Testing environment
Quality assurance (QA) personnel use the testing environment to validate features.
They approve the changes after they finish testing. When they approve, the branch moves
on to the next environment, staging. In Gitflow, this environment and others above it
are only available for deployment from release branches. A
release branch is based on a develop branch that contains
the planned features.
Access
Assign permissions according to the principle of least privilege. Developers should have less access to the testing environment than they have to the development environment. QA personnel require sufficient permissions to test the feature.
Build steps
The build process in this environment is only applicable for bugfixes when using
the Gitflow strategy. Creating a merge request to the bugfix branch
automatically starts the build.
-
Use git-secrets
(GitHub) to scan for sensitive information -
Lint the source code
-
Build and compile the source code, if applicable
-
Perform unit testing
-
Perform code coverage analysis
-
Perform static code analysis
-
Build IaC
-
Perform IaC security analysis
-
Extract open source licenses
Deployment steps
Automatically initiate deployment of the release branch (Gitflow) or
the main branch (Trunk or GitHub Flow) in the testing environment after
deployment in the development environment. The following are the deployment steps in
the testing environment:
-
Deploy the
releasebranch (Gitflow) ormainbranch (Trunk or GitHub Flow) in the testing environment -
Pause for manual approval by designated personnel
-
Download published artifacts
-
Perform database versioning
-
Perform IaC deployment
-
Perform integration tests
-
Perform performance tests
-
Quality assurance approval
Expectations before moving to the staging environment
-
The development and QA teams have performed sufficient testing to satisfy your organization's requirements.
-
The development team has resolved any discovered bugs through a
bugfixbranch.
