A talk I gave at the NYC Selenium Meetup http://www.meetup.com/NYCSelenium/events/215048092/ Refactoring a legacy application — an essential phase of the Software Development Life Cycle — cannot even be discussed without simultaneously discussing the art and science of Software Testing. In this lecture I will explore the pragmatic use of comprehensible, platform-independent tools for Black Box Web API Testing. In the interest of refactoring and maintaining Web-delivered services, integration tests necessarily require the capability to play back a transaction frame by frame. In other contexts it may also be desirable to play back certain control loops within a longer transactional chain. It is not technically challenging to create ad hoc solutions for these problems. Rather, it is the use of ad hoc solutions in test as a practice that creates unacceptable risk. Because almost-inevitably home rolled solutions will contain non-trivial undocumented domain-specific languages. The cure is generally worse than the disease. Therefore in the interest of obviating the need for ad hoc solutions to the problem of test doubles for Web services, I will present what I think are some very simple, platform-agnostic implementations of the xUnit Test Patterns at the level-of-abstraction of Web APIs and Web services. Test Doubles are particularly useful in Web testing so I will go into detail with regard to mockingspyingfaking andWeb API-level record-and-playback tools such as:Python’s SimpleHTTPServerMySQL ProxyCurl I will also present a brief history of Web client spoofing for those unfamiliar with the practice. Takeaways from this lecture include: How to make tests faster by getting rid of dependencies on third party services.How to “game day” the condition where a third-party service goes down or gets hacked.Introduction/insight into a laundry list of Black-Box Testing tools for Web APIs and Web-delivered services. BIO: Noah Sussman has been helping bricks-and-mortar businesses to leverage the Web since 1999. Thus he has had had ample opportunity to think about the discrepancies between how computers and people see the world. He lives in New York with his wife and two cats.

1. Noah Sussman
NYC Testers Meetup at Viacom, November 2014
Dopplegangers!
A discussion about
Collaborators,
Fakes,
and
Mocks

4. ✤ jq: JSON query language
✤ Python SimpleHTTPServer
✤ JSON API spoofing
✤ Chrome Inspector
✤ The BASE tag — forgotten relic of ancient power!
SimpleTools For ComplicatedTasks

5. ✤ Debugging is much
harder than writing
code in the first place.
✤ Automated tests that
you cannot debug are
worse than useless: such
tests provide a FALSE
sense of confidence.
Why not build a framework?

6. Ironies of automation
✤ Testing is harder than writing the code under test
✤ Testing is yet another layer(s) of complexity
✤ Tests that are opaque dramatically increase cost while
adding zero value
✤ There is NO value in flaky, hard-to-debug tests
✤ rm -rf * SERIOUSLY

7. jq the JSON parser
✤ transform any data source into JSON
✤ transform JSON into executable code
✤ create ETL pipelines
✤ unlimited POWER

8. jq: SQL queries for JSON
✤ Compiled C binary, just like find, grep and awk
✤ Does one thing and does it well
✤ Can transform any text input into valid JSON
✤ Only emits valid JSON. Anything else is a fatal error.
✤ Extremely fast, if you’re into that ;-)

9. Convert plain text logs to JSON.

10. Convert plain text logs to JSON.

11. Validate data integrity.

13. JSON SchemaValidation

22. Chrome Inspector NetworkTab
✤ View all the assets that were loaded by the browser
✤ Watch XHR requests happen in real time
✤ Download cached copies of JSON API responses!

25. Visual Inspection
✤ Examine HTTP conversations in the Net tab
✤ Locate JSON feeds
✤ Download JSON documents
✤ “Replay” documents in test using SimpleHTTPServer

30. Sufficiently advanced fakes…
✤ …are indistinguishable from production services

31. A Fake Chat Bot
✤ 61 lines of HIGHLY LEGIBLE bash and jq
✤ Does one thing and does it well
✤ Does NOT provide most chatbot features
✤ Indistinguishable from a chatbot in practice

32. ✤ Jenkins plugins are integral.
Break HipChat you might break
Jenkins!
✤ No matter how hard the bot
goes down, you only ever have
to debug 61 lines to restore your
mission-critical Jenkins status
announcements!
Why not use a framework?

33. A chat bot is a stack

35. Jenkins JSON API

37. That’s it! It acts like a bot (sort of).

38. A New Jersey solution in the wild!

40. ✤ Simplicity and design are equally important
until you have to pick one; then pick simplicity.
✤ Modern business practices assume that there is
no functional upper limit on system complexity.
MIT vs. New Jersey!
a.k.a “worse is better”

41. The BASE tag
✤ Overrides the root URL of an HTML page.
✤ Saturate local HTML pages with production assets!

43. Handling plutonium: get ready for it
✤ Eventually your automation will detect a widespread
antipattern.
✤ Since your automation made the discovery, you will by
definition know the nature of the bug(s) better than
anyone else.
✤ It’s SUPER scary to factor out a widespread pattern.
✤ tl;dr: you’ll want to fix it, though it’ll be hard.

44. Thanks!
✤ I’ll take a few questions now…
✤ Follow me on twitter: @noahsussman