O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Testing Java Microservices: From Development to Production

877 visualizações

Publicada em

Testing microservices is challenging. Dividing a system into components (à la microservices) naturally creates inter-component dependencies, and each service has its own performance and fault-tolerance characteristics that need to be validated during development, the QA process, and continually in production. Attend this meetup to learn about the theory, techniques, and practices needed to overcome this challenge. You will:

• Get an introduction to the challenges of testing distributed microservice systems
• Learn how to isolate tests within a complex microservice ecosystem
• Hear about several tools for automating vulnerability and security scanning for code, dependencies, and deployment artifacts

Publicada em: Tecnologia
  • Seja o primeiro a comentar

Testing Java Microservices: From Development to Production

  1. 1. Testing Java Microservices: From Development to Production Abraham Marin-Perez | Daniel Bryant
  2. 2. tl;dr ● Testing microservices brings additional challenges ● Pay special attention to integration surfaces ● Isolate services for loosely coupled tests ● Include tests that resemble production ● Make security testing a first-class citizen
  3. 3. Who are we? @danielbryantuk Tech Consultant and Writer Product Architect at Datawire Java Champion Conference Tourist @abrahammarin Developer, Consultant, Writer Associate of Equal Experts Software Plumber
  4. 4. Types of tests From Agile Testing, by Lisa Crispin and Janet Gregory
  5. 5. Challenges ● Cannot share a single environment: test locally ● Full ecosystem unsuitable for local testing ● Lack of control over third-party dependencies
  6. 6. Isolation
  7. 7. Isolating Parts Third Party
  8. 8. Isolating Parts Third Party
  9. 9. Isolating Parts: No Isolation Third Party
  10. 10. Isolating Parts: Unowned Components Third Party
  11. 11. Test Doubles
  12. 12. Test Doubles Dummy objects: passed around but never actually used. Fake objects: working implementations not suitable for production Stubs: provide canned answers to calls made during the test Spies: stubs that also record some information based on how they were called. Mocks: objects pre-programmed with expectations which form a specification of the calls they are expected to receive. Virtualisations: emulation of services, with expectations (not suitable for production)
  13. 13. JUnit Example
  14. 14. API Simulation Thoughts ● Useful when a dependency is “expensive” to access or tricky to mock ● Facilitates error handling tests when dependency failure modes are challenging to recreate ● Simulations can be fragile and/or complicated
  15. 15. Use simulations appropriately... Sometime you need the real thing
  16. 16. Isolating Parts: Service Interaction Third Party
  17. 17. Focused on service/function Focused on system Contract Tests
  18. 18. API Contracts APIs are service contracts Many are producer-driven It’s possible to design outside-in: Consumer-Driven Contracts
  19. 19. Consumer-Driven Contracts
  20. 20. Consumer-Driven Contract Frameworks https://docs.pact.io/ https://cloud.spring.io/spring-cloud-contract/
  21. 21. Consumer-Driven Contract Thoughts ● Great in low trust or low communication organisations ○ Act as a cue for a conversation ● Can be used to implement “TDD for the API” ● Resource intensive to create and maintain
  22. 22. https://bit.ly/2p68gBS
  23. 23. Components
  24. 24. Isolating Parts: Single Service Third Party
  25. 25. Isolating Parts: Single Service
  26. 26. Isolating Parts: Single Service Test Doubles
  27. 27. Isolating Parts: Single Service
  28. 28. Isolating Parts: Single Service +
  29. 29. Isolating Parts: Single Service Fault Tolerance Test double configured to fail
  30. 30. https://technology.cap-hpi.com/blog/unit-testing-what-benefits-you-can-reap/
  31. 31. Isolating Parts: Technicalities Third Party
  32. 32. Isolating Parts: Technicalities Test the Real Thing
  33. 33. Isolating Parts: Technicalities
  34. 34. Isolating Parts: Data Test Data ● Low Volume ● Low Diversity Production Data ● High Volume ● High Diversity
  35. 35. Isolating Parts: Data
  36. 36. Isolating Parts: Data Marín Argüelles d’Hopital Garçon Castaña Strauß Fønss Bård かほる Александр สมชาย Φραγκόπουλος
  37. 37. Isolating Parts: Data
  38. 38. www.owasp.org https://www.owasp.org/index.php/C ategory:OWASP_Top_Ten_Project
  39. 39. Security: Code
  40. 40. Security: Dependencies
  41. 41. Security: Container Images github.com/arminc/clair-scanner
  42. 42. Conclusion ● Testing microservices brings additional challenges ● Pay special attention to integration surfaces ● Isolate services for loosely coupled tests ● Include tests that resemble production ● Make security testing a first-class citizen
  43. 43. Thanks! Some code samples: https://github.com/orgs/continuous-delivery-in-java (with more coming soon!)