How Testing Kills DevOps
January 25, 2018

Wayne Ariola
Tricentis

You've already recognized that business transformation requires digital transformation. Your organization is staffed with the best and brightest developers ready to implement the innovative, business-differentiating technologies you need to attract, engage, and retain customers. And you've invested in scaling Agile, driving DevOps adoption, automating the Continuous Delivery pipeline, and all the other components involved in moving from ideation to delivery as rapidly as possible. So what could possibly go wrong? Testing.

Perhaps you might think that software testing isn't as exciting as development, where abstract ideas are magically transformed into attractive interfaces you can showcase to customers and staff. However, it can have a tremendous impact on the success of your digital transformation strategy. In fact, testing is often the silent killer of these efforts. Why? Because software testing is still dominated by yesterday's tools and outdated processes — which don't meet the needs of today's accelerated development processes.

What does this disconnect mean for you?

Throttled Acceleration

Agile and DevOps initiatives aim to accelerate the process of delivering working software to the end user. However, even organizations who have adopted Agile and DevOps report dismal test automation rates: around 25-30%. This means that after the rest of your software delivery pipeline is automated and optimized, an outdated testing process eventually emerges as the bottleneck. Once it's clear that testing is clogging the delivery pipe, there are three options: accept the throttled speed, release without adequate testing, or transform the testing process.

Risk to Your Brand

Now that software is the primary interface to the business, a software failure is a business failure. Yet, with today's compressed and continuous delivery cycles, it's simply impossible to test everything before every release — even if testing is automated.

To protect your brand while accelerating software delivery, testing must be re-aligned to focus on your top business risks. Traditional testing takes a "bottom-up" approach to validate whether new functionality works as expected. Modern delivery processes require testing to automatically assess the overall impact to the core user experience and instantly determine if the release candidate has an acceptable level of business risk.

Poorly-Allocated Resources

There are hard costs associated with trying to retrofit outdated testing processes and tools into modern delivery processes. Many organizations try to bridge the testing gap by throwing an abundance of manual testers at the problem … typically through a global system integrator. By the most recent estimates, this approach consumes approximately 35% of an average IT application development budget — a total of $35 billion per year, globally. A way to help testers achieve high test automation rates would let you reallocate a large portion of that testing spend towards creative tasks which advance competitive differentiators.

The Path Forward: Continuous Testing

Software testing must change. Software testing in the new world of DevOps remains dominated by yesterday's application lifecycle management (ALM) tools and manual testing — and they simply don't meet the needs of today's accelerated development processes.

The fact of the matter is that previous efforts to automate software testing have not yielded the expected results due to:

High maintenance: Traditional script-based automated tests need frequent updating to keep pace with highly-dynamic, accelerated release processes. This results in an overwhelming amount of false positives that require burdensome maintenance and/or cause automation efforts to be abandoned.

Slow execution time: Traditional tests are time-consuming to execute, so it is not practical to run a meaningful regression test suite on each build. This means the team lacks instant feedback on whether their changes impact the existing user experience — undermining the goals of CI.

Frequent failure: With today's complex, interconnected applications, test environment inconsistencies commonly impede test automation efforts and result in false positives. Again, this requires burdensome follow-up and/or causes automation efforts to be abandoned.

Now, the pressure of digital transformation requires a level of test automation that far surpasses the capabilities of legacy testing platforms. Balancing the business's demand for speed with their tolerance for risk requires Continuous Testing, which provides real-time insight into the application's business risk.

Continuous testing is the process of executing automated tests as part of the software delivery pipeline in order to obtain feedback on the business risks associated with a software release candidate as rapidly as possible.

Test automation is designed to produce a set of pass/fail data points correlated to user stories or application requirements. Continuous Testing, on the other hand, focuses on business risk and providing insight on whether the software can be released. To achieve this shift, we need to stop asking "are we done testing" and instead concentrate on "does the release candidate have an acceptable level of business risk?"

It's important to recognize that no tool or technology can instantly "give" you Continuous Testing. Like Agile and DevOps, Continuous Testing requires changes throughout people, processes, and technology. However, trying to initiate the associated change in people and processes when your technology is not up to the task will be an uphill battle from the start … and ultimately a losing one.

Wayne Ariola is CMO at Tricentis

The Latest

July 17, 2018

In my first blog in this series, I highlighted some of the main challenges teams face with trying to scale mainframe DevOps. To get past these hurdles, the key is to develop an incremental approach that enables teams to capture value along each step of the journey ...

July 16, 2018

The key to mainframe DevOps success is in quickly identifying and removing major bottlenecks in the application delivery lifecycle. Major challenges include collaboration between mainframe and distributed teams, lack of visibility into the impact of software changes, and limited resource flexibility with scaling out necessary testing initiatives. Now let's take a closer look at some of these key challenges and how IT departments can address them ...

July 11, 2018

How much are organizations investing in the shift to cloud native, how much is it getting them? ...

July 10, 2018

In the shift to cloud native, many organizations have adopted a configuration-as-code approach. This helps drive up application deployment velocity by letting developers and DevOps teams reconfigure their deployments as their needs arise. Other organizations, particularly the more regulated ones, still have security people owning these tools, but that creates increased pressure on the security organization to keep up. How much are organizations investing in this process, and how much is it getting them? ...

June 28, 2018

More than a third of companies that use serverless functions are not employing any application security best practices and are not using any tools or standard security methodologies to secure them, according to the State of Serverless Security survey, conducted by PureSec ...

June 27, 2018

The popularity of social media platforms and applications is spurring enterprises to adopt "social business" models to better engage with employees and customers and improve collaboration, according to a new study published by ISG ...

June 25, 2018

The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

June 21, 2018

DevSecOps is quickly gaining support and traction, within and beyond information security teams. In fact, 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps, according to a new survey of 80 security professionals by Aqua Security ...

June 20, 2018

The larger the company size, the higher the proportion of low IT performers, according to the State of DevOps: Market Segmentation Report from Puppet, based on the 2017 State of DevOps Survey data ...

June 18, 2018

An overwhelming 83 percent of respondents have concerns about deploying traditional firewalls in the cloud, according to Firewalls and the Cloud, a survey conducted by Barracuda Networks...

Share this