/restpro

Test RestAPIs like a Pro ๐Ÿฑโ€๐Ÿ‘ค

Primary LanguageJava

๐Ÿฆพ restpro

Test RestAPIS like a PRO.

build status open issues forks stars license languages info

NOTE:

  1. I found that a few users who tried to use this project struggled to use git-crypt properly to decrypt encrypted secrets and thus were not able to move forward with rest of learnings too.
  2. To make the entry barrier minimum for new users, I am removing encryption from secrets.conf files and storing them as plain text for training purpose.
  3. That said, in a real project you should use the instructions mentioned here in this readme file git-crypt to encrypt/decrypt secrets and MUST not store your secrets in plain text.

Application under test

Restful booker - An API playground created by Mark Winteringham for those wanting to learn more about API testing and tools.

๐Ÿ”ข Requiring (one time) manual setup by user

  1. JDK 11 - as language of choice for writing this test framework.
  2. Maven 3.8.6+ - for project dependency management and running tests in CI.
  3. pre-commit - To have code automatically and uniformly formatted (JAVA, JSON, XML, YAML).

๐Ÿš€ Core features

  • Allow to put both exploratory tests (postman style http requests) and automated tests (RestAssured) side-by-side in the same framework. Usually due to Postman not being git compatible, these two tests live in two separate places/repositories.
  • Shows how to create a decoupled test design (that minimises maintenance efforts by reducing code duplication and increases code readability by separating test intentions from implementation details).
  • Allows users to write fluent assertions for asserting both status and response body, without any code duplication.
  • Creates APIs that are scope/role agnostic. This allows you to use the same APIs and data to write tests for different user roles and scopes.
  • Shows how to provide different token types for different role/scopes using a TokenFactory pattern.
  • Shows how to reuse the same auth token in all the tests for same role/scope using a Singleton pattern.
  • Shows how to use health checks in the test CI to have efficient pipelines.
  • Shows how to insert test data dynamically in each test.

A Note on Postman style (HTTP Request) tests from AQUA:

  • These tests are git compatible (unlike Postman that requires you to take a paid membership for properly version controlling its collections). In these HTTP request tests:
  • User can define different environments (such as localhost, develop, staging). For each environment, user can specify env specific configuration such as hostURLs.
  • Provides a way to separate secret information (such as userid/password) from other generic config information.
  • Provides a way to run pre-request and post-request scripts that can be used to set variables such as auth-tokens.
  • Until AQUA IDE is closedThese auth-tokens/variables are then available to any other http request that needs to use these tokens/variables.
  • Provides a way to run post-request scripts that can be used to set variables, log values and write some basic tests.

๐ŸŽฏ Standard features

From RestAssured testing and Core test framework: zero are as below:

  • Shows how to integrate your tests in CI (GitHub Actions).
  • Shows how to log your test results into a test monitoring system (such as Elastic/Kibana or DataDog)
  • Shows how to do JSON Schema validation.
  • Shows how to separate config from code.
  • Shows how to deal with Secrets in local and in CI. Also on how to skip logging secret information on console.
  • More to be added...

โš™ Tool Set

Key tools to be used in this core framework are:

  • Java (As the core programming language)
  • Maven (for automatic dependency management)
  • Junit 5 (for assertions)
  • RestAssured (library for Rest API automation)
  • Slf4J/Log4J (for logging interface and as a logging library)
  • Typesafe (for application configuration for multiple test environments)
  • Git crypt (for managing secrets)
  • Surefire (for xml reports in CI)
  • Surefire Site plugin (for html reports in CI)
  • GitHub (for version control)
  • GitHub actions (for continuous integration)
  • Faker library (for generating random test data for different locales - germany, france, netherlands, english)
  • Slack integration (for giving notifications on pull requests)
  • Elastic and Kibana (for test monitoring)
  • Docker (for automating test framework's environment)
  • Powershell or bash Script (for automating building test environment)
  • SonarQube/SonarLint (for keeping your code clean and safe)
  • Badges (for a quick view on your project meta and build status)

๐Ÿงช api-test-design

api-test-design

๐Ÿ”š end-to-end-test-workflow

end-to-end-test-workflow

โ„น References

๐Ÿ”Œ Plugins

  • HOCON - For config and secrets files syntax highlight.
  • .ignore - For (dockerignore, gitignore) files syntax highlight.