Anyway, my question is, what is the "Cucumber/outside-in way" for
storing really sensitive data that is individual to a specific
developer? I test access to all of my checking and savings accounts
and I don't really want to check that information into the repo.
I'm using Scenario Outlines and go through a handful of accounts at
different institutions as I'm developing. Until now, I've just kept
dummy data in the feature file in the Examples table checked into the
repo.I just swap it with real data kept in a scratch file on my
computer (encrypted, of course) when I want to work on it.
So, is there a way to keep Scenario Outline data tables in another
file like a fixture file, or is it better just to have a step that
loads the data from a fixture file? Or is there some better option?
I still like the ability and notation of writing steps like this:
When set_user_institution_data is called for "<name>" and "<id>"
with "<credentials>"
But I'd like to have the name, id and credentials come from a
different file that can be ignored in my local working copy of the
code.
Thoughts?
Thanks!
The term "outside-in" in BDD refers to the sequencing of workflow
tasks in a particular order. Roughly:
1) Identify business need (the very outside)
2) Discuss what feature would solve this need (feature injection)
3) Write an acceptance test (Cucumber scenario) that interacts with
the system boundaries (that have yet to be written)
4) Run the test and watch it fail because the code being tested
doesn't exist yet.
5) Write a little piece of the system boundary code that was missing
and caused the test to fail.
6) Run the test and watch it fail again, this time because the code
doesn't do what it needs to yet.
7) Repeat 5-6 working yourself "in" until you have enough code (and
not more than just enough) to make the test pass.
Your use of the term outside-in sounded like it was describing
something different than this, so I thought I'd clarify the meaning.
> I test access to all of my checking and savings accounts
> and I don't really want to check that information into the repo.
>
Since you don't want to check this information into the repo it sounds
like your scenarios interact with rails code that again interacts with
sensitive data that originates from a live system. Is this the case?
This is usually a highly discouraged practice in testing, and there
are several techniques to avoid this. Common for them all is that you
use invented data to test against. What techniques to use depend on
your architecture and functional requirements.
Can you explain what your scenarios try to verify? Are those saving
accounts in an external system beyond your control? With this
knowledge we can recommend some techniques that will let you stop
using sensitive data in your tests altogether.
Aslak
> I'm using Scenario Outlines and go through a handful of accounts at
> different institutions as I'm developing. Until now, I've just kept
> dummy data in the feature file in the Examples table checked into the
> repo.I just swap it with real data kept in a scratch file on my
> computer (encrypted, of course) when I want to work on it.
>
> So, is there a way to keep Scenario Outline data tables in another
> file like a fixture file, or is it better just to have a step that
> loads the data from a fixture file? Or is there some better option?
>
> I still like the ability and notation of writing steps like this:
> When set_user_institution_data is called for "<name>" and "<id>"
> with "<credentials>"
>
> But I'd like to have the name, id and credentials come from a
> different file that can be ignored in my local working copy of the
> code.
>
> Thoughts?
>
> Thanks!
>
> --
> You received this message because you are subscribed to the Google Groups "Cukes" group.
> To post to this group, send email to cu...@googlegroups.com.
> To unsubscribe from this group, send email to cukes+un...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/cukes?hl=en.
>
>
>
>
If you are not hitting the system over HTTP then you will have to stub
one of your own classes to return an appropriate canned response. This
is one of the few cases where stubbing is the better option in
Cucumber. If you are using RSpec matchers in Cucumber then all you need
to do to allow stubbing is to require 'spec/stubs/cucumber' in your
env.rb file. For more info and pointers on stubbing in cucumber check
out:
http://wiki.github.com/aslakhellesoy/cucumber/mocking-and-stubbing-with-cucumber
(That page also has a link to library that will allow you to stub across
processes if your situation necessitates it.)
Stubbing has many benefits in this context. For one, your tests won't
fail when you can't reach the outside service. They are also not
coupled to any expectation that you may unintentionally be relying on
(like your checking account balance for example). These tests will also
be a lot faster and not be dependent on network speeds. Best of all you
can actually commit them to the repo and have the CI server and
coworkers run them since they won't have your personal data in them. :)
That said, I would not recommend throwing away your current set of
features that actually hit the live system. What I normally suggest is
that all external systems are stubbed out by default but are allowed to
hit the real system by changing an option or running a different test.
This will give you confidence that your system is still working with the
third-party and will alert you if they unexpectantly change the API.
The stubbed versions of the test will protect you against the more
common case of a bug being introduced in your codebase and these tests
should be ran all the time. The third-party version test only needs to
be ran every so often. In the past I've set up a CI server to have a
build specifically for that purpose which runs nightly. In your case it
sounds like *you* will be the CI server since it involves some personal
data.
Now, to actually answer your question... Cucumber has no support for
external scenario tables being loaded into a given feature. I don't
foresee such a feature being added anytime soon (or ever). Your case is
very specific and unique so I think you'll have to get creative here.
Maybe you could create an ERB template of the feature which is used to
generate the stubbed/dummy data version as well as your personal data
one? Just a thought...
Hope that helps,
Ben
Hey JT,
Just to follow up with what Aslak said... Since you don't generally want to be hitting live systems for a number of reasons I would recommend looking into FakeWeb (if you are hitting the system over HTTP): http://github.com/chrisk/fakeweb
If you are not hitting the system over HTTP then you will have to stub one of your own classes to return an appropriate canned response. This is one of the few cases where stubbing is the better option in Cucumber. If you are using RSpec matchers in Cucumber then all you need to do to allow stubbing is to require 'spec/stubs/cucumber' in your env.rb file. For more info and pointers on stubbing in cucumber check out: http://wiki.github.com/aslakhellesoy/cucumber/mocking-and-stubbing-with-cucumber
(That page also has a link to library that will allow you to stub across processes if your situation necessitates it.)
Stubbing has many benefits in this context. For one, your tests won't fail when you can't reach the outside service. They are also not coupled to any expectation that you may unintentionally be relying on (like your checking account balance for example). These tests will also be a lot faster and not be dependent on network speeds. Best of all you can actually commit them to the repo and have the CI server and coworkers run them since they won't have your personal data in them. :)
That said, I would not recommend throwing away your current set of features that actually hit the live system. What I normally suggest is that all external systems are stubbed out by default but are allowed to hit the real system by changing an option or running a different test. This will give you confidence that your system is still working with the third-party and will alert you if they unexpectantly change the API. The stubbed versions of the test will protect you against the more common case of a bug being introduced in your codebase and these tests should be ran all the time. The third-party version test only needs to be ran every so often. In the past I've set up a CI server to have a build specifically for that purpose which runs nightly. In your case it sounds like *you* will be the CI server since it involves some personal data.
Now, to actually answer your question... Cucumber has no support for external scenario tables being loaded into a given feature. I don't foresee such a feature being added anytime soon (or ever). Your case is very specific and unique so I think you'll have to get creative here. Maybe you could create an ERB template of the feature which is used to generate the stubbed/dummy data version as well as your personal data one? Just a thought...
Hope that helps,
Ben