What is Testing?
Testing is done by the developers to make sure that the software/app is working fine. We are focusing on the automated tests written by the developers that can be run automatically after each build.
The following components are there in this phase:
IDE or Text Editor
Test framework
People involved: Developers
What is a Test Framework?
A test framework is used to perform automated checks as per the defined cases.
Examples: JUnit, Pytest, Tox
External sources
What is Pytest? https://docs.pytest.org/en/stable/getting-started.html
Pytest tutorials: https://www.tutorialspoint.com/pytest/index.htm
What is JUnit? https://junit.org/junit5/
JUnit tutorials: https://www.tutorialspoint.com/junit/junit_overview.htm
Why is it important in DevSecOps?
The project build phase compiles/transforms the source code into a deployable form (e.g. binary, package) by using/integrating the libraries/dependent packages, etc. It is important to check if the build system, dependency packages/libraries being used, are not vulnerable to known attacks and are updated to the latest security fixes.
What will you learn in this section?
The user will learn to perform the following tasks
Building a Java Web App from source code
Building Nginx Webserver from source code
Run pre-deployment checks on Django Web App source code
Tools Covered
Pytest
JUnit
Tox
Labs
Pytest
A Kali CLI is provided with a sample Django web app code. The user has to follow the manual and understand/run the provided test cases with pytest. We have also covered how to create a hello world test case with it.
Objective: Run the tests present in the application using Pytest.
JUnit
A Kali CLI is provided with a sample Java web app code. The user has to follow the manual and understand/run the provided test cases with JUnit. We have also covered how to create a hello world test case with it.
Objective: Run the tests present in the application using JUnit.Tox
A Kali CLI is provided with the Tox tool. Tox tool is used to check if the python package installs correctly with different Python versions and environments.
Objective: Run the tests present in the application using Tox.