Check Point® Software Technologies Ltd. announced its position as a leader in The Forrester Wave™: Enterprise Firewalls, Q4 2024 report.
In Part 1 of this three-part series, we covered the first steps of introducing automated testing into your software development lifecycle. Now that you've done the early work of codifying manual tests into an automation framework and achieved some quick wins with initial smoke tests, you can continue to build confidence in test automation.
Start with Part 1: Beginning Your Test Automation Journey
Working with Test Case Management Tools
The most important competency of this intermediate SDLC stage is that you establish a test case management system (TCM) and reporting structure. It's key to make sure that all of your results are going to a single place to be seen from a single view. By doing that, you have a consistent view into any failures and can comfortably decide whether or not to deploy.
Furthermore, this approach allows you to merge your manual and automation testing efforts into a single system, with a single source of truth. As these two processes are merged together (which we will cover later in this article) you will enable your practice to scale properly without hitting unnecessary bottlenecks.
With a single TCM in place, you can now more effectively put quality gates in place as part of your deployment pipeline. Each testing stage in the pipeline (e.g. smoke testing, manual regression, test automation) should have a quality gate defined that determines whether or not the build should continue through the pipeline for additional testing. Implementing quality gates at each stage of the process helps your team identify build issues earlier. The earlier build issues are identified, the more cost-optimized your practice will be. This is especially important as you scale your practice and increase test coverage.
Unifying Manual and Automated Testing
After your test cases have been merged into a single repository and an assessment has been completed to determine which tests should be run manually, and which should be automated, it becomes much easier to combine your manual and automation testing efforts together and embed them into your deployment pipeline. This is a must for any production-grade QA practice looking to scale.
While the process varies from team to team, in general, embedding automated and manual testing together into your deployment pipeline can be seen as a four-step process:
1. Define a change set given your evaluation and goals– More specifically, what technical changes to your deployment pipeline and/or your manual processes need to be implemented or documented in order to embed all testing into the pipeline? For example, once an automated smoke test is complete, should a QA lead be notified so that they can initial manual testing? When manual testing is done, how does a key stakeholder review the results and determine if the quality gate should allow the build to the next step in the pipeline for additional downstream (possibly non-functional) testing? These are the types of questions that should be answered so you have a clear playbook on how to move forward.
2. Test the solution out-of-band– Changes to your pipeline and processes should also be tested. A great way to test your new process without impacting the current workflow is to do it out-of-band. For example, you could build a job on your CI server that runs automated regression tests but does not impact the existing pipeline flow. Doing so allows you to review the process and iterate as needed until all teams are ready to move such a process directly inline.
3. Train your team on the process– There will almost always be manual processes, so it is important to solidify these processes by training your team throughout the development, integration, staging, production, and feedback stages.
4. Implement changes into CI pipeline– Finally, once the changes to the pipeline and processes have been vetted and all teams are trained, you can make the switch.
Scaling
The last component of getting your automation out of an initial or beginner stage is starting to scale. With the above tools and processes in place, you should feel comfortable adding more automated tests and platforms. As your test matrix increases and the frequency of runs increases, executing tests in parallel becomes a high priority. Ideally, your automation framework should support the ability to execute tests in parallel. A challenge is making sure the tests that your team has developed work well when run at the same time. To do this, make sure your tests are as atomic and idempotent as possible. The state of the application after each test should (if possible) be the same as when it started. If this isn't possible, try to set up some test data for your tests in a way that each test relies on its own data. If test data used in one test can impact another, you will have a very difficult time debugging test failures.
If your framework doesn't support running tests in parallel, you could also set up separate jobs on your CI server to run groups of tests at the same time. This works, but generally adds additional complexity to your pipeline that could instead be encapsulated in your framework.
Read Part 3: Achieving Expert Status in Test Automation.
Industry News
Sonar announced two new product capabilities for today’s AI-driven software development ecosystem.
Redgate announced a wide range of product updates supporting multiple database management systems (DBMS) across its entire portfolio, designed to support IT professionals grappling with today’s complex database landscape.
Elastic announced support for Google Cloud’s Vertex AI platform in the Elasticsearch Open Inference API and Playground.
SmartBear has integrated the load testing engine of LoadNinja into its automated testing tool, TestComplete.
Check Point® Software Technologies Ltd. announced the completion of its acquisition of Cyberint Technologies Ltd., a highly innovative provider of external risk management solutions.
Lucid Software announced a robust set of new capabilities aimed at elevating agile workflows for both team-level and program-level planning.
Perforce Software announced the Hadoop Service Bundle, a new professional services and support offering from OpenLogic by Perforce.
CyberArk announced the successful completion of its acquisition of Venafi, a provider of machine identity management, from Thoma Bravo.
Inflectra announced the launch of its AI-powered SpiraApps.
The former Synopsys Software Integrity Group has rebranded as Black Duck® Software, a newly independent application security company.
Check Point® Software Technologies Ltd. announced that it has been recognized as a Visionary in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms.
Harness expanded its strategic partnership with Google Cloud, focusing on new integrations leveraging generative AI technologies.
OKX announced the launch of OKX OS, an onchain infrastructure suite.