This document discusses automated testing of Puppet code. It describes using RSpec-puppet for unit testing Puppet manifests and ensuring resources are defined correctly. It also discusses performing "after testing" by executing tests on systems after Puppet runs to check configurations are applied as expected. Post Provision Checks (PPC) is introduced as a framework for these user space tests that can integrate with monitoring tools and be extended with plugins. The document emphasizes the importance of testing beyond just Puppet reports and provides examples of issues user space tests can find that manifest tests may miss.
Short introduction to the basics of Perl testing and some resources for further reading. Includes basics of Test::Simple, Test::More, using Inline for multi-language testing, testing coverage, testing tests.
Starting with the system calll "getrusage", this returns synchronous, process-level information, mainly max RSS used. This talk describes the output from getrusage, the rusage formatting utility in ProcStats, and several examples of using it to examine time and memory use.
Optional first & final outputs to give baseline and total status, differencing avoids extraneous output, and user messages allow arbitrary stat's and tracking content.
The combination makes this nice for tracking both long-lived and shorter, more intensive processing.
Storing all of the reply content is usually not possible: it may be dynamic. A proxy allows directing only the content that needs to be handled locally to the test server, other content can go to the cloud. The final step, closing the loop between client and server, requires wapping LWP::UserAgent to direct locally handled requests to the test server.
Face it, backticks are a pain. BASH $() construct provides a simpler, more effective approach. This talk uses examples from automating git branches and command line processing with getopt(1) to show how $() works in shell scripts.
Short introduction to the basics of Perl testing and some resources for further reading. Includes basics of Test::Simple, Test::More, using Inline for multi-language testing, testing coverage, testing tests.
Starting with the system calll "getrusage", this returns synchronous, process-level information, mainly max RSS used. This talk describes the output from getrusage, the rusage formatting utility in ProcStats, and several examples of using it to examine time and memory use.
Optional first & final outputs to give baseline and total status, differencing avoids extraneous output, and user messages allow arbitrary stat's and tracking content.
The combination makes this nice for tracking both long-lived and shorter, more intensive processing.
Storing all of the reply content is usually not possible: it may be dynamic. A proxy allows directing only the content that needs to be handled locally to the test server, other content can go to the cloud. The final step, closing the loop between client and server, requires wapping LWP::UserAgent to direct locally handled requests to the test server.
Face it, backticks are a pain. BASH $() construct provides a simpler, more effective approach. This talk uses examples from automating git branches and command line processing with getopt(1) to show how $() works in shell scripts.
Variable interpolation is a standard way to BASH your head. This talk looks at interpolation, eval, ${} handling and "set -vx" to debug basic variable handling.
We have all seen repetitive code, maintained by cut+paste, that creates an object, calls a method, checks a return, calls a method, checks a return... all of it difficult to maintain because of its sheer size.
Object::Exercise replaces the pasted loops with data-driven code, the operation controlled by a data structure of methods, arguments, and expected return values. This replaces cut+paste with declarative data.
This talk describes O::E and shows a few ways to apply it for testing the MadMongers' Adventure game.
Object Trampoline: Why having not the object you want is what you need.Workhorse Computing
Overview of Trampoline Objects in Perl with examples for lazy construction, lazy module use, added sanity checks. This version includes corrections from the original presented at OSCON 2013 and comments.
A presentation on "Rest api with Python" presented at Python Developers Nepal Meetup #6 by Santosh Ghimire. It focuses more on Django Rest Framework library.
The $path to knowledge: What little it take to unit-test Perl.Workhorse Computing
Metadata-driven lazyness, Perl, and Jenkins provide a nice mix for automated testing. With Perl the only thing required to start testing is a files path, from there the possibilities are endless. Using Symbol's qualify_to_ref makes it easy to validate @EXPORT & @EXPORT_OK, knowing the path makes it easy to use "perl -wc" to get diagnostics.
The beautiful thing is all of it can be lazy... er, "automated". And repeatable. And simple.
How to avoid Benchmark Stuff ("BS") evaluating performance of code. This installment uses time to compare the execution speed of Perl and various shell commands, with and without plumbing.
This talk describes refactoring FindBin::libs from Perl5 to Raku: breaking the module up into functional pieces, writing the tests using Raku, testing and releasing the module with mi6.
Watch along with the video at https://www.youtube.com/watch?v=_oP1pFsOyDw
Oliver Hookins on "A Puppet Approach to Application Deployment and Automation in Nokia" at PuppetCamp Europe '11. Learn more: http://www.puppetlabs.com
Amsterdam, Netherlands, 2011.
Puppet Labs
Presentation on how Puppet has been introduced in Seat Pagine Gialle to automate system administration tasks and easy the cooperation between Ops and Others.
Puppet Camp Sydney Feb 2014 - A Build Engineering Team’s Journey of Infrastru...Peter Leschev
A Build Engineering Team’s Journey of Infrastructure as Code - the challenges that we’ve faced and the practices that we implemented as we went along our journey.
Variable interpolation is a standard way to BASH your head. This talk looks at interpolation, eval, ${} handling and "set -vx" to debug basic variable handling.
We have all seen repetitive code, maintained by cut+paste, that creates an object, calls a method, checks a return, calls a method, checks a return... all of it difficult to maintain because of its sheer size.
Object::Exercise replaces the pasted loops with data-driven code, the operation controlled by a data structure of methods, arguments, and expected return values. This replaces cut+paste with declarative data.
This talk describes O::E and shows a few ways to apply it for testing the MadMongers' Adventure game.
Object Trampoline: Why having not the object you want is what you need.Workhorse Computing
Overview of Trampoline Objects in Perl with examples for lazy construction, lazy module use, added sanity checks. This version includes corrections from the original presented at OSCON 2013 and comments.
A presentation on "Rest api with Python" presented at Python Developers Nepal Meetup #6 by Santosh Ghimire. It focuses more on Django Rest Framework library.
The $path to knowledge: What little it take to unit-test Perl.Workhorse Computing
Metadata-driven lazyness, Perl, and Jenkins provide a nice mix for automated testing. With Perl the only thing required to start testing is a files path, from there the possibilities are endless. Using Symbol's qualify_to_ref makes it easy to validate @EXPORT & @EXPORT_OK, knowing the path makes it easy to use "perl -wc" to get diagnostics.
The beautiful thing is all of it can be lazy... er, "automated". And repeatable. And simple.
How to avoid Benchmark Stuff ("BS") evaluating performance of code. This installment uses time to compare the execution speed of Perl and various shell commands, with and without plumbing.
This talk describes refactoring FindBin::libs from Perl5 to Raku: breaking the module up into functional pieces, writing the tests using Raku, testing and releasing the module with mi6.
Watch along with the video at https://www.youtube.com/watch?v=_oP1pFsOyDw
Oliver Hookins on "A Puppet Approach to Application Deployment and Automation in Nokia" at PuppetCamp Europe '11. Learn more: http://www.puppetlabs.com
Amsterdam, Netherlands, 2011.
Puppet Labs
Presentation on how Puppet has been introduced in Seat Pagine Gialle to automate system administration tasks and easy the cooperation between Ops and Others.
Puppet Camp Sydney Feb 2014 - A Build Engineering Team’s Journey of Infrastru...Peter Leschev
A Build Engineering Team’s Journey of Infrastructure as Code - the challenges that we’ve faced and the practices that we implemented as we went along our journey.
Velocity EU 2012 Escalating Scenarios: Outage Handling PitfallsJohn Allspaw
When things go wrong, our judgement is clouded at best, blinded at worst.
In order to successfully navigate a large-scale outage, being aware of potentials gaps in knowledge and context can help make for a better outcome. The Human Factors and Systems Safety community have been studying how people situate themselves, coordinate amongst a team, use tooling, make decisions, and keep their cool under sometimes very stressful and escalating scenarios. We can learn from this research in order to adopt a more mature stance when the s*#t hits the fan.
We’re going to look closely at how people behave under these circumstances using real-world examples and scan what we can learn from High Reliability Organizations(HROs) and fields such as aviation, military, and trauma-driven healthcare.
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
Docker is currently one of the most popular Go projects. After a (quick) Docker intro, we will discuss why we picked Go, and how it turned out for us.
We tried to list all the drawbacks and minor inconveniences that we met while developing Docker; not to complain about Go, but to give the audience an idea of what to expect. Depending on your project, those drawbacks could be minor inconveniences or showstoppers; we thought you would want to know about them to help you to make the right choice!
10+ Deploys Per Day: Dev and Ops Cooperation at FlickrJohn Allspaw
Communications and cooperation between development and operations isn't optional, it's mandatory. Flickr takes the idea of "release early, release often" to an extreme - on a normal day there are 10 full deployments of the site to our servers. This session discusses why this rate of change works so well, and the culture and technology needed to make it possible.
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Puppet
"Testing for Ops: Going Beyond the Manifest" by Christopher Webber, Infrastructure Engineer, Demand Media.
Presentation Overview: This talk aims to show the value of rspec-puppet for those who come from a more Ops-centric background. The focus will be on using tests to go beyond just rewriting manifests in rspec. Instead the focus will be on scenarios like: - Are the baseline security measures in place? - Do the differences between dev and prod get reflected? - Are the config elements that are core to the application present? In addition, tests will help to be a place to help document the oddities of our configurations and ensuring that minor changes don't result in catastrophe.
Speaker Bio: After beginning his career at UC Riverside supporting enterprise operations and bioinformatics research, Chris is now rocking being an infrastructure engineer at Demand Media in Santa Monica. He currently supports large high-traffic sites like eHow.com, LiveSTRONG.com, and Cracked.com. Chris enjoys attending local meetups, writing new Puppet modules, and creating small tools to make his team's lives a little easier. Find him on Twitter as @cwebber.
Orchestrated Functional Testing with Puppet-spec and MspectatorRaphaël PINSON
As Infrastructure as Code gets more widely adopted and more heavily automated, the need for tests is on the rise. It has now become a common practice to ship Puppet modules with unit and functional tests. The Puppet-spec and Mspectator projects aim to validate Puppet catalogs and test your fleet on the fly, using the serverspec library.
Introduction to InSpec and 1.0 release updateAlex Pop
Contains an introduction to infrastructure and compliance tests as code and how InSpec can be used for this.
Agenda:
* Why infrastructure tests as code
* What is InSpec and how it works
* Core and custom resources
* What's new in InSpec 1.0 (released Sept 26, 2016)
* Documentation and installation
* Integrations
* Demo
* Chef Community Summit
Agile teams know that defects are a drag. Literally! The effort to fix defects bottlenecks the pipeline and busts the sprint. And when defects are reported in production, things really bog down. Looking for a better way?
Model-driven testing offers a systematic way to answer some important questions. Such as “Are my tests good enough?” And “How many tests do I need?” This presentation shows how to use open source model-driven testing tools to quickly create small but powerful test suites.
Automating it management with Puppet + ServiceNowPuppet
As the leading IT Service Management and IT Operations Management platform in the marketplace, ServiceNow is used by many organizations to address everything from self service IT requests to Change, Incident and Problem Management. The strength of the platform is in the workflows and processes that are built around the shared data model, represented in the CMDB. This provides the ‘single source of truth’ for the organization.
Puppet Enterprise is a leading automation platform focused on the IT Configuration Management and Compliance space. Puppet Enterprise has a unique perspective on the state of systems being managed, constantly being updated and kept accurate as part of the regular Puppet operation. Puppet Enterprise is the automation engine ensuring that the environment stays consistent and in compliance.
In this webinar, we will explore how to maximize the value of both solutions, with Puppet Enterprise automating the actions required to drive a change, and ServiceNow governing the process around that change, from definition to approval. We will introduce and demonstrate several published integration points between the two solutions, in the areas of Self-Service Infrastructure, Enriched Change Management and Automated Incident Registration.
Simplified Patch Management with Puppet - Oct. 2020Puppet
Does your company struggle with patching systems? If so, you’re not alone — most organizations have attempted to solve this issue by cobbling together multiple tools, processes, and different teams, which can make an already complicated issue worse.
Puppet helps keep hosts healthy, secure and compliant by replacing time-consuming and error prone patching processes with Puppet’s automated patching solution.
Join this webinar to learn how to do the following with Puppet:
Eliminate manual patching processes with pre-built patching automation for Windows and Linux systems.
Gain visibility into patching status across your estate regardless of OS with new patching solution from the PE console.
Ensure your systems are compliant and patched in a healthy state
How Puppet Enterprise makes patch management easy across your Windows and Linux operating systems.
Presented by: Margaret Lee, Product Manager, Puppet, and Ajay Sridhar, Sr. Sales Engineer, Puppet.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 4
Automated Puppet Testing - PuppetCamp Chicago '12 - Scott Nottingham
1. Automated Puppet Testing
“All code is guilty, until proven
innocent.” – Anonymous
Scott Nottingham July 23rd, 2012
2. Before and After Testing
• Before Testing
– Unit tests
• Cucumber-puppet
• Rspec-puppet
• After Testing
– User Space tests
• Did everything that was supposed to get done actually
get done?
3. Unit Tests - frameworks
• Cucumber-puppet
– Tests the outcome of the entire module as
opposed to just the manifests
– Overly complicated by trying to be simple (imho)
• Rspec-puppet
– Unit tests for the manifests
– Truly simple (and effective)
4. RSpec-puppet
• Written by Tim Sharpe (rodjek)
• Available on github
– https://github.com/rodjek/rspec-puppet/
5. RSpec-puppet
• PROs
– Simple language and structure
– Easy to maintain
– Fast to execute
– Execution easily automated
• CONs
– Only tests what you tell it to
• Easy to make changes to manifests and forget to update
RSpec tests
9. Writing RSpec Tests
• Defining Tests
– Tests are created using the ‘describe’ method.
– The first test must describe the class defined in
your manifest.
describe ‘nagios’ do
…
…
end
10. Writing RSpec Tests
• Accounting for class dependencies
– Some modules define class dependencies
– Example:
• Class*‘yum’+ -> Class*‘nagios’+
– These are handled in RSpec test with
‘:pre_condition’
let(:pre_condition) , 'class ,”yum":-' -
11. Writing RSpec Tests
• Setting parameters used by puppet manifests
– Optional unless manifest needs them to compile
– Handled with ‘:params’
– Example (nested parameters):
let(:params) { {:key1 => 'value1', :key2 => 'value2', :key3 => {'keyA' => 'valA'},
:key4 => {'keyB' => {'keyX' => 'valX'} } } }
12. Writing RSpec Tests
• Setting a node name for the tests (optional)
– Might use if your manifests has node name
dependent logic
let(:node) { host.example.com }
13. Writing RSpec Tests
• Setting custom fact values
– Probably the most commonly used
– Example:
let(:facts) { {:fact1 => 'val1', :fact2 => 'val2'} }
14. Writing RSpec Tests
• Sub-tests
– These are the tests for each condition that you want
to test for a given manifest.
describe 'nagios' do
describe 'with valid parameters passed' do
....
end
describe 'with invalid parameters passed' do
....
end
end
15. Writing RSpec Tests
• Testing the resources
• Generally speaking, the tests you will be writing will be to confirm that the
class contains some set of resources. This is done with the
‘contain_<resource_type>’
• Each resource will generally have attributes that you will want to test are
present. This is done with the ‘.with_<attribute>(‘value’)’ method.
• Example:
it { should contain_file('foo').with_ensure('present').with_owner('root').with_group('root') }
16. Writing RSpec Tests
• Cascading .with_ methods can get ugly!
• Cascading should only be used for resources with 1 or 2
attributes defined.
• Alternatively, you can use block notation for resources with
many attributes
it do should contain_file('/var/spool/squid/cache').with(
'require' => 'Package[squid]',
'ensure' => 'directory',
'owner' => 'squid',
'group' => 'squid'
) end
17. Writing RSpec Tests
• Sometimes multiple values are assigned to a
single attribute
• These are handled like so:
it do should contain_mount('/var/spool/squid/cache').with(
'require' => ['Logical_volume[lv_cache]', 'Package[xfsprogs]' ],
....
....
) end
18. Writing RSpec Tests
• Templates
– If your file content is generated by a template, rspec can test for this
too. Here’s how:
• Test that a template generates any content
it 'should generate valid content for squid.conf' do
content = catalogue.resource('file', '/etc/squid/squid.conf').send(:paramters)[:content]
content.should_not be_empty
End
• Test that a template generates specific content
it 'should generate valid content for squid.conf' do
content = catalogue.resource('file', '/etc/squid/squid.conf').send(:paramters)[:content]
content.should match('some_string')
end
19. Writing RSpec Tests
• Test for an expected error
• Sometimes, you want to test that an error is
raised.
– For example, if not passing a parameter when one
is needed, or passing an invalid parameter.
– Example test
it { expect { should contain_class('nagios::server') }.to raise_error(Puppet::Error) }
20. require 'spec_helper'
describe 'sendmail' do
let(:params) { {:mail_server => 'foobarbaz'} }
it { should contain_package('sendmail').with_ensure('installed') }
it do should contain_file('/etc/mail/sendmail.cf').with(
'require' => 'Package[sendmail]',
'notify' => 'Exec[makemap]'
) end
it 'should generate /etc/mail/sendmail.cf from a template' do
content = catalogue.resource('file', '/etc/mail/sendmail.cf').send(:parameters)[:content]
content.should match('foobarbaz')
end
it 'should generate /etc/mail/submit.cf from a template' do
content = catalogue.resource('file', '/etc/mail/submit.cf').send(:parameters)[:content]
content.should match('foobarbaz')
end
it do should contain_file('/etc/mail/submit.cf').with(
'require' => 'Package[sendmail]',
'notify' => 'Exec[makemap]'
) end
it { should contain_file('/etc/sysconfig/sendmail').with_source('puppet:///sendmail/sendmail') }
it do should contain_service('sendmail').with(
'require' => 'Package[sendmail]',
'enable' => 'true',
'ensure' => 'running'
) end
end
21. Running RSpec Tests
• rspec –color –format documentation
/etc/puppet/modules/sendmail/spec/classes/sendmail_init_spec.rb
sendmail
should contain Package[sendmail] with ensure => "installed"
should contain File[/etc/mail/sendmail.cf] with notify => "Exec[makemap]" and require =>
"Package[sendmail]"
should generate /etc/mail/sendmail.cf from a template
should generate /etc/mail/submit.cf from a template
should contain File[/etc/mail/submit.cf] with notify => "Exec[makemap]" and require =>
"Package[sendmail]"
should contain File[/etc/sysconfig/sendmail] with source => "puppet:///sendmail/sendmail"
should contain Service[sendmail] with enable => "true", ensure => "running" and require =>
"Package[sendmail]"
Finished in 1.98 seconds
7 examples, 0 failures
22. Running RSpec Tests
• Oops! Someone put a comma where they meant to put a semi-colon!
Sendmail
Failures:
1) sendmail
Failure/Error: it { should contain_package('sendmail').with_ensure('installed') }
Puppet::Error:
Syntax error at '/etc/sysconfig/sendmail'; expected '}' at
/etc/puppetmaster/modules/sendmail/spec/../../sendmail/manifests/init.pp:19 on node neodymium.trading.imc.intra
# ./sendmail_init_spec.rb:6
2) sendmail
Failure/Error: it { should contain_package('sendmail').with_ensure('installed') }
Puppet::Error:
Syntax error at '/etc/sysconfig/sendmail'; expected '}' at
/etc/puppetmaster/modules/sendmail/spec/../../sendmail/manifests/init.pp:19 on node neodymium.trading.imc.intra
# ./sendmail_init_spec.rb:6
Finished in 0.19808 seconds
2 examples, 2 failures
23. Automating RSpec Tests
• Tests can be run by anything capable of executing a
system command
• We integrate ours into Team City
– Much like Jenkins
– Allows for event driven execution of tests
• Any time a commit occurs in version control, tests
are executed
– If tests pass, manifests are wrapped inside an RPM and
pushed to puppet masters
– If tests fail, we are notified
24. Automating RSpec Tests
• RSpec tests do a great job of making sure manifests
are syntactically correct and, generally speaking,
function as expected.
• But….Things aren’t
always as they seem!
25. ‘After’ Tests
• To ensure our environment really is clean we
must test in user space land.
• Probably many solutions out there
– We wrote our own
26.
27. User Space Testing
• Post Provision Checks (PPC) is a framework for
testing stuff in user space.
– Originally written as health checks for testing a
machine immediately after provisioning it and as
verification testing after maintenance.
– Quickly grew to an extensible framework capable of
integrating with Nagios/Icinga and Teamcity, or
running as stand alone application.
– Contains libraries of functions for commonly used
tasks.
– Easily customize runtime options with profiles
– Can be extended with plugins
29. puppet_ust plugin
• The puppet user space tests plugin was
written to extend the framework for
specifically testing puppet applied
configurations.
– Auto detects the puppet classes that are applied
to a given box
– Determines the parameters defined for the host
being tested and utilizes them within tests.
• Also uses facter facts in the same manner
30. That’s great, but puppet reports will tell you
what worked and what didn’t…
31. misses
• You wouldn’t believe the things we have seen go wrong
with applying configurations (that the puppet logs/reports
didn’t indicate).
– PPC tests can be written to catch all of these!
• Mistakes only happen once
• Winning!
– A few examples
• Version of package specified not what got installed – not puppet’s
fault, but still a problem.
• Package got installed, but some key files were zero length
• Drivers upgraded, but not properly loaded
• Machines joined to wrong domain
• Services running (per status) but not functioning properly
• Yum repos configured but not functioning
• Sysctl settings still not loaded after sysctl –p
34. Automating PPC Tests
• Team City + multiplexed SSH (for parallelization)
• Each version control commit results in a puppet
run + user space test run in our dev and qa
environments.
• Over 20,000 tests performed in ~20 minutes
– This means every 20 minutes new, fully tested
changes are pushed from the development
environment to QA
– Each stage of the pipeline is tested in a similar fashion