What is Testing?


Testing is done by the developers to make sure that the software/app is working fine. We are focusing on the automated tests written by the developers that can be run automatically after each build.


The following components are there in this phase:

  • IDE or Text Editor

  • Test framework


People involved: Developers

What is a Test Framework? 

A test framework is used to perform automated checks as per the defined cases. 

Examples: JUnit, Pytest, Tox

External sources

Why is it important in DevSecOps? 

The project build phase compiles/transforms the source code into a deployable form (e.g. binary, package) by using/integrating the libraries/dependent packages, etc. It is important to check if the build system, dependency packages/libraries being used, are not vulnerable to known attacks and are updated to the latest security fixes.

What will you learn in this section? 

The user will learn to perform the following tasks

  • Building a Java Web App from source code

  • Building Nginx Webserver from source code

  • Run pre-deployment checks on Django Web App source code


Tools Covered

  • Pytest

  • JUnit

  • Tox


Labs

  • Pytest

    • A Kali CLI is provided with a sample Django web app code. The user has to follow the manual and understand/run the provided test cases with pytest. We have also covered how to create a hello world test case with it.

      Objective: Run the tests present in the application using Pytest. 

  • JUnit 

    • A Kali CLI is provided with a sample Java web app code. The user has to follow the manual and understand/run the provided test cases with JUnit. We have also covered how to create a hello world test case with it. 
      Objective: Run the tests present in the application using JUnit.

  • Tox

    • A Kali CLI is provided with the Tox tool. Tox tool is used to check if the python package installs correctly with different Python versions and environments. 
      Objective: Run the tests present in the application using Tox.

User Avatar

Pytest: Python Testing Framework

User Avatar

JUnit: Automated Tests for Java Project

User Avatar

Tox: Multi-Environment Compatibility Testing

User Avatar

Selenium: Basic Automation with Plugin

User Avatar

Selenium: Scripting Interaction

User Avatar

Selenium: Scripting Dictionary Attacks