As more organizations move towards continuous integration (CI) and continuous delivery (CD) with DevOps pipelines becoming the norm, where is the right place to do different kinds and levels of testing? In this presentation, I will provide a blueprint for test managers on how to think about shifting left and shifting right while keeping the overall QA picture and goals in mind.
6. ®®
What is DevOps Anyway?
(By Devops.png: Rajiv.Pant derivative work: Wylve - derived from Devops.png: , Link, originally by Gary Stevens)
7. ®®
The DevOps “Lifecycle”
(By Devops.png: Rajiv.Pant derivative work: Wylve - derived from Devops.png: , Link, originally by Gary Stevens)
8. ®®
What is Continuous Testing?
Continuous testing is the process of executing tests as part
of the software delivery pipeline to obtain immediate
feedback on the business risks associated with a software
release candidate.
Originally limited to automated tests in the CI portion
Should include all kinds of testing, throughout CI/CD pipeline
For Continuous testing, the scope of testing extends from
validating bottom-up requirements or user stories to
assessing the system requirements associated with
overarching business goals.
1. https://en.wikipedia.org/wiki/Continuous_testing
11. ®®
Key Facts About Continuous Testing
Without Continuous Testing, you won’t realize significant
value from DevOps.
Pushing low quality code into production faster = bad
Lack of visibility and feedback to assess risk = bad
Chaos engineering without testing = simply chaos!
Continuous Testing Myths
Continuous Testing ≠ 100% test automation
All testing should be done earlier in the lifecycle
No testing is needed, just have production monitoring
12. ®®
Some Best Practices
Continuous means testing is happening before, during, and
after each software change is made.
Collaborate on requirements
Validate changes constantly (e.g.: regression testing)
Dev/Test Pairing (ex: exploratory testing, reviewing test
cases)
Automated testing in CI
Continuous improvement of test approach
Review of customer feedback and business metrics
18. ®®
What Does “Shift Left” Mean?
Shifting Left is about removing downstream blockers and
finding and fixing defects closer to where they are
introduced.
Rapid, automated testing to prevent known issues reappearing
Identifying areas of risk earlier to know where to focus later:
Performance
Security
Integration
Infrastructure
Usability
Early exploration of features to understand business issues/risks
19. ®®
Continuous Integration (CI)
Ensure that you have a robust set of “smoke”
tests that can run after every CI build
Unit, API and Automated UI tests
23. ®®
Non-Functional Testing
• Don’t leave these to the end of the process, before deployment
• Do just enough of each type of testing early in the pipeline to
determine if further testing will be needed later.
24. ®®
Exploratory Testing: Where & Why
Good testers find issues that no one knows about
Exploratory testing finds those edge cases
It’s the unknown ‘unknowns’ that trip you up
It’s particularly useful when the functionality is still
being formed in early sprints
28. ®®
Shifting Right
Shifting Right is about leveraging customers and access
to production data to test effectively and support
feedback loops
Enabling testing activities
Customer feedback on features (ex: A/B and Canary Testing)
Monitoring and healing production issues
Usability and experience (ex: usability testing, UI/UX)
Customer satisfaction (ex: NPS ratings, engagement, adoption)
Monitoring business metrics to “test” value of changes
32. ®®
Some Tools
System Monitoring – Dynatrace, Solarwinds, Cloudwatch
Customer Helpdesk – ZenDesk, KronoDesk, Remedy, etc.
Customer Behavior – Google Analytics, Splunk, Matomo
Business Monitoring
Traditional BI Platforms – PowerBI, Splunk, Cognos, Domo, etc.
AI-Driven Data Analytics – Qlik, Tellius, etc.
Data Visualzation – Tableau, etc
Customer Satisfaction – Delighted, Promoter, AskNicely, …
33. ®
Stuck in the Middle with You
Assessing Risk and Deciding Whether to Go Live
34. ®®
There Is Never Enough Time for Testing
• How Do We Know if We Can Release into Production?
• How Do We Know We Have Tested the Right Areas?
• We Don’t Have Enough Time to Test Everything!
36. Focus on Areas Identified Earlier in Pipeline
Unit Tests
API Tests
Security Tests
Performance Tests
Exploratory Sessions
Shift Left Tests Deeper Testing
Deeper Functional
Testing
Deeper Performance
Testing
Focused Exploratory
Sessions
37. ®®
Example: Performance Testing
Early Load Testing
• Development hardware
• No isolation
• 10 VUs, 10,000 requests
• Analyze trends
• Is this CI build faster or
slower than before?
• Should we spend more time
testing it later?
Full-Blown Load Testing
• Replica of production
hardware
• Dedicated environment
• Isolated networks
• 10,000 VUs for 4 hours
• What is the maximum load,
throughput, bottlenecks
• Do we meet our SLAs?
38. Hierarchy of Testing Risk
Happy Path, Safe Environment
Realistic Paths, Safe Environment
Edge Cases, Safe Environment
Edge Cases, All Environments
If it breaks here, then
no point trying further
levels in the hierarchy