The Deets on Continuous Integration

So if you follow me on Twitter I’ve been talking about dev ops, and CI a lot. Why? I’ve just really been into figuring out the ultimate work flow while developing. What does this mean? When I’m working I just want to focus on coding not test, not beta builds, but just the code.

What is CI?

Atlassian defines CI as the practice of automating the integration of code changes from multiple contributors into a single software project. My definition is automated qa (quality assurance) or testing.

Why should I use CI?

You should use CI to save time. Especially as a freelancer the faster you can build and test the better. If your a business I think that CI can help you not only have a solid general test structure but it can also help with security testing.
When your talking general testing you can test api calls, test your UI, or test your interaction workflow (if I hit this button I get this alert). From a security standpoint you can test other things such as SQL injection to see if you get a response. Security and CI is still fairly new to me so I'm going to post some links at the end.

How can I get into this?

First off learn about TDD (Test Driven Development) for your given platform. The following are some that I know about:

Node/Express: chia and mocha
React Native: Jest
Android: Roboelectric, Mockito, Expresso

After you get TDD “down” then you move into find a CI framework. I did a post of the ones I tried so far. At the time of writing this I will use Circle CI for apis and Travis or Jenkins for mobile development. I will say that I rather use Jenkins for mobile development because I can self-host it. I'll also take this time to say Github and Heroku have their own workflow/pipeline "thing" you could use.

After you have merged your test into your CI pipeline, play around for the most efficient workflow for you. Will your test look about the same? Will you write all your test first or write them as you go? Will you create a template and make that the standard going forward? I can't answer any of these for you but I can tell you workflow as of now:

Create Project Folder
Install CI framework
Write code
Write test
Run test locally
Push to Github/Bitbucket

I thought Continuous Integration and Continuous Deployment go hand in hand?

Ah they do but we are taking baby steps. Let's get this integration stuff solid and then we will talk about the deployment step. I'll give you time to ask questions, try some things out, and come out with a flow your comfortable with and then I'll be back, I promise.

  • David Cybuck: I went to his talk at Bsides Nashville
  • OWASP: Open Web Application Security Project
  • I would really reach out to David as his presentation is really what got me learning more about how CI works with security experts.