Posts By :

admin

Continuous Delivery (CD) and it’s benefits

In the world of software, CD is one such development practice that present benefits to all the stakeholders (Development, Operations, Testers, Business teams). Continuous Delivery is for every organization driven by software, it is hard to think of business not using software.

It benefits people and requires changes around people for better adoption and implementation. It starts with Collaboration, change in skillsets, perfect hand-offs; Top Down drive for CD, Adoption of technology, Elastic Environments, Stronger Pre-Production and automation.

There are companies that are still contemplating investing in CD and some companies which think they are doing it are still running into deployment issues and code failures with every release. If you lie in the latter camp, it is time to rethink your approach towards it and look at the benefits you are getting for all the teams. It provides everyone with their share of benefits. Read on to know how CD benefits everyone –

Developers – More efficiency and reduction in tech debt

Without tools and processes in place, developers spend more time in fixing code issues, instead writing new codes. Developers are pressed with looking into past codes written months back and waste time in fixing them. With deadlines approaching fast, they write low quality and less clean codes, compromising on the overall product quality.

CD enables proper feedback loop which speed up resolving issues when they are fresh in the mind of developers instead guessing and waiting till the end. Tools and processes for version control makes developers life easier by keeping track of the changes done in the project without being lost. Similarly, tools for automating provisioning of environments help in saving time and efforts, ensure compliance and security practices from the beginning of the development lifecycle. This benefits developers in the ways mentioned below –

  • Better end to end visibility to trace the changes and error codes
  • Writing new and quality codes improving product quality
  • Faster feedback loops
  • Integrated compliance and security best practices
  • Less dependency on operations

Operations – Less Firefighting, More Innovation

Traditional IT Ops is tasked to provide reliable, stable, optimized and highly available infrastructure. At the same time, they are working closely with the development teams to ensure environments are available, functioning at peak performance, make sure rolling out new environments doesn’t hamper the stability of old ones. This requires operations to keep on doing redundant work and achieve desired SLAs. In a non-DevOps environment, applications or systems going down is often being blamed on operations.

With CI/CD and DevOps, the lines between development and operations are blurring and everyone is responsible for overall application performance. In DevOps – Developers can provision environment whereas operations can understand code, creating a team of hybrid skillsets. This gives operations time to look beyond operational issues and contribute towards innovation. This allows operations to deliver environments quickly, testing with real users and shift from cost centre to innovation centre. Some of the benefits CD brings in for Operations are –

  • Leading the innovation front for digital transformation
  • Stable and highly available environments
  • Efficient operations due to removal of unnecessary wastage, waiting times and processes
  • Reduce bottlenecks and dependencies on each other

QA – Never ever shipping the broken code into production

The main job of quality assurance team is to keep software ‘ready to be deploy’ every time new code is written and merged with source repository. The aim is to accelerate deployment but in develop-first-test-later environment QA is a bottleneck and holding it back.

DevOps is fuelling faster adoption of Automation across the Development Lifecycle. CD involved functional testing and performance and security tests. This increases more confidence in deployments and keeping application deploy ready all the time. With DevOps, there are high chances of errors being caught by QA and fix it, before deployment. DevOps gives safety net of shipping code as tests are well integrated in the development cycle with automation. DevOps benefits QA teams by –

  • Integrating QA in the development process
  • Keeping applications ‘ready to deploy’
  • Early detection and faster resolution of defects
  • Quick rollbacks to achieve stable state
  • Spend more time in writing new tests than executing redundant ones

Business – Features reach market faster

The business teams are looking for increase in revenues, better customer satisfaction, reduced costs, end to end visibility about the new launches, and data & insights availability to support decisions. DevOps fosters improved collaboration between development and business teams. Marketing knows when the next product is coming out, sales know what and when to up-sell and cross-sell and customer service knows when the next feature is rolling out and how they can help customers in using and understanding them. DevOps presents businesses with set of benefits such as –

  • Businesses decide to go live, not the operational issues
  • Faster time-to-market
  • Improved customer experience
  • More time in innovation rather than fixing
  • Improve communication and collaboration

Integrating CD into your teams

CD and DevOps are more of cultural change and less of tools and technologies and as humans, we all tend to resist change. It is very crucial to make your teams aware of the benefits it brings in and how the teams adopting DevOps are running less into deployment issues making everyone happier.

Whether it is culture, process or technology transformation, Qentelli has worked with customers to mature CI/CD implementations or helping teams to adopt it better. Our expertise in this space has helped many enterprises and smaller organizations to realize and quantify the benefits organizations are looking for with DevOps adoption.

To learn and explore more in detail, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details-

Facebook Twitter Linkedin

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

www.qentelli.com

Intelligent Test Automation – The Qentelli way towards test automation

Businesses have realized that seamless digital experiences are less of a choice and more of a necessity in the world of ‘being connected’ always. Businesses have already started using agile and DevOps methodologies to create omnichannel and seamless experiences for customers. This means that every single code or apps and software releases need to be rolled out immaculately coupled with billions of devices connected to the environment. The advancements in the technology and need for speed requires second thought on: Is traditional way of testing will be able to cope up with the advancements in the digital world? What is the way out to survive in a digital world that requires real-time and high-quality digital experiences?

This article talks about how intelligent test automation can transform the software testing services to match up with the digital world software deliveries.

The challenges of test automation

Companies are using automation to put large amounts of test data into action, otherwise lying idle. Automation based AI algorithms can help in generating and optimizing test cases, prioritizing testing, monitor test results, and capture data.

The challenges of test automation cannot be generalized as they are dependent on where the companies lie in their overall journey of DevOps. For companies, those who have just started their DevOps journey, even capturing test data can be a challenge. The second challenge can be the time taken to automate test cases is long adding delay to overall development lifecycle. Whereas DevOps mature companies might be facing a challenge to plug in testing automation in the overall DevOps chain or moving from automated testing to continuous testing. Usually, companies keep test automation behind the actual development.

For instance, if a developer is adding a feature in sprint x, the automation of that feature is done in sprint x+1 or x+2 but in DevOps, the feature needs to be tested with automation in sprint x itself i.e. in-sprint automation.

The approach towards test automation should change from taking it after the development to integrate it with the development process. The test automation should be integrated with the Continuous Integration/Continuous Delivery (CI/CD) pipeline and act as a quality gate.

The future of test automation and how to start building futuristic test automation practices

Test automation is going to move beyond testing applications, environments, creating redundant tests for creating end-to-end automated user journeys. Owing to the fact that testing or development is no more working in silos under DevOps and every single function is accountable for accelerating application performance without compromising on quality, creating seamless experiences for users.

The future of test automation is about building business specific processes and strategies for test automation solutions based on the technology and type of application businesses are using. Futuristic businesses are dealing with advanced technologies and at the same time, they cannot do away with legacy solutions and thus, custom solutions are required. The future of test automation solutions will change based on app landscape and user journeys for every business.

Some of the ways to get started on building test automation strategies that will take you far –

  • Be tool and technology agnostic – Companies have a vast tool, technology, and application landscape and this keeps on evolving as per business needs. This advocate for multiple options of test automation tools and platforms. Today’s best automation tools will not align with the technologies of tomorrow. This requires businesses to build tool and technology agnostic framework with industry practices such as behavioral driven testing.
  • Build a solution for scalability and performance – The new test automation practices need to be scalable as per the business scalability. The key characteristics of scalable test automation solution is easy to develop for better adoption and full test coverage, quick to deploy for faster feedback cycle, completely automated for repeat and reliable results and cost-efficient even with growing business.
  • Work in sprint with the development team – Testing sprint needs to be integrated with the development sprint, whereas in most of the scenarios, testing is lagging. Application development and testing must be in the same sprint for quality and achieve maximum coverage during the development phase itself.
  • Automate test data required for testing – Test data automation is usually a challenging, time-taking and a very crucial step towards achieving test automation. Test data automation requires articulating a long-term vision, thinking about the context in terms of application, development standards, user testing etc. Read complete test automation best practices here.
  • Automate test environment creation – The manual provisioning of the environment will not be able to sustain for companies moving towards DevOps and automation, and companies must get rid of it quickly. Automating test environment can improve the test cycle times and ensures quality application or code being rolled out every single time, without impacting compliance and security standards.
The Qentelli Way

We at Qentelli have built many custom solutions for legacy, modern, web, mobile and other types of app landscapes. They have become like reusable utilities which can be plugged in together to make everything work seamlessly with all the devices connected with the application.

Qentelli has a suite of accelerators such as MoBe (Mobile and Beyond) for all the device access and automation, FAST (Framework for Automated Software Testing), AiR (Artificial Intelligence for remediation across the DevOps value chain) and others that provide advantage to test automation initiatives by integrating test automation within the complete DevOps value chain.

Our automation tools provide enterprise level test automation with DevOps first approach helping organizations to expedite their digital journey by testing fast, increase their test automation coverage and improves return on investment. Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing, and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

How DevOps is driving digital transformation initiatives

Companies are marching towards digital transformation with lightning pace, the reason being there’s no single business where customers don’t surf, swipe or click their way to interact with businesses in the world of application economy. This requires a pressing need to innovate faster, making innovations available for customers at a faster speed and stay ahead of the competition. There’s no second thought involved in the fact that business success largely depends on accelerating application performance without compromising on quality and performance. Thus, business success is directly proportional to their maturity in digital transformation journey.

The need for speed puts both developers and operations team under pressure to build world-class applications providing better user experience and operations fixate on providing stable production environments.

This article outlines how DevOps can help companies in driving their digital transformation initiatives.

DevOps and digital transformation initiatives

Digital transformation is about building applications across platforms and aligned with business needs to innovate fast and receive faster feedback from both business and end users and releasing applications at a fast pace. This is where DevOps comes in, to help companies accentuate their digital transformation activities by building continuous delivery, deployment, monitoring, and testing practices.

DevOps helps organizations to approach digital transformation from a business perspective to increase bottom line, improve customer experience and lower operation costs. This helps in getting development and operations team at the same platform to have an end to end visibility about the developments, deployments, production fixes, bugs, handling environments, managing releases, unlike the traditional application development practices. This enables planned releases and faster communication to act on production defects, code issues and application performance issues caused unanticipated application downtimes and rollbacks.

DevOps requires automation of all activities that are redundant, and automation can take care of them. Some of them are release management such as code analysis, continuous build, integration, and testing. This saves a lot of time for both development and IT teams in firefighting and brings a significant process change in tackling errors, rolling out features, enable faster feedback cycles with continuous monitoring and testing practices. This is because of less human intervention and more of automation being introduced with the DevOps tools and technologies.

DevOps enables faster feedback cycles imperative to expedite digital transformation initiatives by acting fast on the feedbacks received from business users and customers. Continuous improvement with DevOps is required to catapult the firm’s digital transformation journey and receiving a precise response within the right time frame is paramount.

The Qentelli Way to accelerate digital transformation

Many companies are struggling to realize the direct connection in implementing DevOps and digital transformation journey. The direct relation exists as if businesses are not innovating fast, still running on manual processes of testing, hand-offs, deploying production environments, the entire digital transformation journey will go for a toss.

Qentelli has worked with many organizations across the globe in baking and retail sectors to accelerate their digital transformation exercises and helping them outpace the innovation.

The Qentelli way can be summarized as below –

  • Quality Engineering – CI/CD, Early Automated Testing and DevOps
  • Quality Intelligence – Metrics and Analytics to understand the trends and further to Predict Quality
  • Quality Assurance – Functional, Non-Functional and Business Process Testing

Qentelli has a suite of accelerators such as MoBe (Mobile and Beyond) for all the device access and automation, FAST (Framework for Automated Software Testing), AiR (Artificial Intelligence for remediation across the DevOps value chain) and others that provide advantage to digital transformation initiatives by collecting data from various data sources and derive actionable insights to improve processes, provide predictions for incidents and auto-healing broken processes.

Our automation tools provide enterprise level test automation with DevOps first approach helping organizations to expedite their digital journey by testing fast, increase their test automation coverage and improves return on investment. Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

Getting Started with DevSecOps

If you ask CIOs or even CEOs what keeps them up at night, chances are that most of them will respond with ‘Security Breaches”.

IT Security has become a game of continuous one-upmanship on both sides of the fence – attackers are finding new ways to get into systems, while defenders are innovating to stop them before they do.

How can developers and testers help to improve the security posture to at least some extent? The answer is “baking” security into the application development process.

Web applications have a much lower risk profile with improved firewalls and access controls being deployed, but they continue to be a large attack vector – large enough to dedicate time and money to reduce risk.

An alarming fact published by Veracode is that about 75% of all applications have some security vulnerability that could be exploited!Source: State of Software security – A Developer’s Guide 2017 by CA Veracode


Kaspersky Labs found that 90% of Enterprises had a security breach in a quarter, with the potential financial impact on an average of $550KSource: Damage Control: The Cost of Security Breaches by Kaspersky Labs 2018

Comparing OWASP Top 10 from 2013 to the 2017 version (latest version), it is surprising that the Top 2 vulnerabilities are persisting. The next 3 are also issues that point to lack of security coding practices and automated security testing.Source: OWASP Top 10

With so much data available on the vulnerable areas and business impacts, are companies doing more frequent security testing for their apps? Apparently not.Source: https://www.sans.org/reading-room/whitepapers/analyst/survey-application-security-programs-practices-34765


The Solution: DevSecOps

DevSecOps is not a new concept, but for companies that have started or just starting with DevOps initiatives, it makes good sense to include Security testing within their build and test pipelines from the start.

With Dev teams using open-source and proprietary libraries, cloud, micro-services, containers etc. joining the product technology landscape, each of these components bring along their own set of security challenges into the overall product architecture.

How can Engineering teams start with integrating security tests within DevOps?

Teams can start using the 3 layers of application security integration in the Development process:

  • Secure coding standards
  • Integrating Static Application Security Testing (SAST) tools in Developer Builds
  • Integrating Dynamic Application Security Testing (DAST) tools in QA Builds

Let’s take a closer look at these layers and how you can integrate them into your Development process for overall security around your application stack –

Secure Coding Standards

It all starts with the code – Unsafe coding practices can result in vulnerabilities in application software that can be difficult to detect and expensive to fix later in the lifecycle. OWASP, SEI, NIST and several other Standards organizations and private companies publish secure coding guidelines covering all major programming languages.

These practices cover all development areas, for example:

  • Input Validation
  • Authentication and Authorization Management
  • Credentials Management
  • Session Management
  • Access Control
  • Encryption of Data at rest and in Transit
  • Resource Management

Integrated Development Environments (IDEs) are used by almost every developer, so plug-ins have been developed for these IDEs that can assist Developers in identifying and fixing errors when writing source code. Some of these tools include SecureAssist, GreenLight, ASIDE, FxCop, FindBugs.

Static Application Security Testing (SAST)

There are multiple tools available that can automate static code analysis rules during the build process and prevent developer branch from merging with the baseline repository. Some of the validations that can be performed at this stage include:

  • Software Component Analysis for identifying issues in third-party libraries and packages
  • Secure coding guidelines for the specific language
  • Unpatched libraries – when more recent versions of libraries are available, but not included in the source code calls
  • Injection – although more well-known for SQL calls, Injection vulnerabilities can occur in API calls or even Javascript
  • Unreleased Resources – DB connections, object references, data collections etc., may not have been released in the code, potentially leading to Denial-of-Service (DoS) attacks
  • Improper Error-handling – Developers may insert messages during development for easier debugging and may miss removing them when promoting code to higher environments. Another common mistake is not having a catch-all Error handling mechanism, that can provide a useful error message without revealing the technical details of the OS, Servers, language etc)

Some common SAST tools that integrate with CI Pipelines are:

TOOL LANGUAGES SUPPORTED SUPPORTED CI/CD PLATFORMS
SonarQube Java, .NET, Python, Ruby and many other languages Jenkins, TeamCity, Microsoft TFS, Bamboo, Azure Pipelines
Checkmarx Multiple Languages including Java and .NET Jenkins, TeamCity, Microsoft TFS, Bamboo
Fortify Multiple Languages including Java and .NET Jenkins, Bamboo and some other tools through CLI
RIPS PHP is the primary language supported Jenkins, Bamboo
IBM Appscan Multiple Languages including Java and .NET Jenkins, TeamCity
Brakeman Ruby on Rails Jenkins
OWASP Dependency Check Java and .NET fully supported. Other languages have some limited support Jenkins
Dynamic Application Security Testing (DAST)

As the name implies, DAST tools find security issues when the application interacts with other system components like web services, DB and third-party components. In short, these tools run checks that simulate an external attacker trying to gain entry through the application.

Due to the dynamic nature of the applications, DAST tools are not 100% effective in uncovering security issues, but they can provide a very effective line of defense. Most common vulnerabilities have already been identified and included in these tools, so only very smart hackers can find issues after these tests are run.

Some of the core validations that DAST tools can perform include:

  • Application Penetration Tests
  • Production Deployment Configuration Tests
  • Injection tests
  • Session Management
  • Cross-Site forgery
  • Data at Transit issues

Common DAST Tools that integrate within the CI-CD Pipeline include

TOOL APPLICATIONS SUPPORTED SUPPORTED CI/CD PLATFORMS
OWASP ZAP Web Jenkins
Gauntlt Web Gauntlt can be set up within Docker containers and then integrated with Jenkins
BDD-Security Web Jenkins can trigger the BDD-Security Framework and analyze results
IBM AppScan Web, Web services/API, Mobile Jenkins
HP WebInspect Web, Web services/API, Mobile Jenkins

We can construct a pipeline integrating these tools as shown below:

Note: The Tools shown are for illustration only – the actual toolset will depend on your environments, platforms, budget, Risk profile etc.

Key Point: To increase the security Test footprint, you may have to write custom tests (using selenium or similar tools). These could cover areas such as:

  • Duplicate session validation
  • User Authorization tests
  • HTTP Header spoofing

Key Point: The results generated by all of the tools are NOT uniform, with the result that you may have to review multiple reports, logs etc to get an overall picture. For example, Jenkins can call HP Fortify, but the tool results are not reported back to Jenkins.

To summarize:

  • Your applications and data are under constant attack. A breach can cause a very serious financial and reputational loss for your business and, increasingly, for you personally (due to US & European Regulations)
  • There is no magic fix for security. Instead, a defense-in-depth strategy starting from the application level and comprised of multiple tools, processes, and practices is much more resilient and effective
  • Leverage automation where you can, particularly for software testing
  • Integrating Automated security tests into your DevOps pipeline is becoming easier with modern tools
How can Qentelli help:

Qentelli works with some of the world’s largest companies to implement Automation across the lifecycle and has pioneered use of DevSecOps in these Engagements. Qentelli also has a custom-built Engineering Dashboard, TED, that can pull results from any software product which exposes such data through an API.

TED can be used to review metrics from the entire DevSecOps toolchain to get a complete view of functional and non-functional test results.

To learn and explore more in detail about Qentelli’s AI-driven automated testing solutions and DevSecOps implementations, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details– Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

Moving from Continuous Integration to Continuous Delivery – The “Qentelli Way” to successful DevOps

Enterprises want to innovate at faster pace, to match expectations from end users, and to beat competition. Continuous Delivery and DevOps are key to achieving the pace of innovation organizations are looking for. Many organizations who have moved from traditional models of development to Agile, have achieved some level of Continuous Integration, to support their Agile initiatives. Organizations are still struggling with the move to the next level, to help them achieve true DevOps. From idea to released product is what determines how fast an organization can innovate. Read on, to know how you can take that next step, and become successful at DevOps

Failing fast at CI

If you have practiced agile for a while, you should have implemented some level of continuous integration. Checking in code to version control system, polling the changes periodically and running builds through a CI system.

Taking the next step from such practice towards DevOps, is to achieve faster CI cycles, which provide feedback on whether a build was successful, and if its deployment to the Dev environment was successful. While traditional CI cycles stop at running builds, and tests in some cases, the new CI cycle should involve running builds, executing unit and integration tests, code analysis and deployment to Dev environment. After successful deployment to Dev environment, quality gates should be setup to mark the deployment as success or failure. All these steps should happen within minutes, to help with faster feedback to development team, so they can fix issues faster.

Branching your way to CD

As part of Continuous Integration, the branching strategies were not given a lot of importance. They were used to better manage code based on releases. To achieve Continuous Delivery, having a proper branching strategy, and promoting the code between different environments based on the feedback from quality gates at each stage of pipeline is very important. The CI systems should be configured to run different jobs based on the branches and provide a way to auto-merge and promote the code to higher environments. The key to achieving Continuous delivery successfully would be to setup the right branching strategy for your end to end CI/CD pipeline.

Adding Continuous Testing into the mix

People often think automated testing is the same as continuous testing. Although as part of Agile, test automation was given utmost importance, the automation has always been Sprint-n. For continuous delivery being in-sprint with test automation is very important, as you like to test the features you like to release at end of pipeline. Continuous testing does not mean running all the 1000’s of selenium tests you might have created. It is important to build the right set of tests to test the features being rolled out, and make your test automation act as a quality gate to provide feedback on your release. Being able to leverage parallel execution mechanisms to complete test execution faster is also a key implementation strategy for continuous testing. Test automation frameworks should be designed with these considerations in mind.

Magic of metrics

Metrics were always important in an engineering lifecycle. For a successful DevOps, metrics have become much more important than ever. But it is no longer useful to have multiple sources of data to look for answers. DevOps needs actionable insights into data, often pulling details from different data sources into a single metric. While metrics from tools such as Jira were used to make Go-No Go decisions as part of Agile releases, for continuous delivery, the releases happen in automated fashion, and hence quality gates determine Go-No Go decisions of releases most times. To have predictive analytics on the metrics being tracked and appropriate notifications getting generated during errors helps in successful Continuous delivery. A quality intelligence platform is required to be implemented instead of a metrics pulled from different tools, for your continuous delivery initiatives

Automate as the key to success

Automating some of the key tasks as part of the CI/CD pipeline is important for frequent successful releases. The automation can be in terms of the various quality gates, in merging of code between different branches to promote the code, provisioning infrastructure, generating metrics and even rollbacks. The key to successful DevOps is automating the most important tasks of the CI/CD pipeline.

The Qentelli way towards achieving CD for better quality and faster velocity

At Qentelli, we understand the importance of Continuous Delivery being an essential link in the IT leadership’s armor and our approach and framework have Quality Engineering and DevOps at the heart of this approach. Qentelli’s tool such as AiR ensures the highest quality being delivered using the CI/CD pipeline by providing the ability to auto-heal test scripts based on changes to code base and predicting issues with code during performance tests based on the result patterns.

Such AI-driven tools will improve the overall quality of the application being deployed into production and help in faster feedback during various stages of the CI/CD pipelines. This ability to predict issues and to fail fast would result in better overall delivery speed for organizations. AI-driven tools and Predictive analytics as part of your CI/CD pipeline is the next big step your organization can take today to be future ready and deliver faster with better product quality.
Our clients and most importantly, the teams found it very effective to have a complete deployment history visible across the team. The way to achieve ultimate nirvana in DevOps i.e Continuous Deployment starts with automating build, testing, integration, and deployment by practicing them on repeat mode.

To learn and explore more in detail about Qentelli’s AI-driven DevOps implementations, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details – Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

Is your “Ops” truly integrated into your “DevOps” lifecycle? The significance of Ops intelligence

Companies are adopting DevOps at lightning speed, but they are faced with the challenges of adopting it successfully. The difference between successful and unsuccessful DevOps adoption is impact in measurable metrics of faster feedback and recovery times, quality code, less downtime, high availability and better communication between Development and Operations teams.

The changing meme has brought in a radical shift in the responsibilities of development team from just writing code, and doing hand-offs to configure virtual and cloud servers, deploy applications, monitor application health and respond faster in terms of fixing bugs. But is it solving the problem for businesses to release faster, lesser downtime, less production failures? In one word, No, the operations team is still having night mares as software releases have become more frequent when compared to the past releases that occur once in a quarter or half yearly.

Thus, the IT operations is more relevant and need to be better placed in DevOps stack to get the desired business outcomes. As the article is titled, “Is your Ops truly integrated into your DevOps lifecycle”, we want to emphasize on how adoption of DevOps requires operations to be tied well with automation and real-time monitoring and intelligence initiatives. The role of Operations from classical operations (starting with the servers, keep them running and doing the deployment) to new operations where they are managing infrastructure, configuring and monitoring systems and networking, enforcing policies around security and compliances, and other non-production application related tasks that are crucial for better application quality and less production defects.

Companies believe they are on the right journey when the developers are equipped with continuous integration, build, deploying and managing all environment from development to production. We interact with many companies while helping them with their DevOps initiatives where developers are doing steps mentioned above, probing further they revealed that they still don’t have a measurable impact on speed and quality. This is because since their operations team have moved from managing manual tasks they have not been aligned with the task of continuous and real-time monitoring and feedback required to test effectiveness and defect traceability before it got slipped into production. The reason can be DevOps washing leading to just DevOps tools, processes and technologies and fail to look beyond it to measure that impact of DevOps over desired KPIs.

There’s so much of operations data and how does this impact “DevOps” lifecycle

At Qentelli we believe, in DevOps, Ops is not just about the operations team but also about operations data. Companies are holding so much of operations data and development teams are working in separation with these datasets. Companies are collaborating on processes, but data needs special attention to achieve business outcomes with DevOps. The first step of getting Ops in DevOps is to decide on the measurable metrics businesses want to achieve. Look for the past data that can be measured to derive insights and actionable items to achieve them.
In the DevOps environment, most of the environment assume transparency and does not realize the lack of intelligent dashboards and have manual dashboards (prone to error and time taking) to know about the real-time intelligence. The manual dashboards do not suffice the aggressive business outcomes of achieving agility and digital transformation. Operations data must be looped in the DevOps process to identify patterns and anomalies automatically.

Operations team can use this data to identify inconsistencies early in the testing stage itself and improving them can impact the overall quality of the application or software being released. Automating test runs for speed, quality and accuracy can help in saving time and detecting problems that might take too much of time or in haste, can go unidentified in the end-user environment. With Artificial Intelligence (AI) and Machine Learning (ML), tools available in the market, companies need to put operational data together and, analyse them, define KPIs, measure KPIs from them and create actionable steps for improvement of DevOps practices. The next action after deriving insights is to keep your operations team in continuous monitoring mode to predict incidents even before they happen and integrate ‘Ops’ truly in DevOps.

The future of Ops is to help developers in just self-serving them with the maximum automation and least intervention and monitoring real-time data to ensure the quality is not compromised with more frequent releases.

Qentelli’s TED as Quality Intelligence Platform:

Qentelli created TED, an Engineering dashboard with capabilities to collect data from various data sources, create metrics and define KPIs and derive insights for improvement. What makes TED a true Quality Intelligence platform and unique, is its ability to derive actionable insights for most key DevOps KPIs out of the box and artificial intelligence (AI) to improve processes, provide predictions for incidents and auto-healing for broken processes. Qentelli helped some of Fortune 1000 companies get better with their Quality and Speed using TED. This can help operations team to have end to end visibility of where companies are leading on their DevOps journey and get it on the right track if it goes here and there.

To learn and explore more in detail about Qentelli’s AI-driven automated testing solutions and DevOps implementations, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details–

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

Security and Compliance in the Continuous Delivery (CD) World: things to make your CD Journey right

Security and Compliance in the world of everything “Continuous” can be frightening to most of the engineering and IT heads. External regulations like HIPAA and SOX applies to every organization. Few industries like healthcare, digital payment service providers, financial services, and listed companies have stronger compliance needs.

DevOps, the enabler of Continuous Delivery, has enabled businesses to innovate fast, frequent product upgrades and releases. But some businesses are finding their IT teams pressed with challenges to manage stable IT infrastructure for scheduled development work while taking care of the stringent compliance requirements. This limits the role of IT teams in innovation and put them back in the firefighting mode of traditional IT teams.
Futuristic technologies and applications cannot withstand trade-off between innovation and adhering to security and compliance, as most of the customer-facing applications hold personal data of customers making it high risk for exposing it to potential security threats. The middle path is to adopt CD in such a way that it aids IT, teams, to reduce the challenges of infrastructure management and do more innovation and ensuring security and compliance. Here are a few things to ensure security and compliance in the CD journey –

Assess compliance requirements in the beginning

Before beginning your CD journey, ensure you have well-documented compliance requirements that help in building the complete CD pipeline to take care of your security and compliance practices in the form of a code with a continuous build, test, security tests, performance tests, and deployment. Security and compliance must be viewed as the part of automating infrastructure and continuous testing before applications get deployed.

Automate Compliance Management

CD is practiced in its truest form when businesses will have automated every process in the CD pipeline. Automating infrastructure management with DevOps tools such as terraform, chef, puppet etc. helps in ensuring consistency in environments. Secured and compliant environments can be accessed by developers using infrastructure as code tools while replicating the enforced security measures and compliance practices. Replicating secured and compliant environment can be created as a repeatable and consistent process without getting IT teams involved and act as watchers if there’s any inconsistency in the environment. This also ensures a continuous feedback loop incomplete CD cycle for compliance requirements to ensure fast remediation of any bugs.

Just like infrastructure as code, compliance as code is very much doable. Compliance requirements can be coded that ensures that every change request or bug fixes are adhering to the compliance and security practices leaving a trail of changes done by the developers. Stating clear requirements in form of code makes it easy for developers to understand what is expected out of compliance adhered application. Compliance tests can be run to ensure that there are no deviations in the application before it reaches the deployment phase. The automation capabilities of CD can be extended to security and compliant practices so that even compliance standards are consistent and repetitive.

During audits, it becomes companies to show auditors about every code or change made and thus, ensuring transparency and visibility in the organization as well as with regulatory authorities.

The Qentelli Way

Qentelli has setup DevOps Operations Centre for many enterprise customers in Banking and Financial sector, to ensure that Security and Compliance are met for both applications and infrastructure, and continuous monitoring is provided on the various environments with real time alerts and notifications sent to appropriate stakeholders. Qentelli’s AI-driven DevOps solutions provide predictive analytics to help identify issues before they occur and provide prescriptions to resolve the issues.

To learn and explore more in detail about Qentelli’s AI-driven DevOps implementations and DevOps Operations Centre, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details – Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

How to Create a Successful DevOps Team in a Global Enterprise.

“In the past, business success was all about size: The large eat the small. Today, business success is all about speed: The fast eat the slow.” Daniel Burrus, Futurist.

DevOps is not the new black anymore and has become quite prevalent in all types of organizations from early-stage startups to multinationals to become dynamic and agile. Those who have adopted DevOps or are in the process of adopting it knows well that it is beyond a set of tools and technologies. Culture becomes successful when organizational teams/members adopt it to propel towards common business goal enabled with technologies.

A lot has been said and written about the benefits of adopting DevOps environment; organizations struggle to find their ground when it comes to creating successful DevOps teams in global enterprises. If you are reading, we presumed that you are looking to or are in the process of building a successful DevOps team. From our experience of working with organizations across the world trying to build their DevOps practice, Qentelli has identified a few things that can be of help for your DevOps initiative –

1. Collaboration is the key – The first and foremost requirement for building a successful DevOps team is to lay a proper change management process. People are resistant to change and thus, laying complete guidelines to undergo change with DevOps is considered very useful. In traditional organizations, Development and Operations team are working in siloed environment, but to sustain in multi-modal IT environment, development and operations team work together and are equally responsible for release cycles, production environments, software maintenance, versioning controls, and providing high-quality codes to operations for deployment.

Tip – A successful DevOps team should work on breaking the notion of Developer – who only code and Operations – who only support production to Developer – Who code and help operations to support the application in production and operations – who works parallel with developers to support production need and environment. There are a lot of tools in DevOps that can help both the team for Configuration Management, Test-and Build systems, Application Deployment, Collaboration, and Communication and Monitoring.

2. Top-down approach with Continual Improvement – DevOps comes with the benefit of business innovation, reducing time to market, more release cycles or updates in the product development lifecycle. The DevOps culture of Continuous Development with continual improvement will trickle down once there’s an optimal workflow process, team restructuring and reorganizing and have right set of infrastructure and automation tools to move ahead with the agreed development framework by the management or engineering heads.

Tip – DevOps requires CIOs, CTOs, and other C-suite to champion the cause of adoption of DevOps and scaling it up to the enterprise level. Business people need to understand first the challenges of Development and Operations working in seclusion with little whereabouts of each other to develop a culture of communication and collaboration to take collective accountability of success and failures.

3. Embracing Continuous Integration and Continuous Delivery (CI/CD) – With a change in culture, a successful DevOps team also needs essential changes to be made around technology like an automation of pre-production, testing, deployment, and integration. CI/CD lies at the heart of DevOps as they promote working in collaborative and shared manner. Global enterprises embracing DevOps knows the transitional shift they have experienced with developers working in isolation and waiting for months to integrate code, fix bugs, solve code conflicts and wasted time in duplicated efforts. Similarly, software release cycles were slow due to the manual provisioning of production environment leading to delays and errors.

Tip – A successful DevOps team is well-equipped and well trained with the ability to quickly respond to failures, errors and fixing them quickly. Enterprises looking for building a successful DevOps team with the ability to embrace CI/CD and continually tweaking processes to scale it to enterprise level need to know right toolkit for their teams, business environment, and business goals.

DevOps is a work in progress

As per a study by RightScale, cloud-management provider, the percentage of enterprises that have adopted DevOps principles reached 84% in 2017 but the same study shows that just 30% of these enterprises have been able to scale it to company-wide adoption. Enterprises looking for company-wide adoption must learn that DevOps is a work in progress and requires the strategic view of sustaining its usability, objectives, and effectiveness. DevOps is neither best of the industry’s toolkit nor team nor process; it is a shift in how IT teams work where people come first then the technology.

At Qentelli, we work with businesses as a partner to drive their DevOps initiatives after having a firm understanding of their business processes, teams and where DevOps fit best for them and their people. We work as an “enablement” team and empower the existing stakeholders to adapt to enhanced roles and responsibilities to drive a successful DevOps implementation. Qentelli has helped setup DevOps Operation Center for many enterprises to continuously evolve their implementations.

To learn and explore more in detail about Qentelli’s AI-driven automated testing solutions and DevOps implementations, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details– Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers – www.qentelli.com

Maybe you are still doing Dev & Ops? Check whether you are on the right DevOps journey

Businesses are failing to put DevOps into practice.As per a report by 2nd Watch 2018 on DevOps, almost 78% of the respondents stated that they have different teams for managing infrastructure/operations and development and 38% of the respondents say that they are managing infrastructure manually. This shows businesses are halfway in their DevOps journey and are wondering why they are not able to make most out of it. They are still looking for answers to questions like –

  • How have we again missed the deadline for release? We are already having a DevOps team.
  • Why there are a mismatch between developers build and product managers plans for what to include in the build?
  • Why there’s still downtime and wait times?
  • Why we are still having irregular releases with operational constraints?
  • Why we are still depending on infra teams for the provisioning of environments?

If you are also looking for answers to similar questions, it’s time to realize that DevOps is not tools, technology or teams. It is a change in the way teams work to achieve Continuous Delivery automating build and testing with parallel monitoring and continuous feedback in place to ‘fail fast and fix fast’.

DevOps is no more a buzzword, but businesses are having a hard time finding the right way of adopting DevOps. DevOps is percolating in the software development lifecycle is at a rapid pace because emerging technologies need a new development lifecycle. The product and software innovation in trending technologies such as Mobile, Big Data, Cloud, Social, IoT, AI, and ML requires the need for agility and dynamism. The main reason faster adoption of DevOps is the consumerization of tools and technologies that drive the need for higher quality and faster delivery.

Let’s have a look into why Dev & Ops working in silos is not good for emerging technologies and what are the changes need to be done to move into a more collaborative culture of DevOps.

Dev & Ops – Two different teams incentivized differently

In traditional development, development teams are always encouraged to embrace change while the operations team are encouraged for creating a more stable environment, thus resisting change. Developers love change, delivery, and speed of releases whereas the operation teams look at being more consistent, the application being stable and available always. The problem arises as Dev and Ops working in different environments create a disconnected team, information, and perspective. The goal for both the teams is to achieve better business productivity.

Getting best out of Dev & Ops: DevOps

DevOps is an enabler of continuous delivery that ensures both quality and speed for the applications that are made available to the end-user. Continuous delivery changes the business model by shifting the operational constraints to decide application releases to business readiness to application releases, upgrades, products, features etc. with high quality, without compromising the brand value. This change in business model ensures that you are getting best out of DevOps.

The first thing is in implementing DevOps is to automate the delivery and deployment pipeline to create a feedback loop whenever the code is shipped to production. The key to achieving this is by automating the continuous delivery pipeline with feedback provided directly to the developer to fix bugs if any.

Second thing, your CD pipeline should be able to measure business outcomes as well as outputs. Faster deployments, achieving deadlines, eliminating downtimes are all outputs but there are significant outcomes such as customer retention, customer renewals, satisfaction rates etc. that reassures that your DevOps journey is pointed in the right direction.

What we do at Qentelli –

At Qentelli, our core focus has been achieving Continuous Delivery for high performance, high velocity agile teams. We classify the phases broadly to achieving CD broadly as:

  1. Continuous Planning and Development: Leverage engineering best practices and adopt a test first approach such as – TDD and bring in early testing like Unit Test Automation
  2. Continuous Testing: To integrate QE/SDET integration test first utilizing BDD frameworks and approaches that tie in user stories and features directly to the methods as they get developed, and early functional and automated unit testing
  3. Continuous Integration: Leverage automated trigger of unit and functional tests for every build /check in.
  4. Continuous Build: Adopt build tools such as Maven for creating, building, publishing and managing dependencies during development phase to reduce time and effort
  5. Continuous Deployment: Build a continuous deployment framework with DevOps tools, Test again Certify the build and move to higher environments
  6. Continuous Monitoring and Measurement: Real User Monitoring is a start. Metrics across lifecycle and traceability are a mandate
  7. Continuous Feedback: Testing in Prod (Functional), Real User Experience measurement and synthetic monitoring that enable a direct Feedback loop to dev / plan phase

To learn and explore more in detail about Qentelli’s AI-driven DevOps implementations, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details – Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.

IT IS AUTOMATION, NOT AUTOMAGIC: AVOIDING FAILURES IN TEST AUTOMATION PROJECTS

Test Automation today has become an integral part in any QA teams’ arsenal. A decade ago, the agile delivery paradigm necessitated the need for automated test cases, while the current trend towards CI-CD and DevOps is fueling faster adoption of Automation across the Development Lifecycle.

There are multiple tools, frameworks, and solutions that claim to solve your Automation problems overnight. However, multiple challenges still exist, and IT Managers are not smiling.

The top reasons for Test automation projects failing, as found in the World Quality Report (a premium survey covering CIOs and top executives from 100s of companies).
As can be seen from the snapshot above, the challenges in automation have increased YoY in almost all categories..

Only about 18% of all Test Automation Projects continued after 6 months, which means that stakeholders get disillusioned with the results. But because of the significant time and cost already invested, the automation team continues with very low value.
The most common reason for such failures, however, is the expectation that Automation is a silver bullet – you get a team, install a product/solution and lo, your tests are automated end-to-end and can do everything, but brew a cup of coffee too!

Unfortunately, the road to sustainable Test Automation is long and hard.
Here are some steps that you can take to avoid failures in your test Automation initiatives.

1. Articulate a long-term vision:

This is the most important, yet oft-neglected phase. It is common to think, “hey, we need these tests automated, so that we can get through Testing faster/get feedback frequently”, but that is not the only aspect. Think about things like:

  • What are the data points that show your current problems? (For example, manual tests just to regression test the changes takes 2 weeks with 4 people)
  • How will that data point look like once automation is in place?
2. Think about Context:
  • What kind of applications exist?
  • What is the tech stack and how many layers exist?
  • At what levels do we need tests?
  • How frequently do we make changes to the source code and then release?
  • What Development standards do we use currently?
  • Does the application have significant integration components with other upstream/downstream applications?
  • How many defects slip into production or even User testing?
  • Consider Test Data and Test Environment availability, which can be major blockers for QA and not just for automation – you may have to invest in Containers/mocking frameworks additionally
  • Work with stakeholders to determine what reports would be needed and how they would be used
3. Consider your Application and Technology Roadmap:
  • How will the product evolve in the next 1-2 years? Is the product release model going to change soon (speed of release or # of items in the release)?
  • Is there a plan to rework the application in terms of the technologies used?
  • What new Technologies/paradigms is the organization planning to adopt (such as DevOps, Daily releases etc)?
4. Evaluate Tools:
  • Only after you have thought through the above, should you look at potential solutions
  • Evaluate multiple tools, using a pre-defined checklist to provide an objective view of capabilities
  • Consider running multiple proof-of-concepts using the most complex scenarios, not the simplest. This would help you uncover potential problems before you go down a specific path
5. Set Expectations:
  • Even with the latest tools that can generate some level of tests automatically, tests are going to detect only those defects that they have been coded/configured for. Automated tests are a safety net only and cannot replace humans for some time to come
  • When creating a business case or presenting the benefits, keep expectations low and provide a best-case/worst-case/realistic level of benefits
  • Communicate that the initial cost of setting up Test Automation vis-à-vis the ROI may be high, and the benefits kick in over time
  • Draft a plan with the most valuable tests first and then add more tests as needed, instead of a big-bang approach

In summary, Test Automation, especially for Continuous Testing in a CI-CD world, requires the right effort and investment to make it work. Planning for the Long-term and using an experienced partner to jumpstart your Test Automation can help you be well on your way to the holy grail – “Continuous delivery of value”.
To learn and explore more in detail about Qentelli’s AI-driven automated testing solutions and DevOps implementations, please write to us at info@qentelli.com. Our experts will be delighted to engage with you. Also, you can visit Qentelli’s social links for more details– Facebook Twitter LinkedIn

About Qentelli

Headquartered in Dallas, TX with global delivery teams in India, Qentelli is an Industry Thought Leader in Quality Engineering, Automated Testing and Continuous Delivery. With high performing engineering teams working in the dedicated Innovation Group, Qentelli brings design thinking to address complex business problems and enables Continuous Delivery across Enterprise IT through automation for its global customers.