So if you follow me on Twitter I've been talking about dev ops, and CI a
lot. Why? I've just really been into figuring out the ultimate work flow
while developing. What does this mean? When I'm working I just want to
focus on coding not test, not beta builds, but just the code.
What is CI? {#whatisci}
===========
Atlassian defines CI as [the practice of automating the integration of
code changes from multiple contributors into a single software
project](https://www.atlassian.com/continuous-delivery/continuous-integration).
My definition is automated qa (quality assurance) or testing.
Why should I use CI? {#whyshouldiuseci}
====================
You should use CI to save time. Especially as a freelancer the faster
you can build and test the better. If your a business I think that CI
can help you not only have a solid general test structure but it can
also help with security testing.\
When your talking general testing you can test api calls, test your UI,
or test your interaction workflow (if I hit this button I get this
alert). From a security standpoint you can test other things such as SQL
injection to see if you get a response. Security and CI is still fairly
new to me so I\'m going to post some links at the end.
How can I get into this? {#howcanigetintothis}
========================
First off learn about TDD (Test Driven Development) for your given
platform. The following are some that I know about:
Node/Express: chia and mocha
React Native: Jest
Android: Roboelectric, Mockito, Expresso
After you get TDD "down" then you move into find a CI framework. I did a
post of the ones I tried so far. At the time of writing this I will use
[Circle CI](https://circleci.com/) for apis and
[Travis](https://travis-ci.org/) or [Jenkins](https://jenkins.io/) for
mobile development. I will say that I rather use Jenkins for mobile
development because I can self-host it. I\'ll also take this time to say
Github and Heroku have their own workflow/pipeline \"thing\" you could
use.
After you have merged your test into your CI pipeline, play around for
the most efficient workflow for you. Will your test look about the same?
Will you write all your test first or write them as you go? Will you
create a template and make that the standard going forward? I can\'t
answer any of these for you but I can tell you workflow as of now:
Create Project Folder
Install CI framework
Write code
Write test
Run test locally
Push to Github/Bitbucket
I thought Continuous Integration and Continuous Deployment go hand in hand? {#ithoughtcontinuousintegrationandcontinuousdeploymentgohandinhand}
===========================================================================
Ah they do but we are taking baby steps. Let\'s get this integration
stuff solid and then we will talk about the deployment step. I\'ll give
you time to ask questions, try some things out, and come out with a flow
your comfortable with and then I\'ll be back, I promise.
------------------------------------------------------------------------
- [David Cybuck](https://twitter.com/dpcybuck): I went to his talk at
Bsides Nashville
- [OWASP](https://www.owasp.org/index.php/Main_Page): Open Web
Application Security Project
- I would really reach out to David as his presentation is really what
got me learning more about how CI works with security experts.