Using DevOps to Improve Software Quality in the Cloud
-
Upload
techwellpresentations -
Category
Technology
-
view
132 -
download
1
Transcript of Using DevOps to Improve Software Quality in the Cloud
!!
T5
Continuous!Delivery!
10/16/2014!9:45:00!AM!
!
Using DevOps to Improve
Software Quality in the Cloud !
Presented by:
Jeff Payne
Coveros, Inc.
!
!
!
Brought(to(you(by:((
((
340!Corporate!Way,!Suite!300,!Orange!Park,!FL!32073!
[email protected]!H!www.sqe.com
Jeff Payne
Coveros, Inc. Jeff Payne is CEO and founder of Coveros, Inc., a software company that builds secure software applications using agile methods. Since its inception in 2008, Coveros has become a market leader in secure agile principles and was recognized by Inc. magazine as one of the fastest growing private US companies. Prior to founding Coveros, Jeff was chairman of the board, CEO, and cofounder of Cigital, Inc., a market leader in software security consulting. Jeff has published more than thirty papers on software development and testing, and testified before Congress on issues of national importance, including intellectual property rights, cyber terrorism, and software quality. Follow Jeff on Twitter @jefferyepayne.
© Copyright 2014 Coveros, Inc. All rights reserved.
Using DevOps to Improve Software Quality in the Cloud
Jeffery Payne, Coveros
@jefferyepayne
© Copyright 2014 Coveros, Inc. All rights reserved.
Agenda yWhat is DevOps? yQuality during continuous integration yQuality during continuous delivery yPutting it all together yWrap-up
3 © Copyright 2013 Coveros, Inc.. All rights reserved.
Speaker
Jeffery Payne (@jefferyepayne) [email protected]
Jeffery Payne is CEO and founder of Coveros, Inc., a software company that helps organizations accelerate the delivery of secure, reliable software. Coveros uses agile development methods and a proven software assurance framework to build security and quality into software from the ground up. Prior to founding Coveros, Jeffery was Chairman of the Board, CEO, and co-founder of Cigital, Inc. Under his direction, Cigital became a leader in software security and software quality solutions, helping clients mitigate the risk of software failure. Jeffery is a recognized software expert and popular speaker at both business and technology conferences on a variety of software quality, security, and agile development topics. He has also testified before Congress on issues of national importance, including intellectual property rights, cyber-terrorism, Software research funding, and software quality.
4 © Copyright 2013 Coveros, Inc.. All rights reserved.
y Coveros helps organizations accelerate the delivery of secure, reliable software
y Our consulting services: – Agile software development & coaching – Agile testing and test automation – Application security – Agile transformations – DevOps automation
y Our key markets: – Financial services – Healthcare – Defense – Critical Infrastructure
Areas of Expertise
About Coveros
5 © Copyright 2014 Coveros, Inc.. All rights reserved.
What is DevOps?
Common Definition y DevOps is a software development method that stresses
communication, collaboration and integration between software developers and information technology (IT) professionals. DevOps is a response to the interdependence of software development and IT operations. It aims to help an organization rapidly produce software products and services.
y DevOps is not a tool
y DevOps is not a methodology
y DevOps is a philosophy for how people in the software development supply chain interact and work together
6 © Copyright 2014 Coveros, Inc.. All rights reserved.
What’s Wrong with This Picture?
What is DevOps?
Developers IT Professionals
Collaboration
7 © Copyright 2014 Coveros, Inc.. All rights reserved.
An Improved View
What is DevOps?
Developers IT Professionals
Collaboration
Testers
All other team members and stakeholders
8 © Copyright 2014 Coveros, Inc.. All rights reserved.
What is DevOps?
My Definition y DevOps is a software development method that stresses
communication, collaboration and integration between software developers, software testers, all other team members/stakeholders, and information technology (IT) professionals. DevOps is a response to the interdependence of software development/test and IT operations. It aims to help an organization rapidly produce high quality software products and services.
y Without testers in the loop, high quality goes out the window.
y So does some early lifecycle feedback on bugs
9 © Copyright 2014 Coveros, Inc.. All rights reserved.
y It compiles, therefore it works!
y Big bang integration
y Throwing software over the fence to late lifecycle QA
y “It works on my machine”
y “We’ll get that QA environment stood up for you by … 2016”
DevOps helps solve common quality problems
What is DevOps?
© Copyright 2014 Coveros, Inc. All rights reserved.
Quality during Continuous Integration
11 © Copyright 2014 Coveros, Inc.. All rights reserved.
y … the practice of continuously integrating software during software development to assure the code works together, code has been adequately tested, and all quality standards are met.
y Code check-in builds
y Nightly builds
y End-of-sprint code merge / builds
Continuous Integration Is …
Quality during Continuous Integration
12 © Copyright 2014 Coveros, Inc.. All rights reserved.
y Developers are encouraged to check in new code frequently in CI (hours/minutes vs. days)
y Unit testing is performed on each unit of code when it is checked in
y Functional testing / regression testing is done every night to assure that nothing introduced during the day breaks other functionality
y More comprehensive functional / regression testing is done as time allows on weekends and at the end of each Sprint for large projects with multiple Sprint teams
y Don’t forget non-functional testing!
Testing within CI
Quality during Continuous Integration
13 © Copyright 2014 Coveros, Inc.. All rights reserved.
y There are a wide variety of quality checks that can be performed as part of a continuous integration process. – Coding standards – Static code review (quality & security) – Code metrics (size, complexity, risk, technical debt) – Code coverage of unit tests
y Many teams mandate that builds pass before additional development / testing is performed … a clean build is THAT important in software development
Quality checks
Quality during Continuous Integration
14 © Copyright 2014 Coveros, Inc.. All rights reserved.
y Jenkins is a CI server that provides automated support for continuous integration activities
y Jobs can be scripted in Jenkins to do a wide variety of things – Automatically detect code changes in a source code repository and
build/test this code – Start up a variety of builds / testing efforts at a particular time of day
or night – Configure automated builds to perform quality checks – Pretty much any other automated work you want performed …
including continuous delivery scripts!
y Jenkins CI script examples
Examples within Jenkins
Quality during Continuous Integration
© Copyright 2014 Coveros, Inc. All rights reserved.
Quality during Continuous Delivery
16 © Copyright 2014 Coveros, Inc.. All rights reserved.
y … … the practice of continuously delivering software to downstream environments (QA, staging, production-like) to assure the code works properly within desired environment(s). – Continuous deployment is a subset of continuous delivery focused on
automating the deployment process to support regular product releases
y Tests quality of the code in production-like environments
y Tests the ability to automatically instantiate and provision all needed environments (development, test, QA, staging, production) when possible
y Virtualization and cloud computing increase CD automation substantially but aren’t necessary to do CD
Continuous Delivery Is …
Quality during Continuous Delivery
17 © Copyright 2014 Coveros, Inc.. All rights reserved.
y Manual setups of development, test, staging, and production environments is very time consuming and fraught with error.
y Technologies now exist to automate your manual processes so that after they have been debugged / validated once, you can automatically setup environments as often as you need.
y Typically done within virtual machines to support automated setup, work, teardowns with little to no manual intervention
y Cloud based development, test, deployment environments can remove the need to even setup physical hardware, further automating the process
Automated environment provisioning / instantiation
Quality during Continuous Delivery
18 © Copyright 2014 Coveros, Inc.. All rights reserved.
y Smoke tests to assure builds work within environment(s) and environments are properly setup
y Functional testing / regression testing is done as often as possible (given your setup) to assure that nothing introduced since the last delivery to an environment breaks other functionality (includes environmental changes)
y Security, load & performance, and other non-functional testing that must be performed on production-like environments
y NOTE: DevOps does not mean we don’t manual test at all levels!
Testing within CD
Quality during Continuous Delivery
19 © Copyright 2014 Coveros, Inc.. All rights reserved.
y Puppet is an orchestration language (like Chef, Ansible, etc.) that provides mechanisms to automate your provisioning and setup of environments.
y Amazon Web Services/EC2 is a cloud platform for requesting, provisioning, and using distributed hardware clusters for computing.
y Jenkins CD script examples
Examples within Jenkins, Puppet, AWS/EC2
Quality within Continuous Delivery
© Copyright 2014 Coveros, Inc. All rights reserved.
Putting it all Together
© Copyright 2014 Coveros, Inc. All rights reserved.
Demo Architecture
Started by Jenkins
© Copyright 2014 Coveros, Inc. All rights reserved.
DevOps Demo