frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Production tests: a guidebook for better systems and more sleep

https://martincapodici.com/2025/05/13/production-tests-a-guidebook-for-better-systems-and-more-sleep/
78•mcapodici•1y ago

Comments

ashishb•1y ago
Here's a general rule that I follow along with this and that is "write tests along the axis of minimum change"[1]. Such tests are more valuable and require less maintenance over time.

1 - https://ashishb.net/programming/bad-and-good-ways-to-write-a...

compumike•1y ago
I'd add that, in terms of tactical implementation, production tests can be implemented at least two different ways:

(1) You set up an outside service to send an HTTP response (or run a headless browser session) every minute, and your endpoint runs some internal assertions that everything looks good, and returns 200 on success.

(2) You set up a scheduled job to run every minute internal to your service. This job does some internal assertions that everything looks good, and sends a heartbeat to an outside service on success.

For #2: most apps of any complexity will already have some system for background and scheduled jobs, so #2 can make a lot of sense. It can also serve as a production assertion that your background job system (Sidekiq, Celery, Resque, crond, systemd, etc) is healthy and running! But it doesn't test the HTTP side of your stack at all.

For #1: it has the advantage that you also get to assert that all the layers between your user and your application are up and running: DNS, load balancers, SSL certificates, etc. But this means that on failure, it may be less immediately clear whether the failure is internal to your application, or somewhere else in the stack.

My personal take has been to lean toward #2 more heavily (lots of individual check jobs that run once per minute inside Sidekiq, and then check-in on success), but with a little bit of #1 sprinkled in as well (some lightweight health-check endpoints, others that do more intense checks on various parts of the system, a few that monitor various redirects like www->root domain or http->https). And for our team we implement both #1 and #2 with Heii On-Call https://heiioncall.com/ : for #2, sending heartbeats from the cron-style check jobs to the "Inbound Liveness" triggers, and for #1, implementing a bunch of "Outbound Probe" HTTP uptime checks with various assertions on the response headers etc.

And this production monitoring is all in addition to a ton of rspec and capybara tests that run in CI before a build gets deployed. In terms of effort or lines of code, it's probably:

    90% rspec and capybara tests that run on CI (not production tests)
    9% various SystemXyzCheckJob tests that run every minute in production and send a heartbeat
    1% various health check endpoints with different assertions that are hit externally in production
And absolutely agree about requiring multiple consecutive failures before an alarm! Whenever I'm woken up by a false positive, my default timeout (i.e. # of consecutive failures required) gets a little bit higher :)
hugs•1y ago
yeah, full end-to-end tests/monitors are like fire alarms: they can often tell you something is wrong, but not exactly what is wrong. but that doesn't mean fire alarms have no value. most common failure mode for teams are having too many or none at all. but having a few in a few key places is the way to go.
mhw•1y ago
The fabulous blazer gem includes a feature for #2: https://github.com/ankane/blazer?tab=readme-ov-file#checks - it’s limited to checks that can be expressed as SQL queries, but that can get you quite a way
aleksiy123•1y ago
At Google we call these probers.

Does anyone know of any tools/saas that do this.

Was thinking it may be a good potential product.

Especially if it was super easy to generate/spin up for side projects.

hugs•1y ago
"testing in production" can be controversial, but this is a well-balanced take on it.

lately i've been working on a decentralized production testing network called 'valet network' [1] (full-disclosure: selenium creator here)

i suspect production tests are the killer app for this kind of network: test any site on a real device from anywhere on idle devices that more closely match real world conditions, but as mentioned in the article, it's not that simple. dev users will still need to be smart about creating test data and filtering out the tests from system logs. i'm still in the "is this something people want?" learning phase, even though this is definitely something i want and wish i had when i was helping to fix healthcare.gov back in 2013/2014.

[1]: https://gist.github.com/hugs/7ba46b32d3a21945e08e78510224610...

vasusen•1y ago
Thank you for the balanced take on an extremely spicy topic.

At WePay (YC S09) we debated this extensively and came up with a similar middle of the way solution. Making sure that a credit card can get tokenized is the critical flow and should run every minute. We ended up with about 4-5 very quick production tests. They helped with debugging as well as alerting.

I am now building a full, automated testing solution at Donobu (https://www.donobu.com), and production tests definitely come up as their own subcategory of e2e tests. I am going to use your guidelines to refine our prompt and bound our production test generator.

testthetest•1y ago
> Running a test every minute, or 1440 times a day, will show up quite a lot in logs, metrics, and traces.

...not to mention that automated tests are by definition bot traffic, and websites do/should have protections against spam. Cloudflare or AWS WAF tends to filter out some of our AWS DeviceFarm tests, and running automated tests directly from EC2 instances is pretty much guaranteed to be caught by Captcha. Which is not a complaint: this is literally what they were designed to do.

A way to mitigate this issue is to implement "test-only" user agents or tokens to make sure that synthetic requests are distinguishable from real ones, but that means that our code does something in testing that it doesn't do in "real life". (The full Volkswagen effect.)

burnt-resistor•1y ago
Also known as deep monitoring: checking that functionality is available and working correctly.

QuadRF can spot drones and see WiFi through my wall

https://www.jeffgeerling.com/blog/2026/quadrf-can-spot-drones-and-see-wifi-through-my-wall/
425•speckx•8h ago•166 comments

Apple sues OpenAI, accuses ex-employees of stealing trade secrets

https://9to5mac.com/2026/07/10/apple-sues-openai-trade-secret-theft/
329•stock_toaster•3h ago•149 comments

Einstein's relativity rules chemical bonds in heavy elements, new research shows

https://www.brown.edu/news/2026-07-09/chemical-bonds-relativity
41•hhs•1h ago•18 comments

GPT-5.6 Sol Ultra produces proof of the Cycle Double Cover Conjecture [pdf]

https://cdn.openai.com/pdf/04d1d1e4-bc75-476a-97cf-49055cd98d31/cdc_proof.pdf
312•scrlk•5h ago•256 comments

The tech of 'Terminator 2' – an oral history (2017)

https://vfxblog.com/2017/08/23/the-tech-of-terminator-2-an-oral-history/
155•markus_zhang•7h ago•65 comments

New York City to to ban deceptive subscription practices

https://www.theguardian.com/us-news/2026/jul/10/new-york-city-deceptive-subscriptions-ban
370•randycupertino•5h ago•198 comments

Combustion engine web-based simulator

https://combustionlab.net
104•mytuny•5d ago•47 comments

Inference Optimization for MiMo v2.5: Pushing Hybrid SWA Efficiency to the Limit

https://mimo.xiaomi.com/blog/mimo-v2-5-inference
29•theanonymousone•3d ago•6 comments

Good Tools Are Invisible

https://www.gingerbill.org/article/2026/07/10/good-tools-are-invisible/
342•theanonymousone•13h ago•155 comments

Computation as a universal and fundamental concept

https://ergo.org/courses/computation-as-a-universal-and-fundamental-concept
78•simonpure•8h ago•64 comments

SpaceX wants to launch 100k more Starlink satellites for 100x the bandwidth

https://www.zdnet.com/home-and-office/networking/spacex-wants-to-launch-100000-more-starlink-sate...
44•CrankyBear•6h ago•133 comments

Moss (YC F25) Is Hiring

https://www.ycombinator.com/companies/moss/jobs/52LnqLQ-software-engineer-sdk
1•srimalireddi•3h ago

Alternate clock designs and time systems

https://serialc.github.io/altClocks/
86•ethanpil•4d ago•52 comments

Late Bronze Age Collapse

https://acoup.blog/2026/01/30/collections-the-late-bronze-age-collapse-a-very-brief-introduction/
313•dmonay•12h ago•220 comments

AI 2040: Plan A

https://ai-2040.com/
117•kschaul•1d ago•88 comments

War Atlas: An interactive cartography of every named war in human history

https://waratlas.org
105•NaOH•6h ago•48 comments

Snails' teeth beats spider silk as nature's strongest material (2015)

https://www.smithsonianmag.com/smart-news/spider-silk-loses-top-spot-natures-strongest-material-s...
150•simonebrunozzi•7h ago•121 comments

Show HN: Wyrm – Solve algebra by touch, built on an open-source soundness engine

https://github.com/dicroce/wyrm_math
45•dicroce•1d ago•6 comments

Ask HN: Are systems ready for the first negative leap second?

48•Asmod4n•4d ago•56 comments

After 7 years in production, Scarf has reluctantly moved away from Haskell

https://avi.press/posts/2026-07-10-after-7-years-in-production-scarf-has-reluctantly-moved-away-f...
66•aviaviavi•10h ago•77 comments

A love letter to flashcards

https://lesleylai.info/en/flashcards/
120•surprisetalk•8h ago•76 comments

Lost city discovered beneath Egypt's desert with ancient church

https://www.dailymail.com/sciencetech/article-15956159/Incredible-lost-city-discovered-Egypts-des...
145•Bender•4d ago•70 comments

In Emacs, everything looks like a service

http://yummymelon.com/devnull/in-emacs-everything-looks-like-a-service.html
227•kickingvegas•15h ago•98 comments

Preemption is GC for memory reordering (2019)

https://pvk.ca/Blog/2019/01/09/preemption-is-gc-for-memory-reordering/
4•mpweiher•2d ago•0 comments

Show HN: Reviving my 2001 college band with AI

https://www.fadingmaize.com
48•jacobgraf•1d ago•55 comments

How the terrorist group Boko Haram uses frontier AI

https://casp.ac/reports/ai-enabled-terrorism
163•imustachyou•5h ago•139 comments

Successful Companies Go Blind

https://ianreppel.org/how-successful-companies-go-blind/
185•speckx•10h ago•63 comments

GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years

https://nebusec.ai/research/ionstack-part-2/
22•djfergus•3h ago•5 comments

The Clouds of Hiroshima

https://doomsdaymachines.net/p/the-clouds-of-hiroshima
34•handfuloflight•3d ago•24 comments

Show HN: Frugon – Find which LLM calls a cheaper model could handle (local, MIT)

https://github.com/Rodiun/frugon
52•jarodrh•3d ago•10 comments