All posts by Karlo Smid

It is TestBash Brighton time!

Reading Time: 3 minutes


This is my personal cheat sheet for TestBash Brighton 2017 testing gathering.

Based on my previous conference experiences, I realized that I need a one stop shop reminder for conference activities. I will print out this blog post. Here it goes.

  1. Wednesday Pre-TestBash Meetup, 29-30 Surrey street, Brighton, BN1 3PA

Starts at 7.00PM but it does not designates ending time. I can be there at 9.30PM so I will need to check meetup page when I arrive.

My Google maps route:

Pool Valley Coach Station, Brighton BN1 1NJ, UK => 52 Regency Square, Brighton BN1 2FF, UK => 29 Surrey St, Brighton BN1 3PB, UK

2. Thursday workshop day

a. Morning

Agile Exploration Workshop::Alessandra Moreira

Teams practicing any flavor of agile development have different views on the role of a tester. As a test practitioner and hiring manager, I found one of the challenges we face as in the Software Test industry is that although Exploratory Testing makes its way to many resumes and conversations, not many people know what it really is, are unsure how to perform it in an agile context, and are unaware of how to execute it skillfully.

In this hands-on workshop, we will discuss what exploratory testing is by definition and will put it in practice by testing real software. We will examine how it is a perfect fit in an agile environment, and how to master the skills necessary to become an expert exploratory tester – in any team.

Hope for takeaway

My current testing project has zero documentation and by documentation I do not mean word document. I mean documentation that can be get by using various tools. For example, my current issue is that I need to test an api. In Ruby on rails project, I would use

rake routes

but there is no comparable command in client framework. I will try with security scanners, in order to find all routes with brute force. I hope that I will get some practice and ideas how to solve similar issues. In this workshop description I am confused with Agile Exploration title that switches to Exploratory Testing. I will definitely need clarification on that matter.

b. Afternoon

SOLD OUT – Critical Thinking for Testers, Programmers, and Managers::Michael Bolton

Critical thinking is the kind of thinking that specifically looks for problems and mistakes. Regular people don’t do a lot of it. However, if you want to be a great tester, you need to be a great critical thinker. The good news is that critical thinking is not just innate intelligence or a talent <— > it’s a learnable and improvable skill. Michael Bolton shares the specific techniques and heuristics of critical thinking and presents realistic testing puzzles that help you practice and increase your thinking skills.

Rapid critical thinking begins with four questions—Huh? Really? And? So?—that kickstart your brain and help you to analyze plans, specifications, risks, causes, effects, bugs, and anything else that puzzles you. Join Michael for this interactive, hands-on session and practice your critical thinking skills.

Hope for takeaway

To improve my critical thinking skills. To be able to develop my own testing puzzles.

3. TestBash Meetup – sponsored by QASymphony – 6PM conference location

3. Friday Pre-TestBash Run, 7AM, Palace pier

There is no Palace Pier in Google maps so I will need to check the actual location during Thursday. It is not clear what is run ending point, I hope that it is Conference location. My plan is to walk at pace of 4km/hour.

4. Friday conference day

Nine 30 minutes sessions will probably drain my intellectual energy by I plan to stay focus for those 270 minutes. No alcohol on Wednesday night and a minimum of seven hour of deep sleep. My accommodation heuristic was to pick the cheapest Booking offer. In Birmingham that was bad decision because I got glass braking noise wakeup at 4 AM. Hope Brighton does not do so heavy bottle recycling.

99 second talks

This how you need to do it:

Think of something to talk about
Ensure you are in a quiet location
Grab your mobile phone in landscape mode
Press record
Talk or do something for 99 seconds
Stop recording
Email the file or a place to download it to Rosie –

I am not sure how this will work. Shall we watch already recorded talks, or talks will be filmed on stage?

5. Hindsight TestBash Meetup 6PM, Conference location

Game meetup. Eric Davis wrote a great post about games for software testers: Using Games to Make You a Better Tester. I am bringing Batman Fluxx and Game of Set. I can also present Mastermind that requires only pen, paper and somebody to play with.

6. Saturday Open Space event by Richard Bradshaw 9.00AM

I always learn a lot at open space events. In Croatia we have annual Testival open space conference, I was at TestRetreat 2016, organized by Matt Heusser. Why this works? Because you are in the same place with smart testers and you can discuss whatever you like. By that, you learn a lot!

That it is, full steam pack of learning opportunities.  My tool is notebook with four pencils (red, green, blue and black).

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to get latest nginx version for docker proxy image

Reading Time: 1 minute


In this blog post I will provide practice how to get latest nginx version aligned with docker documentation.

You have web application, and you need proxy server. You decided to go with nginx using docker. Also, you need to modify original image, so you have your own Dockerfile that is based on official docker nginx image (first line in Dockerfile is FROM nginx:latest).

Everything is set up, and after some time, you realized that your

docker build

command does not gets latest nginx version despite the fact that you have in Dockerfile

FROM nginx:latest

This was my heuristic that failed. Then I tried solution that is not aligned with docker. In Dockerfile I put:

sudo add-apt-repository ppa:nginx/stable
sudo apt-get update
sudo apt-get install nginx

because nginx docker image is based on debian linux distribution.

Doing that, local docker image got bigger than it should be.

Investigating docker documentation for build, I found following for docker build option:

--pull false Always attempt to pull a newer version of the image

By default, option is set to false. So, in order that on every build you get latest nginx docker image, you should run following cmd:

docker build –pull

Your local docker image will have optimized size, based on original Dockerfile and your application would be more secure.


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Randomize your test data

Reading Time: 1 minute


This post is about one important testing method that should be automated, test data randomization.

You should randomize test data in automated script because this will make your automated test runs slightly more user likely because application that you are testing will be used by different users that will use different data inputs.

Also, it is very usual that application business rules are data driven. Based on data values, feature behaves differently. Using test data randomization, you can discover and test hidden business rules.

Here is my real example. I randomized account number, and soon realized that feature behaves non deterministic. One attribute output values were different from run to run. I could not define the rule.

I asked developers in dedicated slack channel about this behavior, and they explained that this is client business rule. Based on account first digit, created record was labeled differently (output attribute value). Of course, that business rule was not documented in any form.

In my ruby testing scripts, I use Faker gem. Happy test data randomization!


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Scrum testing heuristic: Is feature usable?

Reading Time: 1 minute


This post will describe how I test in project that uses scrum. Tool is Jira and context is early development phase.

We have in JIRA workflow QA phase.

Frontend has code reviews and developers are able to test (there is no automation) what they code using browser.

Here is how I test in described context.

Feature is usable when user can do main flow described in jira card, for example, create business object.

I use browser and Chrome developer tools. Cards have some story description, so I ask for clarification in card comment section. Also, I observe pull request (angular framework) to see which modules changed. I am looking for feature side effects,  when pull request contains changes not directly related to the card.

I approve card when feature is usable. Remember that context is early development phase, and scrum is iterative process, so there is no point to stop the feature if it is usable. For found issues or missing features, I create new card and bug or task, and I connect those two cards.

In BBST foundations lecture 2, you can learn how your testing differs depending on your context.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Web page cache heuristic that failed

Reading Time: 1 minute


In this post I will describe my heuristic for web page cache testing that failed and why it failed.

Web page cache is mechanism that stores parts of web page that does not change a lot in browser local storage. Hard part is to figure which part of page is not changing very often. A lot of scientific effort have been put in this problem.

I got a Jira card that clearly stated a story with cache usage.

During the creation of business object, cache all referenced data so when user will edit that object, all referenced data is already available.

I did exploratory test around this story, using my brain, eyes, ears and fingers. There were two paths to feature create business object. First path worked as described in user story, but second path did not. When I opened the create business object feature, all data had already been cached.

My first heuristic was that this is an issue. But after I explored the pull request connected with this card and discovered that all code changes were in one place I realized that my cache heuristic failed. Developers are using framework that helps them to write DRY code.

As create business feature component was reusable, first path to that feature already filled cache with data.

If you are in doubt how to enhance your testing craft, BBST is excellent starting point.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

What I learned on Testival #27 meetup

Reading Time: 1 minute


This post is report about what I learned at Testival #27 meetup and how I provoked that learning.

Last week we had Testival #27 meetup. Attendant metric was 15/25, which is excellent 0.6! You probably have seen something like this metric in your test reports. 0.6? So what that number means? We recently moved to meetup platform which exposed Testival to local community. 15 testers showed, and 25 applied to meetup. We have total of 65 members in Testival group. This is great improvement for Testival.

Sponsor of this meetup was Repsly, and we met again in HUB385. Repsly is hiring for a QA position. After short introduction of all participants,  we started with lectures and lighting talks.

My takeaways.

  1. Ana showed hers PageObject implementation in javascript. Ruby has PageObject gem with lot of out of the box helpers that you need to develop by yourself in javascript.
  2. Zeljko showed javascript source code for browser automation in various framework. It is less readable than Ruby code and it seems that Ruby gem ecosystem is stronger than one in javascript.
  3. Between two sessions I heard interesting question, how to check large tables using selenium (I always mingle in listening mode in every meetup), and Zeljko mentioned that he successfully used dedicated htl parser for that purpose, not the Watir-webdriver implementation.
  4. I was very impressed how Scratch evolved in past few years.
  5. There is jenkins plugin that enables you to keep history and version of your application builds.
  6. Over beers I learned on real example how is very hard to manage team of programmers. There is no silver bullet, managing a group of programmers is very hard.

Ruby : Javascript in browser automation context 3:0.

Here is small gallery:


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to change docker default route on Centos7

Reading Time: 2 minutes


In this post I will explain how to resolve following issue. You are connected via ssh to your centOS box. You successfully installed docker on that box and you started docker daemon using systemctl. Bang!, you are disconnected from your centOS box.

This happened to me. I had successfully installed docker on several boxes without a problem. Reality check, I just scratched the surface of my docker knowledge.

Reality check. This centos box was different than previous ones. I found out that it is in different network. Luckily, there was another box in same network that I can connect to. I ssh to that box and then from that box to the original centOS box. I  am in!

I was able to log in because they were in same network subnet. My laptop was in different range. What to do in order not to be bitten by this issue?

Before you start docker daemon with systemctl, run following cmd:

[ ~]$ route -n

route shows/manipulates routing table. Routing table describe where IP packets should go. Picture above shows ok situation. docker and linux box have different destination for packets.

In above example, docker took by default [source]. It reserves 65536 IP addresses for containers.

In my case, centOS box was in range 172.29., and docker took so from outside, docker took all the traffic, and my laptop was automatically disconnected.

How to change docker cidr range.

Before you start your docker daemon:

  1. run route -n
  2. check your box eth0 destination
  3. edit docker systemctl start file:
vi /usr/lib/systemd/system/docker.service

4. put docker containers in different ip range

Here is example how to set docker ip range from – [cidr calculator]:

ExecStart=/usr/bin/dockerd -bip

5. Now is save to start docker daemon:

# systemctl daemon-reload
# systemctl start docker
#systemctl status docker
Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Docker behind a proxy

Reading Time: 1 minute


In this post I will explain how to set up docker when you are behind corporate proxy.

All Internet tutorials about any technology take assumption that you are not behind a proxy. Working for my client that must use corporate proxy, I spent a lot of working hours discovering how to use docker behind  a proxy.

You first need to find out value for corporate proxy. In corporate environment, this could be rather tricky action, because that value is not always publicly known.

  1. Set docker systemd settings to use proxy.

Use official docker instructions [source]. With this setting, docker daemon nows how to get images from the Internet.

2. Dockerfile.

If you need to tailor your own image, you need to use Dockerfile. In order to enable Dockerfile commands to get stuff from the Internet, you need to set ENV HTTP_PROXY variable.

After FROM directive in Dockerfile, put following settings:

FROM image_name
ENV http_proxy <HTTP_PROXY>
ENV https_proxy <HTTPS_PROXY>

3. Some tools do not use environment variable http_proxy.

There are some tools that made a wrong design decision where they do not use environment variable http_proxy, but they require that command switch must be used in order to set proxy value.

I broke my teeth on following tools:

  • pip
  • npm

Here is simple heuristic. If command from Dockerfile gets timeout (usually it appears to hang when it can not get to Internet), consult documentation for this command to find out how to set proxy value.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to replace curl data-binary value to form-data upload parameters

Reading Time: 1 minute


In this post I will explain how master Joda visited me in my dream and asked me important question about one of my previous blog posts: How to measure upload speed of web application upload form [link]. The post provided right information about curl parameter that enables you to see upload speed. But curl example for upload file is wrong!

I found that is wrong when I tried to measure upload speed in real application. And realized that file is not uploaded in application. By observing the copy pasted curl, I noticed that there was not Content-Length header. Bingo, lets create Chrome developer tools issue ticket[link].

Please read comments, because I learned a lot about curl upload file feature. Google developers who answered my ticket did not just dismissed my wrong curl upload file heuristic, they took extra step and educated me!

So, in order to use curl upload file feature, you need to transform something like this:

--data-binary $'------WebKitFormBoundaryoeJQRnHeojsIBayU\r\nContent-Disposition: form-data; name="fileType"\r\n\r\n5\r\n------WebKitFormBoundaryoeJQRnHeojsIBayU\r\nContent-Disposition: form-data; name="file"; filename="elixir-websetup.exe"\r\nContent-Type: application/x-msdownload\r\n\r\n\r\n------WebKitFormBoundaryoeJQRnHeojsIBayU--\r\n'

into this:

-F file=@elixir-websetup.exe -F fileType=5

You can now data-binary parameter and its value from curl.

It is important to have check mechanism for upload file. Use your application features to check is file really uploaded. curl can also help by observing application returned value.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

What is happening in our application?

Reading Time: 1 minute


In this post, I will try to elaborate why is often expected from me as a tester to create meaningful application error messages.

So, you are using some web application, and you get something like this( thanks to Evil Tester):

Screen Shot 2017-01-14 at 2.04.02 PM

And that error message does not tell you anything about your action or input. At least they put disclaimer: “That is all we know”.

While I am testing application, I find a lot of such not informative error messages. Why I find them and developers not? Because I know how to make reasonable scenarios that trigger those errors. And to come up with such scenarios and test data is not something of interest of regular developer. In my experience they find this very boring and not creative job. But I think that finding alternative flows by exploring api that you use is very creative and important job.

Developers just have different meaning for definition of DONE. Or they are just lazy.

First line of defense is that user will never do that. But you took BBST Bug advocacy, and you have already uncornered your test scenarios making it more probable in real life.

After I talk to project leader and provide him information about low quality error messages, I put extra work on my shoulders. Karlo, as you already found those error messages, you will create meaningful error messages.

The problem here is that I can only provide error messages for scenarios that I covered. But low level mechanics of the application, which includes inter module cooperation based on api contracts, this is developer responsibility.


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather