End-To-End REST Service Testing Automation

End-to-End REST Service Testing Automation

STC 2017

Mayank Gupta ()

Software Engineer II

Devika Hans ()

Software Engineer

ABSTRACT:The expectation from QA organization is to make sure that all applications are tuned to deliver to every rising user expectation. End-to-End Testing comes in role here to determine various dependencies of application as well as ensuring that accurate information is communicated between various system components. Automation for End-to-End REST service testing is important for continuous integration of new features added by developers and making them available on Staging environment for clients.

In this paper, we will touch on following processes and how they can be automated:

1. Deployment of build on various environments.

2. Integration Test execution.

3. Build certification for higher environments.

4. Client Testing.

INTRODUCTION:

Restful services has gained significant importance based on its adoptionto meet the current and future Mobile, Web and smart devices’ software and applications needs. REST stands for Representational State Transfer. It relies on a stateless, client-server, cacheable communications protocol. REST is an architecture style for designing networked applications. It is simple and light weight. It uses HTTP requests to post, read and delete data. It is second generation Web Services. REST can return XML, plain text, JSON and HTML.

Given the growing use of REST over SOAP services, it becomes essential to have techniques and mechanism to test these APIs. API testingis a type ofsoftware testingthat involves testingapplication programming interfaces(APIs) directly and as part ofintegration testingto determine if they meet expectations for functionality, reliability, performance, and security.API testing involves testing APIs directly (in isolation) and as part of the end-to-end transactions exercised during integration testing

1.API Lifecycle:

2.API Testing: It involves to determine if-

•API meet expectations for functionality, reliability, performance, and security.

•APIs return the correct response (in the expected format) for a broad range of feasible requests.

•React properly toedge casessuch as failures and unexpected/extreme inputs

•Deliver responses in anacceptable amount of time.

•Respond securely to potentialsecurity attacks.

3.Automating API Testing:

Automation dramatically simplifiesintegrationandregression testingin anAgile environment, allowing API calls and integrations with third-party systems to be checked every time a significant change is made to the product. In case of complex solutions, manual validation would require an unreasonably large amount of time, whereas with automation, it becomes a much easier matter to deal with.API test automation helps reveal integration issues across the entire chain of services or systems, not an isolated element only, thus saving tons of troubleshooting time and efforts. You get the whole picture right away and can take immediate actions to apply fixes.even if an external service has slightly modified the format of responses or names of the functions you used, this change is likely to be detected even before the first complains start coming in from customers.

As the result, the stability of the system is regularly verified to ensure its stable operation during production and long afterwards.

There are various challenges involved in automating API testing without compromising with test quality and coverage. Some of them applicable in our case are as below:

• Response data validation: It is important to validate the response to identify if change in API has not caused any occurrence of invalid response data. It is possible that any change in business logic may have caused response data change and it is hidden to developer.

• Two stack approach: We have two stacks (blue and green) on all our environments. Deployment is carried on alternative stack each time. A framework is required to support such approach.

• Various environments: Different environments results in different data sets. Mechanism is required to have different input data for each environment.

• Data cannot be posted on all environments: POST calls cannot be performed on all environments such as staging and production as we have client specific data on it.

Integration Test framework

•Easy to write test cases in XML or JSON format.

•Support of having different input data for different environment.

•Categorization of testcases.

•Can write Java code for customization.

•Blue/Green stack support.

•Comparison the response output b/w Blue and Green stack

•Support to run testcases of any stack.

•Seamless Jenkins integration.

•Platform independent (can run on mac/win/linux etc.)

•Very less maintenance cost.

•Generate Junit and HTML reports.

•Provide complete functional coverage.

Performance/load testing:

Following aspects are measured and monitored in terms of API perfomance before delivering them to our clients:

• API behaviour on different loads.
• Response time.
• Resource Utilization. (CPU, Memory, DB etc.)
• API throughput.

Build Pipeline:

ROI:

• Ease of testing with frequent releases.
• Test Quality increases.
• Good test coverage.
• Early and frequent service availability to clients.
• Test reusability.

References:

Author’s Biography:

•Mayank Gupta: I am working with Adobe from last 5 years as a Software engineer. In Adobe, I have worked on Adobe AIR, Adobe reader on android, Flash Runtime, Project 1324 and Creative cloud services. I have completed my B.Tech from M.B.M. engineering collage, Jodhpur.

•Devika Hans: I am working with Adobe from last 9 months as a Software engineer. I have worked on Creative cloud services here. Prior to this I have worked with Infosys for around 2.5 years. In Infosys, I have worked on development and maintenance of REST services. I have completed my B.Tech from GGSIP University.

Thank You..