Reconnaissance - A Testing Story

Our application is so huge that we have teams of programmers assigned to separate modules. One day, the development Team Lead of the messaging module came up to me and said...

Team Lead: We are giving a release today with the changes to the messaging module.

Me: Today?

Time Warp -- About Two Months Ago:

The application has a messaging module. We added a feature to enable or disable this module for users. While testing the feature it was found that some user names did not appear in the UI, and so could not be added to the recipient list of the message. On further investigation it was found that this was a side effect of another module; the user creation module. Users are created by entering user profile data. It was assumed that once a user is created it will insert some default user preferences in the database. When implementing the new preference for the messaging module the code was written assuming that the preference values will always be found in the database. But it turned out that the preference data was not inserted when users were created with another feature; i.e. importing all user profiles in bulk from an Excel spreadsheet. This feature did not insert the default preferences. The feature was developed about five years ago. Why was this bug not detected earlier?

There aren't too many preferences. When dependent modules and features look for their respective preferences, the code assumes certain defaults. These defaults are the same as the default preferences that are inserted. So this went undetected all these years, without any noticeable side effects.

Since the release date was close, a quick fix was made that basically checked for the absence of the messaging preferences. This fix was marked to be refactored at a later time.


Time Warp -- About a Week from the Present:

Some performance improvements were being made to the application. Since the messaging module is widely used in the application, some of its database queries were optimized. In one of the optimizations, the extra messaging preference checking was removed. Of course everyone knew that this also required a bug fix for creating new users; i.e. the default preferences should always be inserted in the database. So that fix was done for the Excel spreadsheet import feature. Since it was suspected that the bug in the messaging list (the one where the user names did not appear in the UI) may reappear again, two testers were assigned to test it.


Time Warp -- Back to the Present:

I had been preoccupied the whole week trying to write automated test scripts using a combination of Fitnesse, Selenium RC, JUnit and the test harness I created 2 years ago. I abandoned its progress back then because of lack of resources and the difficulty of maintaining it. I was revisiting the progress with some new ideas I have picked up over the years. Due to this I was not able to give much time to followup on the testing that was done recently. This was an expected side effect and my peers and testers are well aware of it.

So now getting back to the conversation...

Team Lead: We are giving a release today with the changes to the messaging module.

Me: Today?

Team Lead: Yes. They (my testers) said it was ok.

It was a performance improvement. I heard a little about the changes that were made, but did not debrief the testers on their progress. I also play the role of a Test Toolsmith, and there are occasions when I disappear from testing to develop tools to speed up our testing effort. Most of the time these are not automated tests, but are tools that assists in test acceleration. I can probably write about those on another day. This is way more interesting to write about now.

My team uses Yammer to write short notes about what they are working on. Yammer is very similar to Twitter, but it lets you create closed groups with all your coworkers automatically, based on their company email address. It is kind of like twitter for the workplace. Yammer helps to keep me aware of what is going on with my team when I am away. I can interact with the testers later at certain chunks of time during the day about their tasks. Not a foolproof practice (in fact it is far from it), but it is working well for us during such times. When I put aside my Toolsmith hat after a week (or couple of weeks) we become more agile and start interacting all throughout the day.

Me: Ok. Let me talk to them about their tests just to followup.

Whatever hat I was wearing at that time, it was important that I got back to being a Test Manager immediately. I trust my testers, but I am paranoid by nature. Two of my good testers were working on this. So I wasn't anticipating a disaster. Yet I felt curious enough for a debrief with one of the testers (since the other tester was busy working on something else).

The debrief went well, and she seemed to have some good ideas about what to test. I also called one of the programmer's to come over and talk a little bit about any dependencies he was aware of. We didn't go too far with that. So I continued to bounce my test ideas with the tester. At one point I asked her...

Me: What problems did you find?

Tester: I didn't find any problems.

Me: I mean, did you find any problems after they made the changes?

Tester: Actually, I didn't find ANY problems. (She looked and sounded disappointed)

Me: You did not find ANY problems?

Ok, here is the thing. This was not a big issue, and it is not that we always found problems after a code change. In fact, sometime things are pretty rosy. But every time I hear this, I have bells ringing in my head. It was as if "I didn't find any problems" was a heuristic that makes me wonder. Were we looking for the right problems? Were there important tests we didn't think of? So we started talking a little more about other possible tests. She had checked those as well. Impressive. So, I asked her...

Me: How do you know that you did not verify the wrong data?

Illusions happen. I witnessed quite a few myself. In her case, this was a list of user names and titles, that were word wrapped, and the readability was not that great.

Tester: I created the user names and titles by labeling them with the kind of test I was doing. That's how I made sure.

I just love it when they can explain why they did what they did. It may seem that I am just making life difficult for my tester, but hey, things like this can go wrong, and in my opinion we need to be conscious about it. During the discussion I realized that she did not test the other features of creating a user profile. Yes, there are six ways to do this.

This is an application that is being built for more than five years. It has many features and not so obvious dependencies. A thorough regression test before each release is impossible with the limited resources we have, so we have to analyze dependencies to figure out what to test. Since the dependencies are so meshed, checklists haven't been working out that well for us during regression. We figured mind maps would be a useful way to remind us of dependencies. The problem is that once we put down detailed dependencies on the mind map it becomes very difficult to follow. We needed a tool to zoom in on specific nodes, hide the rest of the clutter and show its dependencies. Then zoom in on the specific dependent node and notice if it has its own set of dependencies. Then maybe follow the trail if necessary. An interesting tool that does something similar with mind maps was PersonalBrain. It is not very intuitive and does need some getting used to. Its user interface was not exactly what we had in mind, but it is still helpful when you want to manage complicated dependencies. Here is a snapshot of how the dependencies of creating user profiles looked like (the first one is zoomed out, and the second one is zoomed in on Create User to reveal more branches)...




Getting back to the story. Luckily the Team Lead was walking by, so I told him that we did not test all these other ways to create a user profile. I knew there wasn't much time left for the release, and it will take a while to test all these features, so I wanted to see if he thought we deserve more time. He said, they didn't make any changes there and these were developed a long time ago. There were no signs of any problems. Ok, so clearly this did not have any priority, and with what I had analyzed so far I didn't think it had much priority either.

Back to the debrief with the tester. While I was talking to her, I had asked another tester (who is also a Test Toolsmith) to pull up the source code change logs. Now that we had exhausted our test ideas, I wanted to see if I get any clue from looking at the code differences. It is worth noting that although I was once a programmer, I don't know much about this application's source code (which by the way is pretty huge). I never invested much time reviewing it. I don't usually analyze the code changes, but since this was dubbed as a very small change, and the code differences looked friendly enough, I thought I could dare to investigate.

I could only make out some query changes. The programmer was also kind enough to explain the changes. He calmly reiterated it was simply a performance tweak. He removed a check for a null value in a particular table column. That was basically it. He explained that this value would have been null when importing user profiles from an Excel spreadsheet. Even that was also fixed by another programmer. Also, they will be running a migration script on the database to update these null values. I knew about the migration script before, but now it was all making sense. I realized that everyone was very focused about this one particular feature. So I went to talk to the programmer who fixed the Excel import feature. He said that his fix was only for the import feature and it will not affect any other features for creating user profiles. Well, that's what he said. There are six ways to create a user profile, and these were implemented about five years ago. The original programmers were long gone, and this programmer was assigned to fix this very simple bug for this very specific case. He didn't know about 'all' the other ways of creating user profiles, and said he did not review the code for 'all' the other implementations either.

Suddenly I felt an urgency to test every known way to create a user profile before the release. Clearly there wasn't any time left, but from the evidence I gathered, although there was little proof that there may be a problem there, there was just too much uncertainty and too much at stake. The problem with this change was that, if it went live, and the other user profile creation procedures had the same bug, those users will suddenly stop appearing in user lists used to send messages. That would affect a major portion of existing users, and since we had more than 50,000 users, that could result in a customer support nightmare.

So I quickly instructed another tester (who usually deals with the application's administration related features) to start testing all the five ways to create a user profile, while I continued the debrief (had some new dependencies to discuss). I briefly told her what to look for, i.e. the database table values she should monitor, and to check the values of the messaging preferences when creating user profiles from the UI. Note that she was not a geek, nor was she very technical. But checking database values is not that difficult. Since we run Oracle, we use Oracle SQL Developer to open tables and filter values. This is very simple to do. In this particular case there is no complicated SQL query writing capabilities required. However, if anyone did need specific SQL queries, then someone with more technical experience would write that for them.

After about ten to fifteen minutes, the results of one of the tests were in...

Tester: Are you sure there will be a new entry in the table?

Time for me to look into the results. We have two database servers running. We usually keep one server for ongoing development changes to the database tables. Then these changes are made into migration scripts by the programmers and database administrators. These migration scripts are then run on the other server that has a similar snapshot as the live database. This is done to verify if the migration scripts causes any side effects.

I wanted to make sure she was checking the right database. So we modified some values from the UI to check if that value changed in the corresponding table. It did. I wanted to make sure she was extracting the correct user ID from the browser HTML, and verifying that in the database. She was. I wanted to make sure if our test procedure was correct. So we did the Excel import test again, and checked if it entered the relevant values in the preference table. It did. Clearly there was a problem.

I informed the Team Lead of this and told him we are checking the other methods as well. He quickly went to investigate the code with his programmer. After a while the next test result came in. Same problem. Then the next. Same problem. All other methods of creating a user profile had the same problem. It was finally decided that the release will be postponed to another day, until these get fixed.

Picture reference: afrotc.com

Surviving a downsizing

I think it is fair to assume that if you don't have programmers, you will not have a product. So when your employers run into a financial crisis, will they prefer to let go their testers before considering the programmers? A recent discussion thread at Software Testing Club got me thinking.

Testers are mostly service providers, i.e. they provide quality related information about the product to help the stakeholders and programmers make critical decisions. They ask important questions that are generally overlooked by others. These are usually regarded as very important functions, since most others are not doing it. It is a different mindset and a different set of skills that most programmers, project managers or customer support personnel cannot acquire very quickly.

There is a popular myth that testers with technical knowledge or automation skills may be preferred over manual (or sapient) testing skills. We must be careful when we undermine the value and skills of the so-called manual testers. It is rather questionable how much automation testers add value to the project (depends on the kind of product of course), since they are not really questioning the product like the testers are doing. The automation tasks may be easily taken over by the programmers, since it is programming, and learning new tools may not be that difficult. But if automation testers have important sapient testing skills, then that may not be the case.

There is another popular myth that programmers will probably be better at testing their product, since they created it. I think creating and questioning your creation are two different skills that are very difficult to practice together. They require very different mindsets and experiences. However, I can understand that programmers can write very good unit tests since that requires intimate knowledge of the code.

In my opinion, during any financial crisis, the employees who are more dynamic will be the survivors. Testers may actually have an edge in this case, since they would probably know about the business domain, about customer issues, about the overall product infrastructure, about product usability, about recommending important new features etc. Testers who are not quality police and are able to take on deadline challenges will probably have more preference when management decides to reconsider project timelines. Testers who are able to derive important feature related information about the product by questioning and exploring, rather than always demanding spelled-out specifications, may seem more favorable. My point is that if management perceives the tester not being a liability, but rather facilitating the project in essential ways, that will probably make it much harder for the management to consider them for downsizing.

The value a tester brings to the team is more than about finding bugs. The product will always have bugs, even with testers, since testing cannot ensure the absence of bugs. A tester's value depends on how he questions the perceived value of the product. For example, if the tester is able to identify problems in the product that could disappoint or frustrate the end user, he has successfully defended the expected quality from the product. It is true that some companies do not experience this value from their testers, maybe because the testers do not have the required skills. If such testers would want to survive then they need to start giving attention to these skills.

Unfortunately, downsizing may not always be dependent on performance, but more of a budget issue. So it may very well be the case that good testers are shown the door, simply because the company cannot meet the budget. However, do consider another angle to this predicament. If your company is not as huge as Microsoft, then chances are that you have far less testers than programmers. This ratio may tilt in the favor of the testers considering a strict budget constraint where a certain number of employees need to be laid off. Remember that all programmers' skills are not equal in importance to management. Programmers have an equal challenge to prove their worth, especially since they will probably be much higher in number than the testers, and therefore be more preferable for downsizing. So if management values the work done by the testers then the ratio of layoffs may not favor the programmers. In the thread at Software Testing Club, Jim Hazen shared a very interesting experience depicting such a scenario:

I've been in Software for 20+ years, 20 of it in Testing. I have been through 3 merger/acquisitions and a few companies downsizing. I have survived some of those events, others I was not as lucky. Now I have seen situations where the whole development team was cut loose (because they did F'up badly) and the Test group kept intact (management figured that other developers in the company could be re-tasked and could take over the code, but that they were understaffed on testing as is and because the product was close to shipping they needed to keep the test staff). This was a unique situation.

You will notice that most of what I wrote above assumes you have a mature and responsible management who recognizes the non-monetary value added by testers. The kind of value addition I wrote about are in no way worthless activities. Yet it may not receive the credit that it deserves with immature management. In the case of naive management, it is easier for them to perceive programmers and sales people adding monetary value, instead of testers. Nevertheless, understand that this is only in the narrow sense of adding value. In a recent blog post, Michael Bolton suggested some ways testers can add monetary value. Whenever I talk about testers adding value, I mean it in the broader sense. This will always be difficult for immature management to realize, if they are strictly looking to quantify the value. But like Michael says, "there are lots of things in the world that we value in qualitative ways."

Downsizing decisions depend on the kind of company you work for. I do not work for employers that do not value my testing skills and my contributions. I would advice other testers to do the same. Of course, I also do my part in proving my worth to management.

Picture reference: msnbc.com

Software Testing for Dummies?

In my ongoing debates and discussions about saying no to testing certifications, I came across a very interesting comment:

BBST is an excellent course (so far what I have learned) and I think every tester should learn from it. But would you please tell me how many testers in Bangladesh actually learned or will learn all the lessons from this course. I know very few of them. Many tester will start learning very seriously but after few days he/she will lose interest because it's free and it will not give any direct output, many of us (especially Bangladeshi people, of course there are many exceptions) are always looking for instant output for their given effort. But most of them have a lot of potential.

I have a feeling this holds true, even in other countries. Comments like this are pretty common actually. It is implied that testing certifications provide an easier entry to this craft. They are easier to prepare for and pass. Also since certifications are not free, people will take it seriously, or would try hard to get the return of their investment. That would be a lot easier than reading blogs and articles of veteran testers, or participating in online testing forums, or coming up with context-driven testing strategies or blah blah blah. So fortunately there is a way to be INSTANT testers.

Unfortunately it is time to break the bad news. I believe...

Testing is not for the LAZY.
Testing is not for the IMPATIENT.
Testing is not for those who seek SHORTCUTS.
Testing is not for those who do not know how to LEARN quickly.
Testing is not for those who are not SHARP.
Testing is not for those who do not have PASSION for it.
Testing is not for those who cannot QUESTION.
Testing is not for those who are not INVESTIGATORS.
Testing is not for PROCESS freaks.
Testing is not for CONTROL freaks.
Testing is not for those who cannot be DYNAMIC.
Testing is not for those who cannot deal with UNCERTAINTIES.

I believe that if any tester (or wannabe) falls under any of the statements I just listed, they should rethink, or quit now! They should find another suitable profession that meets their characteristics. Go back to school, or go back to programming, or go back to customer support, or take an administrative job, or whatever, to build their career in something else. Certifications is a way to attract many people with unfavorable characteristics into our profession.

Sometimes I felt there were people who had potential. But while working with them I learned that they lacked the attributes I respect in a tester. Some were just plain lazy and wanted shortcuts to being skilled. There are no shortcuts.

As testers, we are investigators. We are told to investigate something whose complexities are least understood, i.e. software. We are able to spot and analyze clues to problems that are generally overlooked. We ask questions that were not perceived by others. We expose the illusions about the software. Our clients are fascinated by our reports. This can't be easy. That is why we need intelligent people in this profession. That is why I believe that testing is only for the talented.

Now that is a profession I am proud to be in. That is why people who have these qualities are successful.

Saying NO to ISTQB Software Testing Boards

Back in 2005, I participated in an initiation discussion of a new "Bangladesh Software Testing Board" under ISTQB. It was a very disappointing discussion. Instead of giving attention to how they would try to improve the skills of the testers or tester wannabes in Bangladesh, they were more concerned about who will be in the board and how they will register it legally. It was obvious that almost all of the individuals involved in this initiative were not testers. I would have said ALL, but maybe I had failed to notice someone. Just maybe. I brushed off this initiative as just a hype. I did not expect much would ever happen, and I was right.

In 2007, two nice gentlemen from this yet to be initiated board came to talk to me about my opinions about this initiative. I am sure I am not the only one they spoke to. I expressed my skepticism, and interestingly they said they understood many of my concerns. They had very little knowledge about how certification actually undermines our testing craft. They even had very little knowledge about the other so-called famous certifiers in the business. Even this time, non of them were testers. But atleast they had the courage to admit that they did not know much about testing.

Finally, a month back, I was called up by one of the Executive Committee members (a good man with good intentions), from this yet to be initiated board, to invite me to their Executive Committee. But I declined. I mentioned my disappointment in the lack of progress they were making (not that I actually wished they would make progress in certification) and that their mission is not clear to me. He spent the next 30 minutes to convince me about their seriousness to move beyond mere certification. He gave me hints of intending to bring certified trainers from abroad, and tried to encourage me to join them. He even suggested to call up a meeting with the other EC members to discuss this further, and clear my doubts.

I was actually a little flattered by all this (the dark side within me). But I still refused to join them and instead told him that I would rather like to be part of their planning on how they intend to train testers in Bangladesh, and what precautions they would take not to undermine the testing craft. I did not have to be in the Executive Committee for that. He finally agreed. To be honest, I doubt this approach will ever work out. I think they would again disappear for another year or so because of their historical lack of commitment.

You see, there is no way I can pursue my thoughts about the dangers of certification, if I am involved with one myself. I would be known as a hypocrite. Here is the hall of fame where I chose not to include my name.

Meanwhile I am continuing my advocacy against certifications in my local forum, and it has grown to be a very hot topic, requiring the full commitment of myself and others. The discussion grew to about 40+ posts in just one week, with experience reports of certified testers and those who suffered its consequences. One thing for sure, it is not easy to go against the tide. It started off with people being disappointed in my opinions about certification, but now things are looking very productive indeed.

I will probably be summarizing some of these discussion points in a blog post soon. But until then here is one of my latest response to the long thread.

Don't test that

Here is the story. We received a customer complaint that she is able to access some data that she was not supposed to. On reading the customer feedback it seemed to me that this was something we usually test for since the access control system is one of our prime sales pitch. So I asked the tester in charge of that particular feature to investigate the allegation. She came back reporting that she was able to reproduce the issue. She seemed tense, realizing the gravity of the situation. By the way, I usually never blame my testers when a problem is spotted in the wild, no matter how serious it is. She knew this, so her nervousness wasn't about fear of blame, but rather about why she overlooked this very important problem. I remained calm to prove to her that we were not playing the blame game. They know the drill for what comes next. I usually ask a series of questions about how we overlooked the issue, and then we start talking about how we can try to avoid missing similar problems in the future. She knew the questions I will be asking, so she wanted to cut the conversation short, by saying that she wanted to test it but the programmer told her not to.

You as a tester just discovered some serious problems with a new feature and report it to the programmer. The programmer shrugs off your claims and tells you not to test those scenarios since those are not important in his opinion. What do you do?

There is a dilemma here. On one hand, I can't accept the fact that I or any of my testers will intentionally blind ourselves from certain problem scenarios. On the other hand, if we do test the forbidden zone, we risk pissing off the programmers, and being accused of not utilizing our time crunch adequately. Being rapid testers, deadline stress is the norm.

There are a couple of ways I play this game. If I feel that these tests are actually very important to test right away, I try to convince my testers or the programmers with scenarios of the kind of problems I expect. Sometimes I would take examples of similar reported scenarios from Customer Support.

If that does not work I go for Plan B. When a programmer says "Don't test that", I take that to mean "Don't test that NOW". So instead of testing those right away, I would wait until things calmed down. What that means is that if we do not anticipate serious problems in the areas we are testing and we still have time before the release (which is pretty rare) we would go ahead and test the forbidden zone. Otherwise we would wait until after the release.

There have been cases where we did not return to these problems due to time constraints or plain forgetfulness and the worse happens, i.e. the problem is reported by the customer. In such cases my testers and I TRY (emphasis on try) not to scream "I told you so". When we decided not to test these scenarios it was a combined understanding between the programmers and us. However it is important to bring this new information to the attention of the programmers and their superiors so that we can avoid making similar strategic mistakes. So instead of gloating over our hunch I would say something like, "Although we agreed that this was not important enough to test, it seems we did not anticipate the current scenario". You have to admit that it was a hunch, since we couldn't come up with any credible scenarios to prove otherwise.

Blame games do not appeal to me. I believe being a Test Manager, it is important to trust the skills of my testers. They must be good since I hired them and have been working with them to improve their craft. I intentionally avoid a signoff process of their test strategies. I play more of an advisory role recommending test ideas I feel were overlooked or complementing them on a plausible intuition. I would even help them in coming up with scenarios to communicate with the programmers or reproducing unreproducible problems or be their peer tester or speed up their testing efforts. They realize I am a facilitator rather than a lawmaker. There will be times I would disagree with them, but my disagreement is not authoritarian. They always have autonomy over their testing. This in no way suggests that if an issue gets overlooked in a product I will use them as a scapegoat. I think that was clearly expressed in this writing.

I understand this is an unconventional way of managing a Test Team. Many managers I know prefer that their testers spell out all their test cases and get those approved by them. They would rejoice when they were right and the programmers were wrong or take punitive measures when issues popup that should have been tested (in their opinion). Many would argue that this is the only way to have control over what is being tested, and to ensure that issues don't go overlooked. However I feel it is only an illusion of control. I fail to see how a Test Manager can know more about the test subject than the tester who spends more time studying it, exploring it and experiencing it. It is inevitable that problems may be overlooked, but when it does I will be there trying to understand it with my testers. I also make it a point to take into account when the stakeholders are satisfied with our testing, and I have found that there are more cases of appreciation rather than dissatisfaction over unnoticed issues.

Faster builds increases testing time

Being a rapid tester, I try to invest in automating areas of my testing effort or using tools where the task requires muscle over mind. This accelerates my testing and allows me to utilize my frequent time crunch more effectively. Since testing time scarcity is a regular phenomenon, the R&D and selection of tools or to write code for such tasks is another challenge. In this post I will outline one case where my efforts paid off. Of course, there were cases where I reached a dead end after weeks of R&D and prototypes, but I will share that in another day.

My company develops a web application, that takes a significant time to build (compile) and deploy it to the application server. Usually a tester would get the latest source from the version control system, build it, and deploy it on the test server. This part was already automated with Apache Ant. Ant is primarily a build tool that runs XML scripts for doing all sorts of stuff, and is platform independent.

Even then, there are a few things the tester needs to do:

1. Inform the other testers that the application is being updated and they will need to temporarily stop the testing on the server.
2. Start the entire build process and monitor the progress at certain intervals, to see if it is completed. It is irritating when you return to the console to find that the build broke 6 minutes ago.
3. Inform the other testers that the application is ready for testing.
   

Although these tasks are not directly linked to testing, they are a prerequisite. If you are doing this a few times during the day, you can imagine the idle time of the tester executing the build process. Also, the longer he delays noticing the end of a build process, the longer everyone has to wait for the deployed application.

It would be great to be automatically notified when a build is starting or ended or broke. Then all the testers can go about their other tasks, such as following up on reported problems, writing session sheets (for Session Based Test Management). So I preferred notification through instant messengers since we all use that for communication.

Some clarifications:

• Jabber = Your google talk IDs are actually Jabber user IDs. So you are basically using a Jabber server to do instant messaging using google talk. You can host your own Jabber servers for intranet instant messaging.
• Spark = A jabber messenger. We use it with our own hosted Jabber server.

The solution I am providing, can even be used for MSN, Yahoo and AIM.

So here is what I did. I found a way that Ant will:

1. Notify all the testers in spark before the build process starts.
2. Sleep for 30 seconds so that it can be terminated if any tester requests it, and wants to delay deploying the latest updates.
3. Execute the entire build process.
4. Notify all the testers in spark that the application is ready for testing with the latest updates.
5. Notify all the testers in spark if there is a build error.
   

To do this I used imtask and ant-contrib, which are 3rd party libraries for Ant. Imtask has a jabber task to be used in Ant, to send instant messages to Jabber. It also supports instant messaging for MSN, Yahoo and AIM users. ant-contrib has the try/catch tasks I used in Ant to handle build errors.

Finally, for those who are interested, here is the code snippet from my build.xml that I run with Ant:

<taskdef name="jabber" classname="com.tfftech.ant.taskdefs.im.jabber.JabberTask" />
<taskdef resource="net/sf/antcontrib/antcontrib.properties"/>

<target name="all.with.notification" description="Let me handle it from here. And I will let you know when I am done!">
 <antcall target="send.message">
     <param name="param.message" value="${message.buildstarting}"/>
 </antcall>
 <echo message="*******Going to sleep for a while so that the build process can be stopped if necessary...*******"/>
 <sleep seconds="30"/>
 <echo message="*******Starting build process...*******"/>

 <trycatch property="failure.message">
     <try>
         <antcall target="all"/>

         <antcall target="send.message">
             <param name="param.message" value="${message.onsuccess}"/>
         </antcall>
     </try>
     <catch>
         <echo message="*******SOMETHING WENT HORRIBLY WRONG!*******"/>
         <echo message="*******PROBLEM: ${failure.message}"/>

         <antcall target="send.message">
             <param name="param.message" value="${message.onfailure}"/>
         </antcall>

         <fail message="*******There was a PROBLEM. Stopping build process...*******"/>
     </catch>
 </trycatch>
</target>

<target name="send.message">
 <jabber host="${jabber.server}" secure="true" from="${login.username}" password="${login.password}" message="${param.message}">
     <to>tester1@myjabberserver.com</to>
     <to>tester2@myjabberserver.com</to>
     <to>tester3@myjabberserver.com</to>
     <to>tester4@myjabberserver.com</to>
     <to>tester5@myjabberserver.com</to>
     <to>tester6@myjabberserver.com</to>
     <to>tester7@myjabberserver.com</to>
     <to>tester8@myjabberserver.com</to>
     <to>tester9@myjabberserver.com</to>
     <to>tester10@myjabberserver.com</to>
 </jabber>
</target>

No such thing as a YES or NO question

Maybe I exaggerated the title of this post, but I tend to use it as a heuristic (rule of thumb) when answering testing status related questions. I never assume that I am being asked a yes or no question. So I don't answer with a yes or no. Here are some examples of the questions I am asked by project stakeholders and how I prefer to answer them at different occasions. Majority of the answers I have already used and some I intend to.


Are you done testing the feature?
Answers:

• We are done testing the cases we wanted to test.
• We assumed certain important failure cases and tried to trigger those problems with our tests, within the time you gave. We did not find any problems with those.
• There are some important problems we found that gave us ideas to do more testing. Will we get more time?
• There are certain risks we still anticipate, and would want to run a few more tests. Will we get more time?
• The setup time took longer than expected and we could not execute all the tests we intended. But we did run the important tests first. Will we get more time?

You can always find more ways to test. The problem is that you are only given a limited time frame. So you need prioritize the important tests to execute. If you answer yes, then don't be surprised if you are chastised later when bugs are discovered after the release. If you answer no, then you may influence his unpleasant attitude, even before you get the chance to explain.


Can we release?
Answers:

• Well, we got some problems that may turn out to be serious issues when we release (I would sometimes give a brief outline of the issues). What do you think? Is it important to give the release anyway?
• We are still testing, but we are not finding many problems with our tests. But we don't anticipate the current problems as a major threat.
• There were some important problems we discovered and resolved, but that gave us new ideas to do more testing. Is it important to give the release anyway?
• I realize the bug count is very low, but we fear that the recent bug fixes may have caused side effects. We have witnessed some of these problems already. Do you think we can get the time to run some regression tests?

I don't think it is wise to actually answer if we should or should not release. It is not up to me to decide. I will give him the information he needs to make up his own mind.


Do you need more time?
Answers:

• More time would certainly help since I got some test ideas that could trigger some important problems.
• I can always come up with more tests if you give me more time.
• We did not find any problems. Do you want us to rethink the risks and try to come up with different tests?

There are cases where I am insisted less time and there are times where the reverse happens. You would assume testers would be happy getting more time, but that is not always the case. James Bach's Pinata and Dead Horse Heuristics sheds some light on how much should we test (thanks to Ben Simo for sharing that). I may be beating a dead horse, that may increase frustration and boredom of the test team. On the other hand, if I simply stop testing because I am not finding many problems, I may be overlooking some critical issues.


You will notice that some of the answers are interchangeable between the questions. My intension was to give an overview. There are other questions that may be addressed with the above answers, such as:

• Is it stable?
• Are there any more bugs?

Sometimes I get carried away by my confidence and answer too briefly. But every time I do, I remind myself to be true to the team. It is important to understand that I am not being difficult by not giving a straight answer. It is just that there is no straight answer. There are too many uncertainties and I feel I am only doing justice to the entire product team by stating the facts.