Quality assurance in dev ops and secops world

  • View

  • Download

Embed Size (px)

Text of Quality assurance in dev ops and secops world

Software Engineering RADAR

Prepared by :Anish Cheriyan, Director, Huawei Prepared By Anish Cheriyan, Director, Huawei Technologies


DevOps & SecOpsPractices in DetailSummary

BackgroundApplication & Embedded Development.Network Management SystemProtocol Stack

Traditional Quality AssuranceGated Approach for Quality Assurance


DevOps is a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality


Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-piTo err is human, to really screw up you need root password

SecOpsSecOps built into the Deployment Pipeline. Dev & Ops Collaborate and ensure desired level of Security

Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-pi

Case StudyConsider and CRM System which uses a Modeling tool to automate the business processes.The system which has two key parts-Workflow Engine and Workflow Modeling tool (UI) team . Workflow Engine works based on the rule engine. Modeling Tool uses the Engine. Total team size is around 60.

What are factors you will consider to designing your Continuous Delivery Architecture.

Short Feedback LoopsDevOpsDeliveryDeployment

Picture Coutesy: https://www.flickr.com/photos/

Requirement documentation at right granularity

OPS Perspective- deployability, modifiability, monitoribility RequirementsPicture Coutesy: https://www.flickr.com/photos/libramano/9372711893/

. Architecture Readiness for CD- deployability, modifiability, monitoribility , testability

. Continuous Delivery Architecture

. Build PipelineArchitecturePicture Coutesy: https://www.flickr.com/

Infrastructure ReadinessEnvironment Provisioning based on customer requirement analysis (OPS)

Right Tool Usage (VM, Container like Docker etc) for the respective requirementPicture Coutesy: https://www.flickr.com/

Build Pipeline


System ArchitectureL1CI ArhitectureL2Deployment PipelineL3


C1 Continuous Integration System C2 Continuous Integration System C3 Continuous Integration System

C1 Deployment PipelineC2 Deployment PipelineC3 Deployment PipelineHierarchical Approach for CD and DevOps

Quality Assurance in the Pipeline

Inspection/Static QA


Rules for managing the rules

Test QARead at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html

Security Assurance

Configuration QASingle Source Repository for all itemsBuild Script Quality (abstraction, modularization, coding guidelines) (Automatic or manual way)

Analysis of the Build Pipeline

BuildPrivate BuildVersion BuildFunction Buildities BuildDeployment BuildBuild 01PassPassFailFailFailBuild 02PassPassPassFailFailBuild 03PassPassFailFailFailBuild 04PassPassPassFailFailBuild 05PassPassFailFailFailBuild 06PassPassFailFailFailBuild 07PassPassFailFailFail

Test your Deployment pipelineRepeatabilityPerformanceReliabilityRecoverabilityInteroperabilityTestabilityModifiability

Cross Cutting Collaboration

SummaryContinuous attention to technical excellenceand good design enhances agilityLets Build Quality & Security into the deployment pipeline

Thank You@anishcheriyanwww.anishcheriyan.com