One of the aims of DevOps is to improve and change the relationship between development (Dev) and operations (Ops) by advocating better communication and collaboration between business units. One of the ways that implementing continuous delivery through DevOps practices can help is by “shifting left” testing. This helps to improve quality, reduce the number of issues found at the end of the product development cycle and shorten test phases.

“Teams who use traditional waterfall software development practices tend to perform the majority of testing when most of the product code is complete. This means that often defects are found later in the software development cycle such as in final user acceptance testing (UAT). Due to schedule pressures to ship new releases, this also means that some defects are not discovered until after delivering to the customer,” says Keith Watson, Director of DevOps at ADP UK.

DevOps practices

Increasingly users of software systems have expectations that these systems will be available 24 by 7, have a short period of downtime and work better after changes are applied to production. There have been a number of well-published failures of system upgrades such as the recent TSB upgrade. In this example, not only was the system down for long periods but was functionally deficient for a long period after deployment. This illustrates the need to improve testing within the software cycle. With “shift left” comes two key DevOps practices: continuous testing and continuous deployment. Using both of these techniques allows testing to be performed earlier and more efficiently.

“Shifting left refers to the fact that when using agile and DevOps principles, you can build smaller parts of the product independently which can then be tested earlier. For example, shifting left some tests into unit tests as part of an agile sprint. This also improves the feedback loop to the developers because they will see the results of the testing when they are still in the coding phase rather than later in the product lifecycle when they may have moved onto other tasks,” explains Watson.

Reducing failure rates

Security teams can also learn a lot by embracing shift left testing. Traditionally penetration testing is performed later in the cycle. However, developing smaller modules in agile teams using DevOps techniques means that security testing can be performed earlier using tools such as software composition analysis and static application security testing.

Using cloud and pattern capabilities, automated testing, deployment tools and service virtualisation technology also allow teams to “shift left” testing and reduce failure rates.

Watson explains further: “Automated testing per se does not “shift left” but automated testing is most often used when creating unit and API test cases for smaller functional elements. Deployment tools then allow teams to deploy the code and test cases regularly to environments with standard consistent configurations. Once these tests are working then these can be added to a “regression test bucket” framework.

Regression tests

“When a new functional element is introduced then this test bucket can be run in addition to any new tests. If some regression tests fail then the new code has “introduced a regression” in the product by causing some function to stop working. This can then be fixed earlier to prevent functional deficiencies being reintroduced into live systems.

“Implementing cloud capabilities and service virtualisation technology enables development teams to create ephemeral (temporary) environments to test smaller functional elements. These “cloud instances” are easier to produce using standard recipes and can be deleted after the testing is finished. This changes the way testing is done from testing late (shifted right) in a large UAT environment to be tested often in smaller virtualised cloud environments earlier (shifted left).”

In summary, using DevOps techniques and cloud capabilities enables testers to engage with the development teams and find functional defects earlier in the software development cycle. It also enables testers later in the cycle to focus on validating the user experience and provides a higher degree of confidence that the software product is ready for release to the customer.

Written by Leah Alger