Enterprise-Grade Directory.Build.props

Every solution starts with strict centralized configuration:

Core Framework Settings

• net10.0 target framework
• Latest C# language version
• Nullable reference types enabled
• Implicit usings enabled

Code Quality Enforcement

• Latest analysis level
• All analyzers enabled
• Code style enforced during build
• Warnings treated as errors

Build Optimization

• Deterministic builds
• CI-aware configuration
• Reference assemblies enabled
• Faster local builds

Debug Configuration

• Portable symbols
• Embedded source files
• Production-friendly diagnostics

Central Package Governance

• Central Package Management enabled
• Transitive dependency pinning

Analyzer Integration

• SonarAnalyzer
• Meziantou Analyzer
• Roslynator

All projects automatically follow the same engineering rules.

Why We Need It

• Prevents configuration drift
• Enforces compile-time discipline
• Improves CI reliability
• Reduces long-term technical debt
• Makes scaling safe and predictable

If the build is clean, the system is stable.

.editorconfig + Formatting Enforcement

I add a root .editorconfig with:

• Indentation rules
• Naming conventions
• Analyzer severities
• Final newline enforcement
• Trim trailing whitespace

Formatting is enforced using dotnet format locally and in CI.

Why We Need It

• Eliminates style debates
• Cleaner PRs
• Predictable formatting
• Professional codebase consistency

Central Package Management (Directory.Packages.props)

All NuGet versions are defined in one place. No project defines its own version.

Why We Need It

• Single source of truth
• Safe upgrades
• No version conflicts
• Cleaner project files
• Enterprise dependency control

Global Using Statements

Global using statements are configured in every project, ensuring that commonly used namespaces are declared in a single file across the entire solution. This provides a cleaner, more maintainable approach.

Why We Need It

• Eliminates repetitive using statements
• Cleaner code files
• Centralized namespace management
• Reduced code noise

Layered / Clean / Vertical Slice Architecture + Architecture Tests

I implement one of these proven architectural patterns:

• Layered Architecture with clear separation of concerns
• Clean Architecture with domain-centric design
• Vertical Slice Architecture for feature-based organization

Architecture rules are enforced via automated tests. Architecture must be enforced — not assumed.

Why We Need It

• Prevents architectural erosion
• Maintains separation of concerns
• Enables scalability
• Makes refactoring safe

EF Core Interceptors & Audit Logging

I use EF Core interceptors to:

• Track CreatedBy / UpdatedBy
• Track timestamps
• Capture changes
• Log data modifications

Audit logs are stored securely.

Why We Need It

• Accountability
• Traceability
• Regulatory compliance
• Better debugging

Enterprise systems require audit trails.

Structured Logging with Serilog

I configure Serilog with:

• Structured logging
• Context enrichment
• Correlation IDs
• Centralized sinks

Logs are structured events, not plain strings.

Why We Need It

• Faster debugging
• Queryable logs
• Clear production visibility
• Reduced operational stress

OpenTelemetry Integration

I integrate OpenTelemetry for:

• Distributed tracing
• Performance metrics
• Dependency monitoring

Why We Need It

• Detect bottlenecks
• Analyze system behavior
• Support scaling
• Improve performance

Without telemetry, production debugging is blind.

API Versioning Strategy

I implement API versioning using:

• URL-based versioning
• Header-based versioning (if required)
• Versioned controllers

Why We Need It

• Safe API evolution
• Backward compatibility
• Controlled breaking changes
• Enterprise client support

APIs must evolve without breaking consumers.

Rate Limiting & Retry Policies

I configure:

• API rate limiting
• Retry policies with MaxRetry configuration
• Exponential backoff strategies
• Timeout policies

Resilience policies are applied to:

• External API calls
• Database operations
• Distributed communication

Why We Need It

• Prevent abuse
• Protect infrastructure
• Improve system stability
• Handle transient failures gracefully

Resilience is critical in distributed systems.

Health Checks & Readiness Endpoints

I implement:

• Liveness checks
• Readiness checks
• Database health validation

Why We Need It

• Safer deployments
• Infrastructure integration
• Kubernetes readiness support
• Faster failure detection

Domain Guard Implementation

I implement custom guard utilities to validate:

• Null values
• Invalid state
• Invalid arguments

Guards protect domain integrity.

Why We Need It

• Prevent invalid state transitions
• Clear error messaging
• Stronger domain protection
• Fail fast principle

FluentValidation

Validation is handled outside controllers.

• Centralized validators
• Testable rules
• Standardized error responses

Why We Need It

• Cleaner controllers
• Reusable validation logic
• Better maintainability

Fluent API EntityConfigurations

All entity configurations are implemented using IEntityTypeConfiguration<T>. No complex Data Annotations.

Each entity has:

• Explicit key configuration
• Indexes defined
• Relationships defined
• Constraints configured

Why We Need It

• Clear database design
• Separation of domain and persistence concerns
• Better maintainability
• Cleaner migrations

Fluent API gives full control.

Manual Mapping Instead of AutoMapper

I prefer manual mapping between:

• Entities
• DTOs
• Requests
• Responses

Mapping logic is explicit and readable.

Why We Need It

• Full control over transformations
• Better performance
• Easier debugging
• No hidden magic

Clarity is more valuable than automation.

Hybrid Cache Implementation

I use Hybrid Cache to combine:

• In-memory caching
• Distributed caching

Cache is applied to:

• Frequently read queries
• Expensive operations
• Reference data

Why We Need It

• Improved performance
• Reduced database load
• Better scalability
• Optimized response times

Caching must be intentional and controlled.

Unit Testing + Architecture Testing

I include:

• xUnit
• NSubstitute
• Shouldly / FluentAssertions
• NetArchTest
• Coverlet

All tests run in CI.

Why We Need It

• Protect business logic
• Prevent regressions
• Encourage better design
• Increase deployment confidence

GitHub Actions Pipeline

Every project includes automated:

• Build
• Test
• Formatting validation
• Analyzer enforcement
• Artifact publishing
• Deployment

Why We Need It

• Consistent releases
• Reduced human error
• Faster delivery
• Enterprise maturity

If CI fails, deployment stops.

ASP.NET Core Identity with Role & Permission Management

I configure ASP.NET Core Identity with:

• Role-based access control
• Claims-based authorization
• Token-based authentication (JWT)
• Secure password policies
• External providers when needed

Identity logic is isolated from business logic.

Why We Need It

• Secure authentication
• Scalable authorization model
• Enterprise-grade user management
• Clean separation of concerns

Security must be foundational, not retrofitted.