NuGet

30. Abusing NuGet?
Change of perspective
NuGet is a package manager
NuGet is a protocol for
distributing packages

31. NuGet as a Protocol

32. Automate deployments
• Build results in .nupkg
• Octopus deploys to its tentacles
– Test tentacles
– Staging tentacles
– Production tentacles
• www.octopusdeploy.com

34. Chocolatey
• NuGet
– developer library packages
• Chocolatey
– applications and tools packager
– “yum” or “apt-get” for Windows
• www.chocolatey.org

35. DEMO
Chocolatey

36. Build Continuous
Test
Delivery of the
MyGet website
Package using:
Push  TeamCity
 NuGet
Release / Publish
 MyGet
Deploy  Octopus
DEMO Delivery
Continuous

37. Conclusion
Dependencies & people are chickens
Deal with them! NuGet can help
Set up your own NuGet repository
Continuous package integration
NuGet is a package manager
NuGet is a protocol

38. http://blog.maartenballiauw.be
@maartenballiauw
THANK YOU! http://amzn.to/pronuget
or Install-Package ProNuGet
#tdvs