tags:

views:

45

answers:

4
Q: 

Cons of checking out files from trunk to live servers?

I was going through http://stackoverflow.com/questions/263782/what-is-the-best-way-to-make-files-live-using-subversion-on-a-production-server If I run a hook that will checkout all the files updated in trunk to the online servers, .svn folder gets created. Are there any cons to this?

OR Do I actually need to use 'export' rather than 'check out'?

A: 

Make sure your .svn folder is not available from the web browser. Code source lives in there, often including things like database passwords.

One advantage of checking it out is that if you log into the server and fix something there, you can commit your change back to the repo without mirroring it on your own machine.

Paul McMillan  2009-11-25 11:18:46
We have this 'habit' of fixing things in online servers but we are planning to get out of this. Would you prefer to export instead?
Ramnath  2009-11-25 11:55:44
It really depends on how your site is served. If you're running php (or a language served in a similar manner), the probability of a revealed-source security hole is considerably higher than if you're running a site via fastcgi with pre-defined urls. Export is a cleaner solution, if slightly less convenient.
Paul McMillan  2009-11-25 18:27:41
A: 

This is one of the reasons why GIT is better than SVN, all those svn folders on a live site? not a great idea.

Richard  2009-11-25 11:30:56
+3  A: 

I would use "export" instead of checking out as a means of deployment. This does the file pulls but doesn't create all those .svn you dont need in your war, jar, or whatever.

Nick  2009-11-25 14:48:19
A: 

We are successfully using svn working copies for php sites on live and test servers. Do make sure you have a rule in your Apache config to prevent .svn folders being viewed - a quick google search reveals lots of careless people who haven't.

Things we found/considered:

  • you don't need expose your svn server - do updates by connecting to the target server with ssh and opening a tunnel from the target server back to your svn server
  • on the target server, use an svn username/password which has read-only access, preferably just to the project in question
  • it allows you to do patches on test/live servers (if you really really have to) and be able to keep track of them, and revert them easily
  • on any directories which the web server needs write access to, add the 'svn:ignore *' property, plus a custom property (eg. 'my:dir_type = upload')
  • use that custom property in a script which runs after any svn updates, which will set the permissions on those directories as required
  • if you use tags, you can switch the working copy to a new tag with the 'switch' command
  • only the changes are copied - this is great for a large app, saves many hours of uploading files
John O'Rourke  2009-11-30 22:56:36

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?