I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop

1
Crash Course: Advanced Topics in Apigee Edge!

©2015 Apigee Corp. All Rights Reserved.
The Team

3
Deep Dive 3-legged OAuth 2.0!
Alex Koo – Apigee Principal Architect
Diego Zuluaga – Apigee Principal Architect

So, what’s the use case for it?
4

do I want to give access
to these these resources
to someone else?

Essentially: How to authorize external
applications to access your resources

OAuth Basic Concepts
•  OAuth 2.0 is a protocol that allows clients to grant access to server
resources to another entity without sharing credentials
•  Client IDs and Secrets are used to identify and authenticate
applications (application's consumer key and consumer secret)
•  Tokens are issued to allow access to speciﬁc resources for a
speciﬁed period of time and may be revoked by the user that granted
permission or by the server that issued the token

OAuth Basic Concepts
•  We can use scopes to limit the access for a given token, granting
permission only for the operations that are necessary
•  Five different grant types specify the different authentication usage
scenarios OAuth supports
•  We must protect tokens, and OAuth 2.0 requires that all API traffic be
sent via SSL

Access Tokens
Access Tokens allow access to a protected resource for a specific
application to perform only certain actions for a limited period of time.
Identification info from the requesting application (client ID
and secret)
+
Resource owner credentials (if needed)
+
Optional information about what the application wants to do
with the resource (scope)
=
Access Token and (optional) refresh token
In Apigee, access tokens are opaque strings with no encoded meaning.
Access tokens are passed as bearer tokens in an Authorization header.

Refresh Tokens
Refresh Tokens, if provided, represent a limited right to reauthorize
the granted access by obtaining new access tokens.
Identification info from the requesting application (client ID and secret)
+Refresh token
+Optional information about what the application wants to do with the
resource (scope)
=Access Token

Scopes
Scopes identify what an application can do with the resources to which
it is requesting access. Scope names are defined by the authorization
server and are associated with information that enables decisions on
whether a given API request is allowed or not.
Scope 1: “READ”
●  GET /photos
●  GET /photos/{id}
Scope 2: “UPDATE”
●  GET /photos
●  GET /photos/{id}
●  POST /photos
●  PUT /photos/{id}
Apigee associates scope names to be matched with a combination of
API resource path and verb. So, for example:
When an application requests an access token, the scope names are
optional.

OAuth 2.0 Grant Types
Grant Type Typical Use Case Complex?
No specific resource owner is involved
Client Credentials Business system interactions, where resources being operated on are owned by
the partner, not a particular user
No
A specific resource owner is involved
Resource Owner Password
Credentials
Resources are owned by a particular user and the requesting application is
trusted
A bit
Authorization Code Resources are owned by a particular user and the requesting application is
untrusted
Very
Implicit Resources are owned by a particular user, and the requesting application is an
untrusted browser-based app written in a scripting language such as
JavaScript
Very, and
potentially
insecure as
well
Refresh For generating a new access token. Refresh tokens have longer TTLs than
access tokens.
No
An OAuth Grant is a credential representing the resource owner’s authorization. More often than
not, we tend to think of grants in terms of the process used to obtain an access token.

13
OAuth 2.0 Auth Code Grant Type

14

Before we get started…
1.  Open an Account in Cloud9 - it’s free…

https://c9.io

2. Start by cloning this Apigee Samples Repo

git clone https://github.com/apigee/api-platform-samples.git

–  https://github.com/apigee/api-platform-samples
•  Login App
•  Third-party App
•  OAuth 2.0 API
•  User Authentication/Management Endpoint
3. Install apigeetool
npm install apigeetool -g

Let’s dissect our
API Proxy Bundles

webserver-app bundle
•  Represents the third-party web app
•  Link or button to the login page

$
curl
http://testmyapi-‐test.apigee.net/web
-‐v

>
GET
/web
HTTP/1.1

>
Host:
testmyapi-‐test.apigee.net

<
HTTP/1.1
200
OK

<!DOCTYPE
html>

<html>

<head>

<script>

var
BASEURL="https://testmyapi-‐test.apigee.net";

var
REDIRECT="https://testmyapi-‐test.apigee.net/web/callback";

var
CLIENT_ID="VXNYaci4FGfKfEERy5KhXHeIln2pONDr";

function
login()

{

window.location.href=BASEURL+'/loginapp/login?apikey='+CLIENT_ID+'&redirect_uri='+REDIRECT
+'&scope=order&state=123';

}

</script>

</head>

<body>

<input
type="button"
value="Login
with
Apigee
Example
Auth"
onclick="login()"
/>

</body>

</html>

login-app bundle
•  Represents the login-app - login page:

curl
https://testmyapi-‐test.apigee.net/loginapp/login?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&redirect_uri=https://testmyapi-‐
test.apigee.net/web/callback&scope=order&state=123
-‐v

>
GET

<
HTTP/1.1
200
OK

<
set-‐cookie:
sid=s%3AiHGIrOYTOfGwncJNV03Typkeb6rYAB6V.8GGzrvr4JTHZV6l%2FUo2oKqBgCHuNGbrvE8uulbXvjW8;
Path=/;
Expires=Mon,
05
Oct
2015

01:45:46
GMT;
HttpOnly

<!DOCTYPE
html>

<html>

<head>

<title>Login</title>

<link
rel="stylesheet"
type="text/css"
href="/loginapp/stylesheets/global.css"
>

<meta
name="viewport"
content="width=device-‐width,
initial-‐scale=1,
maximum-‐scale=1,
user-‐scalable=no">

</head>

<body>

<form
id="login"
name="login"
method="post">

<h1><img
src="/loginapp/images/apigee_logo_md.png"
alt="Apigee"
/></h1>

<label
for="username"
class="noshow">Username</label>

<input
id="username"
name="username"
type="text"
placeholder="Email
address"
required
/>

<label
for="password"
class="noshow">Password</label>

<input
id="password"
name="password"
type="password"
placeholder="Password"
required
/>

<input
name="submit"
type="submit"
value="Login"
/>

<p
class="intro">or
<a
href="/loginapp/register?
apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb
%2Fcallback">register</a>.</p>

</form>

</body>

*
Connection
#0
to
host
left
intact

</html>

login-app bundle
•  Represents the login-app - submit credentials:

$
curl
'https://testmyapi-‐test.apigee.net/loginapp/login?
apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐test.apigee.net%2Fweb
%2Fcallback&app=oauth2-‐app'
-‐H
'Cookie:
__lc.visitor_id.3296802=S1436475468.3abaac467f;
sid=s%3ARL8HY7b7IqporrtwlLUi8-‐
E5uX4YkAY4.yxUe2oPoukTxjwhoHdhz%2B8k9A9ghfsu7B%2Ft2rWuF8Og'
-‐H
'Content-‐Type:
application/x-‐www-‐form-‐urlencoded'
-‐-‐data

'username=dzuluaga%40apigee.com&password=apigee123&submit=Login'
-‐-‐compressed
-‐v

>
POST
/loginapp/login?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&state=123&scope=order&redirect_uri=https%3A%2F%2Ftestmyapi-‐
test.apigee.net%2Fweb%2Fcallback&app=oauth2-‐app
HTTP/1.1

>
Host:

>
User-‐Agent:
curl/7.42.1

>
Accept:
*/*

>
Accept-‐Encoding:
deflate,
gzip

>
Cookie:
__lc.visitor_id.3296802=S1436475468.3abaac467f;
sid=s%3ARL8HY7b7IqporrtwlLUi8-‐E5uX4YkAY4.yxUe2oPoukTxjwhoHdhz
%2B8k9A9ghfsu7B%2Ft2rWuF8Og

>
Content-‐Type:
application/x-‐www-‐form-‐urlencoded

>
Content-‐Length:
62

>

*
upload
completely
sent
off:
62
out
of
62
bytes

<
HTTP/1.1
302
Found

<
X-‐Powered-‐By:
Express

<
Location:
/loginapp/consent?apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&app=oauth2-‐app&state=123&scope=order&redirect_uri=https%3A%2F
%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback

<
set-‐cookie:
sid=s%3AbigsdjFYyAfyuFg7Jk-‐HgcVkojwLzKI9.5B3q8Pq23EVv3ffNSX5yqok77XyV6ZCRgCfCdIWwbzc;
Path=/;
Expires=Mon,
05
Oct
2015

04:41:30
GMT;
HttpOnly

user-mgmt-v1 bundle - User Store
•  Serves as the credential validation endpoint

$
curl
https://testmyapi-‐test.apigee.net/v1/users/authenticate

-‐X
POST
-‐d
'{"username":
"dzuluaga@apigee.com",
"password":
"apigee123"
}'

-‐H
'Content-‐Type:application/json'
-‐v

<
HTTP/1.1
403
Forbidden

<
Content-‐Type:
application/json

<
Content-‐Length:
85

<
Connection:
keep-‐alive

<

*
Connection
#0
to
host
left
intact

{"status":"failure",
"message":"Authentication
failed
for
user

dzuluaga@apigee.com."}%

login-app bundle
•  Represents the login-app - consent page: “Allow” decision=yes

curl
'https://testmyapi-‐test.apigee.net/loginapp/consent?
apikey=VXNYaci4FGfKfEERy5KhXHeIln2pONDr&app=oauth2-‐app&state=123&scope=order&redirect_uri=https%3A
%2F%2Ftestmyapi-‐test.apigee.net%2Fweb%2Fcallback'
-‐H
'Cookie:
__lc.visitor_id.
3296802=S1436475468.3abaac467f;
sid=s%3AMYwxTt148YagDN-‐htNbRv9UppUml9cYR.
9rL7bNV3p93TAamgLk3wVTVAnpOdvuzkLzhligHGnaw'-‐H
'Content-‐Type:
application/x-‐www-‐form-‐urlencoded'
-‐-‐
data
'decision=yes'
-‐-‐compressed
-‐v

>
Content-‐Type:
application/x-‐www-‐form-‐urlencoded

>
Content-‐Length:
12

>

*
upload
completely
sent
off:
12
out
of
12
bytes

<
HTTP/1.1
302
Found

<
X-‐Powered-‐By:
Express

<
Location:
https://testmyapi-‐test.apigee.net/web/callback?scope=&code=ylkMuj5l

<
Date:
Mon,
05
10
2015
04:53:08
GMT

<
Content-‐Length:
0

<
Connection:
keep-‐alive

Get cookie from
previous request
Authorizationcode

webserverapp bundle
•  Send authorization code to oauth2 bundle to obtain an access token
•  Uses the secret
$
curl
'https://testmyapi-‐test.apigee.net/web/callback?scope=&code=LwhCoj7P'

-‐v

>
GET
/web/callback?scope=&code=LwhCoj7P
HTTP/1.1

<
HTTP/1.1
302
Redirect

<
Location:
https://testmyapi-‐test.apigee.net/web?
access_token=GOocdfQI40xNhZGUTn4uhIcwGYAS

<
Content-‐Length:
0

<
Connection:
keep-‐alive

Additional Challenges
Q&A
23

Use tokens from a Third Party Provider e.g. Google or
Facebook
Use case:
–  I want use tokens from Google or Facebook to access user resources
–  I want leverage Apigee API Management capabilities. E.g. Traﬃc management, analytics,
big data, etc.
API proxy Sample
•  Apigee Tutorial
http://apigee.com/docs/api-services/content/use-third-party-oauth-system
•  Music Access - API Proxy Sample
https://github.com/dzuluaga/apigee-tutorials/tree/master/apiproxies/musicapi-oauth-delegated-authentication
•  Google OAuth 2.0 Playground
https://developers.google.com/oauthplayground/

How to Reuse Refresh Token?

1
Mashup’s and CORS
Maruti C
Vinit Mehta

Mashup’s
What is a Mashup ?
What are its types ?
• Business (or enterprise) mashups
• Consumer mashups
• Data mashups
What are the characteristics of a mashup ?
2©2015 Apigee. All Rights Reserved.

Mashup’s
What is a Mashup ?
What are its types ?
• Business (or enterprise) mashups
• Consumer mashups
• Data mashups
What are the characteristics of a mashup ?

World of Mashup’s

Architecture of Mashup’s
 Presentation / User Interface
 APIs
 Data

Code or Configure

Manage interactions with API
consumers and optimize
performance
Secure APIs and protect
back-end systems from
attack
Transform, translate and
reformat data for easy
consumption
Extend with programming
when you need it
Power of Policies

Advantages
• Immediate Value
• Development effort
• Innovate new ideas and use information in ways not originally planned for

{
“Hungry?”: “AskAnApigeek!”,
“Stressed?": “AskAnApigeek!”,
“Car Wash?": “AskAnApigeek!”,
“Beer?”: “Definitely_AskAnApigeek!!”
}

Cross-Origin Resource Sharing
(CORS)

1
Continuous Integration for a Node.js Proxy using Cloud Tools
Rakesh Talanki
Apigee Principal Architect

Agenda
3
1.
Set up Node.js API in Apigee
8.00
2.
Build API scaﬀolding with Yeoman
15:00
3.
Use Grunt to build and deploy
10:00
4.
Use Git for Source Control
5.00
5.
Test using Postman
10:00
6.
Test using Mocha, Chai and Nock
10:00
7.
API Documentation
5:00
8.
Use Travis to set up CI
30:00
©2015 Apigee. All Rights Reserved.
Set up Continuous Integration for API’s using Cloud Tools

Getting ready
• Apigee Free Account
• NPM and Node.js - https://goo.gl/080g8Q
• Git (optional) - https://goo.gl/rTyIvP
• Github Free Account – http://www.github.com
• Apigee Free Account on Cloud
• Travis Account (free)- https://travis-ci.org/

4

There must be a way to automate all of tedious work!

5
Execute Functional Tests
5
Clean API Bundle Files and Folders
Copy Artifacts
Deactivate last revision from the API Services
Import and deploy API bundle to API Services
Deploy and Test Documentation on CMS
Execute Unit Tests
Execute Performance Tests
Any other manual tasks…
Configure Artifacts for each environment
(DEV, QA, STG, PROD, etc.)
Package Artifacts (zip)
Package phase
Configure phase
Install phase

Emphasis slide
6
Before
After

Continuous Integration
7
Development
SCM
Build
Prod
SIT
UAT
Continuous Integration (CI) is the practice, in software engineering, of merging all
developer working copies with a shared mainline several times a day

CI: The Volkswagen Approach
8
Then, we detect when our tests are being run in a CI
server, and make them pass.*

*https://github.com/auchenberg/volkswagen
We master Emission Test Results with Software

CI: The Process
10
Dev Team
Source Code
Version
Control
Pull Request
or Merge
API Job is
triggered
Static Code
Analysis
Code
coverage
analysis
Deploy API
Bundle
Run Unit,
Functional,
and
Performance
Tests
Publish
Reports
Update Docs

Step 1: Build an API Proxy
11

API

Step 2: Decide on a Build Tool
12

Step 3: Deploy to Apigee on Public Cloud
13

Step 4: Run Local Tests
14

Step 5: Use a CI Tool
15

Step 6: Generate Interactive Documentation
16

Hands-on
17
Putting it all together: Continuous Integration

18
API Proxy Scaffolding Generator
•  Gets you started with starter API Proxy
•  Standardizes naming conventions by generating policies and
other artifacts
•  Based on Yeoman, so it can extended for other tools, not only
Grunt, but also Maven

Let’s try it!
Install Npm and Node: Open http://nodejs.org in a browser and click Install.
Check: node --version
Upgrade Node to 0.10.35 or higher:
npm cache clean
npm update –g
Install yeoman: npm install –g yo
Install Grunt: npm install –g grunt-cli
Install Grunt plugin: npm install -g generator-apigee-deploy-grunt-api
Run yo: yo apigee-deploy-grunt-api
http://goo.gl/lSZrth
19
API Proxy Scaffolding Generator

Apigee Deploy Grunt Plugin
•  TDD Ready - Mocha, Jasmine, Karma, any JS
test framework and even Jmeter
•  Supports code review - with JSHint and
ESLint – cyclomatic complexity
•  Supports Configuration Management - Search
and replace based on XPath and RegExp
•  Supports node.js remote deployment and
Java Policies
•  Plays well with CI (Continuous Integration) –
Jenkins, Travis, Go, Bamboo, etc.
•  Supports reusable policies via search and
replace files and Git Submodules
•  It’s way easier to customize via Grunt Custom
Tasks
Grunt or Maven?
Apigee Deploy Maven Plugin
•  Test based on JMeter
•  Config Management - Search and replace
based on Xpath
•  Plays well with CI – Jenkins mostly. Nice
looking reports
•  Supports node.js remote deployment and
Java Policies
•  Supports reusable policies via Supports
Proxy Dependency Maven Plugin

▪  Easy and flexible
▪  It’s Node! NPM
▪  Compatible with CI
▪  https://github.com/apigeecs/apigee-deploy-grunt-plugin
▪  Follow steps from README.md
▪  Plays well with TDD frameworks
▪  Empowers the developer to apply continuous improvement to the
lifecycle
22
Grunt API Lifecycle Management Plugin

▪  Conﬁguration Management - apigee-conﬁg.js
23
Grunt API Lifecycle Management Plugin
exports.xmlconfig
=
function(env,
grunt){

config
=
{
"test"
:
[

{

"options":
{

"xpath":
"//APIProxy/Description",

"value":
"<%=
grunt.option('gitRevision')
%>"

},

"files":
{

"target/apiproxy/<%=
apigee_profiles[grunt.option('env')].apiproxy
%>.xml":
"apiproxy/*.xml"

}

},

{

"options":
{

"xpath":
"//TargetEndpoint/HTTPTargetConnection/URL",

"value":
"https://weather.yahooapis.com/forecastrss"

},

"files":
{

"target/apiproxy/targets/default.xml":
"apiproxy/targets/default.xml"

}

},

{

"options":
{

"xpath":
"//ProxyEndpoint/HTTPProxyConnection/BasePath",

"value":
"/weathergrunt"

},

"files":
{

"target/apiproxy/proxies/default.xml":
"apiproxy/proxies/default.xml"

}

✓  More time to focus on what really matters by automating repetitive tasks
✓  Innovation ready. Extensible plugin-based platform
✓  Promotes productivity. Promotes usage of CLI (Command-Line Interface). No need for
IDEs
✓  Easy to adopt. No need of CLI. Eclipse IDE Support through M2E and IntellijIDEA,
WebStorm
✓  Easy to configure and to track changes. All of its artifacts can live in version control as
text files
✓  Multilanguage support. One JVM to rule them all (Ruby, Jython, JavaScript, Groovy,
Scala) or even Shell scripts
✓  Tens of Thousands plugins ready in Maven Central
✓  Backed up by Apigee and the open source community 24
Why choose Apigee’s Maven?

Hands-on
25

Let’s try it! http://goo.gl/lSZrth
26
Grunt
Deploy to Apigee
grunt --env=test --username={apigee_edge_email_address} --
password={apigee_edge_password} --debug --curl=true --upload-modules

Use apigee gateway and with Yahoo Weather standard Target
https://{org-env}.apigee.net/{api-basepath}/apigee/forecastrss?w=2502265

Use apigee gateway calling Yahoo Weather through Apigee Node.js as Target
https://{org-env}.apigee.net/{api-basepath}/apigee/forecastweather_node?w=2502265

Grunt Tests with Mocha and friends http://goo.gl/xHLzSh
•  TDD (Test Driven Development) for APIs
•  Faster to write than BDD (Behavior Driven Development)
•  Mocha Testing Framework, Chai for Assertions

28
Testing

describe('Check
weather
in
cities',
function()
{

async.each(weatherData.simpleWeatherArray()
,
function(cityData,
callback)
{

it('you
should
be
able
to
get
forecast
weather
for
'
+
cityData.name
+
'
from
this
API
Proxy.',
function(done)
{

var
options
=
{

url:
cityData.url,
//'https://testmyapi-‐test.apigee.net/weathergrunt/apigee/forecastrss?w=2502265',

headers:
{

'User-‐Agent':
'request'

}

}

request(options,
function
(error,
response,
body)
{

expect(body).to.contain(cityData.name)
//Sunnyvale,
Madrid

assert.equal(cityData.responseCode,
response.statusCode)

done()

})

})

callback();

});

});

POSTMAN
•  Postman an API Testing tool
•  Very widely used by Developer and Tester community
•  Add Jetpacks - They are awesome $9 upgrades
29
Testing

POSTMAN with Newman
Newman
–  A command-line collection runner for Postman.
–  It allows you to eﬀortlessly run and test a Postman collection
–  Can be Integrated with your build tools like Maven/Grunt and make it part of your CI build
–  https://www.getpostman.com/docs/newman_intro

30
Testing

JMeter
31
Testing
▪  Get examples https://github.com/apigee/apigee-deploy-maven-plugin
▪  Use assertions to
▪  Validate response codes
▪  Validate payload content
▪  Validate schemas (JSON – DRAFT04)
▪  Validate response times. Spot network latency and performance issues

32
Mocks with Nock
•  Promotes CDC (Consumer-Driven Contract)
•  Promotes faster development
•  No backend? No problem
–  Issues with starting development without a contract in place:
•  There’s no formality, downstream systems changes, no one knows! ☹
•  Downstream systems can run tests to verify whether they’re breaking the contract
•  There’s a backend? No problem
–  Nock can record request and response objects
•  Request/response: content, headers, status codes, delay, etc.

Demo
33

Let’s try it!
Goto Postman and Create a collection of tests
Download your collection
Install newman: npm install -g newman
Run your collection: newman -c mycollection.json
Run your collection 10 times: newman -c mycollection.json -n 10

34
POSTMAN/Newman

Let’s try it!
http://goo.gl/pDxzYG
35
Mocha/Chai
Adding Tests
Add to tests/weatherapi.js

Adding Data Driven Tests

If your tests need data that can be fetched via XHR, stick a .json ﬁle in the data
directory, you can access it at /data/<filename>.json.

SCM
▪  Define your branching and merging strategy from the get go
▪  Opt for a scalable model
▪  Single Repo vs. Multiple Repos
▪  Communicate and provide feedback through pull requests (aka. social coding)
▪  Apply CI and avoid big bang merges
▪  Practice, practice, practice

▪  API Artifacts
–  API proxy source code (XML, JS, Java, Python, binaries, etc.)
–  API Documentation (Markdown, HTML)
▪  Testing Artifacts
–  Scripts
–  Data
▪  Configuration, Deployment and management scripts
–  Management API requests to create entities like target servers and data stores
–  Configuration Data
▪  Keep sensitive data out of SCM
SCM
What can be managed in SCM?

Source code management: “Fork-and-pull” model
Production
Environment
Developer
Workstation
Fork repository
Clonetoworkstation
Deploy and test
1
2
3
4
Development
Environment
Testing
Environment
Committoclone
repository Issue pull request
5
Deploytotest
Deploytoproduction
6
7 8Committers

▪  Identify benefits of SCM
▪  Apply fork and pull requests
▪  Learn SCM models pros and cons
▪  Monolithic vs Single and Multiple Repos
▪  Identify SCM branch types and how to use them
▪  Apply merging
40
Summary

Principles
▪  Maintain a code repository
▪  Automate the build
▪  Make the build self-testing
▪  Keep the build fast
▪  Make it easy to get the latest deliverables
▪  Everyone can see the results of the latest build
▪  Automate deployment

43
The Full Circle
Dev Team
Source Code
Version
Control
Pull Request
or Merge
API Job is
triggered
Static Code
Analysis
Code
coverage
analysis
Deploy API
Bundle
Run Unit,
Functional,
and
Performance
Tests
Publish
Reports
Update Docs

–  API Lifecycle
–  Tooling: Jenkins and Travis
–  Connect to a Git Repo
–  Leverage
–  Maven Plugin
–  Grunt

Reap Your Beneﬁts!!!
•  Makes it visible and measurable!!!
•  Faster to Market!!!
•  Save on Maintenance $$$!!!
44
Continuous Integration and Deployment

Demo
45

Let’s try it! https://travis-ci.org
46
Travis Integration
If
you
do
not
have
git
installed,
then

●  Fork
my
repository
https://github.com/rakeshtl/CI-‐Travis.git

If
you
have
git
installed,
then

●  Create
New
Public
Repository
-‐
https://github.com/new

●  Goto
your
directory
and
run
the
following
commands

●  Npm
install
–g
git

●  git
init

●  git
add
.

●  git
commit
-‐m
"first
commit"

●  git
remote
add
origin
https://github.com/{....}
(eg.
https://github.com/rakeshtl/grunt-tests.git)

●  git
push
-‐u
origin
master

CI
on
Travis

●  Goto
https://travis-‐ci.org

●  Add
a
New
Repository

●  Goto
your
Profile,
Flick
the
repository
switch
on
(toggle
the
checkbox)

●  Add
the
two
environment
variables
-‐
ae_username,
ae_password

○  Provide
Apigee
Credentials

●  Ensure
.travis.yml
file
is
in
your
repository

●  Trigger
your
first
build
with
a
git
push
(git
add,
git commit -m "committing", git push)
●  Goto
your
home
page
on
Travis
and
watch
the
build

●  Check
your
Email
for
Notifications.

•  Interactive documentation is becoming the standard for documenting your APIs (e.g.
swagger).
•  Always treat documentation as code and keep it in version control.
•  Functional changes to code likely change how consumers use the API.
•  Deploy documentation when you deploy the API code.
49
Things to Think About…

© 2013 Apigee Confidential – All Rights Reserved
API Modeling
Describe an API structure
SmartDocs
Generate interactive documentation
API-based
Integrate with any portal / CMS
50
Apigee Edge Developer Services
gh-pages
Other CMS
Apigee SmartDocs Overview

I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop

Similar to I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop (20)

More from Apigee | Google Cloud

More from Apigee | Google Cloud (20)

Recently uploaded

Recently uploaded (20)

I Love APIs 2015: Advanced Crash Course in Apigee Edge Workshop