Pull to refresh
134.48

IT systems testing *

Testing everything

Show first
Rating limit
Level of difficulty

Overcoming the Absence of a Sandbox: Alternatives for Testing Third-Party API Integrations

Level of difficultyEasy
Reading time4 min
Views339

In today's fast-paced world of software development, integrating third-party APIs and services is a common practice. These integrations can enhance functionality, improve user experience, and provide additional features that would be time-consuming and costly to develop in-house. However, ensuring these integrations work seamlessly with your software is crucial, and this is where the importance of a test environment, or sandbox, comes into play.

A sandbox environment allows developers to test the integration between their software and third-party services without risking the stability and security of the production environment. This controlled setting enables thorough testing, helping to uncover issues before they affect end-users. By covering as many test cases as possible, developers can ensure robust and reliable integrations.

But what if your third-party provider, such as a bank or government e-system, does not offer a sandbox environment? This scenario can pose significant challenges, but there are several strategies you can employ to mitigate these issues.

Read more
Total votes 2: ↑2 and ↓0+2
Comments1

How to handle Stale Element Reference Exception in E2E testing of modern SPA applications

Reading time5 min
Views3.1K

Hello everyone, my name is Denis, I am Software Developer Engineer in Test (SDET) at Bimeister. I am in charge of test software development - frameworks, automated tests, CI Pipelines configuration, and much more.

In this article, I will tell you how we defeated the Stale Element Reference Exception while developing our framework using Selenium WebDriver and C#.

Read more
Total votes 2: ↑2 and ↓0+2
Comments0

How to Customize UI Artefacts for Selenide + Selenoid + Allure (with TestOPS)

Reading time20 min
Views2K

The common combination of JUnit5, Selenide and Allure has proven to be stable and reliable for autotesting. The remaining issue, however, lies in test length increase up until the rise of overall test numbers. The resulting video files turn out to be over an hour. Alexander Kochergin, Lead engineer at Innotech, has found a way to simplify the process.

Read more
Total votes 3: ↑3 and ↓0+3
Comments0

Payment Village at PHDays 11: ATM hacking

Reading time7 min
Views1.7K

The Positive Hack Days 11 forum, which took place May 18–19, 2022, was truly epic. The bitterly fought ATM hacking contest featured no fewer than 49 participants. How cool is that? The winner of this year's prize fund of 50,000 rubles, with the handle Igor, was the first to hack the virtual machines. And he wasn't even at the event! :)

Besides Igor, eight other participants picked up prizes this year for their VM-hacking skills. They were: drd0cvientvrazovdurcmzxcvcxzas7asg_krdhundred303, and drink_more_water_dude. A big thank-you to everyone who took part, and for those who weren't at PHDays, here are the links to the virtual machines.

Read more
Total votes 3: ↑1 and ↓2+1
Comments1

Testing Metrics You Must Add to Your Process

Reading time4 min
Views4.3K

Testing is one of the key processes in development. However, without analysis it is tough to say how effective testers really are. Innotech’s lead tester-engineer Pavel Petrov shared a number of metrics that are being used in project work.

Read more
Rating0
Comments2

Stress-testing: How Testers Live in a Turbulent World of Bugs

Reading time11 min
Views3.5K

A tester is one of the most stressful roles in IT. You constantly need to be concentrated and report bugs to developers in your team. Lidiya Yegorova, Innotech’s “Scoring conveyor” team QA-Lead shared her practices on how to minimize the stress while testing.

Read more
Rating0
Comments0

Stop losing clients! Or how a developer can test a website, by the example of PVS-Studio. Part 1

Reading time15 min
Views981

A website with bugs could be a real pain in the neck for business. Just one 404 or 500 error could end up costing an obscene amount of money for the company and hurt a good reputation. But there is a way to avoid this issue: the website testing. That's sort of what this article is about. After reading this article, you will learn how to test code in Django, create your "own website tester" and much more. Welcome to the article.

Read more
Rating0
Comments2

Helpful service for microservice JSON-RPC based test automation

Reading time2 min
Views1K

Test automation, with product built in microservice architecture could be very situational in context of testing goals and ways to achieve them. You got an easy life if you testing a service, that is an isolated entity, which is receiving some data and providing a result of it's work in a response, by callback or through additional endpoint. In this case all you need to do is cover all the endpoints of the service, and probably learn to catch it's callbacks. However, it's not the only case. Sometimes you need to test service which isn't totally isolated, but a part of a chain of interactions. This service could send some data to other services within your infrastructure or even to third parties. This time you got plenty of additional things to bother of:

Read more
Rating0
Comments0

Software testers — an endangered species?

Reading time4 min
Views1.6K

Nothing and nobody will escape oblivion. Whatever you may say, the history of mankind is a history of automation and the subsequent evolution of workers. This happened both during the first industrial revolution and during the second. The same thing happened with digital revolution. Now machine learning and artificial intelligence are being implemented everywhere. What is the future of software testing?

Read more
Total votes 1: ↑1 and ↓0+1
Comments0

New features of the hybrid monitoring AIOps system Monq

Reading time10 min
Views1.2K


In one of the previous articles, I’ve already written about the hybrid monitoring system from Monq. Almost two years have passed since then. During this time, Monq has significantly updated its functionality, a free version has appeared, and the licensing policy has been updated. If monitoring systems in your company start to get out of control, and their number rushes somewhere beyond the horizon, we suggest you take a look at Monq to take control of monitoring. Welcome under the cut.
Read more →
Total votes 9: ↑9 and ↓0+9
Comments0

Application performance monitoring and health metrics without APM

Reading time8 min
Views1.7K

I have already written about AIOps and machine learning methods in working with IT incidents, about hybrid umbrella monitoring and various approaches to service management. Now I would like to share a very specific algorithm, how one can quickly get information about functioning conditions of business applications using synthetic monitoring and how to build, on this basis, the health metric of business services at no special cost. The story is based on a real case of implementing the algorithm into the IT system of one of the airlines.

Currently there are many APM systems, such as Appdynamics, Dynatrace, and others, having a UX control module inside that uses synthetic checks. And if the task is to learn about failures quicker than customers, I will tell you why all these APM systems are not needed. Also, nowadays health metrics are a fashionable feature of APM and I will show how you can build them without APM. 

Читать далее
Rating0
Comments0

Run MongoDB Atlas locally for testing

Reading time5 min
Views1.9K

What happens to your MongoDB replica set when it comes to failures like network partitioning, restarting, reconfiguration of the existing topology, etc.? This question is especially important these days because of the popularity gained by the multi-cloud model where chances of these scenarios are quite realistic.


However, is there a solution, preferably a free one, for testing such cases that would obviate the need of writing manual scripts and poring over the official documentation? As software developers, we would be better off preparing our applications in advance to survive these failures.

Read more →
Rating0
Comments0

Agreements as Code: how to refactor IaC and save your sanity?

Reading time9 min
Views1.2K


Before we start, I'd like to get on the same page with you. So, could you please answer? How much time will it take to:


  • Create a new environment for testing?
  • Update java & OS in the docker image?
  • Grant access to servers?

There is the spoiler from the TechLeadConf. Unfortunately, it's in Russian


It will take longer than you expect. I will explain why.

Read more →
Total votes 3: ↑3 and ↓0+3
Comments0

Meet Hamstand: a smart mobile testing hub

Reading time5 min
Views1.3K
The ITMO Accelerator continues to empower entrepreneurs. We’ve already covered some of its most successful graduates — the Laeneco staethoscope and the GoROBO robotics club. Today we’ll be discussing Hamstand — a modular hub that simplifies the process of mobile app testing. Let’s talk about how it came to be, why it’s a welcome addition to many developers’ toolkits, and what awaits the project in the near future.

Read more →
Total votes 6: ↑6 and ↓0+6
Comments0

How to test Ansible and don't go nuts

Reading time10 min
Views3.4K


It is the translation of my speech at DevOps-40 2020-03-18:


After the second commit, each code becomes legacy. It happens because the original ideas do not meet actual requirements for the system. It is not bad or good thing. It is the nature of infrastructure & agreements between people. Refactoring should align requirements & actual state. Let me call it Infrastructure as Code refactoring.

Read more →
Total votes 3: ↑3 and ↓0+3
Comments0

About integration tests

Reading time2 min
Views2.1K
[Previously] I was talking about combinatorial complexity of integration tests in multicomponent systems, so let me remind. Let's build a simple system with only 3 components inside. It can be three independent modules and we want to provide some communication between them (message passing good enough for the purpose of the example) So we have 3! = 6 possible configuration to test. Before going deeper lets see how Quicksort fights a combinatorial complexity.

[Quicksort] reduces complexity on each pass of a given input. So far so good. Let's imagine example with 10 elements. How many possible permutations do we have? you are right: 10! ~= 3,6 * 10^6. So on the first pass the complexity will be reduced: 5!*5!, on the next pass it will be further reduced till 2!*3!*2!*3!… after logn times we will have 1!*1!*1!...1! = 1 possible position, and our given input is sorted. Gotcha. (attentive reader can mention about worst case scenario of quicksort, but lets discuss it someday) Coming back to our example…
Read more →
Total votes 3: ↑3 and ↓0+3
Comments0

About Testing

Reading time2 min
Views1.5K
Let's talk about Testing, about unit and integration tests which everyone here, i hope, likes to write.

Despite of lots of benefits, tests have two fundamental problems: there is no architecture at all (quality), nobody knows what is the meaning of the quantity.

Tests have a cost. Lets imagine dialog between manager and developer:
— John, how many hours does it take to implement?
— Approximately one week: 1,5 day for task and 3,5 days to write tests

So why people write tests? Let's try to build a mental model: we delivered a component, our beta testers found a bug, we wrote tests scenario. So, next time we try to deliver the same component, we already know about bad scenario and have automation to check it. So far so good. Next, we are trying to predict future bugs by writing lot's of tests and cover bad scenarios. Next, we deliver better components, users are happy. Profit. (Despite of all pros, the solution is not scalable — with every new component we will face a reality).
Read more →
Total votes 4: ↑2 and ↓2+2
Comments2

What does «clean code» mean in 2020?

Reading time9 min
Views6.5K

«Clean Code» and a clean cat

There is nothing developers enjoy better than arguing about clean code: Dan Abramov, for example, has recently fueled the hype with his blog post, «Goodbye, Clean Code».

However, “clean code” per se doesn’t even have a clear definition. The main book on the subject is Clean Code, where Robert «Uncle Bob» Martin states that there are perhaps as many definitions as there are programmers. But he doesn’t walk away from the fact with a conclusion that there’s no reason to discuss clean code, rather — compare several definitions and highlight general ideas. Therefore he cites the views of several outstanding programmers on what clean code is.

So we have also become interested in what people in 2020 think of clean code. Have the views changed since the publication of the book? Do opinions vary in different IT fields (maybe backend developers perceive the idea of clean code differently from testers)?

This spring, Uncle Bob comes to St. Petersburg to give talks at our three conferences: they are about .NET development, testing and JavaScript. Therefore, we’ve asked speakers from each of those conferences to share their opinion on clean code so we could compare the opinions of the industry experts in 2020.

We've already published the results in Russian, and here's the English version. Since the topic is known to provoke discussions, feel free to give your own definition or argue about those already given!

UPD: When we posted this article, Uncle Bob had our conferences in his schedule. Unfortunately, the situation has changed. We updated this post on March 12, to avoid any misunderstanding.

Read more →
Total votes 10: ↑10 and ↓0+10
Comments0

Are my open-source libraries vulnerable? (2 min reading to make your life more secure)

Reading time2 min
Views2.5K

The explosion of open source and issues related to it


The amount of open source or other third party code used in a software project is estimated as 60-90% of a codebase. Components, such as libraries, frameworks, and other software modules, almost always run with full privileges. If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities may undermine application defences and enable a range of possible attacks and impacts.



Conclusion: even if you perform constant security code reviews, you still might be vulnerable because of third-party components.

Some have tried to do this manually, but the sheer amount of work and data is growing and is time consuming, difficult, and error prone to manage. It would require several full time employees and skilled security analysts to constantly monitor all sources to stay on top.
Read more →
Total votes 3: ↑2 and ↓1+4
Comments2
1

Authors' contribution