© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 1 @CoverosGene Tests Your Pipeline Might Be Missing Build confidence that you have a viabl e cand idate for production It’s about process, not tools
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 1
@CoverosGene
Tests Your Pipeline Might Be Missing
Build confidence that you have a
viable candidate for production
It’s about process, n
ot tools
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 2
@CoverosGene
Everything can’t be first or last
Do just enough of each type of
testing early in the pipeline
to determine if further testing is
justified.
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 3
@CoverosGene
Check your code footprint
mvn dependency:treemvn dependency:analyze
mvn com.ning.maven.plugins:maven-dependency-versions-check-
plugin
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 4
@CoverosGene
Poor quality code is harder to maintain
… and harder to secure
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 5
@CoverosGene
Are your libraries up-to-date?
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 6
@CoverosGene
Test your unit tests
Mutation testing
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 7
@CoverosGene
Test what users can’t do… or at least shouldn’t
User role testing
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 8
@CoverosGene
Security testby piggy-backing on functional tests
OWASP ZAP
passive proxyactive scanner
fuzzer
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 9
@CoverosGene
Repeatable, reliable deployments… and test that through practice
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 10
@CoverosGene
Audit yourself
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 11
@CoverosGene
Is the base system secure?
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 12
@CoverosGene
Are your packages up-to-date?
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 13
@CoverosGene
How’s performance?
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 14
@CoverosGene
Test the database
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 15
@CoverosGene
What are your users doing?
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 16
@CoverosGene
Practice failure
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 17
@CoverosGene
Scan all the systems
Don’t forget the infrastructure
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 18
@CoverosGene
Protect against hackers … even on dev and test systems
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 19
@CoverosGene
Don’t expect that your pipeline is done
A little better is still better.
Keep improving.
© COPYRIGHT 2016 COVEROS, INC. ALL RIGHTS RESERVED. 20
@CoverosGene
Test your pipeline… if it goes down, everything goes
down
Related Documents
