Kevin Brockhoff presented on accelerating software delivery through test-driven development (TDD) and behavior-driven development (BDD). TDD and BDD help identify incorrect behavior early, reduce rework, increase code confidence through automated tests, and improve code flexibility and extensibility. Brockhoff discussed key software delivery metrics like deployment frequency and change failure rate. He also covered testing best practices like the testing pyramid, unit testing frameworks, test source layout, and refactoring for testability.
The monolith to cloud-native, microservices evolution has driven a shift from monitoring to observability. OpenTelemetry, a merger of the OpenTracing and OpenCensus projects, is enabling Observability 2.0. This talk covers the fundamental concepts of observability and then demonstrates how to instrument your applications using the OpenTelemetry libraries.
Observability in Java: Getting Started with OpenTelemetryDevOps.com
Our software is more complex than ever: applications must be reliable, predictable, and easy to use to meet modern expectations. As developers, this means our responsibilities have grown while the things we can control have stayed the same. In order to better understand our systems and create truly modern software, we need observability.
This workshop will walk through what observability means for Java developers and how to achieve it in our systems with the least amount of work using the open source observability project OpenTelemetry.
The monolith to cloud-native, microservices evolution has driven a shift from monitoring to observability. OpenTelemetry, a merger of the OpenTracing and OpenCensus projects, is enabling Observability 2.0. This talk gives an overview of the OpenTelemetry project and then outlines some production-proven architectures for improving the observability of your applications and systems.
This document provides an overview of OpenTelemetry for operators. It discusses some of the limitations of current observability platforms and how OpenTelemetry addresses these issues. It introduces the OpenTelemetry project which combines distributed tracing, metrics, and logging APIs. It describes the OpenTelemetry Collector which receives, processes, and exports telemetry data. It provides examples of Collector configuration and running it in production. It also discusses some innovations in the observability space from vendors like Dynatrace, New Relic, Splunk SignalFX, and others.
In this slide, we go through the Google Dapper, OpenTracing, Jaeger to OpenTelemetry. By reading and studying the history of Dapper, we could lean the experience and design theory of a large-scale distributed tracing system and then know how it affects other solutions, like OpenTracing and Jaeger.
We also discuss the difference between the OpenTracing and Jaeger and also demonstrate how Jaeger works and looks like.
After, we talked about the future of OpenTracing, the new organization called OpenTelemetry, what's its goal and how to do that.
While microservices are becoming the norm due to advancements in development, deployment and monitoring techniques in the last few years, we are still using the same testing methodologies we used for monolithic apps. In this talk, we look at how distributed tracing can be applied to testing modern, distributed applications, from unit to end-to-end tests, to continuously give developers invaluable insight on how entire applications behave, and when and why they fail, before they are deployed to production. We'll also discuss the power of distributed context propagation and how it can be leveraged for testing purposes, from safely testing in production to failure injection.
Talk by David Jorm on the state of Security in Java frameworks, and more specifically OpenDaylight. He also talks about his vision for where the platform should get to for delivering on the SDN promise.
The monolith to cloud-native, microservices evolution has driven a shift from monitoring to observability. OpenTelemetry, a merger of the OpenTracing and OpenCensus projects, is enabling Observability 2.0. This talk covers the fundamental concepts of observability and then demonstrates how to instrument your applications using the OpenTelemetry libraries.
Observability in Java: Getting Started with OpenTelemetryDevOps.com
Our software is more complex than ever: applications must be reliable, predictable, and easy to use to meet modern expectations. As developers, this means our responsibilities have grown while the things we can control have stayed the same. In order to better understand our systems and create truly modern software, we need observability.
This workshop will walk through what observability means for Java developers and how to achieve it in our systems with the least amount of work using the open source observability project OpenTelemetry.
The monolith to cloud-native, microservices evolution has driven a shift from monitoring to observability. OpenTelemetry, a merger of the OpenTracing and OpenCensus projects, is enabling Observability 2.0. This talk gives an overview of the OpenTelemetry project and then outlines some production-proven architectures for improving the observability of your applications and systems.
This document provides an overview of OpenTelemetry for operators. It discusses some of the limitations of current observability platforms and how OpenTelemetry addresses these issues. It introduces the OpenTelemetry project which combines distributed tracing, metrics, and logging APIs. It describes the OpenTelemetry Collector which receives, processes, and exports telemetry data. It provides examples of Collector configuration and running it in production. It also discusses some innovations in the observability space from vendors like Dynatrace, New Relic, Splunk SignalFX, and others.
In this slide, we go through the Google Dapper, OpenTracing, Jaeger to OpenTelemetry. By reading and studying the history of Dapper, we could lean the experience and design theory of a large-scale distributed tracing system and then know how it affects other solutions, like OpenTracing and Jaeger.
We also discuss the difference between the OpenTracing and Jaeger and also demonstrate how Jaeger works and looks like.
After, we talked about the future of OpenTracing, the new organization called OpenTelemetry, what's its goal and how to do that.
While microservices are becoming the norm due to advancements in development, deployment and monitoring techniques in the last few years, we are still using the same testing methodologies we used for monolithic apps. In this talk, we look at how distributed tracing can be applied to testing modern, distributed applications, from unit to end-to-end tests, to continuously give developers invaluable insight on how entire applications behave, and when and why they fail, before they are deployed to production. We'll also discuss the power of distributed context propagation and how it can be leveraged for testing purposes, from safely testing in production to failure injection.
Talk by David Jorm on the state of Security in Java frameworks, and more specifically OpenDaylight. He also talks about his vision for where the platform should get to for delivering on the SDN promise.
ETICS supporting compliance and interoperability, Gabriele Giammatteo, Engine...OW2
ETICS is a service-oriented system which supports its users in building, testing and in verifying the quality of the software produced. With ETICS it is possible to define, execute and analyse a large range of software testing cases, from static code analysis (e.g. documentation coverage, PMD metrics) to unit testing, to compliance testing, to deployment and functional testing in a multi-node environment created specifically for the test execution. ETICS build, testing and quality verification tools are offered as a service to open source projects within the OCEAN project. In this context ETICS mainly simplifies and supports testing activities improving the quality of the software being produced, verifying its compliance to standards and its interoperability features. This presentation can be seen as a continuation of ETICS presentation given last year at OW2 conference 2012. It aims at showing results from the use of ETICS as one of OCEAN services and at illustrating the approach developed to support software compliance and interoperability for the verification of the compatibility to OCCI and CDMI standards.
Finding and exploiting novel flaws in Java software (SyScan 2015)David Jorm
David Jorm introduces himself and his background in software engineering and security. He outlines several Java vulnerabilities he has found or plans to research, including issues related to SSL validation, authentication bypass, XML external entity injection, command injection, remote code execution via XSL extensions, path traversal, expression language injection, and remote code execution through deserialization flaws. He provides examples of exploits and discusses lessons learned for avoiding these types of vulnerabilities.
OpenDaylight Brisbane User Group - OpenDaylight SecurityDavid Jorm
The document discusses OpenDaylight's approach to security. It begins with an introduction to the speaker and an overview of the SDN attack surface. It then discusses recent OpenDaylight vulnerabilities like issues with Netconf and host tracking. Defensive technologies like Topoguard and Security-mode ONOS are presented. The document also covers security response best practices for open source projects and secure engineering practices. It provides an assessment of OpenDaylight's current security status and outlines a vision for improved security response and engineering.
This document discusses software-defined networking (SDN), network functions virtualization (NFV), network virtualization (NV), and open networking. It provides definitions of these concepts and compares the hardware-defined data center and software-defined data center approaches. Diagrams show the network overlay and underlay in NV. Open networking organizations and initiatives like OpenFlow, Open Network Install Environment (ONIE), Open Network Linux (ONL), OpenNSL, and OPNFV are also mentioned. Lastly, the benefits of different approaches are noted.
Secure your Java EE projects by using JOnAS Java EE server audit & diagnostic...Florent BENOIT
The document discusses diagnostic and audit tools provided by OW2 JOnAS to secure Java EE applications. It summarizes a presentation about a diagnostic tool that can track JDBC connection leaks and monitor threads. An audit system is also described that can collect data on EJB, HTTP, and JNDI calls to provide traceability and detect performance problems by analyzing the logs. The tools provide out-of-the-box functionality for OW2 Java EE applications and are integrated with the JOnAS application server.
Slides of our Webinar, held on March 20th 2018, where the main features of ElasTest, at the time being, were presented. This included our ability to launch docker and docker-compose SuTs, and tests, gathering logs and metrics, and inspecting resulst with out Log Analyzer. All these features, including ElasTest capabilities for manual testing, were showcased at the end in a demo conducted by out Project Coodinator. The webinar was recorded and it's available at: https://youtu.be/OL4yktND6Uo.
Every Java developer knows that multithreading is the root of all evil and it is quite hard to write correct code for concurrent environment. But what tasks do exist in real commercial development except running code in asynchronous way?
In this talk I will present several tasks from my real projects and solutions we designed for them. This talk is very application oriented and allows participants to extend their vision of concurrent programming.
Windows 10 - Endpoint Security Improvements and the Implant Since Windows 2000CTruncer
This document summarizes a talk about improvements to endpoint security in Windows 10 and how attackers have adapted. It discusses defenses like Device Guard and code integrity policies, as well as WMImplant, a tool developed by the presenters to operate on Device Guard systems using only Windows Management Instrumentation (WMI). WMImplant allows tasks like command execution, file transfer, and persistence via encoding and storing data in WMI properties. It also outlines methods defenders can use to detect malicious WMI usage like active WMI monitoring and the WMIMonitor tool.
This talk describes the current state of the Veil-Framework and the different tools included in it such as Veil-Evasion, Veil-Catapult, Veil-Powerview, Veil-Pillage, Veil-Ordnance
This talk is about why I believe having the ability to write tools and/or scripts can help elevate a Pen Testers game to the next level.
The talk is case study driven by the different scenarios I've encountered on assessments and the scripts or tools that have been developed as a result.
This is the talk given at NullCon 2017. This talk give s history of the Veil Framework, and showcases the differences between 2.0 and the newly released 3.0. Veil 3.0 is released in this talk
This document summarizes the EyeWitness tool for automated network discovery and host identification. It discusses the typical assessment lifecycle, initial discovery and recon steps using Nmap and Nessus, and the need to automate analysis of large lists of web servers. The development of EyeWitness is described, from an initial proof of concept to version 2.0, which improved modularity, added protocol support, signature-based categorization and the ability to resume incomplete scans. Future work may include additional modules, protocols, and optical character recognition.
Monitoring Cloud Native Applications with PrometheusJacopo Nardiello
This talk is a quick intro to Prometheus with an overview on all its components. The presentation points to a generally available demo so that you can see all its components in action.
Bgoug 2019.11 building free, open-source, plsql products in cloudJacek Gebal
Jacek Gębal is a principal software engineer at Fidelity Investments in Ireland who has been working with Oracle databases since 2000. He is a key contributor and maintainer of the open-source utPLSQL testing framework. In his talk, he discusses how he has leveraged free tools like Git, GitHub, Docker, Travis CI, and SonarCloud to collaborate globally on open-source projects and ensure their long-term sustainability through continuous integration, testing, and code quality practices. He provides examples of how to set up these tools for an Oracle database project.
Cpp Testing Techniques Tips and Tricks - Cpp EuropeClare Macrae
This document provides tips and techniques for testing C++ code, including:
- Use a test framework and get to know it well
- Prioritize testable code over perfect code
- Be creative in testing legacy code, such as using golden master tests or approval tests
- Maintain tests by filtering slow tests from continuous integration and fixing flickering tests
HAProxy is used in an unusual way to control egress traffic for healthcare services in Belgium. It initiates TLS connections to external partners, identifies requests through customized URLs, and applies access controls and service level agreements (SLAs) through backends. This provides visibility, reliability, and flexibility in calls to dozens of partners handling millions of daily messages between systems. Advanced features like path rewriting and SNI alteration allow HAProxy to masquerade requests while maintaining encryption. Configuration management keeps things maintainable as new partners and SLAs are added over time.
POUG Meetup 1st MArch 2019 - utPLSQL v3 - Testing Framework for PL/SQLJacek Gebal
Jacek Gębal is a principal software engineer at Fidelity Investments who has been working with Oracle databases since 2000. He is a key contributor and maintainer of the utPLSQL testing framework for PL/SQL. utPLSQL allows developers to write automated unit tests for PL/SQL code using annotations and expectations. It implements best practices like test-driven development and provides features like data type awareness, parallel testing, and integration with continuous integration tools.
How to Build Your Own Test Automation Framework?Dmitry Buzdin
Even though there are plenty of open source tools on the market every company needs to put them together and create a test automation framework on top. Best practices of doing that are quite well-known in industry and it is important to learn them before building your own framework. We will go through the core building blocks of test automation frameworks and how they are playing together. You will learn how to assemble your test automation toolchain out of open source libraries and how to integrate them together. The session will be heavily biased towards Java platform.
Into The Box 2018 | Assert control over your legacy applicationsOrtus Solutions, Corp
This document discusses how to add tests to legacy code using the TestBox testing framework for ColdFusion applications. It defines unit testing and different types of tests like unit, integration, and end-to-end tests. TestBox allows writing automated tests for ColdFusion code and isolating dependencies using test doubles. The document outlines best practices for test-driven development including writing tests before code, using life cycle methods, and refactoring code without changing external behavior. Implementing a testing framework like TestBox helps assert control over legacy applications by adding tests and the ability to refactor code safely.
ETICS supporting compliance and interoperability, Gabriele Giammatteo, Engine...OW2
ETICS is a service-oriented system which supports its users in building, testing and in verifying the quality of the software produced. With ETICS it is possible to define, execute and analyse a large range of software testing cases, from static code analysis (e.g. documentation coverage, PMD metrics) to unit testing, to compliance testing, to deployment and functional testing in a multi-node environment created specifically for the test execution. ETICS build, testing and quality verification tools are offered as a service to open source projects within the OCEAN project. In this context ETICS mainly simplifies and supports testing activities improving the quality of the software being produced, verifying its compliance to standards and its interoperability features. This presentation can be seen as a continuation of ETICS presentation given last year at OW2 conference 2012. It aims at showing results from the use of ETICS as one of OCEAN services and at illustrating the approach developed to support software compliance and interoperability for the verification of the compatibility to OCCI and CDMI standards.
Finding and exploiting novel flaws in Java software (SyScan 2015)David Jorm
David Jorm introduces himself and his background in software engineering and security. He outlines several Java vulnerabilities he has found or plans to research, including issues related to SSL validation, authentication bypass, XML external entity injection, command injection, remote code execution via XSL extensions, path traversal, expression language injection, and remote code execution through deserialization flaws. He provides examples of exploits and discusses lessons learned for avoiding these types of vulnerabilities.
OpenDaylight Brisbane User Group - OpenDaylight SecurityDavid Jorm
The document discusses OpenDaylight's approach to security. It begins with an introduction to the speaker and an overview of the SDN attack surface. It then discusses recent OpenDaylight vulnerabilities like issues with Netconf and host tracking. Defensive technologies like Topoguard and Security-mode ONOS are presented. The document also covers security response best practices for open source projects and secure engineering practices. It provides an assessment of OpenDaylight's current security status and outlines a vision for improved security response and engineering.
This document discusses software-defined networking (SDN), network functions virtualization (NFV), network virtualization (NV), and open networking. It provides definitions of these concepts and compares the hardware-defined data center and software-defined data center approaches. Diagrams show the network overlay and underlay in NV. Open networking organizations and initiatives like OpenFlow, Open Network Install Environment (ONIE), Open Network Linux (ONL), OpenNSL, and OPNFV are also mentioned. Lastly, the benefits of different approaches are noted.
Secure your Java EE projects by using JOnAS Java EE server audit & diagnostic...Florent BENOIT
The document discusses diagnostic and audit tools provided by OW2 JOnAS to secure Java EE applications. It summarizes a presentation about a diagnostic tool that can track JDBC connection leaks and monitor threads. An audit system is also described that can collect data on EJB, HTTP, and JNDI calls to provide traceability and detect performance problems by analyzing the logs. The tools provide out-of-the-box functionality for OW2 Java EE applications and are integrated with the JOnAS application server.
Slides of our Webinar, held on March 20th 2018, where the main features of ElasTest, at the time being, were presented. This included our ability to launch docker and docker-compose SuTs, and tests, gathering logs and metrics, and inspecting resulst with out Log Analyzer. All these features, including ElasTest capabilities for manual testing, were showcased at the end in a demo conducted by out Project Coodinator. The webinar was recorded and it's available at: https://youtu.be/OL4yktND6Uo.
Every Java developer knows that multithreading is the root of all evil and it is quite hard to write correct code for concurrent environment. But what tasks do exist in real commercial development except running code in asynchronous way?
In this talk I will present several tasks from my real projects and solutions we designed for them. This talk is very application oriented and allows participants to extend their vision of concurrent programming.
Windows 10 - Endpoint Security Improvements and the Implant Since Windows 2000CTruncer
This document summarizes a talk about improvements to endpoint security in Windows 10 and how attackers have adapted. It discusses defenses like Device Guard and code integrity policies, as well as WMImplant, a tool developed by the presenters to operate on Device Guard systems using only Windows Management Instrumentation (WMI). WMImplant allows tasks like command execution, file transfer, and persistence via encoding and storing data in WMI properties. It also outlines methods defenders can use to detect malicious WMI usage like active WMI monitoring and the WMIMonitor tool.
This talk describes the current state of the Veil-Framework and the different tools included in it such as Veil-Evasion, Veil-Catapult, Veil-Powerview, Veil-Pillage, Veil-Ordnance
This talk is about why I believe having the ability to write tools and/or scripts can help elevate a Pen Testers game to the next level.
The talk is case study driven by the different scenarios I've encountered on assessments and the scripts or tools that have been developed as a result.
This is the talk given at NullCon 2017. This talk give s history of the Veil Framework, and showcases the differences between 2.0 and the newly released 3.0. Veil 3.0 is released in this talk
This document summarizes the EyeWitness tool for automated network discovery and host identification. It discusses the typical assessment lifecycle, initial discovery and recon steps using Nmap and Nessus, and the need to automate analysis of large lists of web servers. The development of EyeWitness is described, from an initial proof of concept to version 2.0, which improved modularity, added protocol support, signature-based categorization and the ability to resume incomplete scans. Future work may include additional modules, protocols, and optical character recognition.
Monitoring Cloud Native Applications with PrometheusJacopo Nardiello
This talk is a quick intro to Prometheus with an overview on all its components. The presentation points to a generally available demo so that you can see all its components in action.
Bgoug 2019.11 building free, open-source, plsql products in cloudJacek Gebal
Jacek Gębal is a principal software engineer at Fidelity Investments in Ireland who has been working with Oracle databases since 2000. He is a key contributor and maintainer of the open-source utPLSQL testing framework. In his talk, he discusses how he has leveraged free tools like Git, GitHub, Docker, Travis CI, and SonarCloud to collaborate globally on open-source projects and ensure their long-term sustainability through continuous integration, testing, and code quality practices. He provides examples of how to set up these tools for an Oracle database project.
Cpp Testing Techniques Tips and Tricks - Cpp EuropeClare Macrae
This document provides tips and techniques for testing C++ code, including:
- Use a test framework and get to know it well
- Prioritize testable code over perfect code
- Be creative in testing legacy code, such as using golden master tests or approval tests
- Maintain tests by filtering slow tests from continuous integration and fixing flickering tests
HAProxy is used in an unusual way to control egress traffic for healthcare services in Belgium. It initiates TLS connections to external partners, identifies requests through customized URLs, and applies access controls and service level agreements (SLAs) through backends. This provides visibility, reliability, and flexibility in calls to dozens of partners handling millions of daily messages between systems. Advanced features like path rewriting and SNI alteration allow HAProxy to masquerade requests while maintaining encryption. Configuration management keeps things maintainable as new partners and SLAs are added over time.
POUG Meetup 1st MArch 2019 - utPLSQL v3 - Testing Framework for PL/SQLJacek Gebal
Jacek Gębal is a principal software engineer at Fidelity Investments who has been working with Oracle databases since 2000. He is a key contributor and maintainer of the utPLSQL testing framework for PL/SQL. utPLSQL allows developers to write automated unit tests for PL/SQL code using annotations and expectations. It implements best practices like test-driven development and provides features like data type awareness, parallel testing, and integration with continuous integration tools.
How to Build Your Own Test Automation Framework?Dmitry Buzdin
Even though there are plenty of open source tools on the market every company needs to put them together and create a test automation framework on top. Best practices of doing that are quite well-known in industry and it is important to learn them before building your own framework. We will go through the core building blocks of test automation frameworks and how they are playing together. You will learn how to assemble your test automation toolchain out of open source libraries and how to integrate them together. The session will be heavily biased towards Java platform.
Into The Box 2018 | Assert control over your legacy applicationsOrtus Solutions, Corp
This document discusses how to add tests to legacy code using the TestBox testing framework for ColdFusion applications. It defines unit testing and different types of tests like unit, integration, and end-to-end tests. TestBox allows writing automated tests for ColdFusion code and isolating dependencies using test doubles. The document outlines best practices for test-driven development including writing tests before code, using life cycle methods, and refactoring code without changing external behavior. Implementing a testing framework like TestBox helps assert control over legacy applications by adding tests and the ability to refactor code safely.
This document provides an introduction to automated testing. It discusses the motivations for automated testing such as improving quality and catching bugs early. It covers basic testing concepts like unit, integration, and system tests. It explains testing principles such as keeping tests independent and focusing on visible behavior. The document also discusses popular testing frameworks for different programming languages and provides examples of tests from a codebase.
Performance Test Driven Development with Oracle Coherencearagozin
This presentation discusses test driven development with Oracle Coherence. It outlines the philosophy of PTDD and challenges of testing Coherence, including the need for a cluster and sensitivity to network issues. It discusses automating tests using tools like NanoCloud for managing nodes and executing tests remotely. Different types of tests are described like microbenchmarks, performance regression tests, and bottleneck analysis. Common pitfalls of performance testing like fixed users vs fixed request rates are also covered.
Test it! Unit, mocking and in-container Meet Arquillian!Ivan Ivanov
A gentle introduction into testing in Java. Begin with testing a single unit, continue with mocking dependency and end up with a full incontainer test capabilities.
Building functional Quality Gates with ReportPortalDmitriy Gumeniuk
Presented at SeleniumConf 2023, this talk explores the experience of building Quality Gates using ReportPortal.io for a test regression suite with 200,000 test cases. The discussion highlights the distinctions between functional and non-functional quality gates, explaining why Sonarqube's Quality Gates may be insufficient. It also outlines how to break down the regression structure to organize execution sequences controlled by quality gate checks. These checks are based on various factors, including functional application aspects, test failure types, test case priorities, tested components, user flows, and more—providing a comprehensive approach to ensuring software quality.
Speaker: Dmitriy Gumeniuk, CEO ReportPortal.io,
Head of Testing Products at EPAM Systems.
The talk on youtube: https://www.youtube.com/watch?v=At5MEWqf_TI
This is an introduction to unit testing using various mocking frameworks. It covers why you should consider using a mocking framework, how to apply mocks in your unit testing, and a high level comparison of various tools for mocking/stub creation. The distinction between mocks and stubs is clearly defined.
This document describes Cerberus, an open source test automation tool developed by La Redoute. Cerberus allows centralized management of test cases across multiple technologies like web, mobile, and APIs. It supports features like a step library, test automation, execution reporting, and integration with other tools. The document also provides examples of how Cerberus is used at La Redoute for regression testing websites in multiple languages and environments. It maintains over 3,500 regression tests that execute twice daily. Cerberus can also be used for functional monitoring of websites by regularly executing test cases and monitoring performance metrics.
This document discusses Google's approach to testing software at different levels. It defines small, medium, and large tests based on their properties. Small tests are unit tests that test individual functions and classes. Medium tests test interactions between modules on a single machine. Large tests are system or integration tests that exercise complete applications and external dependencies. The document emphasizes writing many small tests and using fakes and mocks to isolate dependencies. It also discusses strategies for dealing with flaky tests, such as automatically quarantining flaky tests. Finally, it provides an example of how large tests may work at different stages from development to production.
This is a 90 min talk with some exercises and discussion that I gave at the DHS Agile Expo. It places DevOps as a series of feedback loops and emphasizes agile engineering practices being at the core.
Agile Engineering Best Practices by Richard ChengExcella
By Richard Cheng, Certified Scrum Trainer and Training Business Unit Lead, Excella Consulting
21st Century IT development requires building quality into our development practices yet many software teams fail to implement technical practices that are necessary for long term success. Practices like automated builds, automated tests, automated deployments, continuous integration, and continuous delivery are now considered essential for the success of any software development project. Without these practices, the quality of software goes downhill and teams can no longer sustain their initial high levels of productivity.
However, understanding and implementing the practices can seem daunting. This session presents an easy to understand roadmap for implementing engineering best practices for non-technical audiences.
Though this topic is about engineering best practices, attendees do not have to be technical to get value from this session. The session gives a non-technical look at a technical concept and is great for any person in the organization managing, working with, or working on IT teams/programs.
Embracing Disruption: Adding a Bit of Chaos to Help You GrowPaul Balogh
** Recording available at https://www.youtube.com/watch?v=sHNOjUtbq2s **
Failure happens! It's our job to turn these disruptions into learning opportunities. As our software has become more distributed and complex, the "shift-left" movement brings reliability testing to earlier stages of development. Ensuring reliability goes beyond simple end-to-end tests.
To ensure the highest levels of reliability, you must perform a suite of testing types. Incorporate contract tests to validate APIs; load tests for scaling predictability. Let's learn from Chaos Engineering principles by incorporating disruptive behavior into your system _before_ production.
Join Paul as we learn ways to incorporate a plethora of testing into your software development pipeline. We'll discuss the pros and cons of each and what you can do to add these to your processes.
By embracing a little disruption, you can significantly improve the reliability of your system.
This document summarizes a test automation stack that uses Selenium, Cucumber, and Jenkins for end-to-end testing. It utilizes Cucumber for test design with a Gherkin syntax to make tests human-readable. Selenide is used for test development to enable simple code with clear structure and stable Selenium framework methods. Tests are executed in Jenkins with parameterization to run on different environments and browsers. Test results are evaluated using Report Portal for automated analysis, dashboards, and error correlation. A live demo of the stack is available on GitHub.
This document summarizes a test automation stack that uses Cucumber, Selenium, and Jenkins for end-to-end testing. Cucumber is used for test design with a Gherkin syntax to make tests human-readable. Selenium and the Selenide framework provide test development with reusable, stable tests implemented as page objects. Tests are executed via Jenkins pipelines for continuous integration and parameterization. Test results are evaluated using Report Portal for correlation, visualization of errors, and automated analysis.
This document provides guidance on how to become a testing expert. It discusses typical interview questions faced by testers and the dilemmas of both testers and management in hiring strong testing candidates. It outlines the career journey of one individual who grew from their first testing role to leadership positions. Key lessons include gaining experience over time and having the ability to find critical bugs quickly. Attributes of a testing expert are developing comprehensive testing strategies and managing the entire release process.
Software Quality and Test Strategies for Ruby and Rails ApplicationsBhavin Javia
This document provides an overview of software quality and test strategies for Ruby and Rails applications. It discusses the importance of quality, managing quality through setting goals and measuring metrics. It outlines a test strategy template and covers test types, tools, and approaches for unit, integration, acceptance and other types of tests in Ruby/Rails. It also discusses test data management, defect management, and the Ruby/Rails testing ecosystem including various testing frameworks and quality/metrics tools.
With the proliferation of testing culture, many developers are facing new challenges. As projects are getting started, the focus may be on developing enough tests to maintain confidence that the code is correct. However, as developers write more and more tests, performance and repeatability become growing concerns for test suites. In our study of large open source software, we found that running tests took on average 41% of the total time needed to build each project – over 90% in those that took the longest to build. Unfortunately, typical techniques for accelerating test suites from literature (like running only a subset of tests, or running them in parallel) can’t be applied in practice safely, since tests may depend on each other. These dependencies are very hard to find and detect, posing a serious challenge to test and build acceleration. In this talk, I will present my recent research in automatically detecting and isolating these dependencies, enabling for significant, safe and sound build acceleration of up to 16x.
The document outlines an upcoming programming workshop that will cover various JetBrains IDEs like PyCharm, IntelliJ IDEA, and PhpStorm. It then discusses Test Driven Development (TDD), including what TDD is, the development cycle used in TDD, and benefits like encouraging simple designs and confidence. Different types of software tests are also listed like unit tests, integration tests, acceptance tests, and others. Specific testing techniques like unit testing, integration testing using bottom-up and top-down approaches, and acceptance testing are then explained at a high level. Finally, some important notes on testing like trusting tests and prioritizing maintainability are provided.
You've heard about Continuous Integration and Continuous Deilvery but how do you get code from your machine to production in a rapid, repeatable manner? Let a build pipeline do the work for you! Sam Brown will walk through the how, the when and the why of the various aspects of a Contiuous Delivery build pipeline and how you can get started tomorrow implementing changes to realize build automation. This talk will start with an example pipeline and go into depth with each section detailing the pros and cons of different steps and why you should include them in your build process.
Similar to Deliver Faster with BDD/TDD - Designing Automated Tests That Don't Suck (20)
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemPeter Muessig
Learn about the latest innovations in and around OpenUI5/SAPUI5: UI5 Tooling, UI5 linter, UI5 Web Components, Web Components Integration, UI5 2.x, UI5 GenAI.
Recording:
https://www.youtube.com/live/MSdGLG2zLy8?si=INxBHTqkwHhxV5Ta&t=0
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
WhatsApp offers simple, reliable, and private messaging and calling services for free worldwide. With end-to-end encryption, your personal messages and calls are secure, ensuring only you and the recipient can access them. Enjoy voice and video calls to stay connected with loved ones or colleagues. Express yourself using stickers, GIFs, or by sharing moments on Status. WhatsApp Business enables global customer outreach, facilitating sales growth and relationship building through showcasing products and services. Stay connected effortlessly with group chats for planning outings with friends or staying updated on family conversations.
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Crescat
Crescat is industry-trusted event management software, built by event professionals for event professionals. Founded in 2017, we have three key products tailored for the live event industry.
Crescat Event for concert promoters and event agencies. Crescat Venue for music venues, conference centers, wedding venues, concert halls and more. And Crescat Festival for festivals, conferences and complex events.
With a wide range of popular features such as event scheduling, shift management, volunteer and crew coordination, artist booking and much more, Crescat is designed for customisation and ease-of-use.
Over 125,000 events have been planned in Crescat and with hundreds of customers of all shapes and sizes, from boutique event agencies through to international concert promoters, Crescat is rigged for success. What's more, we highly value feedback from our users and we are constantly improving our software with updates, new features and improvements.
If you plan events, run a venue or produce festivals and you're looking for ways to make your life easier, then we have a solution for you. Try our software for free or schedule a no-obligation demo with one of our product specialists today at crescat.io
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeAftab Hussain
Understanding variable roles in code has been found to be helpful by students
in learning programming -- could variable roles help deep neural models in
performing coding tasks? We do an exploratory study.
- These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
What is Augmented Reality Image Trackingpavan998932
Augmented Reality (AR) Image Tracking is a technology that enables AR applications to recognize and track images in the real world, overlaying digital content onto them. This enhances the user's interaction with their environment by providing additional information and interactive elements directly tied to physical images.
What is Master Data Management by PiLog Groupaymanquadri279
PiLog Group's Master Data Record Manager (MDRM) is a sophisticated enterprise solution designed to ensure data accuracy, consistency, and governance across various business functions. MDRM integrates advanced data management technologies to cleanse, classify, and standardize master data, thereby enhancing data quality and operational efficiency.
SOCRadar's Aviation Industry Q1 Incident Report is out now!
The aviation industry has always been a prime target for cybercriminals due to its critical infrastructure and high stakes. In the first quarter of 2024, the sector faced an alarming surge in cybersecurity threats, revealing its vulnerabilities and the relentless sophistication of cyber attackers.
SOCRadar’s Aviation Industry, Quarterly Incident Report, provides an in-depth analysis of these threats, detected and examined through our extensive monitoring of hacker forums, Telegram channels, and dark web platforms.
8 Best Automated Android App Testing Tool and Framework in 2024.pdfkalichargn70th171
Regarding mobile operating systems, two major players dominate our thoughts: Android and iPhone. With Android leading the market, software development companies are focused on delivering apps compatible with this OS. Ensuring an app's functionality across various Android devices, OS versions, and hardware specifications is critical, making Android app testing essential.
Measures in SQL (SIGMOD 2024, Santiago, Chile)Julian Hyde
SQL has attained widespread adoption, but Business Intelligence tools still use their own higher level languages based upon a multidimensional paradigm. Composable calculations are what is missing from SQL, and we propose a new kind of column, called a measure, that attaches a calculation to a table. Like regular tables, tables with measures are composable and closed when used in queries.
SQL-with-measures has the power, conciseness and reusability of multidimensional languages but retains SQL semantics. Measure invocations can be expanded in place to simple, clear SQL.
To define the evaluation semantics for measures, we introduce context-sensitive expressions (a way to evaluate multidimensional expressions that is consistent with existing SQL semantics), a concept called evaluation context, and several operations for setting and modifying the evaluation context.
A talk at SIGMOD, June 9–15, 2024, Santiago, Chile
Authors: Julian Hyde (Google) and John Fremlin (Google)
https://doi.org/10.1145/3626246.3653374
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Łukasz Chruściel
No one wants their application to drag like a car stuck in the slow lane! Yet it’s all too common to encounter bumpy, pothole-filled solutions that slow the speed of any application. Symfony apps are not an exception.
In this talk, I will take you for a spin around the performance racetrack. We’ll explore common pitfalls - those hidden potholes on your application that can cause unexpected slowdowns. Learn how to spot these performance bumps early, and more importantly, how to navigate around them to keep your application running at top speed.
We will focus in particular on tuning your engine at the application level, making the right adjustments to ensure that your system responds like a well-oiled, high-performance race car.
E-commerce Development Services- Hornet DynamicsHornet Dynamics
For any business hoping to succeed in the digital age, having a strong online presence is crucial. We offer Ecommerce Development Services that are customized according to your business requirements and client preferences, enabling you to create a dynamic, safe, and user-friendly online store.
3. Accelerate
❖ Software Delivery Performance Metrics That Matter
❖ Deployment Frequency
❖ Lead Time for Changes
❖ Mean Time To Restore (MTTR)
❖ Change Failure Rate
Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations
By Nicole Forsgren PhD, Jez Humble, and Gene Kim
9. Deliver Valuable Software Faster
Problem How TDD/BDD Can Help
Long QA Test Cycles Identify incorrect behavior before release to QA
Rework
Identify incorrect behavior during initial
development so can fix when most familiar with the
code
Disproportionate time spent studying code before
making small change
Confidence tests will identify if change will break
other behavior
Slow and difficult client development Verify API usability and tests as documentation
Slow and difficult to extend and/or add features
Testability strongly correlated with flexibility and
extensibility
10. –Chinese proverb
“To be uncertain is to be uncomfortable, but to be
certain is to be ridiculous.”
12. End-to-End Tests
❖ Developers like it because it offloads
most, if not all, of the testing to others.
❖ Managers and decision-makers like it
because tests that simulate real user
scenarios can help them easily
determine how a failing test would
impact the user.
❖ Testers like it because they often
worry about missing a bug or writing
a test that does not verify real-world
behavior; writing tests from the user's
perspective often avoids both
problems and gives the tester a greater
sense of accomplishment.
Days Left Pass % Notes
1 5%
Everything is broken! Signing in to the service is
broken. Almost all tests sign in a user, so almost
all tests failed.
0 4%
A partner team we rely on deployed a bad build to
their testing environment yesterday.
-1 54%
A dev broke the save scenario yesterday (or the
day before?). Half the tests save a document at
some point in time. Devs spent most of the day
determining if it's a frontend bug or a backend
-2 54%
It's a frontend bug, devs spent half of today
figuring out where.
-3 54%
A bad fix was checked in yesterday. The mistake
was pretty easy to spot, though, and a correct fix
was checked in today.
-4 1%
Hardware failures occurred in the lab for our
testing environment.
-5 84%
Many small bugs hiding behind the big bugs (e.g.,
sign-in broken, save broken). Still working on the
small bugs.
-6 87%
We should be above 90%, but are not for some
reason.
-7 89.54%
(Rounds up to 90%, close enough.) No fixes were
checked in yesterday, so the tests must have
been flaky yesterday.
In Theory In Practice
Source: Mike Wacker on Google Testing Blog
14. –Fred Brooks
“The hardest part of building a software system is
deciding precisely what to build... No other part of
the work so cripples the resulting system if done
wrong. No other part is more difficult to rectify
later”
15. Java Unit Test Frameworks
Strong Points Migrating from JUnit 4
JUnit 5
• Leverages Java 8 lambdas and
functional interfaces
• Modularity, powerful
extensions mechanism
• No support for Runners and
Rules
• Spring tests based on
ThreadLocal usage break
TestNG
• Flexible grouping and running
of tests
• Different ordering to
assertion parameters than
JUnit
Spock
• Data tables with multi-line
strings
• No need for mocking
framework
• Getting used to Groovy-
based DSL
• Additional test source
directory
16. Other Java Test Frameworks
Type Highlights
Mockito Mock Interface injection, Data control, Verification
Spring Test Dependency Inject Spring config doc, Transaction rollback
Arquillian JEE Server Stub Embedded JEE server functionality
Cucumber BDD Gherkin-based communication with SME
Wiremock Service Virtual Lightweight service stubs
Spring Cloud
Contract
Consumer Driven Uses Wiremock under the hood
Hoverfly Service Virtual Full system service virtualization
ArchUnit Architecture Consistent -ilities w/o bureaucracy
18. Test Source Layout
❖ Maven
❖ All in src/test/java or src/test/groovy
❖ Use surefire and failsafe include / exclude to control test execution (Unit = *Test, Integration = *IT)
❖ Define non-default profile for integration tests
❖ Use jacoco-maven-plugin to merge test coverage
❖ Gradle
❖ Utilize gradle-testsets-plugin and don’t link into default build
❖ Separate directories (Unit = src/test/java, Integration = src/integrationTest/java)
❖ Use Jacoco plugin to merge test coverage
❖ Sonar
❖ Automatically merges all test coverage in one metrics as of v6.x
21. When to Unit Test
- Questionable
- Code obvious at first glance
- Coordinating logic
✓ Absolutely Mandatory
✓ Algorithmic logic
✓ Complex code with many
dependencies
Vikas Hazrati on Knoldus blog
22. What to Test
Category Test Category Test
DTO
Serialization, equals,
hashCode
DAO/Repository
Integration tests against
actual datastore
Converters, Parsers,
Serializers, Validators
Source data from test data
parameters or files on class
path
Utility Methods Every branch, edge cases
Routers, Coordinators
Decision logic if any
extracted into methods
Business Rules
BDD specifications, All pairs
testing
JavaEE EJBs, JCAs Use Arquillian REST Controllers
Handling of optional
parameters, Use REST
framework-provided mocks
APIs
Integration tests verifying
wiring and configuration of
framework AOP
UIs Basic wiring, algorithms
Docker Images
Wiring, startup, health
check
Third-party Libraries
Integration of generated
code, Behavior assumptions
23. Data Transfer Object
public class ExampleEntityPKTest {
private final Logger logger = LoggerFactory.getLogger(ExampleEntityPKTest.class);
@Test
public void shouldSerializeAndDeserializeRetainingEquality() {
String employeeId = "99377";
String postingId = "DEC18";
ExampleEntityPK original = new ExampleEntityPK();
original.setPostingId(postingId);
original.setEmployeeId(employeeId);
ExampleEntityPK copy = (ExampleEntityPK)
SerializationUtils.deserialize(SerializationUtils.serialize(original));
assertEquals(original, copy);
assertEquals(original.hashCode(), copy.hashCode());
assertEquals(postingId, copy.getPostingId());
assertEquals(employeeId, copy.getEmployeeId());
}
@Test
public void shouldTreatObjectsWithDifferentValuesAsNotEqual() {
ExampleEntityPK pk1 = new ExampleEntityPK("99377", "JUL19TEST");
ExampleEntityPK pk2 = new ExampleEntityPK("11", "JUL19TEST");
assertEquals(pk1, pk1);
assertFalse(pk1.equals(pk2));
assertFalse(pk1.hashCode() == pk2.hashCode());
assertFalse(pk1.equals(null));
assertFalse(pk1.equals(pk1.getPostingId()));
}
@Test
public void shouldSortByPostingIdAndThenEmployeeId() {
ExampleEntityPK pk1 = new ExampleEntityPK("99377", "JUL19TEST");
ExampleEntityPK pk2 = new ExampleEntityPK(“11", "JUL19TEST");
assertTrue(pk1.compareTo(pk2) > 0);
}
}
24. Data Access Object
@RunWith(SpringRunner.class)
@ContextConfiguration(classes = { DatabaseConfig.class })
@TestPropertySource("/test-application.properties")
public class EmployeeRepositoryITest {
@Autowired
private EmployeeRepository repository;
@Autowired
private DataSource dataSource;
@Test
public void shouldRetrievePageOfEmployees() {
PageRequest pageable = PageRequest.of(0, 32, Sort.Direction.ASC, "employeeId");
Page<Employee> results = repository.findAll(pageable);
assertFalse(results.getContent().isEmpty());
}
@Test
public void shouldRetrieveEmployeeByEmployeeId() {
PageRequest pageable = PageRequest.of(4, 4, Sort.Direction.ASC, "employeeId");
Page<Employee> results = repository.findAll(pageable);
assertFalse(results.getContent().isEmpty());
for (Employee em : results.getContent()) {
Optional<Employee> result = repository.findByEmployeeId(em.getEmployeeId());
assertTrue(result.isPresent());
}
}
@Test
public void shouldRetrieveValuesFromPersonnel() {
Optional<Employee> result = repository.findById(retrieveValidEmployeeId());
assertTrue(result.isPresent());
assertNotNull(result.get().getSeniorityDate());
}
private Long retrieveValidEmployeeId() {
Long result = null;
try (Connection conn = dataSource();
PreparedStatement ps = conn.prepareStatement("SELECT MAX(employee_id) FROM employee")) {
try (ResultSet rs = ps.executeQuery()) {
rs.next();
result = rs.getLong(1);
}
} catch (SQLException cause) {
throw new IllegalStateException(cause);
}
return result;
}
}
27. Business Rules
public class RpnCalculatorStepdefs implements En {
private RpnCalculator calc;
public RpnCalculatorStepdefs() {
Given("a calculator I just turned on", () -> {
calc = new RpnCalculator();
});
When("I add {int} and {int}", (Integer arg1, Integer arg2) -> {
calc.push(arg1);
calc.push(arg2);
calc.push("+");
});
Given("I press (.+)", (String what) -> calc.push(what));
Then("the result is {double}", (Integer expected) -> assertEquals(expected, calc.value()));
Then("the result is {int}", (Integer expected) -> assertEquals(expected.doubleValue(), calc.value()));
Before(new String[]{"not @foo"}, (Scenario scenario) -> {
scenario.write("Runs before scenarios *not* tagged with @foo");
});
After((Scenario scenario) -> {
// result.write("HELLLLOO");
});
Given("the previous entries:", (DataTable dataTable) -> {
List<Entry> entries = dataTable.asList(Entry.class);
for (Entry entry : entries) {
calc.push(entry.first);
calc.push(entry.second);
calc.push(entry.operation);
}
});
}
static final class Entry {
private final Integer first;
private final Integer second;
private final String operation;
Entry(Integer first, Integer second, String operation) {
this.first = first;
this.second = second;
this.operation = operation;
}
}
}
28. All-Pairs Testing
❖ For each pair of input parameters, tests all possible
discrete combinations of those parameters
❖ The most common bugs in a program are generally
triggered by either a single input parameter or an
interaction between pairs of parameters
❖ Software available to generate optimum test data
29. EJB
@RunWith(Arquillian.class)
public class MemberRegistrationTest {
@Deployment
public static Archive<?> createTestArchive() {
return ShrinkWrap.create(WebArchive.class, "test.war")
.addClasses(Member.class, MemberRegistration.class, Resources.class)
.addAsResource("META-INF/test-persistence.xml", "META-INF/persistence.xml")
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml")
// Deploy our test datasource
.addAsWebInfResource("test-ds.xml", "test-ds.xml");
}
@Inject
MemberRegistration memberRegistration;
@Inject
Logger log;
@Test
public void testRegister() throws Exception {
Member newMember = new Member();
newMember.setName("Jane Doe");
newMember.setEmail("jane@mailinator.com");
newMember.setPhoneNumber("2125551234");
memberRegistration.register(newMember);
assertNotNull(newMember.getId());
log.info(newMember.getName() + " was persisted with id " + newMember.getId());
}
}
30. Concurrency
public class MicrometerTestApplicationTests {
private Logger logger = LoggerFactory.getLogger(MicrometerTestApplicationTests.class);
@Autowired
private WebTestClient webClient;
@Test
public void threadPoolResponseDistribution() throws BrokenBarrierException, InterruptedException {
int clients = 8;
int runs = 2048;
CyclicBarrier barrier = new CyclicBarrier(clients + 1);
ExecutorService executorService = Executors.newCachedThreadPool();
for (int i = 0; i < clients; i++) {
executorService.submit(new ThreadPoolTestRunner(barrier, runs));
}
barrier.await();
barrier.await();
webClient.get().uri("/actuator/mappings").exchange().expectStatus().isOk();
webClient.get().uri("/actuator/prometheus").exchange().expectStatus().isOk();
FluxExchangeResult<String> stats = webClient.get().uri("/stats/tpool").exchange().returnResult(String.class);
logger.info("Thread Pool Test Result: {}", new String(stats.getResponseBodyContent()));
}
FluxExchangeResult<String> stats = webClient.get().uri("/stats/hystrix").exchange().returnResult(String.class);
logger.info("Hystrix Test Result: {}", new String(stats.getResponseBodyContent()));
}
class ThreadPoolTestRunner implements Runnable {
private CyclicBarrier barrier;
private int runs;
ThreadPoolTestRunner(CyclicBarrier barrier, int runs) {
this.barrier = barrier;
this.runs = runs;
}
@Override
public void run() {
try {
barrier.await();
for (int i = 0; i < runs; i++) {
webClient.get().uri("/tpool/{id}", UUID.randomUUID().toString()).exchange().expectStatus().isOk();
}
barrier.await();
} catch (InterruptedException | BrokenBarrierException ignore) {
fail("improperly configured test");
}
}
}
32. –Andrew Hunt and Dave Thomas
“It’s not at all important to get it right the first
time. It’s vitally important to get it right the last
time.”
33. Testability Aphorisms
❖ Static getInstance involving a remote connection is EVIL
❖ PowerMock provides powerful functionality which should
NEVER be used
❖ PowerMock required == Redesign required
❖ God objects need the Single Responsibility Principle
applied
❖ In method section comments should be sub-method names
❖ Minimize leaky abstractions
34. –powermock.github.io
“Please note that PowerMock is mainly intended
for people with expert knowledge in unit testing.
Putting it in the hands of junior developers may
cause more harm than good.”
37. Test Automation Anti-Patterns
1. Mushrooming
• Stage 1: Small and Localized
• Stage 2: Generalization
• Stage 3: Staffing
• Stage 4: Development of Non-Core Features
• Stage 5: Overload
2. The Competition
• Variety 1: Different teams use different frameworks
• Variety 2: Different teams feed requirements to enterprise effort and one team gets favored
• Variety 3: Mushrooming at stage 5 so team starts new solution at stage 1
3. The Night Time Fallacy
• Test Automation Truism: Machines create work for more testers
• The Tragedy of the Commons: Five teams each assume 12 hours to test time: 5 teams * 12 hours = 60 hours
4. Going for the Numbers
• Point and click creation to up numbers but poorly engineered for resiliency
5. The Sorcerer’s Apprentice Syndrome
• Mimicking human actions sound straight forward, but is sometimes hard to accomplish programmatically and is frequently
inefficient.
The Pathologies of Failed Test Automation Projects - Michael Stahl, July 2013
39. Test Data Strategies
❖ Use actual production data
❖ PII, PCI, HIPAA data must be masked
❖ Use queries to get valid test values
❖ Use automatic rollback for data changing tests
❖ Delete and refresh on a regular basis
❖ Generate fake data
❖ Domain specific generators
❖ Generate per test
❖ Import reference data
❖ Periodic cleanup
41. Future of Enterprise QA
❖ Embedded in delivery team
❖ Gherkin specification development
❖ Exploratory testing
❖ Risk-based test prioritization
❖ Independent group
❖ AI-assisted intelligence
❖ Customer experience optimization and insights
❖ Robotic process automation
42. –Jerry Weinberg
“You can be a great tester if you have
programming skills. You can also be a great tester
if you have no programming skills at all. And, you
can be a lousy tester with or without programming
skills. A great tester will learn what skills she needs
to continue to be great, in her own style.”
43. Testing in Production Methodologies
❖ A/B Testing (aka Online Controlled Experimentation)
❖ Some percent of users of a website or service are unbeknownst to them given an alternate
experience (a new version of the service). Data is then collected on how users act in the old versus
new service, which can be analyzed to determine whether the new proposed change is good or not.
❖ Ramped Deployment
❖ Using Exposure Control, a new deployment of a website or service is gradually rolled out. First to a
small percentage of users, and then ultimately to all of them. At each stage the software is
monitored, and if any critical issues are uncovered that cannot be remedied, the deployment is
rolled back.
❖ Shadowing
❖ The system under test is deployed and uses real production data in real-time, but the results are not
exposed to the end user.
Source: https://blogs.msdn.microsoft.com/seliot/2011/06/07/testing-in-production-tip-it-really-happensexamples-from-facebook-amazon-google-and-microsoft/
44. –Isaac Asimov
“The most exciting phrase to hear in science, the
one that heralds discoveries, is not ‘Eureka!’ but
‘Now that’s funny…”