Virtual mailboxes with courier-imap and postfix

September 9, 2007
courier, email, imap, linux, postfix, smtp, sysadmin
25 Comments

This is the first of an occasional series of posts about Linux systems administration. I’ve been an on-off Linux sysadmin for about, well, my first Linux was Slackware on a stack of 3.5″ floppies. Every now and then I do something “fiddly” and I want to capture these episodes in case I ever need to do it again, or in case someone else wants to and they find this useful.

I run Debian Testing on kenny, the server that hosts http://dannorth.net, http://behaviour-driven.org and a bunch of other websites, blogs and wikis. (Random plug: it’s hosted by the fine folks at SolarVPS. I have no affiliation with them but they rock.) It seems a good balance between Debian Stable – which is rock solid but always about a year out of date – and Unstable, which requires updating far too often and hosed my old server (cartman – can you see a theme here?).

Mostly it Just Works. In particular WordPress and MoinMoin are a joy to configure and use. I get change out of about 10 minutes to add a new blog.

I also use it as a mail server, using postfix for sending and receiving mail and courier-imap for reading it. I tried a number of mail servers and settled on postfix after dismissing sendmail and qmail as just too complicated and exim after staring at the impenetrable documentation one time too many.

I found it pretty easy to set up secure SMTP over TLS and secure IMAP over SSL, but I stumbled at setting up virtual mail addresses. This article is about how to do that using postfix and courier-imap. It’s pretty straightforward once you know where all the moving parts are, but they were less than obvious to me.

Virtual mail addresses

Mostly you send email to bob@address.com and it turns up in bob’s mailbox in bob’s login account. Sometimes you don’t want this. For instance, I host about 20 domain names on kenny, and addresses like info@blah.com or sales@blah.com need to go to specific people. That’s the first type of virtual addressing, known as virtual alias domains.

The second case is “more” virtual – the user doesn’t even need to exist on the server with a regular login account. Postfix puts the mail into a special directory, and courier-imap presents that directory as the mailbox when the user “logs in” over IMAP. This is where all the moving parts come in. This is known as virtual mailbox domains.

Setting up postfix for virtual alias domains

This is the easier of the two, since the mail ends up in a real email address, so there is no corresponding configuration on the courier-imap side. This information came from the Postfix Virtual Domain Hosting Howto.

In /etc/postfix/main.cf add the following lines:

    virtual_alias_domains = dannorth.net
    virtual_alias_maps = hash:/etc/postfix/virtual

This says that postfix will treat the name dannorth.net as a virtual alias domain and will use the file /etc/postfix/virtual to do the mappings. Your /etc/postfix/virtual might look like this:

    # deliver to local account
    dan@dannorth.net dan

    # forward to another mail address
    example@dannorth.net dan@example.com

Once you have this file configured, run the command:

    # postmap /etc/postfix/virtual

to create the hash database that postfix will use, then run:

    # postfix reload

to update the configuration.

Setting up virtual mailbox domains

Ok, there are several moving parts here. We need:

  • a directory to deliver the mail to
  • to tell postfix to deliver it there
  • to enable virtual users in courier
  • to tell courier where the virtual users’ mail lives

In this example, I’ll set up two virtual users, fred and barney, at example.com.

System accounts and directories

The virtual users’ files need to be owned by someone, so we’ll create a “fake” user and group. I’m using vmail for both the user and group names, with uid and gid both set to 5000.

From a root prompt:

    # groupadd -g 5000 vmail
    # useradd -g vmail -u 5000 vmail
    # mkdir -p /home/vhosts/example.com
    # chown vmail:vmail /home/vhosts/example.com

Configuring postfix for virtual mailbox domains

In /etc/postfix/main.cf

    virtual_mailbox_domains = example.com
    virtual_mailbox_base = /home/vhosts
    virtual_mailbox_maps = hash:/etc/postfix/vmailbox
    virtual_minimum_uid = 100
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000

This is pretty self-explanatory. It says example.com is a magic virtual mailbox domain, all users and groups map to a fixed number (you can get cleverer than this but I’m not worried about it for now), and that all the interesting stuff is in /etc/postfix/vmailbox. The minimum uid is postfix’s safety measure in case I do something stupid. It means I can’t accidentally let someone have access to system files.

Now let’s look at /etc/postfix/vmailbox:

    fred@example.com example.com/fred/
    barney@example.com example.com/barney/

The magic here is the / at the end of each line. This says to use maildir format (the format courier-imap is expecting) rather than clunky old mbox format. Postfix will create the appropriate directory structure for fred and barney,

Again we create a hash of this for postfix:

    # postmap /etc/postfix/vmailbox
    # postfix reload

Phew! That’s the postfix side done. Now stop for a cup of tea.

Configuring courier-imap for virtual mailboxes

On Debian, courier imap runs as three executables, each with separate init.d scripts. courier-imap and courier-imap-ssl are the imap servers themselves (I run courier-imap bound to localhost for webmail). courier-authdaemon is the chap that does all the authentication. That’s the one we’re interested in.

Firstly, we need to enable virtual users. In the file /etc/courier/authdaemonrc you need to make sure your authmodulelist setting contains authuserdb as one of its authentication mechanisms. Mine looks like this:

    authmodulelist="authuserdb authpam"

Don’t forget to tell the auth daemon you’ve made a change:

    # invoke-rc.d courier-authdaemon reload

Courier uses a file called /etc/courier/userdb to store virtual user mappings, but you don’t usually edit this file yourself. It has an arcane format (using tabs and pipes as delimiters) and should be left well alone. Instead, courier provides you with some command line tools to manipulate it.

To create an entry for fred, we do this:

    # userdb fred set uid=vmail gid=vmail home=/home/vhosts/example.com/fred mail=/home/vhosts/example.com/fred

(That should all be on one line – your browser might wrap it.) Then set a password for fred:

    # userdbpw -md5 | userdb fred set systempw

Do the same for barney. Finally we build the hashed user database that courier will actually use:

    # makeuserdb

Note: don’t forget to run makeuserdb after making any changes to the virtual user data otherwise courier won’t know.

Testing the configuration

Firstly, try sending an email to the virtual user. Postfix should create the maildir structure under example.com/fred. Then try connecting to courier to read the mail. If you find you are getting authentication problems from the courier side, you can try setting DEBUG_LOGIN=1 in /etc/courier/authdaemonrc and restarting the auth daemon. Don’t forget to switch it off again once it’s working.

SOA for the rest of us

September 2, 2007
agile, architecture, articles, programming, services, soa, software
13 Comments

Earlier this year I wrote an article to introduce service-oriented architecture to non-technical people. It was published in the May 2007 issue of Better Software magazine.

The kind folks at Better Software have allowed me to provide a PDF version of the article, complete with retro 1950s graphics. You can also read it as a single html page.

Please post any comments here, because I’ve disabled comments on the page itself.

Two flavours of BDD – or .net gets behaviour-driven

June 27, 2007
agile, bdd, dotnet, nbehave, nspec, open-source
6 Comments

How about that? You wait ages for a BDD framework in .net and then two come along at once! Ok, to be fair NSpec has been around for a while. However I’m talking about describing application behaviour in terms of stories and scenarios, to complement NSpec’s description of interactions between objects. (As a side note, I would love to see NSpec adopt rspec’s describe/it vocabulary rather than using contexts and specifications.)

Introducing NBehave and, well, NBehave!

Morgan Persson first spoke to me about writing a .net version of JBehave at the beginning of 20071, so I am delighted that he has just announced his first public release of NBehave. It mixes C# and VB.net in a lovely it’s-all-about-the-CLR way. So the examples are in C#, extending VB.net framework classes.

In the meantime, Joe Ocampo has used some C#3 voodoo to create something scarily similar to rbehave for .net. He seemed to produce this in slightly less time than it took me to press “publish” in WordPress, and I have to say it looks great.

Two use cases for expressing intent

The original idea behind the JBehave story framework was that developers would write “pluggable” givens, events and outcomes to define the various scenarios that make up each story. Non-technical people would then manipulate these using desktop tools (say a graphical story builder where you drag the various components around to define your stories and scenarios).

rbehave has a different motivation, namely moving from the textual representation of a story to an executable definition in as few steps as possible. This is to allow human beings – mainly testers and business analysts – to read, write and edit executable acceptance criteria.

Liz Keogh and I are currently preparing a JBehave tutorial for OOPSLA 2007. Since JBehave was based very much on the first use case, we’ve noticed it is pretty painful to pull together a story from a standing start, without a proliferation of tiny classes emerging. I’m working on a fluent interface that is currently looking a little like this:

public Story story() {
    return newStory("I can create a cell")
        .asA("game producer")
        .iWant("to create a cell")
        .soThat("I can show the grid to people")
    .withScenarios(
        scenario("Nothing to see here",
            given("a game with dimensions", 3, 3),
            then("the grid should look like",
                    "...",
                    "...",
                    "...")
        )
    );
}

It’s backed by the regular JBehave classes and runs in the standard JBehave story runner.

I would love to see Morgan and Joe bring their two interpretations of acceptance-level BDD together into a single framework. It is after all just a bunch of scenario fragments playing nice together, and having the two approaches to expressing intent in the same framework means that NBehave could be both a directly-editable representation of behaviour, and at the same time the basis of a (graphical?) toolset for defining acceptance criteria in .net. Maybe even as a Visual Studio plugin.

1. Oops – I thought it was as long ago as 2006 but Morgan put me straight.

Catching up

June 19, 2007
agile, architecture, java, programming, real-options, ruby, simplicity, soa, summary
3 Comments

It turns out that having a day job can play havoc with your blogging activities. I’m posting a round-up of recent activities, in no particular order, with the intention of expanding on each of these topics in the coming weeks. But we all know what happens to intentions.

This is mostly a brain dump to make me feel guilty enough to write some of it up, so feel free to skip it if you’re busy. That FaceBook page isn’t going to update itself you know.

Simplicity

At last year’s XP Day in London I got involved in a fishbowl discussion, with the likes of Kevlin Henney among others. Kevlin gets simplicity. To me it’s the holy grail of software development, and it’s all about expressing intent clearly. If you can’t make a system any simpler, then you’re done (simple, not simplistic). Likewise if you can express the intent of an application in a clearer way, you still have work to do. Erik Doernenberg and I shaped this theme into a keynote that I’ll pretend I’m going to write up at some point.

Performance tuning

A couple of years ago I did a performance tuning gig with a major retailer in the US. It was their first foray into J2EE and they were struggling with the impedence mismatch between OO and the relational database. Over the next few weeks I’ll be writing up the various approaches we took to achieve the results we got (startup time down from 10 minutes to 45 seconds, query times down from over 30 minutes to sub-second), because in the intervening period I’ve seen some of the patterns repeating themselves elsewhere.

Agile SOA

I have my “safe” topics that I’m very familiar with presenting: coaching and learning, agile and BDD, various technology topics. Last month I presented outside of my safe zone – on “SOA for Human Beings” at the ExpertZone conference in Stockholm.

SOA is not like the other kids. On one level it’s so vague it’s almost Zen: “What is SOA?” “It’s whatever you want it to be”. Secondly, it’s largely misunderstood as being a technology thing rather than a business thing. Thirdly, it’s often deliberately misrepresented as the reason you have to purchase a particular toolset.

So I stood up in front of the 17 attendees and said: we won’t be discussing code this afternoon – we might not even discuss technology. And we all had a much better afternoon because of it. There were a number of themes that came up during that session, and I’ll try to do them justice in a future article.

Builders, Commands and Fluent Interfaces

I’ve been architecting! You know, like properly designing software on a project as a tech lead. It’s great fun – I’d forgotten how much I liked it. My favourite current toys are builders – in particular fluent interfaces – and the command pattern. Suddenly my world is a simpler and happier place. Come to think of it, I’ve just rolled off a project with Patrick Kua as my tech lead. Talks a lot of sense does Patrick.

BDD in Ruby

Got rbehave out. Phew!

BDD in Java

At some point in the last couple of months, it seems we released JBehave 1.0! It’s been a labour of love, made up of infrequent short bursts of activity interspersed with long periods of day job. Lucky for me, Liz Keogh stepped up and took the reins, and with the help of some other great developers got it to 1.0. I’m very pleased with what we’ve accomplished so far, but there’s plenty more to do. In particular I want to introduce a fluent story builder to remove the need to hand-wire all the stories, and see if we can use some Java 5 goodness to simplicate things.

Real Options

No, not the things traders buy and sell. This is an overlooked branch of mathematics that explains why deferring decisions responsibly is a Good Thing, but deferring them past their “use by” date is just dumb.

My good friend Chris Matts has written an article about real options with Olav Maassen. In a demonstration of the interconnectedness of all things, there are at least two JBehave connections here. Chris was the guy who made the observation that BDD-as-TDD was just like business analysis, which in turn led to the whole story/scenario vocabulary. Olav was the first contributor to JBehave, writing a JBehave Ant task back in 2004. They are both mad as a box of badgers which means the article makes for interesting reading.

Introducing rbehave

June 17, 2007
agile, bdd, framework, open-source, programming, rbehave, rspec, ruby, software
41 Comments

rbehave is a framework for defining and executing application requirements. Using the vocabulary of behaviour-driven development, you define a feature in terms of a Story with Scenarios that describe how the feature behaves. Using a minimum of syntax (a few “quotes” mostly), this becomes an executable and self-describing requirements document.

BDD has been around in the Ruby world for a while now, in the form of the excellent rspec framework, which describes the behaviour of objects at the code level. The rspec team has focused on creating a simple, elegant syntax and playing nicely with other frameworks, in particular Rails and the Mocha mocking library.

Inspired by this, I wanted to find a simple and elegant way in Ruby to describe behaviour at the application level. This is a different enough problem that I couldn’t just use rspec. You can skip ahead to the Ruby code if you already know about stories and scenarios. This preamble just sets the scene for the example.

The scenarios that describe a story are made up of “steps” of Givens, Events and Outcomes. These steps can be mixed and matched in different ways to provide different sequences of events. Here is an example:

Story: transfer to cash account
  As a savings account holder
  I want to transfer money from my savings account
  So that I can get cash easily from an ATM

  Scenario: savings account is in credit
    Given my savings account balance is \$100
    And my cash account balance is \$10
    When I transfer \$20
    Then my savings account balance should be \$80
    And my cash account balance should be \$30

  Scenario: savings account is overdrawn
    Given my savings account balance is -\$20
    And my cash account balance is \$10
    When I transfer \$20
    Then my savings account balance should be -\$20
    And my cash account balance should be \$10

Here we have two givens: one about my savings account and the other about my cash account. We have a single event, namely transferring cash. We have two outcomes, again about the account balances.

This is typical of the scenarios in a story: they revolve around a single event (the feature itself) and prescribe different outcomes for different combinations of givens. Also, notice that the steps themselves are parameterized: the first time my savings account balance is $100, the second time it is -$20, so a story framework needs to accommodate this.

Getting it running

So then I converted the story into a rspec-like structure, preferring simple strings to method names, and do/end blocks rather than classes:

require 'rubygems'
require 'rbehave'

Story "transfer to cash account",
%(As a savings account holder
  I want to transfer money from my savings account
  So that I can get cash easily from an ATM) do

  Scenario "savings account is in credit" do
    Given "my savings account balance is", 100
    Given "my cash account balance is", 10
    When "I transfer", 20
    Then "my savings account balance should be", 80
    Then "my cash account balance should be", 30
  end

  Scenario "savings account is overdrawn" do
    Given "my savings account balance is", -20
    Given "my cash account balance is", 10
    When "I transfer", 20
    Then "my savings account balance should be", -20
    Then "my cash account balance should be", 10
  end
end

Using rspec to drive the design, I wrote a little framework that would run these scenarios, each one in its own instance of an object (so they were independent), reusing the steps as needed.

So, this only left the problem of the steps themselves. They would have to be defined somewhere else (that I hadn’t figured out yet). Then I thought: each step’s implementation should be pretty trivial, so what would happen if I put the code for each step inline in the scenario? So I ended up with this:

require 'rubygems'
require 'rbehave'
require 'spec' # for "should" method

require 'account' # the actual application code

Story "transfer to cash account",
%(As a savings account holder
  I want to transfer money from my savings account
  So that I can get cash easily from an ATM) do

  Scenario "savings account is in credit" do
    Given "my savings account balance is", 100 do |balance|
      @savings_account = Account.new(balance)
    end
    Given "my cash account balance is", 10 do |balance|
      @cash_account = Account.new(balance)
    end
    When "I transfer", 20 do |amount|
      @savings_account.transfer_to(@cash_account, amount)
    end
    Then "my savings account balance should be", 80 do |expected_amount|
      @savings_account.balance.should == expected_amount
    end
    Then "my cash account balance should be", 30 do |expected_amount|
      @cash_account.balance.should == expected_amount
    end
  end

  Scenario "savings account is overdrawn" do
    Given "my savings account balance is", -20
    Given "my cash account balance is", 10
    When "I transfer", 20
    Then "my savings account balance should be", -20
    Then "my cash account balance should be", 10
  end
end

For this example it turns out there are no new steps to define in the second scenario, which makes it very easy to read. In general I’m finding that most of the steps get defined in the first one or two scenarios.

Implementing the code

So I saved this to a file as transfer_funds.rb and ran it, and I got two failures:

Running 2 scenarios:
FF

2 scenarios: 0 succeeded, 2 failed

FAILURES:
1) transfer to cash account (savings account is in credit) FAILED
NameError: uninitialized constant Account
...
2) transfer to cash account (savings account is overdrawn) FAILED
NameError: uninitialized constant Account
...

rbehave prints one character per scenario – a dot means the scenario passed, an F means it failed. At the end of the run it prints a list of the failing scenarios. So this tells me that firstly it runs (hooray!) and secondly both scenarios are failing because I’m missing an Account class. Well I don’t want a whole bunch of failing scenarios that only start to work one at a time as I implement them. That feels too much like broken windows – I’ll get too used to seeing failing scenarios and then I won’t react when workng scenarios start failing. So I introduced the idea of a “pending” scenario, by adding a pending() method:

Given "my savings account balance is", 100 do |balance|
  pending "needs an Account"
  <code>savings_account = Account.new(bal)
end

And I got this:

Running 2 scenarios:
PP

2 scenarios: 0 succeeded, 0 failed, 2 pending

Pending:
1) transfer to cash account (savings account is in credit): needs an Account
2) transfer to cash account (savings account is overdrawn): needs an Account

The Ps represent pending scenarios, which means they aren’t working yet but they don’t count as a failure. Then I use rspec to implement an Account with a constructor that takes an initial balance, and give it a transfer_to@ method that moves money around. Then I remove the pending line:

Running 2 scenarios:
.F

2 scenarios: 1 succeeded, 1 failed, 0 pending

FAILURES:
1) transfer to cash account (savings account is overdrawn) FAILED
Spec::Expectations::ExpectationNotMetError: expected -20, got -40 (using ==)
...

Excellent! I have my first working scenario. Now I just need to add behaviour to the Account class to not transfer money it doesn't have! But wait a minute, what about documentation? Well I added some listeners to the story runner, so when you run:

transfer_funds.rb --dry-run --format simple

you get:

Story: transfer to cash account
As a savings account holder
  I want to transfer money from my savings account
  So that I can get cash easily from an ATM

Scenario: savings account is in credit
  Given my savings account balance is 100
  Given my cash account balance is 10
  When I transfer 20
  Then my savings account balance should be 80
  Then my cash account balance should be 30

Scenario: savings account is overdrawn
  Given my savings account balance is -20
  Given my cash account balance is 10
  When I transfer 20
  Then my savings account balance should be -20
  Then my cash account balance should be 10

This is being generated from the same Ruby code that runs the scenarios themselves.

Next steps

You can gem install rbehave or download the source. There is a sample application (Conway's Game of Life) in progress in the source code that shows you some of the other features rbehave supports.

rbehave was designed to play nice with other frameworks. In particular, the "world" that each scenario runs in is a module that can be mixed into any object, so you could easily use rbehave with a Rails IntegrationTest or incorporate it into your existing acceptance testing framework. It is also possible, and in fact encouraged, to use rspec in your Outcomes (balance.should == 30).

If you're interested in using or developing rbehave, please join the mailing lists and let me know how you get on. As a parting thought, rbehave is totally compatible with jruby, so you could start writing your Java acceptance criteria in Ruby and running them in rbehave.

A number of people helped me get rbehave off the ground. In particular I have to thank Niclas Nilsson for kick-starting the whole thing, David Chelimsky (rspec lead) for his sound advice and for adding describe/it to the rspec core, Liz Keogh (jbehave lead) for demanding that steps should take parameters and not taking no for an answer. Also PragDave ran an inspiring meta-programming workshop at QCon that gave me the courage to try this stuff.

Upcoming Talks

February 28, 2007
accu, agile, architecture, bdd, expertzone, qcon, roots, ruby, services, soa, talks
4 Comments

I’ve got a number of tutorials, conference sessions and keynotes coming up over the next few months that I’m very excited about. My themes for this year are behaviour-driven development, SOA for human beings and understanding what simplicity really means. Looking at these, there is an overarching theme about getting different kinds of people talking to each other in plain English (for some value of English).

Keynote at QCon, 14-16 March, London

QCon is the London version of the excellent JAOO conference in Denmark, which has become my favourite technology event of the year (apart from phone upgrade time). They attract world-class presenters to provide sessions varying from the deep technical through to people and process topics, and they’ve done the same with QCon. What’s more, they have managed to resist the lure of the sales-pitch session, which means you get to hang out with other geeks without people trying to sell you stuff. The London event is being run in conjunction with the common-sense guys at InfoQ, and I’m lucky enough to be speaking there.

I’m delivering a keynote with Martin Fowler about the gaping crevasse between what business people ask for and what technical people think they want. I’ve presented with Martin a couple of times before – at least I know I’ll only be the second loudest person in the room.

ThoughtWorks is a “platinum sponsor”, which I think means we get to buy more drinks than the other sponsors.

BDD in Ruby at ACCU, 11-14 April, Oxford

ACCU is a conference by geeks, for geeks. With its roots in the C++ community, there are lots of strange people in weird industries like embedded systems, graphics engines and writing music software. It’s a refreshing change for me, where “enterprise systems” usually means moving data from over here to over there.

I’m actually at ACCU by accident, presenting behaviour-driven development in Ruby. They haven’t noticed yet that I haven’t touched C++ in ten years, and I’m not about to tell them.

However, the ACCU folks are developing a strong liking for dynamic languages – last year Guido van Rossum, the inventor of Python, delivered a keynote, and I co-presented a session introducing Ruby and Rails. So perhaps there’s life after the standard template library after all :)

Coaching workshop and BDD session at Expo-C, 23-25 April, Gothenberg

You know the tutorial days that tend to happen either side of a conference? Well Expo-C has adopted the model of having mostly tutorial days and hardly any conference! The 23rd and 25th are tutorial days, with two speakers presenting full-day tutorials on each day (I’m on the 23rd). The middle day is made up of seminars by a number of presenters. As the only speaker who hasn’t published a book (one of the presenters, Jim Coplien, has a small library to his name), I can safely say it’s a very solid line-up. Also, it’s one of the smaller conferences so there is lots of opportunity to hang out with the presenters.

I presented a tutorial day last year around the theme of agile delivery and thoroughly enjoyed it. This year I’m doing something a bit different, focusing on “Change, Coaching and Communication”, using NLP and life coaching principles as the basis of a one day interactive workshop. As with last year, there won’t be any PowerPoint, mostly because I’m rubbish with PowerPoint.

I’ll also be presenting a behaviour-driven development session on the seminar day.

Keynote and SOA workshop at ROOTS, 25-27 April, Bergen (Norway)

I’ve not been to ROOTS before but I’ve heard good things about it. It’s a developer-centric conference and this year it features the likes of Kevlin Henney, Jim Coplien (who I’ll be racing to Norway from Expo-C) and lovely testing guru Linda Rising.

Erik Doernenberg and I are delivering a keynote on the nature of simplicity, and we’re running a three hour workshop looking at SOA for human beings.

Keynote and SOA workshop at ExpertZone, 23-25 May, Stockholm

I met Josefin Andersson, one of the organisers of ExpertZone, earlier this year and she convinced me I had to attend the ExpertZone Developer Summit in Stockholm. Since I’m scared of Josefin, I said yes. Also Microsoft’s Beat Schwegler will be there, and he rocks.

I’ll be delivering another keynote with Erik Doernenberg, based on our current pet themes of simplicity and clarity of intent (honestly, how hard can software be?), and running the workshop on SOA for humans.

I’ve been told by the Boss that I’m not allowed out of the house in June.

Monkey business value

February 15, 2007
bdd, ruby, tdd, testing
12 Comments

So I was hanging out with a bunch of geeks in Switzerland, having one of those late night conversations, and an idea sort of emerged, and the more I thought about it, the more I liked the idea. And then I was thinking that a) I’m useless at following through on ideas and b) I would love someone to take this forwards. So here it is.

Our premise was that the value of automated testing is in its repeatability and low investment (in terms of human effort). However, running the same tests all the time just verifies that the system does a small number of well-known activities.

The value of exploratory testing, on the other hand, is to try all the weird combinations that people might try – aka monkey testing – in order to break the system by using it in unlikely ways. The problem is that exploratory testing requires people, so it’s slow and expensive.

Cue RMonkey (and possibly PyMonkey and JMonkey). RMonkey augments your Ruby acceptance tests, to emulate monkey behaviour. It works like this:

Boring, old-style test:

def test_user_can_login
  web.navigate_to '/login'
  web.enter_value :name, 'bob'
  web.enter_value :password, 'secret'
  web.press_button :login
  assert_that web.current_page, has_title("Welcome")
end

Now we monkey it up, with the keywords usually, sometimes and rarely:

require 'rmonkey'

include RMonkey

def test_user_can_login
  navigate_to '/login'

  usually   { web.enter_value :name, 'bob' }
  sometimes { web.enter_value :name, 'kate' }
  rarely    { web.enter_value :name, random_string() }

  usually { web.enter_value :password, 'secret'  } # sometimes don't bother

  web.press_button :login
  sometimes { 10.times { web.press_button :login } }  # bored bored bored!

  assert_that web.current_page, has_title("Welcome")
end

So now you have automated monkey tests. There are default probabilities for usually/sometimes/rarely (say 80%, 15%, 5%) but that is customizable:

monkey_see :usually => 75, :sometimes => 22, :rarely => 3

The interesting part, of course, is to know what sequence of events leads to a test failure. A more fully-featured RMonkey would keep track of which events it executed and produce an informative narrative if things turned bad.

In the spirit of the infinite monkeys metaphor, this would prove most useful in a soak-testing scenario, whereby thousands of monkeys were hitting an application over an extended period of time. You would want to know that a) mostly it worked, and b) when it didn’t work, which sequence of events caused it to break.

Some obvious applications for RMonkey would be in driving Selenium or Watir, or using JRuby to drive JUnit, MarathonMan, WebDriver or any of the other Java testing frameworks.

The code for rmonkey.rb is simply:

module RMonkey
  LIKELIHOOD = { :usually => 80, :sometimes => 15, :rarely => 5 }

  def usually
    yield if rand(100) < LIKELIHOOD[:usually]
  end

  def sometimes
    yield if rand(100) < LIKELIHOOD[:sometimes]
  end

  def rarely
    yield if rand(100) < LIKELIHOOD[:rarely]
  end

  def monkey_see(likelihood)
    LIKELIHOOD.merge(likelihood)
  end
end

So anyway, let me know if you would like to get involved in developing RMonkey. I think it's a really appealing idea and I'd love to see someone do something with it.

Tagged

February 12, 2007
memes
2 Comments

Ok, so I’ve been blog-tagged. Twice in fact, by Patrick Kua and Mats Helander. Apparently the rules are that I have to tell you five things about me that you probably didn’t know, and then I have to tag a bunch of other people.

Except that this is the Interweb, blog-tagging is exponential and I’m usually the kid who gets picked last, so there are probably only about 4 people left on the planet who haven’t been tagged.

Anyway, here goes. Five things you didn’t know about me:

  1. I used to do origami. A lot. For years and years I would fold little squares of coloured paper (only squares, and only coloured on one side – I’m a purist) into all sorts of birds, beasts and useless household objects. My favourite was a turtle – you had to be pretty good to fold a turtle. It took me ten years before I could fold a jackstone. I kept going back to it each year until I suddenly got it. Then I made a whole load of them to prove it wasn’t a fluke. Then I forgot again.
  2. I love cycling. More accurately I love buying cycle-related toys like multi-tools, ever smaller and more powerful bike pumps, super-lightweight jackets. In fact, the sorts of things that make cycling more expensive than using public transport. When I’m feeling motivated I cycle 20km each way to work, usually 3-4 times a week. Right now I’m a lapsed cyclist – I haven’t cycled properly for a couple of months – but it’s only temporary.
  3. I play drums. I was in several bands over about 12 years, and played venues like the Rock Garden in London (tiny but lots of fun) and Dorking Halls in Surrey (to about 1000 people). A few years ago I started playing hand drums – bongos and an African djembe – which have the bonus of not needing a car to move them around.
  4. I got married in South Africa, on a wine farm near Cape Town. It was a fairy-tale wedding, with a horse-drawn carriage and ducks. Oh, and the bride looked amazing.
  5. I studied jitsu for several years. Once I got to a certain level – fending off kitchen knives, bike chains and a katana – I found I preferred teaching to grading (in fact jitsu taught me a lot about coaching). So I never got my black belt but I’m still double hard. So don’t make me come over there.

Right, I nominate Claudio Perroni, Paul Walker, Erik Doernenburg, Arjen Poutsma and Niclas Nilsson. You’re tagged!

Behaviour-driven stories

February 12, 2007
agile, articles, bdd, programming, summary
9 Comments

At a recent software architecture workshop, I was discussing the ideas behind BDD with a great group of people (more about that soon). One theme that kept coming up was the fact that I needed to write much more about BDD as an entire methodology, and to address the current perception that it is just a repackaging of test-driven development (which, to be fair, is where it started).

As I was describing the workings of BDD, I discovered that I had made the assumption that everyone knew what a Story was, in the agile sense of defining a requirement. It turns out that there’s a whole world outside of my little bubble that use all sorts of different processes for identifying and defining requirements, and in particular they don’t know what I mean by a Story, nor why they should care.

I was specifically asked what a story was from a behaviour-driven perspective, so I have written it up in an article called What’s in a Story?.

In the interests of releasing early and often, I will be editing and updating it in response to comments on this post. I’m particularly interested in people’s thoughts about how BDD stories compare to Use Cases. I’ve read a bit about use cases and used them a long time ago, but I haven’t been around them recently enough to really remember whether I liked them.

Outcomes over Features – the fifth agile value?

October 28, 2006
agile, analysis, planning, software
20 Comments

I’ve been having difficulty recently with a trend I’m seeing on projects. What happens is this: we (an agile development team) engage with a client for a short period – typically 2-4 weeks – to investigate how we might work with them to solve their problem. During this period, we drive out lots of stories, do some technical investigation and estimation, and out of this we generate a high level release plan. All very good, you might think. But then, unfortunately, everything is mysteriously forgotten about except the release plan, which suddenly grows horns and fangs and becomes a Fixed-Price Fixed-Scope Big Up-Front Project Plan. Well ok, it’s not quite that dramatic, but it certainly doesn’t feel very agile to me. Hopefully I can explain why.

To my mind, there are two primary objectives of this initial phase. Firstly, we get to know each other and think about how we want to work together. Secondly, we create a shared understanding of the project’s objectives, timescales and risk profile. Coming out of this process, everyone should have the same sense of “bigness” of the project, in terms of both size and complexity. The release plan is just a detail in the process.

An agile project – in fact any project – should focus on a set of outcomes. How we get there is less important than actually getting there. A CIO or business sponsor wants to solve a specific problem, by a specific date, and has an idea of how much money they are prepared to spend achieving that. By driving out a comprehensive list of stories, estimating them, and then rolling it all up into a Big Release Plan, you run the risk of focusing attention on the features (stories) and defining Success as the delivery of all these stories. This is exacerbated when the release plan is shown to people who weren’t part of the original exercise. They see the release plan and naturally assume that it is the primary “output” of the process.

In the manner of the Agile Manifesto, whilst there is value in delivering a list of features, I value achieving the outcomes of the project higher. This feels complementary to the other four agile manifesto values.

Two recent examples. On one project it became apparent that we were unlikely to meet a particular hard deadline given the current story backlog. The team worked with the client to find a way that they could still meet the project’s outcomes and deadline, by dropping or deferring around a third of the features. The client was delighted! The message was simple: I can meet your outcomes with only two thirds of the effort (i.e. cost) of the previous plan. Who wouldn’t want that? That conversation would have been dramatically different if the client had been wedded to the feature list as the definition of success of the project. Luckily he had the insight to remain focused on the overall objectives of his project, and they hit the date.

Another project had a stability issue in production. The (very critical) application would fail mysteriously every couple of days. They needed a solution now because they were losing business as well as being in danger of getting in regulatory trouble. The project manager simply asked the operations guys to manually restart the application every night as a standard operating procedure. At a stroke the initial problem was solved – the outcome was met – without a single line of code being written. Now the team could focus on solving the root cause, without being under pressure to produce a rush job.

“Scope” is a dangerous word, since it can be used to mean either features or outcomes, but never both. Does “cutting scope” really mean failing to meet objectives? Or were those features not really core after all? A project has to have a goal, otherwise you can’t know when you’re done. Without a goal, you will tend to define “done” in terms of execution of the story list. Similarly, it has to have a feature list, or you don’t know what you’re going to do to get there. So it is just as big a risk to have no clearly defined outcome (i.e. no vision or purpose for a project) as defining a fine-grained feature list up front. Next time you engage on a new project, make sure the entire team – and especially the sponsor – has a clearly articulated outcome for the project. And make sure you regularly review your direction to ensure you are still working towards those outcomes.

Follow

Get every new post delivered to your Inbox.

Join 199 other followers