Quality assurance in dev ops and secops world
Download as PPTX, PDF1 like503 views
The document discusses the implementation of DevOps and SecOps practices to enhance software quality and security in continuous delivery systems. It emphasizes the need for collaboration between development and operations teams, architectural readiness, and effective tool usage for deploying applications. Key factors in designing continuous delivery architecture include short feedback loops, requirement documentation, and ensuring deployability, modifiability, and monitorability.
Quality assurance in dev ops and secops world
- 1. Prepared by : Anish Cheriyan, Director, Huawei Prepared By Anish Cheriyan, Director, Huawei Technologies
- 2. Topics • DevOps & SecOps • Practices in Detail • Summary
- 3. Background • Embedded Development. • Network Management System • Protocol Stack
- 4. Traditional Quality Assurance Gated Approach for Quality Assurance Requirem ent Design Coding Unit Test Functiona l Testing includes ities Independ ent V&V Launch
- 5. DevOps DevOps is a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality
- 6. Security Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a97 0b01a73dba51f6970d-pi ‘To err is human, to really screw up you need root password’
- 7. SecOps SecOps built into the Deployment Pipeline. Dev & Ops Collaborate and ensure desired level of Security Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a97 0b01a73dba51f6970d-pi
- 8. Case Study • Consider and CRM System which uses a Modeling tool to automate the business processes. • The system which has two key parts-Workflow Engine and Workflow Modeling tool (UI) team . Workflow Engine works based on the rule engine. Modeling Tool uses the Engine. Total team size is around 60. • What are factors you will consider to designing your Continuous Delivery Architecture.
- 9. Short Feedback Loops DevOps Delivery Deploym ent Picture Coutesy: https://www.flickr.com/photos/
- 10. •Requirement documentation at right granularity •OPS Perspective- deployability, modifiability, monitoribility Requirements Picture Coutesy: https://www.flickr.com/photos/libramano/9372711893/
- 11. . Architecture Readiness for CD- deployability, modifiability, monitoribility , testability . Continuous Delivery Architecture . Build Pipeline Architecture Picture Coutesy: https://www.flickr.com/
- 12. Infrastructure Readiness •Environment Provisioning based on customer requirement analysis (OPS) •Right Tool Usage (VM, Container like Docker etc) for the respective requirement
- 14. SystemArchitecture L1 CIArhitecture L2 DeploymentPipeline L3 C1 C2 C3 M1 C1 Continuous Integration System C2 Continuous Integration System C3 Continuous Integration System C1 Deployment Pipeline C2 Deployment Pipeline C3 Deployment Pipeline Hierarchical Approach for CD and DevOps
- 15. Quality Assurance in the Pipeline Inspectio n /Static QA Test QA Security Assuranc e Configura tion QA 'ities' Assuranc e
- 16. Inspection/Static QA Simian Rules for managing the rules
- 17. Test QA Read at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html
- 18. Security Assurance Static/Dyna mic Analysis (Fortify, Coverity) Scanning (Nessus, Nmap) Security Test (Threat Model) Attack
- 19. Configuration QA • Single Source Repository for all items • Build Script Quality (abstraction, modularization, coding guidelines) (Automatic or manual way)
- 20. Analysis of the Build Pipeline Build Private Build Version Build Function Build ities Build Deploym ent Build Build 01 Pass Pass Fail Fail Fail Build 02 Pass Pass Pass Fail Fail Build 03 Pass Pass Fail Fail Fail Build 04 Pass Pass Pass Fail Fail Build 05 Pass Pass Fail Fail Fail Build 06 Pass Pass Fail Fail Fail Build 07 Pass Pass Fail Fail Fail
- 21. Test your Deployment pipeline Repea tabilit y Perfor mance Reliabi lity Recov erabili ty Intero perabil ity Testabi lity Modifi ability
- 23. Summary • Continuous attention to technical excellence and good design enhances agility • Lets Build Quality & Security in..