quality assurance in dev ops and secops world
TRANSCRIPT
![Page 1: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/1.jpg)
Prepared by :Anish Cheriyan, Director, Huawei
Prepared By Anish Cheriyan, Director, Huawei Technologies
![Page 2: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/2.jpg)
Topics
• DevOps & SecOps• Practices in Detail• Summary
![Page 3: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/3.jpg)
Background
• Application & Embedded Development.• Network Management System• Protocol Stack
![Page 4: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/4.jpg)
Traditional Quality Assurance
Gated Approach for Quality Assurance
Requirement
Design
Coding
Unit Test
Functional Testing includes
ities
Independent V&V
Launch
![Page 5: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/5.jpg)
DevOps
DevOps is a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality
![Page 6: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/6.jpg)
Security
Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-pi
‘To err is human, to really screw up you need root password’
![Page 7: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/7.jpg)
SecOps
SecOps built into the Deployment Pipeline. Dev & Ops Collaborate and ensure desired level of Security
Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-pi
![Page 8: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/8.jpg)
Case Study• Consider and CRM System which uses a Modeling tool to
automate the business processes.• The system which has two key parts-Workflow Engine and
Workflow Modeling tool (UI) team . Workflow Engine works based on the rule engine. Modeling Tool uses the Engine. Total team size is around 60.
• What are factors you will consider to designing your Continuous Delivery Architecture.
![Page 9: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/9.jpg)
Short Feedback Loops
DevOps
Delivery
Deployment
Picture Coutesy: https://www.flickr.com/photos/
![Page 10: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/10.jpg)
•Requirement documentation at right granularity
•OPS Perspective- deployability, modifiability, monitoribility
Requirements
Picture Coutesy: https://www.flickr.com/photos/libramano/9372711893/
![Page 11: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/11.jpg)
. Architecture Readiness for CD- deployability, modifiability, monitoribility , testability
. Continuous Delivery Architecture
. Build Pipeline
Architecture
Picture Coutesy: https://www.flickr.com/
![Page 12: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/12.jpg)
Infrastructure Readiness
•Environment Provisioning based on customer requirement analysis (OPS)
•Right Tool Usage (VM, Container like Docker etc) for the respective requirement
Picture Coutesy: https://www.flickr.com/
![Page 13: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/13.jpg)
Build Pipeline
http://blog.xebialabs.com/2016/02/09/how-ing-increased-software-deployments-to-twice-a-day/continuous-deployment-pipeline/
![Page 14: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/14.jpg)
Syst
em A
rchi
tect
ure
L1CI
Arh
itect
ure
L2De
ploy
men
t Pi
pelin
eL3
C1
C2
C3
M1
C1 Continuous Integration System
C2 Continuous Integration System
C3 Continuous Integration System
C1 Deployment Pipeline
C2 Deployment PipelineC3 Deployment Pipeline
Hierarchical Approach for CD and DevOps
![Page 15: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/15.jpg)
Quality Assurance in the PipelineInspection /Static
QA
Test QA
Security Assuranc
eConfiguration QA
'ities' Assuranc
e
![Page 16: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/16.jpg)
Inspection/Static QA
Simian Rules for managing the rules
![Page 17: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/17.jpg)
Test QA
Read at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html
![Page 18: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/18.jpg)
Security Assurance
Static/Dynamic Analysis
Scanning
Security Test
(Threat Model)
Attack
![Page 19: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/19.jpg)
Configuration QA• Single Source Repository
for all items• Build Script Quality
(abstraction, modularization, coding guidelines) (Automatic or manual way)
![Page 20: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/20.jpg)
Analysis of the Build Pipeline
BuildPrivate Build
Version Build
Function Build
ities Build
Deployment Build
Build 01 Pass Pass Fail Fail FailBuild 02 Pass Pass Pass Fail FailBuild 03 Pass Pass Fail Fail FailBuild 04 Pass Pass Pass Fail FailBuild 05 Pass Pass Fail Fail FailBuild 06 Pass Pass Fail Fail FailBuild 07 Pass Pass Fail Fail Fail
![Page 21: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/21.jpg)
Test your Deployment pipeline
Repeatability
Performance
Reliability
Recoverabili
ty
Interoperabil
ity
Testability
Modifiability
![Page 22: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/22.jpg)
Cross Cutting Collaboration
![Page 23: Quality assurance in dev ops and secops world](https://reader031.vdocuments.us/reader031/viewer/2022022203/58789c3c1a28ab42588b4a17/html5/thumbnails/23.jpg)
Summary
• Continuous attention to technical excellenceand good design enhances agility
• Lets Build Quality & Security into the deployment pipeline