RESTful API Testing With Chakram
The last few years have seen an exponential increase in the development and use of web-based APIs. It’s common now to see applications, websites, services, and databases being loosely coupled, communicating via RESTful HTTP interfaces.
This communication between API consumers and providers forms a functional contract; with the consumer expecting the provider to expose a consistent interface and maintain a number of things such as endpoints, query parameters, expected request bodies, allowed verbs, returned status codes and data representations. If the API changes, consumers may no longer be able to exploit the API or could find their application behaving in unexpected and bizarre ways.
Like all good applications then, it’s critical that web APIs are well-tested to ensure that they function correctly and deliver a consistent interface for consumers. HTTP API testing is a form of system testing that stimulates the API, with no mocking, to verify its functionality.
Chakram includes assertions to verify returned status codes, the compression used, cookies, headers, returned JSON objects and the schema of the JSON response (using the JSON schema specification). Custom assertions may also be added, combining complex sets of assertions into a single custom assertion.
Alternative API testing frameworks may have simple test interfaces that are easy to pick up and start using. However, when tests become more complex (as they inevitably do), the serious limitations of other API testing frameworks emerge, forcing developers to use complex workarounds and unintelligible hacks to achieve a semblance of functionality. By using BDD formatting and hooks, with extendible assertions and promises, Chakram provides a scalable and clean framework suitable for simple or complex tasks!and
Making API testing less painful
Test Driven Development: When developing APIs, the Chakram testing framework has clear benefits; developers may adopt a test driven development approach to unit testing as well as system testing. This ensures that minimal development effort is needed to achieve requirements coverage.
Use with versioning: Most REST APIs include versioning, allowing breaking changes to be deployed without impacting existing consumers; suites of Chakram tests can be developed throughout the evolution of the API, ensuring that versions behave as expected and backward compatibility is maintained.
Simple integration: Continuous integration platforms can run Chakram tests and parse the results, giving developers (and quality engineers) piece of mind before automated deployment.
Documentation: Chakram also helps with documentation, as a well-described and easily readable test can easily demonstrate how to make use of an API.
Third-party testing: Chakram’s primary use is to test APIs under development, however, it may also be exploited to test third party APIs and monitor for functionality being unexpectedly impacted by any changes made. Tests can be written which verify the functionality required by the consumer and using continuous integration platforms, tests can be run periodically so that any failures can generate notifications.
Chakram requires node.js and NPM (the node package manager). To begin testing, a node.js application should be created to contain the API tests. Chakram should be added as a development dependency to the testing project’s package.json; this can be performed by running ‘npm install chakram –save-dev’.
The mocha test runner is used to run Chakram tests – this can be installed globally or as a development dependency. To run tests, simply call the mocha command line tool, passing the location of the tests as an argument. Mocha can export the test results in many different formats, satisfying the majority of continuous integration platforms.
Issues, pull requests and questions are welcomed – happy testing!
When not thinking of new ways to improve testing, Dr Dan Reid works at Senseye – a UK startup creating an easy to use predictive analytics platform for the Internet of Things. Senseye’s product monitors valuable equipment and predicts what will happen, to remove risk and save money for organisations that have previously been unable to afford this kind of technology. The platform makes heavy use of microservices, driving the need for simple and modern REST API testing tools.