Testing for Deployment

Testing is necessary to ensure that the patch you were given actually works in your environment. In enterprise businesses, patches are usually put through a rigorous set of tests to ensure that they comply with company information policies. The IT staff must be sure the patches work with the company applications.

Testing your patch may be as easy as merely determining whether it works, or it may be as complex as running a series of tests against it. The degree of testing depends on the patch and the environment.

Although laying out specific processes for your environment in this book is difficult, following are some questions you should consider:

  • Does the patch work? — This is a yes/no question. Does it fix the issue in question? Does it break anything in your environment?
  • What are the monetary costs of the patch? — This is strictly the cost to acquire the update. Normally, no cost should be involved.
  • What prerequisites are there for this patch? — Find out whether you must uninstall the old code, reboot the machine, or have other code installed with it to make it work.
  • Do you have the expertise in-house to apply the patch? — Some patches may include Apache Web Server upgrades, PHP updates, MySQL updates, and other compiled environments. This could be a situation where some coding must take place.
  • Will this patch result in procedural changes? — Think about scenarios where backup/restores or other documented procedures will change.
  • Will this patch result in ...

Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.