On Tue, Dec 6, 2016 at 2:03 AM, Josef Cacek <jcacek@redhat.com> wrote:

We still see the copying whole modules as the best way. Let's recap our view.

Tested components may use a security feature internally and without test coverage we would not realize that the feature stopped working. Running all tests will help us to discover regressions before they occur in application server.

They don't though. If the test is not set up to use security then security won't be applied. The idea of adding an extra 900 test cases 'just in case' is massive overkill, it adds a massive amount of technical debt and decreases the overall quality of the test suite for very little gain.

- we don't lose testcoverage, we can simply detect regressions. It also provides possible early failure detection for dev.
- it would be useful for migration, it shows migration path - user can take a look on tests with legacy solution and compare their configuration with tests which use Elytron configuration

This is only applicable for tests that actually use Elytron. Just copying the relevant tests has the same effect.
- by each testsuite run we see how many tests are skipped (i.e. TODO list for Elytron integration)

Once again, also accomplished by just copying Elytron tests.
- it should be simple to reconfigure the project (copy module; update metadata in pom.xml; ignore failing tests)

Once again, also accomplished by just copying Elytron tests. Even though it is convenient at first IMHO the duplication of tests will greatly decrease test suite maintainability, so overall I think this approach will use a lot more man hours.
- it's simple to remove legacy testsuite modules once the legacy security subsystem is removed from WildFly

Cons and their solutions:
- double fixing of tests - we don't expect many such cases, the legacy should be handled as frozen (rewriting/adding only on need-to-have basis). Only custormer ticket related tests could be backported, it means only unit of tests per months.

This is a major problem. We should not have to write a new test every time, whenever possible existing tests should be enhanced (assuming similar tests for similar functionality already exist). This has many advantages:

- The tests will execute faster, as deployment and set up is only performed once
- It is very clear exactly what functionality is being tested, as all the tests are in a single test case
- It reduces the number of classes in the test suite, which makes compile times faster and increases maintainability

Freezing all these tests is not a practical idea IMHO.
- testsuite execution time - we don't need to run the legacy modules with each PR, it can be resolved by using profiles

Yes we do. If a test is not being run with every PR it might as well not be there, as it means that is can be broken without anyone knowing.

As a smoke test we tried to run testsuite/integration-tests/basic module with standalone-elytron.xml and standalone-full-elytron.xml (merged standalone-full.xml and standalone-elytron.xml). There is around 25% test failures/errors. Also some testcases, which seem that are not directly related to security, failed.

This does not really mean much at the moment, it is most likely due to configuration issues. Once the default config contains Elytron all these tests will be running with the Elytron config anyway.



-- Josef

----- Original Message -----
> From: "Kabir Khan" <kabir.khan@jboss.com>
> To: "Brian Stansberry" <brian.stansberry@redhat.com>
> Cc: wildfly-dev@lists.jboss.org
> Sent: Friday, December 2, 2016 4:28:07 PM
> Subject: Re: [wildfly-dev] Elytron integration tests in WildFly testsuite
> +1 doubling the testsuite size/time is not practical. Also, there is the
> issue that if all tests are duplicated, when people come to enhance an
> existing test they will need to do so in two places.
> Could we not do what was suggested earlier and pull out tests which obviously
> target security into two legacy/elytron modules, and leave the rest where
> they are? Then if something later turns out to have 'hidden' implications,
> that test gets pulled out into the two modules.
> Regarding the deprecated legacy stuff, I think we will have to keep that
> around for many years still due to it being used by the product (and in any
> case in that branch, although removing it from WF might be possible sooner).
wildfly-dev mailing list