You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 16 Next »

About Our Team

The Release Engineering team has four primary areas of responsibility:

  • Provide testing services to assist project teams in ensuring that IS&T deployed applications, Application Programming Interfaces and Software-as-a-Service offerings are production ready
  • Triage problem reports for the Operations area (Cloud Platforms and Application Delivery teams)
  • Provide customer support for IS&T's managed server offering
  • Partner with the Service Desk Escalations team in administering IS&T's Software-as-a-Service and Platform-as-a-Service offerings, such as DocuSign, LastPass, QuickBase and Qualtrics

Testing Services

The Release Engineering team assists project managers, business analysts and software engineers in ensuring that IS&T's deployed applications, Application Programming Interfaces and Software-as-a-Service offerings are production ready.  We offer API testing, performance testing and regression testing, as well as assisting developers in using the Veracode platform for security testing.  See below for details about our testing services.  Questions?  Email release-engineering@mit.edu.

API Testing

  • Objective: 
    • Validate that data updates are processed as expected, based on system requirements
    • Validate any business logic encoded in the API, based on system requirements
    • Validate that negative test cases have been adequately covered
       
  • Tools:
    • Python scripts
    • Gazoonta tester: Java application uses XML input to make JSON requests to a REST API and  SQL commands to database.
    • Integrate API tests with Travis to run API tests at build time.
       
  • When: 
    • Ideally, the API tests are written as the API becomes available in the Dev and Test environments.  When test scripts are written during API development, software engineers can use the scripts to test that new development does not have unintended consequences for existing code.

Performance Testing

  • Objective: 
    • Ensure average response times are consistent with product owner expectations.  
    • Create test scripts based on relevant user scenarios.
    • Calibrate load testing based on system requirements.
       
  • Tools: 
    • Blazemeter, JMeter, New Relic
       
  • When: 
    • Application is available in Test environment

Regression Testing

  • Objective:
    • Validate that set of defined use cases behave as expected
       
  • Tools:
    • Selenium WebDriver, Python, HP Unified Functional Testing (UFT)
       
  • When:
    • During requirements definition, so that system requirements can be written as test case scenarios.
    • We see highest Return On Investment when automated regression tests are written during application development.  Developers can use the scripts to test that new development does not have unintended consequences for existing code.
       
  • Consult with Release Engineering Team as to whether automated regression tests make sense for your project.  Factors to consider:
    • Are BA or product owner resources available to define test cases and validate that automated test scripts cover the needed functionality?
    • Existence of stable data against which to test or ability to seed data for testing
    • Identification and maintenance of authorizations needed in order to run the automated tests
    • Are manual test scripts already available?  (not a hard requirement; consider re-using them if they exist)
    • Can we make a rough estimate of the benefits of automated regression tests?  Will the automated tests replace significant time spent on manual testing?  Will more efficient regression tests enable the development team to make more frequent releases for bug fixes and enhancement requests?

Security Testing

  • Objective:
    • Detect and mitigate security vulnerabilities within the application
       
  • Veracode:
    • Release Engineering team can facilitate your use of the Veracode security platform.  
    • Veracode enables developers to detect security vulnerabilities and receive suggestions for mitigation
    • IS&T is currently licensed for 50 apps per year.
    • For Java applications, upload the .war file for scanning by Veracode
    • For non-Java applications and APIs, consult with Veracode support team
       
  • When:
    • During development phase
    • For Java applications, Veracode can be integrated into Eclipse IDE

Contact Information

Team email: release-engineering@mit.edu

Team manager: Lisa Robinson, lmrobin@mit.edu

 

  • No labels