The world of Clouds โ๏ธ A seemingly magical place, scalable to the prim and the epitome of automation. Yet I wouldnโt be the code quality advocate that I am, if my first question here wouldnโt be: How do I test it?
The past months I immersed myself in Terraform, an Infrastructure as Code tool, and embarked on the quest to find out how different or maybe similar testing IaC is to test our well-known general-purpose code. Yet, let us not get ahead of yourself. In this post we are looking at what Infrastructure as Code acutally means and how quality assurance comes into play in this field.
Infrastructure as Code and QA ๐
Infrastructure as Code (IaC) is currently fundamentally changing the processes in IT operation departments. It is the practice of provisioning infrastructure with an (often) declarative approach promoting scalability and automatization in this sector. Although it is not a new technology with the first impactful launches of IaC tools by HashiCorp and Azure in 2014 its usage picked up significantly in the past years as the cloud computing sector started to grow incessantly. Not at least because of the pace infrastructure is to be provisioned in the cloud nowadays, IaC is the future of operations.
Yet, even though this practice is seen as the new industry standard, testing and general quality assurance as well as maintenance of the implemented code is still a blank spot in research. For this reason, this blog series aims to give an overview of the state-of-the-art IaC technologies and their potential pitfalls, defects and misconfigurations that can impact the final infrastructure deployed as well as point out its similarities to the development and testing of general-purpose languages (GPLs). The information presented are a combination of literature research and practical implementation in form of proof-of-concepts with Terraform.
Why QA is important ๐๏ธ
We evidence that the field of development and maintenance IaC is in its infancy and deserves further attention. (Kumara et al., 2021)
In software development, code testing, agile workflows, the practice of continues integration and delivery (CI/CD) and versioning of source code were heavily adopted over recent years not least thanks to pioneers like Robert C. Martin and Martin Fowler. It was a clear response to the rapid pace of change in demands and expectations of end users as well as the progressing digitalization in virtually every sector imaginable โ the assurance of code quality. In parallel to these developments in the software sector, also information technology (IT) infrastructure has undergone many innovations, with one being Infrastructure as Code (IaC).
Infrastructure-as-code (IaC) is the DevOps tactic of managing and provisioning infrastructure through machinereadable definition files, rather than physical hardware configuration or interactive configuration tools (Guerriero et al., 2019)
... and it thus paves the way to unite development and operations (short DevOps) in a way it has not been possible before. With IaC network engineers can utilize the aforementioned software development practices that, until now, were exclusively applicable in the domain of software development. Like with general purpose code, IaC scripts form a living, comprehensible documentation more accurate than any configuration management database (CMDB) could ever do and enable a new chapter in the QA of infrastructure as a whole.
This is important due not least to the very high risks of deploying new software, be it a software service or an IaC script, without rigorous QA, have greater implications now than ever before. As the IBM Cost of Data Breaches Report 2022 showed, depending on the effected cloud environment the breaches average cost for companies are enormous (Ermetic Team, 2022). With these cloud-based breaches, which account for 45% of all data breaches included in the report, the seriousness of this issue, especially in the prospect of the ever-increasing adoption of cloud computing, cannot be ignored. For this reason, it is not just important to lay the focus on generally making infrastructure deployment simpler at its core with IaC, but simultaneously define and improve its testing options. Because in software engineering untested code is one of the most effective ways to generated legacy code fast as...
Tests document the intended behaviour of code which is a tremen-dous help for future developers to understand it. (Schweighofer, n.d.).
Next Steps ๐ช
After understanding the issue the next logical step is to understand how IaC came to be and what it means in the boarder context of IT operations. So, get ready for the origin story of IaC in the next post!
Photo by Pixabay! ๐ฅณ
Top comments (0)
Some comments have been hidden by the post's author - find out more