"Shift Left" Defect Discovery Using Agile And Devops

Keith Watson, Director of DevOps, ADP UK

Keith Watson, Director of DevOps, ADP UK

Teams who use traditional waterfall software development practices tend to perform the majority of testing when most of the product release code is complete. This means that often defects are found later in the software development cycle such as in final user acceptance testing. Due to schedule pressures to ship new releases, this adds the risk that some defects may not be discovered until after delivering software to the end user.

Advantages of “Shifting Left”

Shifting left refers to using agile and DevOps principles to build smaller components(often called micro-services) of a product independently which can then be tested earlier. One of the Agile Manifesto principles is “Working software is the primary measure of progress.” Modern DevOps practices enables this principle through continuous integration within sprints and continuous delivery into later test phases. Having working software earlier allows teams to “shift left”testing by performing unit tests as part of a sprint. This helps to identify and fix defects within the sprint. It can alsoreduce the number of defects found at the end of the product development cycle and hence shorten later test phases. In addition, this improves the feedback loop to the developers who see the results of the testing when they are still in the coding phase rather than later in the product lifecycle.

Implications of “shifting left” to agile teams

Figure 1 shows the differences between waterfall testing of monolithic software and agile testing of smaller components. With “shift left” in agile sprints,comes two key testing practices: increased unit testing and improved code coverage. Using both of these practices allows testing to be performed earlier and more efficiently. However, this comesat a cost. Development teams may have been used to relying on separate test teams to execute tests. With “shift left”,developers now have to include writing unit tests and integration tests within their definition of done (DoD) and the acceptance criteria for user stories. In addition, these will need to be automated so they can be used to perform regression testing for new and existing features. This initially will reduce the velocity of these teams since some effort will be redirected at writing and automating tests and adding quality gates. Ideally, teams should be aiming for quality gates with 100 percent unit test success and 100 percent code coverage. It may take time to achieve this while still satisfying the needs of the business to develop and deliver new features. This needssome negotiation between the agile teams and the product owners who represent the business.

“Combining the Agile Manifesto and DevOps principles enables testers to engage with the development teams and find defects earlier in the software development cycle”

“Implications of automation to testing strategy”

 The one software development resource that is difficult to scale is humans. Shifting testing left at scale can only be done with the full automation of test suites. This has implications for developers in that they not only need to write functional code but also test code. In addition, testers used to running manual tests will need a very different skill set when writing and automating tests. There are also investment and training implications for the business as well as the individual (seetable 1).

Challenges in “shifting left”

 Shifting left has advantages but also significant challenges. Enabling agile teams to work towards full automation requires support from executives and the business. There are the implications of automation to the testing strategy, as well. In addition, there needs to be a commitment from developers, product owners, and testers to automation. Testers, in particular, who were used to manual testing need to be willing and able to learn new skills and effectively become software developers in test. Waterfall often results in a combative nature between developers and tests. This can be overcome by using techniques such as the “Three Amigos” where the developer, tester, and architect work together and agree to the quality acceptance criteria for user stories.There is still a place for manual testingbut this should mainly be used for exploratory testing and end to end user experience testing.

Scaling testing using Cloud Technology

 Implementing cloud capabilities and service virtualisation technology can also enable development and test teams to create ephemeral (temporary) environments to test smaller functional elements. These “cloud instances” are easier to produce using standard recipes and can be removed or suspended after the testing is finished reducing costs. In addition, use of software as a service (SaaS) vendors for some repetitive testing can significantly reduce the burden on the testing organisation and enable these teams to focus on delivering more value to the business.

Shifting left for business benefit

 In summary, combining the Agile Manifesto and DevOps principles enables testers to engage with the development teams and find defects earlier in the software development cycle. It also enables testers later in the cycle to focus on validating the user experience. This provides the business with a higher degree of confidence that the software product is ready for release to the customer. By shifting left, this has implications for the testing strategy at all stages. Italso requires a significant culture change in both development and test teams and requires a commitment to automation and cross team collaboration across the business. E

Weekly Brief

Read Also

Data: an Invaluable Asset

Data: an Invaluable Asset

Nathaniel Karp, Chief Economist, BBVA Compass
Navigating the Changing Cybersecurity Landscape

Navigating the Changing Cybersecurity Landscape

Mark Leary, VP & CISO, Regeneron Pharmaceuticals
The Changing Facets in Enterprise Security Space

The Changing Facets in Enterprise Security Space

Greg Barnes, Global CISO at Amgen
Open Sources, Open Doors or How to Innovate in a Competitive Cloud Market

Open Sources, Open Doors or How to Innovate in a Competitive Cloud...

Garrick Stavrovich, the Lead Product Manager for Nasdaq’s Global Information Services
How AI will play a crucial role in the defense against cyber attacks

How AI will play a crucial role in the defense against cyber attacks

Scott Southall, Regional Head of Innovation, Asia Pacific, Citi
Building NextGen Enterprise Risk Management Capabilities

Building NextGen Enterprise Risk Management Capabilities

Chee Kong Wong, EY Oceania and EY Asia-Pacific Governance Risk and Compliance (GRC) Technology Leader