Am working along with @jnsereko to have them on board. Those two have been fixed for now.
Nice work @sharif
Thanks @kdaud waiting…to get started
@sharif would be great to have them on board soon! Intro tickets are a good start for those getting into the amazing security automation.
Dear @jonathan , feel free to check in https://issues.openmrs.org/projects/RATEST/issues/RATEST-198?filter=allopenissues to get started on ready for work issues to keep moving please
In the last two weeks of September, Have been fixing Tasks that were lacking some implementation information like Registration and FindPatients Workflows which are happily running the master, Resolved Tasks in refapp distro to do with pages to cater for e2e workflow in qaframework, Have also tried to leverage on ticket handling , this helped our new friends to get started on them
Have also started on working of RefApp 3.x issues where am trying to get hands dirty on real cypress automated testing and getting cling on MFE project and have a ticket that is in progress thanks to @jayasanka for help
For security issue Part: This area is still not attended too as expected, However we have @elder16 @jnsereko who joined the team and we are looking forward to continue sync together especially on our qa meetings to have discussions on handling this. We are also looking into leveraging on using sonaqube for security vulnerability tracking, Ticket logged in here to cater for sonaqube in platform core and I hope to dive into it as soon as possible
Things that I will be working on in the Next two weeks
1.Continue to work on RefApp 3.x issues with cypress and hopefully increase SPA server automation coverage.
Handle automated tests that are still remaining especially those that have been created recently include, Handling Report E2E Automations.And others residing from manage Configure metadata part, Handling Open Concept Lab picked by @jwnasambu and other issues. This will also increase our coverage of the application as well
Have already started on handling Openmrs Automated Rest API . This being brought about by the community and suprisingly its one of my interest of learning area, So i will also be looking forward to handle Rest Api end points.Thanks to @grace @dkayiwa @ibacher @tendomart for bringing out this part of work into light and thanks to @dkayiwa @ibacher clarifying the point here, because i had done it differently but it was so clear for me
Have also attended community calls to keep updated with the current process, Have Helped others on talk, slack ,private slack channel in reviewing Prs ticket handling and technical support as large and those who have been blocked. Great Thanks for qa support squad Team. cc @christine @kdaud @grace @jnsereko @insookwa @mherman22 @irenyak1 @gracebish @jwnasambu @jonathan. Am so happy seeing qa support Team growing day by day. Looking forward to continuing work with you. Thanks a lot Keep up the automations, Write automation and save peoples Lives
Congratulation for this milestone and am really grateful for your desire to see others grow. I must admit I have benefited a lot from the QA squad. You and @kdaud you have made me believe everything is possible and the sky is the limit.
Thanks @sharif for this initiative. Do we have enough such tickets READY FOR WORK on the QA-Dashboard to cater for those getting started with our modules? I have seen @jonathan @jnsereko @ndacyayisenga @gracebish @mherman22 @kmuwanga @jwnasambu and others having interest to pick on such tickets and work on them.
Sure there are those which have been created recently, We probably hope you add more tickets presumably
Thanks , its an honour to work with you in QA
Keep mentoring us please and show us how to get around and well acquinted with QA.
All the best in your fellowship journey. Keep pushing , the sky is the limit for you @sharif
Sure we will be glad to help out
In the last two weeks of September, Have been able to increase the test coverage by fixing a number of tasks that have been breaking on ci the qa-module, Working on reporting Workflow which is pending due to the implementation strategy but it was later resolved that we shall be testing Reporting Api instead of reporting UI, thanks to @dkayiwa,
Have been also working on RefApp 3.x workflow vitals and Triage which is currently in progress due to the fact that i considered working on Migrating Pages. which is one of the priority tickets am looking forward to finishing in the coming month.
For security Response, Thanks to @jnsereko @isears @elder16 for effort, @jnsereko and i are looking into how we can use OWASP zap and sonaqube integration with in openmrs core, Currently sonaqube have a ticket for its integration into platform core however we will be leveraging whether its possible to have OWASP or sonaqube help us in security automation
Things to accomplish in the coming month
Migrate distro-uitest submodule part(include pages and test classes), and uitest framework module into qaframework, We already have a go ahead talk thread and ticket in progress guided and reviewed by @ibacher @dkayiwa @mozzy @kdaud
Continue working on RefApp 3.x cypress related work. This also involves of atleast have more tests written in cypress
Testing Rest API : We already have an ongoing work where we will be trying to test and increase platform test coverage which involves writing integration test for rest end points Talk thread that have nice resources about Rest api. We are also looking into Karate framework ,Rest assured for more testing approaches, this will be helping us in choosing which best tool to use for testing REST API though Karate Framework seem to be a nice one to dive into
Have sonaqube integration in openmrs core as part of security response : We are still having discussions of whether we might resurrect back sonaqube into integration with bamboo, or in openmrs core back cc @cintiadr @dkayiwa might help us with direction on this. Thanks to @jnsereko @elder16 @isears @grace for the effort on this part
Have attended QA squad call, Have led Pm calls ,Helped others on talk, private slack calls ,Reviewed code.
Once gain thanks to the quality assurance support Team for tramendous work we are doing,Lets keep up the hard work, Lets keep learning New stuff, Karate framework , RestAssured on the table to dive into. Am glad to work with you and keep forward to continue work with you cc @christine @kdaud @grace @jnsereko @insookwa @mherman22 @irenyak1 @gracebish @jwnasambu @jonathan, @ndacyayisenga
In the last two weeks, Have been trying to work on the migration of pages from referenceapplication distro, Migrating util methods from uitestframework and refactor some of the methods that we might not need in qaframework module; More talk conversations
The idea is to have a well page Object model approach that will easy the maintenance of the module and have reduce code duplication , I already have a Pull request that is under review Migrate Pages Remove Pages and Tests from distro. Big thanks to @dkayiwa @ibacher @mozzy @kdaud
Have also been working on Reporting workflow Test but unfortunately put on hold due migration of pages since we might have to use some resources.
Plans for the next weeks: Have pages migrated, Have a stable qaframework module running perfectly with ci build, then Have some workflow.
Have attended QA squad call, Have led Pm calls ,Helped others on talk, private slack calls ,Reviewed code.
Thanks to the quality assurance support Team for tramendous work we are doing.
Hello : For the last two weeks, All the focus was to come up with Page object model qaframework and perhaps making the qaframework module standalone. This improved its maintainability and reduce of burdens of mantainace. Thanks to @dkayiwa @ibacher @kdaud for the tremendous review and finally it got merged .What got merged were all the pages, so technically we no longer depend on pages from refapp distro and uitestframework while implementing an E2E based workflow which we have been doing, This is a great improvement as the product.
We are now remaining with only selenium tests of which we are still having some discussion of whether we also migrate them or change them into a new BDD approach.Ideally after doing this, we will be at high level of maximum maintainability of qaframework and the product itself. Test coverage will also be at stake since there is no decree of any test.we have it all .
For automated security part. We are delighted to inform us sonaqube has been integrated in openmrs core thanks to @dkayiwa @ibacher @jnsereko @elder16 for your support on this. For this case you can easily track any xss vulnerability forexample following this link, you will be able to see how vulnerable is the core
Will also try to do this more intense to see how we best we can track and automate these, the idea behind this is sonaqube is going to help us track xss vulnerability and we can have them automated.
Thanks to @tendomart and @herbert24 for the releases done. we are confident enough that qa-server is well tested due to work being done on it Have attended QA squad call, Have led Pm calls ,Helped others on talk, private slack calls ,Reviewed code.
This month of November, Will be focussing on
Finish all the stability of selenium tests that are still seating in distro, conversations still in pipeline.
Learn more about handling structured query languages as part of automation purpose. this involves writing SQL AND integration tests especially for handling databases CRUD operations on either MySQL or postregre .
Fantastic work @sharif! Really excited about how you are thinking through the sustainability of the qaframework and the approach we are taking. Plus, this sorqube integration is super cool. Will you be showcasing this any time soon? I think some other global goods might be interested in this tool as well.
Thanks @janflowers , sure hopefully to come up with a demo as soon as possible that showcases how best we can use sonaqube in our security automation, Ideally sonaqube will override/reduce effort of reproducing vulnerabilities with in the system. I hope to showcase the idea of how it will be of importance to our software.
During the first two weeks of November Have been working on migrating selenium tests into new QA framework for stability, however, we have been successful in one single part. The current blocker is that these are contradicting and make tests take long to build perhaps fails, hence poor design which am still debugging with the help of @dkayiwa @kdaud @ibacher, we are trying to find out whether these can run selenium tests along with E2E tests simultaneously without interfering with new bdd running tests. We want to come up with a structured framework that will be easy and maintainable to use in the future whereby selenium tests can run independently when triggered by ci.
Another epic we are happy with is integration with sonaqube into our codebase . This has improved the life of security engineers/QA engineers which is easing the work of issue /vulnerability tracker, We have been able to add sonaqube into our dashboards such that we can easily track the sona instance integrated with openmrs core sonar on ci.Sonaqube overview. You can get started with SCA, DAST, AND SAST security tools more in the shared vedio above. Am still looking for ways to get acquainted in these tools along with OWASP ZAP.
For the rest of the time, i will be helping out ocl team especially with automating ocl dictionary and fixing some issues.
Started on learning a new areas. Which is Carryout database Testing Using Selenium. This was brought up on the implementor call, so we decided to start learning new ways how we can achieve this milestone. so far, happy to learn that we cannot use selenium directly to carry out database testing however since selenium performs validation of UIs only .It can be achieved using the TestNG framework and using JDBC for database connection, TESTNG can easily be integrated with JDBC to perform database testing using structured queries(SQL) we hope to cover this part in the showcase conference as well.