Compliance as Code 4 Defining Policies Upfront 4 Automated Gates and Checks 4 Managing Changes in Continuous Delivery 4 Separation of Duties in the DevOps Audit Toolkit 4 Using the Audit Defense Toolkit 4 Code Instead of Paperwork Ladislav Prskavec - Teststack conference, 6. 6. 2019 10
Metrics # HELP inspec_checks_total Number of inspec checks # TYPE inspec_checks_total gauge inspec_checks_total{profile="ssl-baseline",status="passed"} 6 inspec_checks_total{profile="ssl-baseline",status="failed"} 0 inspec_checks_total{profile="ssl-baseline",status="skipped"} 0 4 prometheus_inspec_exporter by Dave Cadwallader Ladislav Prskavec - Teststack conference, 6. 6. 2019 22
Infrastructure as Software 4 Pulumi.io - various languages 4 AWS Cloud Development Kit using CloudFormation - various languages Ladislav Prskavec - Teststack conference, 6. 6. 2019 25
const aws = require("@pulumi/aws"); let size = "t2.micro"; // t2.micro is available in the AWS free tier let ami = "ami-0ff8a91507f77f867"; // AMI for Amazon Linux in us-east-1 (Virginia) let group = new aws.ec2.SecurityGroup("webserver-secgrp", { ingress: [ { protocol: "tcp", fromPort: 22, toPort: 22, cidrBlocks: ["0.0.0.0/0"] }, ], }); let server = new aws.ec2.Instance("webserver-www", { instanceType: size, securityGroups: [ group.name ], // reference the security group resource above ami: ami, }); exports.publicIp = server.publicIp; exports.publicHostName = server.publicDns; Ladislav Prskavec - Teststack conference, 6. 6. 2019 27
Variety tools for work with infrastructure 4 Chef (ruby) - testing with Kitchen 4 Puppet (DSL based on ruby) - Testing with beaker 4 Redhat Ansible (python) - Testing with molecule 4 Hashicorp Terraform (golang) - testing with Terratest 4 and many others Ladislav Prskavec - Teststack conference, 6. 6. 2019 30
Requirements 4 using git or another source control system to track changes 4 declarative syntax 4 easy to start 4 possibility extend and fix tools with you knowledge 4 good documentation, support and community Ladislav Prskavec - Teststack conference, 6. 6. 2019 32
terraformOptions := &terraform.Options { // The path to where your Terraform code is located TerraformDir: "../examples/terraform-basic-example", } // At the end of the test, run `terraform destroy` to clean up any resources that were created defer terraform.Destroy(t, terraformOptions) // This will run `terraform init` and `terraform apply` and fail the test if there are any errors terraform.InitAndApply(t, terraformOptions) // Validate your code works as expected validateServerIsWorking(t, terraformOptions) Ladislav Prskavec - Teststack conference, 6. 6. 2019 40
package test import (...) // An example of how to test the Kubernetes resource config in examples/kubernetes-basic-example using Terratest. func TestKubernetesBasicExample(t *testing.T) { t.Parallel() // Path to the Kubernetes resource config we will test kubeResourcePath, err := filepath.Abs("../examples/kubernetes-basic-example/nginx-deployment.yml") require.NoError(t, err) options := k8s.NewKubectlOptions("", "") namespaceName := fmt.Sprintf("kubernetes-basic-example-%s", strings.ToLower(random.UniqueId())) k8s.CreateNamespace(t, options, namespaceName) // Make sure we set the namespace on the options options.Namespace = namespaceName defer k8s.DeleteNamespace(t, options, namespaceName) // At the end of the test, run `kubectl delete -f RESOURCE_CONFIG` to clean up any resources that were created. defer k8s.KubectlDelete(t, options, kubeResourcePath) // This will run `kubectl apply -f RESOURCE_CONFIG` and fail the test if there are any errors k8s.KubectlApply(t, options, kubeResourcePath) service := k8s.GetService(t, options, "nginx-service") require.Equal(t, service.Name, "nginx-service") } Ladislav Prskavec - Teststack conference, 6. 6. 2019 42
abtris
techtekt
oracle4engineer
yuyakakizaki08
okuzawats
nnstt1
line_developers
zakiyama
hayaosuzuki
tacck
soracom
hatahata021
bryan
philnash
speakerdeck
mza
nonsquared
soudai
michaelherold
colly
dotmariusz
mraible
tanoku
orderedlist