DOCSLIB.ORG

Service Virtualization, API Testing, and Test Environment Management Release Notes

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Service Virtualization, API Testing, and Test Environment Management Release Notes Service Virtualization, API Testing, and Test Environment Management RELEASE NOTES The release of Parasoft Virtualize 9.9.5, Parasoft SOAtest 9.9.5, and Parasoft Environment Manager 2.7.5 showcases features that allow DevTest teams to test faster with advanced test data automation while ensuring that the appropriate versions of rapidly-evolving test or service virtualization artifacts are being accessed across the team. Advanced Test Data Automation Whether you’re unit testing and need rapid access to a dependent component that is not available for testing or you need to expand the data sets associated with your test or service virtualization assets in order to increase coverage, this release helps you start fast and build on your initial work with advanced test data automation. Simple Mocking To help DevTest teams jumpstart service virtualization and testing efforts, the new Simple Mocking tool enables users to rapidly define and incrementally update virtual assets from HTTP traffic. This allows developers and testers to quickly validate new user stories while building the foundation for more sophisticated virtual assets. When it’s time to simulate more advanced application logic, performance conditions, etc., these building blocks can be extended into advanced simulations that can be shared across teams or divisions. For Virtualize; available on Marketplace. Data Learning Whether starting from a simple mock or any existing virtual asset, developers and testers can incrementally extend a virtual asset’s reach to cover a broader range of use cases with the new data learning capability. This new capability automatically expands the data set by observing traffic and adding net new observations to the data repository—enabling teams to rapidly enhance data-driven virtual assets. The update process can be fully- automated (invoked whenever new data is detected) or initiated on an as-needed basis. With this automated assistance, even teams facing ultra-compressed schedules can achieve the broader test coverage required to accurately assess the risk of a release candidate. For Virtualize; available on Marketplace. Synthetic Data Generation Further assisting teams to jumpstart their service virtualization and testing efforts, the new Mockaroo integration enables users to quickly generate realistic test data and feed it directly into the Parasoft ecosystem. Using API keys to call schemas defined in Mockaroo, this integration allows up 1000 rows of data to be generated and leveraged for free. For Virtualize and SOAtest; available on Marketplace. Artifact Locking With Agile and highly-iterative development methodologies, artifacts for continuously-evolving applications are constantly in a state of transition. Allowing team members to leverage an evolving test or service virtualization assets while it’s still transitioning, could lead to wasted time and compromise the accuracy of test results. To facilitate sharing in in this context, this release adds artifact locking capabilities. Building upon Environment Manager’s existing permission controls for systems and environments, the solution now allows users to lock specific artifacts that compose test environment components—including virtual assets, test assets, message proxies, JDBC controllers, other files hosted on a Virtualize/SOAtest Server, and data repositories. Artifacts can be locked directly from the Virtualize/SOAtest desktop or from the Environment Manager and TDM browser-based interfaces. Once a file is locked, other users can read it, but not change it. Admin-level users can unlock any locked artifact if needed. Available on Virtualize, SOAtest, and Environment Manager. Additional New Features » Support for MQ CCDT configuration files (SOAtest, Virtualize) » Ability to record one traffic file per request/response pair (Virtualize) » Performance optimization when working with large payloads (SOAtest, Virtualize) » Hierarchical parameterization for JSON in literal views (SOAtest, Virtualize) Resolved PRs/FRs Virtualize ID Description 119398 Multiple Responses correlation fails with JSON Requests Proxy failover to secondary connection does not have return status 119043 documented Virtualize does not obey the Data Reuse Configurations when 118988 importing Traffic file Inconsistency in how Virtualize imports traffic responses into Data 118566 Repository 118218 Add timeouts or scripted responses 115709 Add CCDT support for MQ Wrong data model shown for incoming request in fixed length 119459 respond SOAtest ID Description 98923 Add CCDT support for MQ 99835 Before Test and After Test delays are not honored in Load Test Ignore parameters that appear in REST service definition media 115750 types FTP Client SFTP Adapter occasionally throws com.jcraft.jsch. 115996 JSchException: verify: false Add support for test suite variables in the File option of Input tab of 118241 standalone tools Constrained REST Client sends query parameter names with no 118807 value instead of completely excluding them 119045 Browser Contents are grayed out when Selenium used for playback Update documentation about Protected Mode being disabled for all 119046 4 zones Environment Manager ID Description System Instance Editing does not save Virtual Asset information 118867 correctly Environment Manager / Virtualize refresh from Virtualize Servers 118935 dialog fails when a Virtual Asset file is missing The PSTsec.war shipped with Environment Manager throws an error 119254 message when adding LDAP.
Load more

Recommended publications
  • Eliminate Software Development and Testing Constraints with Service Virtualization 2 | WHITE PAPER: KEY CAPABILITIES of a SERVICE VIRTUALIZATION SOLUTION Ca.Com
    WHITE PAPER | NOVEMBER 2014 Eliminate Software Development and Testing Constraints with Service Virtualization 2 | WHITE PAPER: KEY CAPABILITIES OF A SERVICE VIRTUALIZATION SOLUTION ca.com Table of Contents Executive Summary 3 Section 1: Creating a “Live-Like” Environment 4 Simulating Dependent Systems in Dev and Test Environments Section 2: Enabling Parallel Development and Testing 5 Dev and Test Teams Working Simultaneously Section 3: Handling Test Data for Out-of-Scope Dependencies 6 Missing Downstream Data is No Longer a Problem Section 4: Supporting Heterogeneous Technology and Platforms 8 Creating a Truly Complete Environment Section 5: Conclusion 10 Taking the Right First Steps 3 | WHITE PAPER: KEY CAPABILITIES OF A SERVICE VIRTUALIZATION SOLUTION ca.com Executive Summary Challenge The growing complexity of applications, along with globally-dispersed organizations, means teams face a barrage of bottlenecks as they strive to deliver. Examples of bottlenecks—or constraints—include access to mainframe or ERP test environments, lack of test data, access to third-party systems, and budget limitations. Often, constraints are created parallel development teams seeking access to the same environments. Often, teams try to either copy a complete environment in a test lab, or “mock up” responsive systems by coding their own versions for test purposes. This can become a costly and time-consuming endeavor. Opportunity In essence, Service Virtualization (SV) is the productization of the practice of “mocking and stubbing” dev and test environments, with enough realism and context to push development forward faster, while shifting testing left in the lifecycle so integration and release processes can happen faster, with higher quality and less risk.
    [Show full text]
  • Testing Web Services: a Survey Technical Report TR-10-01
    Testing Web Services: A Survey Technical report TR-10-01 Mustafa Bozkurt, Mark Harman and Youssef Hassoun Centre for Research on Evolution, Search & Testing King’s College London Strand, London WC2R 2LS, UK mustafa.bozkurt,mark.harman,youssef.hassoun @kcl.ac.uk f g Abstract The Service-Oriented Computing (SOC) paradigm is allowing computer systems to interact with each other in new ways. According to the literature, SOC allows composition of distributed applications free from their platform and thus reduces the cost of such compositions and makes them easier and faster to develop. Currently web services are the most widely accepted service technology due to the level of autonomy and platform-independency they provide. However, web services also bring challenges. For example, testing web services at the client side is not as straightforward as testing traditional software due to the complex nature of web services and the absence of source code. This paper surveys the previous work undertaken on web service testing, showing the strengths and weaknesses of current web service testing strategies and identifying issues for future work. 1 Introduction This paper presents a survey of web service testing techniques. Web services is a rapidly growing concept that drives the Service-Oriented Computing (SOC) at present. Web services present important challenges to software testers. These challanges has led to much work on techniques for testing web services. The present paper seeks to provide a comprehensive survey of existing work. According to Papazoglou [110], SOC is a new computing paradigm that utilizes services as the lightweight constructs to support the development of rapid, low-cost and easy composition of distributed applications.
    [Show full text]
  • Parasoft Static Application Security Testing (SAST) for .Net - C/C++ - Java Platform
    Parasoft Static Application Security Testing (SAST) for .Net - C/C++ - Java Platform Parasoft® dotTEST™ /Jtest (for Java) / C/C++test is an integrated Development Testing solution for automating a broad range of testing best practices proven to improve development team productivity and software quality. dotTEST / Java Test / C/C++ Test also seamlessly integrates with Parasoft SOAtest as an option, which enables end-to-end functional and load testing for complex distributed applications and transactions. Capabilities Overview STATIC ANALYSIS ● Broad support for languages and standards: Security | C/C++ | Java | .NET | FDA | Safety-critical ● Static analysis tool industry leader since 1994 ● Simple out-of-the-box integration into your SDLC ● Prevent and expose defects via multiple analysis techniques ● Find and fix issues rapidly, with minimal disruption ● Integrated with Parasoft's suite of development testing capabilities, including unit testing, code coverage analysis, and code review CODE COVERAGE ANALYSIS ● Track coverage during unit test execution and the data merge with coverage captured during functional and manual testing in Parasoft Development Testing Platform to measure true test coverage. ● Integrate with coverage data with static analysis violations, unit testing results, and other testing practices in Parasoft Development Testing Platform for a complete view of the risk associated with your application ● Achieve test traceability to understand the impact of change, focus testing activities based on risk, and meet compliance
    [Show full text]
  • An Introduction to Service Virtualization IBM Middleware User Community Ask the Experts Series
    An Introduction to Service Virtualization IBM Middleware User Community Ask the Experts Series Matt Tarnawsky Offering Manager, API Testing & Service Virtualization © 2016 IBM Corporation Agenda What is service virtualization? How can I make use of service virtualization? How do I create virtual services? Tools and Integrations © 2016 IBM Corporation Page 2 What is Service Virtualization? Presentation tier SOA/BPM B2B Database ESB Mainframe © 2016 IBM Corporation Page 3 What is Service Virtualization? Presentation tier SOA/BPM B2B Virtual Services Database ESB Mainframe © 2016 IBM Corporation Page 4 Shift Left Automated Integration Testing C o Traditional Service Virtualization l UI Testing = Start testing earlier l a Test Automation b o UNIT SERVICE UI = Test repeatedly and r continuously a Deployment Automation t Exploratory Testing i = Provision and o orchestrate the process n Service Virtualization © 2016 IBM Corporation Page 6 Multi-Speed IT Big Big Bang! Bang! Presentation layer Integrate Integrate Middleware component 1 week 1 week Mainframe component typically 6 Weeks typically 6 Weeks © 2016 IBM Corporation Page 7 7 Actual Service/App Virtual Service/App © 2016 IBM Corporation Page 8 – Isolating parts of the system Other uses such as UI or business processes – Creating new test scenarios – Performance testing – Shielding production systems from test calls © 2016 IBM Corporation Page 9 Rational Test Virtualization Server Presentation Layer – Examine integration protocols and messages to verify end-to-end communication – Reuse integration
    [Show full text]
  • Model-Based Api Testing for Smt Solvers
    MODEL-BASED API TESTING FOR SMT SOLVERS Aina Niemetz ?y, Mathias Preiner ?y, Armin Biere ? ?Johannes Kepler University, Linz, Austria yStanford University, USA SMT Workshop 2017, July 22 – 23 Heidelberg, Germany SMT Solvers highly complex usually serve as back-end to some application key requirements: correctness robustness performance −! full verification difficult and still an open question −! solver development relies on traditional testing techniques 1/22 Testing of SMT Solvers State-of-the-art: unit tests regression test suite grammar-based black-box input fuzzing with FuzzSMT [SMT’09] generational input fuzzer for SMT-LIB v1 patched for SMT-LIB v2 compliance generates random but valid SMT-LIB input especially effective in combination with delta debugging not possible to test solver features not supported by the input language This work: model-based API fuzz testing −! generate random valid API call sequences 2/22 Model-Based API fuzz testing −! generate random valid API call sequences Previously: model-based API testing framework for SAT [TAP’13] implemented for the SAT solver Lingeling allows to test random solver configurations (option fuzzing) allows to replay erroneous solver behavior −! results promising for other solver back-ends Here: model-based API testing framework for SMT lifts SAT approach to SMT implemented for the SMT solver Boolector tailored to Boolector for QF_(AUF)BV with non-recursive first-order lambda terms −! effective and promising for other SMT solvers −! more general approach left to future
    [Show full text]
  • Devsecops DEVELOPMENT & DEVOPS INFRASTRUCTURE
    DevSecOps DEVELOPMENT & DEVOPS INFRASTRUCTURE CREATE SECURE APPLICATIONS PARASOFT’S APPROACH - BUILD SECURITY IN WITHOUT DISRUPTING THE Parasoft provides tools that help teams begin their security efforts as DEVELOPMENT PROCESS soon as the code is written, starting with static application security test- ing (SAST) via static code analysis, continuing through testing as part of Parasoft makes DevSecOps possible with API and the CI/CD system via dynamic application security testing (DAST) such functional testing, service virtualization, and the as functional testing, penetration testing, API testing, and supporting in- most complete support for important security stan- frastructure like service virtualization that enables security testing be- dards like CWE, OWASP, and CERT in the industry. fore the complete application is fully available. IMPLEMENT A SECURE CODING LIFECYCLE Relying on security specialists alone prevents the entire DevSecOps team from securing software and systems. Parasoft tooling enables the BENEFIT FROM THE team with security knowledge and training to reduce dependence on PARASOFT APPROACH security specialists alone. With a centralized SAST policy based on in- dustry standards, teams can leverage Parasoft’s comprehensive docs, examples, and embedded training while the code is being developed. ✓ Leverage your existing test efforts for Then, leverage existing functional/API tests to enhance the creation of security security tests – meaning less upfront cost, as well as less maintenance along the way. ✓ Combine quality and security to fully understand your software HARDEN THE CODE (“BUILD SECURITY IN”) Getting ahead of application security means moving beyond just test- ✓ Harden the code – don’t just look for ing into building secure software in the first place.
    [Show full text]
  • Model-Based API Testing for SMT Solvers∗
    Model-Based API Testing for SMT Solvers∗ Aina Niemetz, Mathias Preiner, and Armin Biere Institute for Formal Models and Verification Johannes Kepler University, Linz, Austria Abstract Verification back ends such as SMT solvers are typically highly complex pieces of soft- ware with performance, correctness and robustness as key requirements. Full verification of SMT solvers, however, is difficult due to their complex nature and still an open question. Grammar-based black-box input fuzzing proved to be effective to uncover bugs in SMT solvers but is entirely input-based and restricted to a certain input language. State-of-the- art SMT solvers, however, usually provide a rich API, which often introduces additional functionality not supported by the input language. Previous work showed that applying model-based API fuzzing to SAT solvers is more effective than input fuzzing. In this pa- per, we introduce a model-based API testing framework for our SMT solver Boolector. Our experimental results show that model-based API fuzzing in combination with delta debugging techniques is effective for testing SMT solvers. 1 Introduction State-of-the-art Satisfiability Modulo Theories (SMT) solvers are typically highly complex pieces of software, and since they usually serve as back-end to some application, the level of trust in this application strongly depends on the level of trust in the underlying solver. Full verification of SMT solvers, however, is difficult due to their complex nature and still an open question. Hence, solver developers usually rely on traditional testing techniques such as unit and regression tests. At the SMT workshop in 2009, in [10] Brummayer et al.
    [Show full text]
  • Continuous Testing for Devops Evolving Beyond Simple Automation
    Technical Whitepaper 1 Continuous Testing for DevOps Evolving Beyond Simple Automation INTRODUCTION DevOps represents a cultural shift that stresses collaboration be- on acceleration. Moreover, adopting a bona fide Continuous Testing tween the business, developers, and IT professionals. Software test process (more than just automated tests running regularly) helps automation can enhance these connections and help organizations promote all of the core pillars of DevOps: Culture, Automation, Lean, achieve desired SDLC acceleration, but it’s important to recognize Metrics, and Sharing. that automation is just one piece of the DevOps puzzle. In this paper, we’ll explore why and how Continuous Testing’s real- Since testing is often one of the greatest constraints in the SDLC, time objective assessment of an application’s business risks is a optimizing quality processes to allow testing to begin earlier, as well critical component of DevOps. as shrink the amount of testing required, can have a marked impact DEVOPS PRINCIPLES There are several key pieces to understanding DevOps revolutions and they are often brought about by a compelling event at an organization, such as a shift to agile. As organizations start to move into an agile development methodology, they start to uncover other processes that can be accelerated, such as delivery by DevOps and testing by Continuous Testing. The acceleration that is set in motion via agile makes it necessary to accelerate the release schedule. In order to ensure a successful release, an organization must adopt continuous testing to make sure the conveyer belt does not break down. The modernization maturity model has these three distinct phases: AGILE Agile software development is a different way of thinking about approaching the challenge of development time.
    [Show full text]
  • Accelerate Software Innovation Through Continuous Quality
    Accelerate Software Innovation Through Continuous Quality 1 Software quality is recognized as the #1 issue IT executives are trying to mitigate. Enterprise organizations strive to accelerate the delivery of a compelling user experience to their customers in order to drive revenue. Software quality is recognized as the #1 issue IT executives are trying to mitigate. QA teams know they have issues and are actively looking for solutions to save time, increase quality, improve security, and more. The most notable difficulties are in identifying the right areas to test, the availability of flexible and reliable test environments and test data, and the realization of benefits from automation. You may be facing many challenges with delivering software to meet the high expectations for quality, cost, and schedule driven by the business. An effective software testing strategy can address these issues. If you’re looking to improve your software quality while achieving your business goals, Parasoft can help. With over 30 years of making testing easier for our customers, we have the innovation you need and the experience you trust. Our extensive continuous quality suite spans every testing need and enables you to reach new heights. 3 QUALITY-FIRST APPROACH You can’t test quality into an application at the end of the software development life cycle (SDLC). You need to ensure that your software development process and practices put a priority on quality- driven development and integrate a comprehensive testing strategy to verify that the application’s functionality meets the requirements. Shift testing left to the start of your development process to bring quality to the forefront.
    [Show full text]
  • Accelerate Your Digital Transformation with Continuous API Testing
    Accelerate Your Digital Transformation with Continuous API Testing Continuously Improve DevOps, Agile Development, and CI/CD Pipelines with Continuous API Testing Powered by Contents Executive Summary 3 Quality-at-Speed 5 The Journey to Continuous API Testing 7 CI/CD Toolchain 9 Product Overview: API Fortress 10 Key Benefits 10 Competitive Edge: Continuous API Quality 12 How API Fortress Works 14 Core Features Basic Use Case 15 Advanced Use Case - “The Developer Flow” 16 API Risk Assessment 18 Contact Us Accelerate Your Digital Transformation with Continuous API Testing 2 Executive Summary Companies are being pushed to transform and innovate faster than ever. The need to stay ahead of new startups and technologies is leading to a mass shift in how work is done. This is best evidenced by the 36 60 percent spike from 2015 to 2017 in the adoption of Agile Development at enterprises according to Forrester. This has signaled a “critical mass realization” of the need for immediate digital 40 transformation. CIO senior writer, Clint Boulton, states, “Digital transformation [can be defined] as a euphemism for [a CIO’s] modernization efforts: 2017 moving from legacy architectures, on-premises systems and waterfall development to API-driven 20 microservices, the cloud and agile1.” At the heart of digital transformation is speed—the 2015 acceleration of release cycles for software features and APIs. With faster releases, developers can plan and build digital products in a nimble fashion that Widespread Adoption of responds more promptly to constantly changing Agile Development business cases. After all, customer preferences and loyalties are less stable than ever, and innovative competitors can disrupt instantly.
    [Show full text]
  • Automate Your Jenkins CI/CD Pipeline with Automated REST and SOAP
    API Fortress for Jenkins CI/CD Pipelines Automate your Jenkins CI/CD Pipeline with Automated REST and SOAP API Testing Deploy API Fortress for Jenkins CI/CD pipeline on- premises or hybrid cloud using Kubernetes or Docker. Or use the API Fortress API testing SaaS platform. Web Mobile App API Fill the Gap in Your Build Jenkins CI/CD Pipeline In just minutes, incorporate continuous API testing Test powered by API Fortress into your CI/CD pipeline. Deploy API Fortress on-premises or use our cloud platform. Test automation with immediate Deploy feedback directly into your Jenkins instance. Automate your Jenkins CI/CD Pipeline with Automated REST and SOAP API Testing With a CI/CD pipeline, the work of distributed teams come together in an automated flow to build, test, and deploy new code. That means rewriting the rules of how releases are built and tested. One of the first things that the Jenkins wiki (Jenkins Best Practices) tells newcomers to CI/CD is that “unit testing is often not enough to provide confidence [of desired quality].” The wiki then talks about the necessity to automate API testing throughout the lifecycle to ensure that all distributed teams are continually working with good services and data. Let’s take a closer look at those two stipulations of a CI/CD pipeline: 1. UI Testing Isn’t Enough: In our eBook, Nine Bugs That UI 2. Run API Testing Continuously: CI/CD pipelines produce Testing Could Not Diagnose, we tell nine horror stories from iterative releases so that services and mobile apps can real customers of API Fortress involving API vulnerabilities evolve quickly without increasing the number of bugs or and bugs that UI testing did not detect early in the lifecycle, vulnerabilities released.
    [Show full text]
  • Parasoft Soatest the INDUSTRY-LEADING API TESTING SOLUTION
    Parasoft SOAtest THE INDUSTRY-LEADING API TESTING SOLUTION TRY IT Mitigate the risk of Reduce the cost of developing high-quality software, without sacrificing time-to-market: Get a free trial of Parasoft accelerated delivery with SOAtest and start testing. efficient end-to-end test CONTINUOUS TESTING automation. Automate the execution of API, performance, https://software.parasoft.com/soatest and security tests as part of your continuous Parasoft SOAtest helps cut through the delivery pipeline, leveraging CI infrastructure complexity of testing omni/multi-channel such as Jenkins, Bamboo, TeamCity, and API TESTING FOR applications. It extends API testing with VSTS, to provide a faster feedback loop ENTERPRISE AND automation and mitigates the cost of for test development and management. re-work by proactively adjusting your EMBEDDED library of tests as services change. AGILE Accelerate the feedback process required SOAtest efficiently transforms your in Agile methodology, by associating test existing test artifacts into security and • Automate complex scenarios cases with work items and integrating test performance tests, to increase re-usability across multiple endpoints (services, results with your requirements and issue and reduce redundancy, all while building databases, mobile, web UI, sensors, management systems, such as Jira, to a foundation of automated tests that ESBs, mainframes, etc.) from a single continuously validate your level of risk. intuitive user interface can be executed as part of Continuous Integration and DevOps
    [Show full text]