Process
Code goes through several QA steps before a ticket (bugfix/improvements/new features) is considered done.
- code review
- done by one or more peer engineers, depending on the complexity of the issue at hand
- pre-integration QA
- usually manual QA done by a peer after code review and before merging code
- unit and/or integration tests are in most cases mandatory before code can be merged
- QA on integrated code
- usually manual QA done by a peer who was not involved in code review and pre-integration QA
- Continuous integration
- an extensive set of integration tests (including UI tests) is triggered automatically by code changes and usually runs several times a day on different bundles (CE, DX-Core, Addons) or modules (e.g. Rest support, Content Editor)
- when a regression is found the issue is addressed promptly and changes reverted asap if no quick fix is possible
- Migration tests
- a set of automated tests meant to detect configuration discrepancies when updating to the next maintenance release
Before releasing
- pre-release QA
- mostly smoke tests and manual testing on bundles of features not covered by ITs yet
- migration updates not covered by automated migration tests
- final QA
- again smoke tests on staged bundle artifacts before making release artifacts public
Security scans
- CVE scan runs automatically once a day on bundles (and some modules, e.g. Blossom, Tomcat bundle) to detect and fix (or dismiss) security issues with 3rd party libraries asap
Overview
Content Tools