Full Stack Testing

bencf1 · March 9, 2021, 3:00pm

I consider myself to be a “Full Stack” Tester.

There are two fundemental reasons why.

I test many layers

It is not unusual for me to get involved building Test Stacks using Infastructure as Code, get involved in application configuration and then test ‘all the things’. Including Front-End UI, Backend API, Database, WebSockets, Lambdas, third party integrations.

I know peoples opinions on what consititeus a Stack and how full it is varies depending on context. But I feel if I am involved from Concept to Deployment and all the layers and stages inbetween, that’s close enough for me.

I think most testers are Full Stack

I know some testers who execute testing in a “Black box” style, using the Customer focused UI. And some who focus in great detail with Data in the Database.

But generally, most Test Experts I know have built a varied skill set and career where they have tested some elements of Frontend, Backend, Database and Infastructure.

You may not of thought about it, you may not identify as “Full Stack”, but I am betting, and this is partly an assumption based on incomplete data (small sample of Testers I know personally) you ARE a Full Stack Tester.

In fact, the Tester in a team is often the only person who has the privallage to exprience the end to end exprience of an application with live integrations.

What are your thoughts?

Tell me what you think! Am I mad man? or are many of us Full Stack Testers, and we didn’t even know it?

ola.sundin · February 8, 2021, 2:31pm

Interesting concept. This reminded me of a time when I was having a small presentation on testing to a group of testers, 3 of them exclusively did performance testing and the other group of like 8 exclusively did “functional testing”. And the two had very little insights to what the other group was doing. So for me a full stack tester would be one that could complete the full testing problem which to me would be: Performance and Security Testing, Functional Testing, Usability Testing and possibly Hardware testing. Similar to a full stack developer being one that solve the full development problem.
And in my experience I have met very few who are full stack, where almost all of the ones I have met is working with Security testing given that the nature of that problem is touching them all. For performance testers they barely know what domain testing is and for functional testers they have no idea what a traffic model is.

bencf1 · February 8, 2021, 7:52pm

Hmm that is an interesting way to define things that I hadn’t though of, probably because of my own bias towards what could be described as Functional Testing. Although I personally dislike the concept of “non-functional” testing, I think it’s an anti-pattern or a misnomer. In my mind, testing Security and Scale of a system can be a valid part of System Testing.

Although I consider Security researchers/experts to be quite a different discipline then Testers. But again, this might be my own bias. In so far as I would expect a Developer to know about security and follow “securing coding practices”. But I wouldn’t expect all to have a deep understanding of all system vulnerabilities, I’m thinking CPU Side-channel attacks for example, that stuff is pretty specialist. I don’t think this would stop a Developer calling themselves Full Stack, when they built frontend and backend code.

I do like your concept of:

Maybe what I am conflating the term Full Stack with Generalist vs Specialist. But I think my point really is that many modern testers do need to understand and test at multiple layers of the Application, that may well be built by multiple Devs or even different teams of Developers.

Thank you for your thoughts - I’m interested to know what others think!

ola.sundin · February 9, 2021, 9:00am

This brings up a concept that I have struggled with now and then. When I started testing we were a group of testers with different skills and we could specialize since you did not need to be able to do everything. Then I joined an organization where every tester was embedded in a Scrum team. All of a sudden you needed to do everything yourself since you were the only one. And similar to the Full Stack developer meme you become the jack of all trades master of none. So the generalist vs. the specialist is a hard dynamic to solve, they both have advantages and disadvantages.

I agree with your perception that a tester need to know about all parts of the stack, where I work the market have found the distinction between “testers” and “technical testers” where the latter is the one who understand the full stack, can do automation if needed and help our with developing alert and monitoring systems for your application. So I guess here we call the full stack tester technical tester. And the demand for that kind of tester is way higher than the former.

bencf1 · February 9, 2021, 9:44am

Some great insights, thank you for sharing!

I try and avoid the term “Technical Tester”, because although I personally feel I am very technical, I think it can be used as a gatekeeping term to define “non-technical testers”. I think testing is inherenty a technical job, even if it involves writing no code. I appreciate the industry does not always agree with me on this one.

I think this really depends on perspective. I totally agree that being embeded in an Agile team (as I am, and have been for a long time in various roles now) does lead to the generalist approche. I think this also gives a great opportunity to expand knowledge and skills to tons of areas. Over a career, I think it’s enirelly possible to be the master of multiple trades.

I’ve been a professional Tester in one form or another for almost 9 years, and I know plenty of have been testing for much longer. I think those of us who manage to stay in the undustry 5+ years natrually have taken on different testing roles and become broader in our range of skills.

han_toan_lim · February 9, 2021, 10:16am

A complaint of security testers is that basic security tests fail. Basically they cannot go in depth, because there are obvious security issues. As a context driven tester I learned some basic techniques to find possible security issues.

Some other things on my radar are accessibility and legal. These things have implications on different levels:

An alternative text for an image is descriptive. I could look at the alt tag and the web page review process.
If a bad actor would steal the customer database, would he or she be able to use the credentials from this database to log in successfully?

bencf1 · February 9, 2021, 10:21am

I think this is a great point. When I’ve worked for companies big enough to have layers of testers, building those relationships was super important. Making sure the basics didn’t get through so the specialists could focus on the tricky bits!