It's all about the answers!

Ask a question


Kurtulus YILDIRIM (68916) | asked Aug 31 '14, 7:49 a.m.
We have implemented RTC in a customer but they have a question.
They have four streams including DEV, TEST, UAT, PROD. A build promote the change set from DEV to TEST stream periodically and automatically. However, after the code is promoted to TEST, a build engineer checks the work item which is linked to change set and if it is in a appropriate status, s/he moves change set to further stream (UAT and PROD). In that scenario, they need to be sure that there won't be any code change in TEST, UAT and PROD streams because of a Cobit (Control Objectives for Information and Related Technology) audit. Cobit audit has a question that the code is changed after development phase? I mean they have to be sure that after they delivered the code to development stream, there won't be any change in the code in further streams.
Is there any way to prove that? a report or a restriction to change code, ...
Thank you.

Accepted answer

permanent link
Geoffrey Clemm (30.1k23035) | answered Aug 31 '14, 5:46 p.m.
You can specify separately what roles are allowed to deliver to which streams, using the team configuration (in particular,  the Source_Control -> Deliver(server) -> Restrict_Change_Set_Delivery_to_Components_in_a_Stream Team_Configuration Operation_Behavior operation behavior).
You can also tie the process to the current iteration (or iteration type), so that when the current iteration changes, these constraints are automatically put in place.

Kurtulus YILDIRIM selected this answer as the correct answer

Kurtulus YILDIRIM commented Sep 01 '14, 1:45 a.m.

Hi Geoffrey,
Thank you for your answer. Actually I already implemented what you suggest and restricted deliver operation for the users except build engineers. However the question is still there, "how can I be sure that build engineers doesn't change the code?"
Thank you.

Geoffrey Clemm commented Sep 03 '14, 12:58 a.m.

You would need to remove deliver permission from the build engineer role, such as by having a sub-iteration of a type that has the appropriate permission, and then making that sub-iteration "current" when you want to remove that permission.

Your answer

Register or to post your answer.