Quality assurance in dev ops and secops world

  • View
    66

  • Download
    4

Embed Size (px)

Text of Quality assurance in dev ops and secops world

Software Engineering RADAR

Prepared by :Anish Cheriyan, Director, Huawei Prepared By Anish Cheriyan, Director, Huawei Technologies

Topics

DevOps & SecOpsPractices in DetailSummary

BackgroundApplication & Embedded Development.Network Management SystemProtocol Stack

Traditional Quality AssuranceGated Approach for Quality Assurance

DevOps

DevOps is a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality

Security

Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-piTo err is human, to really screw up you need root password

SecOpsSecOps built into the Deployment Pipeline. Dev & Ops Collaborate and ensure desired level of Security

Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-pi

Case StudyConsider and CRM System which uses a Modeling tool to automate the business processes.The system which has two key parts-Workflow Engine and Workflow Modeling tool (UI) team . Workflow Engine works based on the rule engine. Modeling Tool uses the Engine. Total team size is around 60.

What are factors you will consider to designing your Continuous Delivery Architecture.

Short Feedback LoopsDevOpsDeliveryDeployment

Picture Coutesy: https://www.flickr.com/photos/

Requirement documentation at right granularity

OPS Perspective- deployability, modifiability, monitoribility RequirementsPicture Coutesy: https://www.flickr.com/photos/libramano/9372711893/

. Architecture Readiness for CD- deployability, modifiability, monitoribility , testability

. Continuous Delivery Architecture

. Build PipelineArchitecturePicture Coutesy: https://www.flickr.com/

Infrastructure ReadinessEnvironment Provisioning based on customer requirement analysis (OPS)

Right Tool Usage (VM, Container like Docker etc) for the respective requirementPicture Coutesy: https://www.flickr.com/

Build Pipeline

http://blog.xebialabs.com/2016/02/09/how-ing-increased-software-deployments-to-twice-a-day/continuous-deployment-pipeline/

System ArchitectureL1CI ArhitectureL2Deployment PipelineL3

C1C2C3M1

C1 Continuous Integration System C2 Continuous Integration System C3 Continuous Integration System

C1 Deployment PipelineC2 Deployment PipelineC3 Deployment PipelineHierarchical Approach for CD and DevOps

Quality Assurance in the Pipeline

Inspection/Static QA

Simian

Rules for managing the rules

Test QARead at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html

Security Assurance

Configuration QASingle Source Repository for all itemsBuild Script Quality (abstraction, modularization, coding guidelines) (Automatic or manual way)

Analysis of the Build Pipeline

BuildPrivate BuildVersion BuildFunction Buildities BuildDeployment BuildBuild 01PassPassFailFailFailBuild 02PassPassPassFailFailBuild 03PassPassFailFailFailBuild 04PassPassPassFailFailBuild 05PassPassFailFailFailBuild 06PassPassFailFailFailBuild 07PassPassFailFailFail

Test your Deployment pipelineRepeatabilityPerformanceReliabilityRecoverabilityInteroperabilityTestabilityModifiability

Cross Cutting Collaboration

SummaryContinuous attention to technical excellenceand good design enhances agilityLets Build Quality & Security into the deployment pipeline

Thank You@anishcheriyanwww.anishcheriyan.com