better api testing with openapi specification
play

BETTER API TESTING WITH OPENAPI SPECIFICATION TAYLOR BARNETT - PowerPoint PPT Presentation

May 10, 2023 •177 likes •651 views

BETTER API TESTING WITH OPENAPI SPECIFICATION TAYLOR BARNETT @TAYLOR_ATX LEAD COMMUNITY ENGINEER @ STOPLIGHT TAYLOR@STOPLIGHT.IO @TAYLOR_ATX HI! [COMPANY] [BLEEPING] [BLEEPING] @taylor_atx Image by Paul Downey, CC by 2.0 SINGLE

  1. BETTER API TESTING WITH OPENAPI SPECIFICATION TAYLOR BARNETT — @TAYLOR_ATX

  2. LEAD COMMUNITY ENGINEER @ STOPLIGHT TAYLOR@STOPLIGHT.IO @TAYLOR_ATX HI! 👌

  4. [COMPANY] [BLEEPING] [BLEEPING]

  5. @taylor_atx

  6. Image by Paul Downey, CC by 2.0

  7. SINGLE SOURCE OF TRUTH ☝ @taylor_atx

  8. SINGLE SOURCE OF TRUTH ▸ What does everything (humans and machines) look to? ▸ Messy, outdated design docs? ▸ Something that everyone agrees to - a contract @taylor_atx

  9. OPENAPI SPECIFICATION @taylor_atx

  10. Standard, structured approach for describing APIs that is both human and machine readable @taylor_atx

  11. Image by OpenAPI Initiative

  12. OPENAPI SPECIFICATION ▸ Development contract ▸ Prototyping and mocking ▸ Client SDKs and libraries ▸ Testing ▸ Server stubs @taylor_atx

  13. OPENAPI SPECIFICATION ▸ Simplifies describing an API ▸ Standardizes terminology ▸ “API Fastness” @taylor_atx

  14. OPENAPI SPECIFICATION ▸ Good tutorial to walk through the specification: ▸ https://apihandyman.io/openapi/ @taylor_atx

  15. "OPENAPI IS A BRIDGE TO UNDERSTANDING AND BEING ABLE TO COMMUNICATE AROUND USING HTTP AS A TRANSPORT, AND OUR GREATEST HOPE FOR HELPING [PEOPLE] LEARN THEIR HTTPS AND 123S.” Kin Lane (@apievangelist) @taylor_atx

  16. DESIGN-FRIST APIS ✍ @taylor_atx

  17. DESIGN-FIRST APIS ▸ Consistency for users ▸ Important for critical APIs ▸ Code-first can be expensive ▸ Gain the benefits of using OpenAPI @taylor_atx

  18. CONTRACT TESTING @taylor_atx

  19. Tests that ensure the API implementation meets the standards and definitions described in a contract @taylor_atx

  20. CONTRACT TESTING ▸ Popularity has increased with the growth of microservices ▸ Some kind of contract available to all parties ▸ Enables independent deployments while not breaking other people’s code ▸ What it is not testing: ▸ Service availability ▸ Load tolerance ▸ Deployment integrity @taylor_atx

  21. OPENAPI SPECIFICATION VALIDATION API RESPONSE PASS OR FAIL SERVER @taylor_atx

  22. BUT I ALREADY TEST MY APIS… 🤕 @taylor_atx

  23. (SOME) DIFFERENT TYPES OF TESTING ▸ Integration/Functional Tests ▸ Unit Tests ▸ End-to-end Tests @taylor_atx

  24. (SOME) DIFFERENT TYPES OF TESTING UI TESTING CONTRACT TESTING INTEGRATION TESTING UNIT TESTING @taylor_atx

  25. EXAMPLE: BROKEN SCHEMA 💕 @taylor_atx

  26. curl --request GET --url http://api.taylorbar.net/hello-world 200 👎 @taylor_atx

  27. @taylor_atx

  28. Test Greetings Scenario (0.009s) Hello World, GET http://api.taylorbar.net/hello-world (0.009s) ✗ hello: hello is required ✓ output.status (eq) 2xx ✗ 1 of 2 tests failed 😕 @taylor_atx

  29. API SPEC { “ello”: "world" } @taylor_atx

  30. Test Greetings Scenario (0.012s) Hello World, GET http://api.taylorbar.net/hello-world (0.011s) ✓ output.body (validate.contract) against JSON Schema ✓ output.status (eq) 2xx ✓ 2 tests passed 😂 @taylor_atx

  31. Todo CRUD Scenario (0.831s) Create Todo, POST http://todos.stoplight.io/todos?apikey=123 (0.244s) ✗ user: user is required (root): Must validate all the schemas (allOf) ✓ output.status (eq) 201 Get Todo, GET http://todos.stoplight.io/todos/61904 (0.13s) ✗ user: user is required (root): Must validate all the schemas (allOf) ✓ output.status (eq) 200 Update Todo, PUT http://todos.stoplight.io/todos/61904?apikey=123 (0.137s) ✗ user: user is required (root): Must validate all the schemas (allOf) ✓ output.status (eq) 200 Delete Todo, DELETE http://todos.stoplight.io/todos/61904?apikey=123 (0.126s) ✓ output.status (eq) 204 ✓ output.body (validate.contract) against JSON Schema Make Sure Deleted, GET http://todos.stoplight.io/todos/61904 (0.192s) ✓ output.status (eq) 404 ✓ output.body (validate.contract) against JSON Schema 😕 ✗ 3 of 10 tests failed @taylor_atx

  32. API SPEC { "completed": null, "completed_at": null, "created_at": "2018-07-18T18:33:19.341Z", "id": 61907, "name": “feed Yoda", "updated_at": "2018-07-18T18:33:19.341Z" } @taylor_atx

  33. Todo CRUD Scenario (0.902s) Create Todo, POST http://todos.stoplight.io/todos?apikey=123 (0.277s) ✓ output.status (eq) 201 ✓ output.body (validate.contract) against JSON Schema Get Todo, GET http://todos.stoplight.io/todos/61908 (0.141s) ✓ output.status (eq) 200 ✓ output.body (validate.contract) against JSON Schema Update Todo, PUT http://todos.stoplight.io/todos/61908?apikey=123 (0.145s) ✓ output.status (eq) 200 ✓ output.body (validate.contract) against JSON Schema Delete Todo, DELETE http://todos.stoplight.io/todos/61908?apikey=123 (0.129s) ✓ output.status (eq) 204 ✓ output.body (validate.contract) against JSON Schema Make Sure Deleted, GET http://todos.stoplight.io/todos/61908 (0.209s) ✓ output.status (eq) 404 ✓ output.body (validate.contract) against JSON Schema ✓ 10 tests passed 😂 @taylor_atx

  34. EXAMPLE: SDKS 🔦 @taylor_atx

  35. @taylor_atx

  36. ADD CONTRACT TESTING INTO CI/CD PIPELINE @taylor_atx

  37. SDKS ▸ Helps maintainers ▸ Ensures API and SDK/libraries parity ▸ Go see Elmer Thomas’ talk at 5:05pm on “Managing SDKs and their communities in multiple programming languages” @taylor_atx

  38. EXAMPLE: DOCS 📅 @taylor_atx

  39. @taylor_atx

  40. WHAT ABOUT PACT TESTING? @taylor_atx

  41. SINGLE SOURCE OF TRUTH PITFALLS @taylor_atx

  42. SINGLE SOURCE OF TRUTH PITFALLS ▸ Forgetting the “why” ▸ Failing to version ▸ “version” is in the Info Object ▸ Bad communication @taylor_atx

  43. COMMUNICATION @taylor_atx

  44. @taylor_atx

  45. @taylor_atx

  46. THEY BECOME THE CODIFICATION OF A SET OF DISCUSSIONS ABOUT WHAT A SERVICE API SHOULD LOOK LIKE, AND WHEN THEY BREAK, THEY BECOME A TRIGGER POINT TO HAVE CONVERSATIONS ABOUT HOW THAT API SHOULD EVOLVE. Sam Newman, “Building Microservices: Testing” @taylor_atx

  47. TAYLOR@STOPLIGHT.IO @TAYLOR_ATX

Recommend

Writing REST APIs with OpenAPI and Swagger Ada Stphane Carrez FOSDEM 2018 OpenAPI and Swagger

Writing REST APIs with OpenAPI and Swagger Ada Stphane Carrez FOSDEM 2018 OpenAPI and Swagger

Writing REST APIs with OpenAPI and Swagger Ada Stphane Carrez FOSDEM 2018 OpenAPI and Swagger Ada Introduction to OpenAPI and Swagger Writing a REST Ada client Writing a REST Ada server Handling security with OAuth2 Demo

970 views • 37 slides
Specification-Based Testing 1 Stuart Anderson Stuart Anderson Specification-Based Testing 1

Specification-Based Testing 1 Stuart Anderson Stuart Anderson Specification-Based Testing 1

Specification-Based Testing 1 Stuart Anderson Stuart Anderson Specification-Based Testing 1 2011 c 1 Overview Basic terminology A view of faults through failure Systematic versus randomised testing A systematic approach to

492 views • 32 slides
Examining the Software Specification [Reading assignment: Chapter 4, pp. 54-62] Testing the

Examining the Software Specification [Reading assignment: Chapter 4, pp. 54-62] Testing the

Examining the Software Specification [Reading assignment: Chapter 4, pp. 54-62] Testing the specification You do not need to have code to start testing. Testing the specification can save on time and cost later on. Also, mistakes

742 views • 30 slides
Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing

Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing

Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing Hypothesis testing is a method to contradict a theoretical assumption using data. In his seminal book on design of experiments, Fisher (1937) uses

526 views • 3 slides
Test Design Techniques Chapter 4 Part 2 3. Specification-based testing (Black-box) 4.

Test Design Techniques Chapter 4 Part 2 3. Specification-based testing (Black-box) 4.

INF 3121 Software Testing Test Design Techniques Chapter 4 Part 2 3. Specification-based testing (Black-box) 4. Structure-based testing (White-box) 5. Experience-based testing 6. Choosing test techniques Specification-based testing 1.

922 views • 71 slides
Opus Testing Opus Testing Goal: Create a high quality specification and implementation

Opus Testing Opus Testing Goal: Create a high quality specification and implementation

Opus Testing Opus Testing Goal: Create a high quality specification and implementation Problem: Engineering is hard More details than can fit in one persons brain at once Does the spec say what was meant? Does what was

703 views • 22 slides
Specification-based testing of IPsec Institute for system Programming Russian Academy of

Specification-based testing of IPsec Institute for system Programming Russian Academy of

Specification-based testing of IPsec Institute for system Programming Russian Academy of Sciences Nickolay Pakoulin npak@ispras.ru Agenda Work Background Specification based testing in IPsec Discussion Future work The work

578 views • 30 slides
Specification-based and boundary testing Maurcio F. Aniche M.FinavaroAniche@tudelft.nl We

Specification-based and boundary testing Maurcio F. Aniche M.FinavaroAniche@tudelft.nl We

Specification-based and boundary testing Maurcio F. Aniche M.FinavaroAniche@tudelft.nl We need more systematic and rigorous ways to test software! SPECIFICATION Requirements Models Structure (e.g., source code) Requirements SPECIFICATI

651 views • 61 slides
Meeting the BD Specification A look at the BD Testing Center for BD-ROM Media Rickard Gudbrand

Meeting the BD Specification A look at the BD Testing Center for BD-ROM Media Rickard Gudbrand

Meeting the BD Specification A look at the BD Testing Center for BD-ROM Media Rickard Gudbrand MEDIA-TECH Test Center Operations Showcase & Conference Asia AudioDev Sweden AB March 15, 2011 About the BD Testing Centers Overview of the

683 views • 19 slides
Extending lmtest A framework for heteroskedasticity-robust specification and misspecification

Extending lmtest A framework for heteroskedasticity-robust specification and misspecification

Extending lmtest A framework for heteroskedasticity-robust specification and misspecification testing Integrating the existing toolbox for functions for linear models in R econometric model specification with flexible testing functions,

336 views • 4 slides
Testing Specification testing Michel Bierlaire Introduction to choice models Differences from

Testing Specification testing Michel Bierlaire Introduction to choice models Differences from

Testing Specification testing Michel Bierlaire Introduction to choice models Differences from classical hypothesis testing Classical hypothesis testing: example Null hypothesis ( H 0 ) A simple hypothesis contradicting a theoretical

516 views • 33 slides
Testing (or how I learned to stop worrying and love specification) David Nutter Biomathematics

Testing (or how I learned to stop worrying and love specification) David Nutter Biomathematics

Testing (or how I learned to stop worrying and love specification) David Nutter Biomathematics and Statistics Scotland http://www.bioss.ac.uk May 28th 2020 Why test So far, weve been testing to confirm things: Functionality (the code does

1.08k views • 35 slides
AMF Testing Made Easy! DeepSec 2012 Luca Carettoni Agenda AMF specification,

AMF Testing Made Easy! DeepSec 2012 Luca Carettoni Agenda AMF specification,

AMF Testing Made Easy! DeepSec 2012 Luca Carettoni Agenda AMF specification, BlazeDS, current techniques and tools Blazer architecture, core techniques, heuristics Testing with Blazer Objects generation and fuzzing *DEMO*

526 views • 36 slides
Asphalt Perform ance Testing and Specification Developm ent Eshan V. Dave, Ph.D. University of

Asphalt Perform ance Testing and Specification Developm ent Eshan V. Dave, Ph.D. University of

Asphalt Perform ance Testing and Specification Developm ent Eshan V. Dave, Ph.D. University of New Hampshire 57 th Annual Pennsylvania Asphalt Paving Association Conference Hershey, PA 18 th January 2017 Lab Performance Testing, Eshan Dave,

1.39k views • 57 slides
Integration of Architecture Specification, Testing and Dependability Analysis Swapna S. Gokhale

Integration of Architecture Specification, Testing and Dependability Analysis Swapna S. Gokhale

Integration of Architecture Specification, Testing and Dependability Analysis Swapna S. Gokhale Kishor S. Trivedi. Joseph R. Horgan Dept. of Electrical & Computer Engg. Applied Research Duke University Telcordia Technologies Durham, NC

406 views • 30 slides
Functional Correctness Specification Formal Verification 15-214 Unit Testing Type

Functional Correctness Specification Formal Verification 15-214 Unit Testing Type

Functional Correctness Specification Formal Verification 15-214 Unit Testing Type Checking Statistic Analysis Requirements definition Inspections, Reviews 15-313 Integration/System/Acceptance/Regression/GUI/Bl

608 views • 45 slides
BACK SLIDES TEAM MAY14-07 TEST SPECIFICATION Testing: Program to calibrate hardware

BACK SLIDES TEAM MAY14-07 TEST SPECIFICATION Testing: Program to calibrate hardware

BACK SLIDES TEAM MAY14-07 TEST SPECIFICATION Testing: Program to calibrate hardware Implementation program Not testing: Any physical hardware Major areas to test: Conversion of G Code to Arduino specific language

584 views • 31 slides
Rigorous Specification and Conformance Testing Techniques for Network Protocols, as applied to

Rigorous Specification and Conformance Testing Techniques for Network Protocols, as applied to

Rigorous Specification and Conformance Testing Techniques for Network Protocols, as applied to TCP, UDP, and Sockets Steve Bishop Matthew Fairbairn Michael Norrish Peter Sewell Michael Smith Keith Wansbrough University

720 views • 35 slides
Formal Specification and Testing of Model Transformations Manuel W im m er, Loli Burgueo, Lars

Formal Specification and Testing of Model Transformations Manuel W im m er, Loli Burgueo, Lars

Formal Specification and Testing of Model Transformations Manuel W im m er, Loli Burgueo, Lars Ham ann, Martin Gogolla, Antonio Vallecillo , Universidad de Mlaga/Univertt Bremen http://www.lcc.uma.es/~av Introduction Progress Bar MDE

1.15k views • 88 slides
OpenAPI development with Python EuroPython2017@Rimini, 11 July 2017 Takuro Wada Hi Takuro Wada

OpenAPI development with Python EuroPython2017@Rimini, 11 July 2017 Takuro Wada Hi Takuro Wada

OpenAPI development with Python EuroPython2017@Rimini, 11 July 2017 Takuro Wada Hi Takuro Wada Kabuku Inc. Software Engineer - Speaker of EuroPython 2016, PyConJP 2015 - Member of swagger codegen technical committee - Python, TypeScript

903 views • 40 slides
Testing If its not tested, it doesnt work Why Unit Testing? If it is not tested,

Testing If its not tested, it doesnt work Why Unit Testing? If it is not tested,

CS420/520 Object-oriented Programming Testing If its not tested, it doesnt work Why Unit Testing? If it is not tested, it does not work Tests represent an executable specification of what the methods ought to do

673 views • 29 slides
Specification-based Testing Software Engineering Gordon Fraser Saarland University Program

Specification-based Testing Software Engineering Gordon Fraser Saarland University Program

Specification-based Testing Software Engineering Gordon Fraser Saarland University Program behaviors Specified Implemented Structural Testing Program behaviors Specified Implemented Functional Testing Program behaviors Specified

163 views • 15 slides
1 Good Requirements Graphical Languages? Specification Qualities Examples: Complete -

1 Good Requirements Graphical Languages? Specification Qualities Examples: Complete -

REQUIREMENT SPECIFICATION The Basic Waterfall Model Today: Requirements Specification Requirements Requirements tell us what the system should do - specification not how it should do it. Analysis & Requirements are

363 views • 3 slides
Automatic Synthesis of Code Using Genetic Programming Doron A. Peled Bar Ilan University,

Automatic Synthesis of Code Using Genetic Programming Doron A. Peled Bar Ilan University,

Automatic Synthesis of Code Using Genetic Programming Doron A. Peled Bar Ilan University, Israel 1 Why not synthesize the software directly from specification? Specification System Specification Model checking/ Revision testing

694 views • 51 slides

More recommend