@MichaKutz
Testing
Microservice Ecosystems
Test Automation
Scopes
Class/Unit Tests
Integration Tests
Class/Unit + Integration
Tests
Risk vs Effort
Service Tests
Consumer Driven
Contract Test
Service Test
+ Contract Test
Risk vs Effort
System Test
System Test
Risk vs Effort
End-to-End Tests
End-to-End Tests
Risk vs Effort
Continuous Delivery &
Deployment
Exploratory Testing
Martin Fowler
I would consider it a red flag if a team isn't doing exploratory testing at all - even if their automated testing was excellent.
Even the best automated testing is inherently scripted testing - and that alone is not good enough.
November 18th 2019
Elisabeth Hendrickson
@testobsessed
to push even harder
look past what you expect
as soon as you think of a test
interesting things to vary and interesting ways in which to vary them
Simultaneously designing and executing tests to learn about the system, using your insights from the last experiment to inform the next.
What?
How?
Charter template from "Explore It!"
by Elisabeth Hendrickson
What kind of information are you hoping to find?
security
performance
reliability
capability
usability
consistency of design
violations of a standard
surprises
What resources will you bring with you?
a tool
a data set
a technique
a configuration
an interdependent feature
Where are you exploring?
a feature
a requirement
a module
Explore <target>
with <resources>
to discover <information>
How long is this supposed to take?
often implicit
How?
Charter Template from "Tips for Writing Better Charters for Exploratory Testing Sessions"
by
What could go wrong?
functionality is wrong
usability is bad
not accessible
inconsistency
What am I testing?
a feature
a requirement
a module
My mission is to test <risk>
in the context of <coverage>
within <timeframe>
Good Charters,
Bad Charters
Experiment with invalid values when updating customer addresses.
Find ways that a valid order modification might fail.
My mission is to test SQL vulnerabilities
in the context of the search form.
Explore the registration form
with common XSS injection strings
to discover XSS attack vulnerabilities
Too broad
you will never be finished
Too narrow
actually a test case
Explore the address form
with the name "Søren Anderson"
to discover if scandinavial letters are handled correctly
Explore every input field in the shop
with every security tool you can find
to discover security issues
Explore the behavior of the basket button
with various interaction types and speeds
to discover unintended side effects
unexpected data transfer
subtle UI changes
$> psql
$> watch ls
unexpected filesystem or database activity
unexpected system load
Look past what you expect or hope to find
Notes to Take
My mission is to explore the checkout process
for side effects caused by parallel activity in a different tab.
My mission is to explore the checkout process
for side effects caused by browser navigation.
setup steps
things to be documented
things to be automated
open questions
possible new charters
found bugs
confidence factor
on coverage of the stated risk
actual time for testing
confidence level
TODO:
- Fail-safe vs Safe-to-fail
- Observability