Download to read offline
More Related Content
Similar to Hindsight lessons about API testing
Hindsight lessons about API testing
- 1. HINDSIGHT LESSONS ABOUT API TESTING By ViktorSlavchev Siteground Blog: mrslavchev.com Twitter: @TheTestingTroll
- 2. Agenda • WTF isan API? • Why would you automate an API? • Serious cognitive barriers • What tests worth automating • Setup and environment • The framework
- 3. Warning!!! Tools don’tmake software Nor do they test it…
- 4. Bullshit warning! I committo: • Not giving you a “how to” • No 30 mins introduction • No “live coding misery” • No “best practices”
- 5. Who am I:Viktor Slavchev • Software tester, speaker and teacher in testing • Blog: mrslavchev.com • @thetestingtroll • Insert random brag about my achievements • This slide is bullshit • Nobody reads this far
- 6. WTF is aweb service?
- 7. Imagine a waiter… •You make an order (request) • You get a response (status code) • You get what you ordered (data, result)
- 8. HTTP status codes– represented by HTTP status cats
- 9. HTTP status codes– represented by HTTP status cats
- 10. HTTP status codes– represented by HTTP status cats
- 11. HTTP status codes– represented by HTTP status cats
- 12. HTTP status codes– represented by HTTP status cats
- 13.
- 14. Why testing viathe API? Why not something that clicks?!
- 15. Few (un)obvious reasonsto automate via API • Clear definitive response • Close to client • Good failure visibility • Easy to test with code Source: Models of automation
- 16. Speaking of pyramids… Theautomation iceberg
- 17. Setup, tech stack,context • Restful API written in Php • ReactJS front-end • Docker compose – test env • Codeception – testing tool • Custom tools to produce data
- 18. Before we eventhink of testing Few important notes
- 19. Cognitive barriers Few thingsto have in mind: • The doc is not the product • Your coding skills will hold you back • The need to explore • Tests that pass vs. tests that test
- 20. What tests areworth automating? … but first – what bugs do we care testing for? • Service returning wrong response code • Throwing 500 • Returning wrong data • No data at all • Interaction problems
- 21. What test areworth automating? • Status code checks • Structure checks • Scenario checks
- 22.
- 23. Status code checks– pros and cons Pros: •Fast and easy • Very definitive • Work as sanity/smoke checks Cons: •Very shallow level •GET methods •They don’t expose serious problems
- 24.
- 25. Structure checks –pros and cons Pros: •Verify data • Can be very specific • Can use regex (Codecept) Cons: •Useful for content only •Suck with variable data •Suck with deep nesting/long responses
- 26.
- 27. Scenario checks –pros and cons Pros: • Closest to client interaction • Expose integration problems • Can be used as shallow regression suite Cons: •Slow to run/develop •Require better abstraction •Hard to say when it is too much
- 28. Setup of theframework
- 29.
- 30. Few ideas thatworked for me “Worst” practices
- 31. Incorporate OOP principles •Inheritance • Reuse • KISS • Horizontal inheritance(traits)
- 32. One simple inheritanceschema
- 33.
- 34. Let your frameworkmature • Your framework will suck at first • It will improve incrementally • It can’t be done in the beginning
- 35. Splitting logic ofthe test and logic of the app • Move common actions to base classes • Move common prerequisites to setup methods • Build inheritance trees • Reuse rather than repeat
- 36. Useful resources • Hindsightlessons about API testing • Automating and Testing a REST API – book by Alan Richardson • This article by Smart Bear • Service virtualization by Bas Dijkstra free e-book • Your brain!!!
- 37. Thank you! Questions? mrslavchev.com @TheTestingTroll LinkedIn All hailThe Testing Troll!