Open this lesson in your favourite AI. It'll walk you through the why, explain the demo, and quiz you on the try-it list.
The process your team uses determines when, how, and how much QA happens. In Waterfall, QA is a distinct phase that starts after development is 'done' — this is how projects end up with 3 weeks of QA for a 6-month project, and why last-minute bugs cause delayed releases. In Scrum/Agile, QA is embedded in every sprint: stories don't close until they're tested. In DevOps/CI-CD, testing is automated and gates every commit — a bug that isn't caught by an automated check ships to production in 10 minutes. Knowing which model your team follows (and its failure modes) tells you exactly where to focus your efforts.
SDLC model choice determines the median stage at which defects are discovered — and therefore their fix cost. Waterfall concentrates all defect discovery in a late QA phase, producing predictable cost spikes before release. Agile scrum distributes discovery across sprints, capping the damage per defect. DevOps CI/CD pushes discovery to commit time, where automated checks catch defects before they accumulate.
from dataclasses import dataclass, field
from typing import List
@dataclass
class Bug:
name: str
introduced_at: str # when it was created
found_at: str # when it was detected
cost_multiplier: int
def sdlc_simulation(model: str) -> List[Bug]:
if model == "waterfall":
# QA happens only after development → bugs found late
return [
Bug("login race condition", "design", "qa_phase", 100),
Bug("sql injection in search", "dev", "production", 1000),
Bug("wrong date format", "design", "qa_phase", 100),
]
elif model == "agile_scrum":
# QA in each sprint → bugs found faster
return [
Bug("login race condition", "sprint_2", "sprint_2_qa", 10),
Bug("sql injection in search", "sprint_3", "sprint_3_qa", 10),
Bug("wrong date format", "sprint_1", "sprint_1_qa", 10),
]
elif model == "devops_cicd":
# Automated tests gate every commit → bugs found immediately
return [
Bug("login race condition", "commit_a", "ci_pipeline", 10),
Bug("sql injection in search", "commit_b", "sast_scan", 1),
Bug("wrong date format", "commit_c", "unit_test", 1),
]
for model in ["waterfall", "agile_scrum", "devops_cicd"]:
bugs = sdlc_simulation(model)
total_cost = sum(b.cost_multiplier for b in bugs)
print(f"\n{model.upper()}")
for b in bugs:
print(f" [{b.cost_multiplier:4d}×] '{b.name}' — found at: {b.found_at}")
print(f" Total relative cost: {total_cost}×")python3 main.pyBug('missing auth on admin endpoint', 'design', 'production', 1000) to the waterfall model. How much does the total cost change? This models a security bug that slipped through — the most expensive kind.Use these three in order. Each builds on the one before.
In one paragraph, explain the difference between Waterfall and Agile SDLC from a QA perspective. In which model can a QA engineer influence requirements before they're implemented?
Walk me through how shift-left testing works in a CI/CD pipeline: what happens at each gate (commit, pull request, staging deploy, production deploy), which types of tests run at each gate, and what happens when a gate fails.
My team uses Scrum but QA is still a bottleneck — testers are always catching up to developers, stories pile up waiting for QA sign-off, and releases get delayed. Describe three structural changes to how QA is embedded in the sprint that would fix this, and the tradeoffs of each.