wiki:OpenVPN_QA

Version 8 (modified by Samuli Seppänen, 11 years ago) (diff)

--

Introduction

This page outlines the efforts taken to maintain OpenVPN's quality without excessive compromises on development speed.

Static testing

Static testing usually refers to static code analysis, which is baked in into our development process in the form of mandatory ACK process every patch has to go through. The ACK process also helps prevent environment-specific code from polluting the codebase.

In addition OpenVPN's codebase is scanned using Coverity Scan which detects many potential security vulnerabilities.

Dynamic testing

Dedicated black-box tests

Dynamic black-box testing means trying out an application and verifying if it works as intended. In closed-source software development which is organized around a waterfall model there are usually dedicated testers who do various scripted or intuitive tests to verify an application works as intended. This usually happens just before launch. In complex applications (such as OpenVPN) testing even a small fraction of functionality would be impractical and very costly. Fortunately, in Lean software development methodologies such as Scrum and especially in community-driven OSS development doing extensive, dedicated testing is in general just a waste of time: testing in real environments takes it's place.

This said, a minimal amount of dedicated testing (a.k.a. smoke testing) goes into each release to make sure they work as intended.

Testing in real environments

In OpenVPN (and most other open source projects), the stability of stable releases (e.g. 2.1, 2.2) is ensured with real-life testing by it's users during all phases of software development, starting from development code in Git and leading into stable releases. Even though only a small subset of users will be running the development, alpha, beta or rc code, they will still be able to catch the most common issues. As users tend not to run development code that has to be compiled manually, "unstable" releases are pushed out as quickly as possible so that it gets into as wide circulation as possible as fast as possible. This means bugs will be found and fixed quicker, so that new releases can be made quickly.

Continuous integration

The project also has a Buildbot buildmaster, which drives several buildslaves. These together form a continuous integration environment for OpenVPN. Each of these buildslaves is running a different operating system, and every commit to the OpenVPN Git repository triggers a build on each. After the build, each buildslave's openvpn tries to connect to a test server using several different configurations. This is beneficial, as it ensures that

  • OpenVPN builds properly on a variety of platforms
  • Basic functionality is unaffected by commits

Unit testing

At the moment, there is no coherent set of unit tests to spot regressions. One option would be to use CUnit or similar unit test framework to cover the most commonly used and/or critical codepaths.