Broadcast Date: Mon., Mar. 15, 2010 at 1:00 p.m. EDT
Speakers: Jeffrey Fredrick, Urbancode Technical Evangelist; Eric Minick, Urbancode Lead Consultant
Register Now

How confident are you with the content of what you are about to release? Do you know every change since the last release? Can you reproduce the release at will? Many of the teams we meet struggle with these fundamental issues of Software Configuration Management.

The most successful teams solve these problems by leveraging a binary repository or -- in ITIL terminology -- a Definitive Software Library (DSL). By providing an authoritative source for release artifacts, a well-managed binary repository can help address issues of compliance, traceability, and audit. Combined with dependency management, a binary repository provides a valuable starting point for impact and risk analysis.

But the benefit of using a binary repository is also felt earlier in the software-development lifecycle: By enabling effective component-based development, a binary repository can enable faster build times, facilitate more efficient collaboration between teams, and reduce the learning curve for new developers.

For software-configuration-management professionals who are concerned with audits or improving the efficiency of the software-development lifecycle, Eric Minick and Jeffrey Fredrick invite you to join them for this presentation where they will address:

• traditional approaches to controlling binary artifacts, including their shortcomings;
• essential elements of well-managed binary repository and inter-project dependency management; as well as
  
• patterns for adopting a binary repository and implementing dependency management.

Many of you are developing with light-weight servlet containers such as Jetty or Tomcat.  While these platforms lend themselves to rapid application development, they often force you to forgo some of the benefits of running in a larger application server.  One of the most challenging tasks is finding a way to integrate a transaction manager into a simpler servlet-container without adding too much complexity to your configuration.  In this post, Stephen Connolly demonstrates how configure the maven-jetty-plugin to start Jetty with OpenEJB.

To read the full post, click here.

 

As I write this, I’m sitting at the Dallas airport, suffering through a 3 hour delay on my flight to Washington D.C. to present at our 2nd Agile in Action Roadshow with our friends from Electric Cloud, Perforce, and VersionOne. As I have the time, I’ve been reflecting on my time here in Dallas, and the phrase “Everything is big in Texas” is bang on. Before I get to that though, I have to say that I do love Dallas…I’m not totally sure, but I truly believe I’m treated a little more special because of my last name (which I casually mention whenever I get the chance). Nothing like having the same surname as a famous coach from the Dallas Cowboys!

Okay, so why do I think the Everything is big in Texas is accurate. For starters, my big delay is due to a big thunderstorm. My rental car preference is a Compact car, and what do I get? A Yukon…I’m not sure what is bigger, this vehicle, or the Canadian Territory with the same name.

I saw big hair, big hats, big rings, big belt buckles, big omelets, big waffles, and big enchiladas. What I also saw was a big enthusiasm for Agile development. We had a great turnout that was fully engaged from the instant the roadshow began, asking questions wanting to know more, sharing their experiences with others, visiting with the vendors and not leaving until they got the information they needed. I wrote a few weeks ago about Agile adoption and where it currently was, and participating in this event, and speaking with the attendees, it allowed me to gain some additional data points that only strengthened my beliefs on this…Agile is definitely growing, and in all industries. As I said before, I truly believe almost all organizations have some Agile developments teams.

Hopefully the enthusiasm I encountered in Dallas will follow us to Washington D.C. And I’m thinking I may want to introduce myself as Todd Ovechkin…

Before I get into the story of this fascinating bug, I wanted to take a moment to introduce you to T.W.I.T. We liked the “bug-iversary” concept so much here at uTest that we decided to make it a recurring column, called T.W.I.T. or This Week In Testing (also noting the happy coincidence that the word “twit” is synonymous with “fool” and “dope,” words that characterize many of these bug follies ).

But I digress! So, this week in testing brings us an interesting heart device bug discovered March 12, 2008.

A team of computer security researchers were able to gain wireless access to a combination heart defibrillator and pacemaker. According to the New York Times,

[The researchers] were able to reprogram it to shut down and to deliver jolts of electricity that would potentially be fatal. The researchers said they had also been able to glean personal patient data by eavesdropping on signals from the tiny wireless radio embedded in the implant as a way to let doctors monitor and adjust it without surgery.

Read the full report here.

The researchers also made it clear that there’s no imminent need to be afraid of heart hackers for the following reasons: the experiment was worth $30,000 of lab equipment; it included specialists from the University of Washington & the University of Mass; the heart device was placed two inches from the test gear; and no security breach (in millions of implants worldwide) has ever been reported.

While risks are currently low, is too little attention being paid to security in the growing number of medical implants with wireless capabilities? Have you heard about any updates regarding this debate?

Rating: 0.0/5 (0 votes cast)

We just published a new feature to our website: a hosted trial version of TestRail. Instead of downloading the TestRail trial and installing it on your own server, you can now also request a hosted trial and we will automatically create a TestRail instance for you on our servers.

While TestRail is quite easy to install, it’s not always easy for customers to get the necessary resources for an installation in their organizations, so we want to help with this.

If you planned to take a look at TestRail but didn’t have the time or the resources to install it yet, make sure to request a hosted trial from our website.

We found this great blog post about the top 10 myths surrounding Maven.  The article offers in depth analysis of these Maven myths, a thorough debunking of each one, and constructive ways to take action if you still disagree.  To read the full article, click here.

Maven has been a real joy for me. It could be the simple fact that I can move from colleague to colleague’s project without wondering what ant tasks are available or where the files are. It could be the fact I don’t have to configure IDE’s anymore, not even for downloading sources. It could be some of my favorite plug-ins. Maybe it’s the 250,739 artifacts that are available in three lines of copy paste declaration. There’s a lot to love.

Thanks for the props!

 

We are happy to announce the release of TestRail 1.1, a new version of our web-based test management software. The new version comes with a complete permission and role system, introduces the new Blocked test status and comes with various other improvements, changes and bug fixes.

Roles and Permissions

TestRails new permission and role system allows you to restrict user permissions, hide projects from users and use fine-grained access control to customize TestRail according to your needs. TestRail’s new version comes with pre-configured standard roles such as Guest, Tester or Lead that you can assign to users. You can also customize the pre-configured roles or add completely new roles to TestRail.

Configuring the permissions of a role

Roles and user access can additionally be overridden on a per-project basis. This is especially useful if you want to assign individual permissions to users per project. But you can also use this functionality to hide projects from users, make entire projects read-only or to invite customers to access their projects in TestRail. The combination of TestRail’s user roles, project access settings and user-specific project access makes TestRail’s roles and permissions extremely flexible.

Changing a project’s access settings Blocked Status

TestRail 1.1 introduces a new test status, namely Blocked. The Blocked status makes it easier for testers to highlight tests that currently cannot be validated. For example, if a test cannot be completed because the test data is not yet ready or because the tested feature is not included in the tested software build, the Blocked status can be used to highlight this. Once a blocked test is ready to be tested, it is recommended to change the status back to Retest (or directly enter a test result).

Customize overview pages

To make it easier to work with a lot of data (such as milestones, test runs or suites), the new version allows you to select one of three different views for TestRail’s overview pages. The new views display the data in a more compact way:

Getting the new version

Existing customers can download the new version from our customer portal. New users can download TestRail or request a hosted trial of TestRail from our website. To view the complete list of changes for TestRail 1.1, please see our announcement forum. Please refer to TestRail’s Admin Manual on how to upgrade an existing installation.

This video demonstrates how easy it is to add dependencies using m2eclipse.    Because m2eclipse understands how to interact with a repository index, it can quickly locate a dependency by class name or by GAV coordinate.    Don’t know which artifact contains a particular class?   Just start writing code and use an Eclipse Quick Fix to search all Maven repositories for an artifact that contains a particular class.    Want to inspect and browse a Maven repository? Don’t use a web browser.  Use the built-in dependency search feature in m2eclipse.

 

Visual Studio 2010 is almost here – Microsoft just released the first Release Candidate which looks pretty solid and good. Microsoft added new interfaces for performance management solutions like dynaTrace to extend the Web- and Load-Testing capabilities (check out Ed Glas’s blog on what’s in VSTS Load Testing) to go beyond .NET environments and deeper [...]

We try not to plug Klocwork on this blog too much and keep the discussions around general software development issues, topics, and trends (with an obvious bias towards static analysis and software verification since those are our areas of expertise).

So, today I’ll go ahead and break that rule and encourage you to visit our new online resource library that includes videos, webinars, whitepapers, analyst reports, etc. All the assets are organized by category and tagged with their subject/content so everything is easy to find. I encourage you to check it out… here’s an example of the kinds of demos we’ve put up there so people can quick see what our tools are all about.

Next week I will be in Santa Clara, CA speaking at the CloudConnect Conference Event which is looking like it will live up to its billing as “the defining event that brings together the entire cloud computing community, including IT leaders, industry executives and developers”. My speaking timetable is as follows:

Keynote & General Sessions
10:00 AM–11:35 AM, Wed 17th March 2010

New Pricing Models: How Will They Impact ROI?
4:00 PM–5:00 PM, Wed 17th March 2010

In the last session, which consists of a panel of speakers, I will have a few minutes at the start to introduce myself, our technology and its innovative approach to management of cloud service executions and interactions.

And if I am very quick I will also have a small window in which to present our vision of cloud computing when there is increased competition in the delivery of common (shared) software services across an entire supply chain residing in one or more clouds.

If you are in attendance and would like to discuss further aspects of what is presented then please feel free to approach me after the sessions.

Register now for the next Sogeti Ireland webinar which we are hosting on 25 March from 11am-12pm. This webinar will examine some best practices, challenges, and benefits for IT departments in both the Public and Private sector that are seeking to support timely and effective business transformation.
Agenda
This webinar will look at:

• Software development and testing where Lean/Agile approaches are being adopted to be more flexible responsive to rapidly changing business needs
• Flexible delivery models such Software as a Service
• The vendor management aspects of outsourcing, and its variations, be it an onsite Managed Services, Nearshore, Farshore or blended RightShore™

The webinar, presented by Fran O’Hara (Practice Manager, Sogeti Ireland) and Declan Kavanagh (CEO, Sogeti Ireland), will draw on Sogeti’s global experience as well as current economic trends and extensive analyst research.

• Register Now

Business Transformation Series
We have assembled a team of thought leaders to present a series of five webinars on the theme of Recovery through Business Transformation. These webinars will look at topics such IT Transformation, SaaS, Cloud Computing, Agile/Lean and Public Sector Shared Services. Read more
If you have any questions, please contact us.

Goanna version 1.2 has been released. Download it now.

The major change is More Checks, in fact 40% more than were previously available in v1.1. Over the next few months we will continue to add new checks with each release. You can expect to see up to 100 additional high quality checks within the coming 6 months, which as usual will be free for all existing customers. Additionally, should you require a 30 day Trial Extension for your version 1.2 update please complete this trial extension request form.

We are also very pleased to announce the Beta release of Goanna for Command Line. This new command line version enables more flexibility and freedom for those wishing to integrate our powerful C/C++ static analyzer into their own development process. The Beta is currently available for Linux users and a version for Windows users is scheduled to be available in May. Linux users can now access a fully gcc-compatible solution integrated with over 60 classes of flow-sensitive quality checks to detect critical bugs as early as possible in the development cycle.

Inter-procedural analysis is also well under way, so stay tuned for a public Beta release soon!

Even though we focus very heavily on full-stack acceptance testing for the rails world, we know other forms of automated tests are critical as well. Our rails developers here make pretty heavy use of RSpec unit tests, and it’s nice to understand how to run those in parallel as well.

If you’re looking at how to setup a rails and selenium testing environment, check out our last post.

Parallelize the specs

We’ll use the excellent parallel_specs to beat a bit of parallelism into our specs. It prepares a separate database for each test environment, groups the specs to divide amongst processes, and then starts up a rails environment with a separate database for each group of processes.

I’ll paraphrase the installation instructions for convenience.

Install the required plug-in/gem:

sudo gem install parallel
script/plugin install git://github.com/grosser/parallel_specs.git

Here’s the semi-ingenious point – yaml can interpret ERB, so we can pass in an environment variable to the database.yml specifying at launch which database we want it to connect to.

Open config/database.yml and add the following:

test:
  adapter: sqlite3
  database: db/xxx_test<% ENV['TEST_ENV_NUMBER'] %>.sqlite3
  pool: 5
  timeout: 5000

(You can of course replace xxx_ with your project name)
So for example, to have our tests run against the xxx_test2 database, we would use:

export TEST_ENV_NUMBER=2; rake db:test:prepare

But it doesn’t make much sense to invoke it manually. That’s what plug-ins are for! Let’s go head and create/migrate a few test databases:

export TEST_ENV_NUMBER=0; rake db:test:create; rake db:test:migrate;
export TEST_ENV_NUMBER=1; rake db:test:create; rake db:test:migrate;
export TEST_ENV_NUMBER=2; rake db:test:create; rake db:test:migrate;

Great, now you’re able to run your non-Selenium tests in parallel!

But what about Selenium tests?

Stay tuned for our article on Sauce Labs’ SpecStorm plugin, that allows you to run your Selenium tests in true parallel fashion with Selenium Grid or our very own Sauce OnDemand service.

I must confess: I don't believe in regression testing. Not that I don't believe it can work, just that it doesn't.

After spending over 20 years in software testing and working with hundreds of IT shops, I have to report that effective regression testing--which is supposed to protect against unintended impact of intended changes - is about as common as development projects that are ahead of schedule and under budget. There are exceptions; some IT shops no doubt do a great job. But it's also true that some people have survived jumping off the Golden Gate bridge, which is not a strong recommendation for doing it.

So why doesn't regression testing work? I think it has to do with the way it is perceived and practiced.

For starters--and I'm only being halfway facetious here--what's with that name, anyway? Regression sounds bad--too much like repression, depression, and oppression. It sounds pejorative. And it doesn't seem to add a lot of value: Just makes sure that what used to work, still works. Most IT shops are rewarded for what they create--more features, new applications, cooler technologies. What glory is there in maintaining the status quo?

Furthermore, what's the difference between regression, system, or acceptance testing? Sure, there are subtle distinctions between the definitions of each, but at the end of the day, aren't they all about making sure the stuff works? Regression testing is about proving a negative: making sure that there is no unexpected impact from changes. How do you prove that something you don't expect to happen, didn't happen?

What's in a change?

Regression testing assumes you know what the application used to do before you make any changes, which implies a known set of requirements. But the fact is, few IT shops maintain current application requirements, relying instead on the individual expertise of testers conscripted from the ranks of business users. Thus, regression testing is only as complete as the knowledge of the person(s) performing the tests.

Aside from the inconsistency of this approach, there is a deeper problem. A "change" to an application's functionality is not necessarily the result of actual modifications to its code. In today's complex environment of interdependent and multi-tiered applications, there are myriad factors that can affect operations: a new version of the operating system, middleware, database, or change to the network topology or hardware configuration can result in downtime.

For example, I recently reviewed the production trouble tickets for a large IT shop and found that fewer than 25% of the incidents could truly be described as defects in the software itself. The rest were caused by ancillary system resources. Regression testers borrowed from the ranks of users can hardly be expected to know about, let alone understand and test for, the potential impact from changes of this nature. But if regression testing sounds bad and is poorly practiced, what's the answer? Well, how about renaming, redefining, and repositioning it?

What’s in a name?

First, lose the name “regression testing”. It not only conjures up negative images, it's also all about proving a negative, which is impossible.

Instead, start talking about Business Process Validation, which assures that critical business processes are still available and accurate after changes have been made.

Notice what we are going to assure: not what the system used to do, whatever that is, but that critical business processes are still available and accurate. The problem with regression testing is that what used to work is undefined. If you don't know everything the software used to do, how can you test it?

Consider the word critical, which means that BPV is concerned with those aspects of an application that are essential. In other words, we're not talking about every possible error condition, every bug ever detected, or each and every combination, boundary, data type, etc. This distinction is crucial because it implies risk management. If you know you don't have enough time or resources to get complete coverage, then prioritization is key.

Now think about a business process. The "business" half of this term places this type of testing squarely outside of development. The "process" half says that these are user scenarios, examples of everyday tasks that run the business, not mathematically derived test cases. Taken together, this means that the business-user community is both a participant and a beneficiary in BPV.

Finally, let's examine the phrase “after changes have been made”. Notice the word "changes" is not qualified: Instead of just modifications to application software, a change can be to the hardware or any aspect of the environment--even the business process itself. Critical applications reside in highly complex, interconnected environments, relying on multiple tiers and layers of functionality. It is unrealistic and downright naive to apply application-centric test techniques to integrated IT environments.

The implication is that the test environment should be a microcosm of your production environment--not just in its configuration, but in its processing cycles. Thus, BPV testing can't be cadged from a corner of a development system, making do with volatile data and unstable software configurations. It requires a tightly controlled and well-managed test environment.

The last detail to settle here is exactly where Business Process Validation fits in your delivery process. The most logical place is as a condition prerequisite to promotion into production. In other words, BPV should be the gateway to operations, the point at which the business confirms that it can continue to carry on uninterrupted. It happens last.

Why is that so important? Because someone in a deadline crunch might slight a process as obscure as regression testing, but who would dare fail to assure that critical business processes are available and accurate? Perish the thought!

For most who read a software testing blog, web access is a given — it’s always on, always up, usually fast, and even available on-the-go (as long as you remember to bring your Nexus One, Curve, iPhone, etc).

But not too long ago, the web was still in early adopter mode.  It was available (maybe) after you fired up that block you called a desktop computer; and after you endured the sound of your dial-up connection; and only if you exhibited zen-like patience with pop-ups and page load times.

Why am I taking this trip down memory lane?  Well, it could be because I saw the extended trailer for Hot Tub Time Machine (destined to be a classic, but NSFW).  More likely, however, is the fact that yesterday I read a couple of interesting pieces from Mashable & the BBC — about the global adoption of the Internet in the past decade, and the provocative question of whether or not web access is an inalienable human right in this day and age.  Both are worth checking out, if for no other reason than to make us appreciate what we have.

And since we have a global community of software testers, I’m extremely interested to hear what the software-savvy readers from every corner of the globe have to say about this very cool interactive map from the BBC.  Does this fit with your experience in your home countries?  What do you think this chart looks like in 2012?  2020?  Share your thoughts in the comments.

Now if you’ll excuse me, I have to go complain to the barista that the wi-fi in this Starbucks is taking way too long to download songs from iTunes and ripped files from BitTorrent, while I watch 30 Rock on Hulu.

Rating: 5.0/5 (6 votes cast)

Much has been said in the blogosphere about the differences between Maven and Ant.  Lines have been drawn between tech bloggers, and one thing has become clear; people love to argue about Maven versus Ant.  And we love the debate.  Constructive criticism is what keeps companies fresh, and products user-friendly.  Here is another chapter in the debate:

Standardization of build systems is one of the main benefits that Maven brought to the world. If you know one Maven project, you can switch to any other project built with Maven and feel comfortable immediately. This increases productivity, both personally and for your company, which is one of the reasons more and more companies switch over from Ant to Maven.

To read the full post, click here.

 

Sonatype is excited to announce that p2 is one of the finalists for the Eclipse Community Award!  P2 is a finalist in the ‘most open project’ category.  The winners will be announced at EclipseCon 2010 on March 22.  Sonatype’s Pascal Rapicault was also nominated in the ‘Top Committer’ category.  To watch a screencast of Sonatype’s p2 support, click here.

 

Last time, I talked about why it is ok to start testing early in the development process. I’m going to continue that thought process to discuss load testing without complete performance requirements.  This Load Testing 101 article says “If the real end user is going to do work with your application in a totally different way than you test you are as good as with no testing at all.” While there is a nugget of truth hidden in there, it is easy to take away the wrong understanding. One interpretation of that statement would be that “you must have … Continue reading »

Existing users of the dynaTrace AJAX Edition receive the update notification about the latest available version when opening your current dynaTrace AJAX Edition. Everybody else out there that needs a FREE tool for JavaScript/AJAX Performance Analysis for Internet Explorer 6, 7 & 8 can go ahead and download it from our download page. What does dynaTrace [...]