DevOps practitioners must get feedback from quality assurance and security testing as early in the development pipeline as possible. When continuously building and deploying web application projects, being able to run a test and get output on it within minutes is a super power skill that gets teams ahead of potential problems. In this workshop, be prepared to use Docker to run multiple tests on your websites, learn about what the different tests are used for, and then become familiar with the output to interpret them for actionable feedback. We will analyze the following testing capabilities.
- Performance
- Security
- SEO
- Accessibility
Dev, Ops, Sec, and QA resources should all gain knowledge about the entire pipeline and find new ways to collaborate on testing. Docker allows teams to experiment quickly and determine what systems help the work in the most useful way.
Slideshare
Commands I run
chmod o+w docker-tests/
chmod o+w docker-tests/*
docker run --rm -v /root/docker-tests/sitespeed.io:/sitespeed.io sitespeedio/sitespeed.io:8.15.2 https://tomcudd.com
docker run --rm --name lighthouse -it -v /root/docker-tests/lighthouse:/home/chrome/reports --cap-add=SYS_ADMIN femtopixel/google-lighthouse https://tomcudd.com
docker run -v /root/docker-tests/zap:/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py -t https://tomcudd.com -g gen.conf -r tomcudd.html
docker run -it --rm -v /root/docker-tests/checklink:/home/checklink stupchiy/checklink -H https://tomcudd.com > /root/docker-tests/checklink-report.html
mkdir docker-tests/pa11y
vim docker-tests/pa11y/config.json
docker run -it -v /root/docker-tests/pa11y/config.json:/tmp/config.json digitalist/pa11y-ci:latest pa11y-ci -c /tmp/config.json > /root/docker-tests/pa11y/pa11y-output.txt
Config file
[root@c7v2 ~]# cat pa11y/config.json
{
"defaults": {
"chromeLaunchConfig": {
"args": ["--no-sandbox"]
},
"timeout": 60000
},
"urls": [
"https://tomcudd.com"
]
}
Info about Docker commands
--rm == clean up the running container when done
-v == mount a volume
--name with -it to allocate pseudo-TTY
--cap-add=SYS_ADMIN == to allow the range of systems administration operations
Links
- https://developers.google.com/web/tools/lighthouse/
- https://www.sitespeed.io/
- https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
- https://github.com/w3c/link-checker ( https://www.w3.org/ )
- https://pa11y.org/
- https://www.thinkwithgoogle.com/marketing-resources/data-measurement/mobile-page-speed-new-industry-benchmarks/
- https://www.w3.org/TR/WCAG21/
Pixabay Images Used
- https://pixabay.com/photos/classical-music-concert-macro-music-1838390/
- https://pixabay.com/photos/office-business-paperwork-document-3295556/
- https://pixabay.com/photos/rocket-launch-rocket-take-off-nasa-67643/
- https://pixabay.com/photos/car-supercar-gt-ford-speed-power-1376190/
- https://pixabay.com/photos/car-mustang-vehicle-ford-speed-1081742/
- https://pixabay.com/photos/padlock-shed-locked-lock-secure-690286/
- https://pixabay.com/photos/hacking-cyber-blackandwhite-crime-2903156/
- https://pixabay.com/photos/lighthouse-navigation-beacon-tower-93487/
- https://pixabay.com/photos/digital-marketing-seo-google-1725340/
- https://pixabay.com/photos/seo-sem-marketing-optimization-web-758264/
- https://pixabay.com/vectors/mobile-devices-website-mockup-web-2017978/
- https://pixabay.com/photos/braille-font-keys-metal-plate-52554/
- https://pixabay.com/photos/phone-cell-customer-service-875488/