scanapi / scanapi Goto Github PK
View Code? Open in Web Editor NEWAutomated Integration Testing and Live Documentation for your API
Home Page: https://scanapi.dev
License: MIT License
Automated Integration Testing and Live Documentation for your API
Home Page: https://scanapi.dev
License: MIT License
If we define a var containing an upper case letter, like:
vars:
apiKey: abc123
and we try to use it later as ${apiKey}
it will raise the error:
ERROR:scanapi.evaluators.string_evaluator:'apiKey' environment variable not set or badly c
To check if there is any lower case in the word here:
https://github.com/camilamaia/scanapi/blob/master/scanapi/evaluators/string_evaluator.py#L48
if any(letter.islower() for letter in variable_name):
continue
We need to ensure that API spec has some mandatories keys in order to work properly.
The first mandatory key that need to be checked is the key api
. The specification should start with it.
https://github.com/scanapi/scanapi/blob/master/scanapi/__init__.py#L68
Under the key endpoints
, we need to ensure each entry has at least a name
and a requests
key
https://github.com/scanapi/scanapi/blob/master/scanapi/tree/endpoint_node.py#L79
Under the key requests
, we need to ensure each entry has at least a name
and a path
key.
https://github.com/scanapi/scanapi/blob/master/scanapi/tree/request_node.py#L106
This is an example of a minimal possible structure:
api:
endpoints:
- name: scanapi-demo
requests:
- name: health
path: http://demo.scanapi.dev/api/health/
If any of this mandatories keys is missing, an error should be raised.
Similar to headers
implementation
api:
base_url: ${BASE_URL}
headers:
Authorization: ${BEARER_TOKEN}
params:
per_page: 10
At PyPi page desccription the image scanapi-report-example.png is not loading
This happens because it is being used the relative path to link the image on README.md
How it is now:
<p align="center">
<img src="images/scanapi-report-example.png" width="700">
</p>
How it is should be:
<p align="center">
<img src="https://github.com/camilamaia/scanapi/blob/master/images/scanapi-report-example.png" width="700">
</p>
Enable to have API spec in multiples files using an include
syntax.
Current the format is markdown.
π
Make coverage > 90% for each file. You can find the current % for each file here: https://codecov.io/gh/scanapi/scanapi/tree/master/scanapi
Create a Makefile with the following commands:
Current, when there is an error when executing a command inside the python code tag ${{ }}
, this is the message:
ERROR:scanapi.evaluators.string_evaluator:Invalid Python code defined in the API spec: Expecting value: line 1 column 1 (char 0)
We should improve it to show precisely which error happened.
Generate automated code documentation from the docstrings.
https://wiki.python.org/moin/DocumentationTools
https://www.sphinx-doc.org/en/master/
Currently we are evaluating python code from API specification ${{ code }}
using eval:
We must use a safer and more elegant solution. I am out of ideas here.
ast.literal_eval
does not support access to external variablesShow Request Body, if it exists, on Markdown Report. Current it is showing only response body.
Error when running scanapi v0.0.16
jinja2.exceptions.TemplateNotFound: markdown.jinja```
Error when running scanapi v0.0.15
from scanapi.tree.api_tree import APITree
ModuleNotFoundError: No module named 'scanapi.tree'
Create a README header, something like:
https://github.com/barbosa/clorox
Some References: https://docs.google.com/document/d/1b8djucd09fjzzfGDsRYEyKa8c7VDZBgFVwJBr9Y52h8/edit?usp=sharing
factory_boy is a fixtures replacement based on thoughtbotβs factory_bot
As a fixtures replacement tool, it aims to replace static, hard to maintain fixtures with easy-to-use factories for complex object.
Instead of building an exhaustive test setup with every possible combination of corner cases, factory_boy allows you to use objects customized for the current test, while only declaring the test-specific fields:
Configure a changelog linter. Maybe https://github.com/rcmachado/changelog
Related with: #88
Create a command that converts an OpenAPI specification file into a ScanAPI specification file.
OpenAPI Specification: https://swagger.io/specification/
For that, we need to create a new Click command called convert
in the __main__.py
file.
With the arguments:
And with the options:
openapi
, required)scanapi
, required)Example:
$ scanapi convert -f openapi -t scanapi OPENAPI_PATH SCANAPI_PATH
Related issue: ADR 6: How to integrate feature that converts OpenAPI file to ScanAPI file
Set the version on pyproject.toml file automatically. We want to avoid to manually bump the version for each release PR.
Maybe this would be a good candidate: https://github.com/mtkennerly/poetry-dynamic-versioning. It needs more investigation
Update CONTRIBUTING.md with:
Create a Logo for ScanAPI
Some References: https://docs.google.com/document/d/1b8djucd09fjzzfGDsRYEyKa8c7VDZBgFVwJBr9Y52h8/edit?usp=sharing
A assertions.yaml with some assertions for each request.
for example, posts_list_all
must have:
Tasks:
in the future, we can create alerts when the assertions fails
Print request ID in the generated documentation. Something like:
### posts_list_all
GET https://jsonplaceholder.typicode.com/posts
-> headers
Response: 200
-> headers
-> content
Given that ScanAPI already has a predefined yml structure, we could have a VSCode extension that autocompletes keys (endpoints
, method
, path
, etc) based on where you are in the spec tree.
This would require further investigation to see what can be achieved but the following links should give some clarity:
Stop declaring the env vars on scanapi.yaml file and start getting these variables in fact from the env.
ScanAPI report should be generated even if an Invalid Python Code error happens. It would help debugging.
Deploying to PyPI with GitHub Actions:
https://packaging.python.org/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/
Add coverage report tool: codecov
Create a changelog file. More info at: https://keepachangelog.com/en/1.0.0/
Add Black to Github Check or CI pipeline
Hi, I see that HTTP requests PATCH method are not implemented, for any particular reason?
Thank you.
Congratulations on the project, it is a great idea. π
To let the user know how log each response took:
Add the possibility to hide tokens and authorization info in the generated report to avoid expose sensitive information via configuration file (usually .scanapi.yaml
).
Change the sensitive information value to <sensitive_information>
Configuration Options:
report
hide-response
or hide-request
headers
or body
or url
Example:
report:
hide-response:
headers:
- Authorization
- api-key
hide-response:
body:
- api-key
The logic is implemented inside the hide_sensitive_info method
Example of how this should be rendered in the reports:
Dynamic and Static evaluations are mixed. Also we call evaluate from a lot of different parts of the code. This makes things hard to debug and to undestand
https://github.com/camilamaia/scanapi/blob/master/scanapi/variable_parser.py
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/request_node.py#L19-L26
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/request_node.py#L32
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/request_node.py#L50
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/endpoint_node.py#L25
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/endpoint_node.py#L36
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/endpoint_node.py#L56
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/root_node.py#L19
https://github.com/camilamaia/scanapi/blob/master/scanapi/tree/root_node.py#L31
ScanAPI should break when an Invalid Python Code error happens - after generating the report. It should summarise and show all the errors that happened.
...
requests:
- name: list_all # posts_list_all
method: get
case: when user is not authenticated
...
- name: list_all # posts_list_all
method: get
case: when user is authenticated
...
π
After the refactor on the reporter templates, hide sensitive info from headers is not working. It shows the real data instead of "<sensitive information>"
Create a config file .scanapi.yaml
with the content:
docs:
hide:
headers:
- Authorization
Run scanapi with this config file and set an Authorization header inside the api specification:
api:
base_url: ${BASE_URL}
headers:
Authorization: token123
The word token123
will appear in the report, instead of "<sensitive information>"
related to #15
https://realpython.com/python-logging/
https://www.loggly.com/ultimate-guide/python-logging-basics/
To make console report prettier. And to add response time to it.
This is how it looks like now:
ScanAPI Report: Console
=======================
GET http://demo.scanapi.dev/api/health/ - 200
GET http://demo.scanapi.dev/api/languages/ - 200
GET http://demo.scanapi.dev/api/devs/ - 200
GET http://demo.scanapi.dev/api/devs/?newOpportunities=True - 200
GET http://demo.scanapi.dev/api/devs/?newOpportunities=False - 200
POST http://demo.scanapi.dev/api/devs/ - 201
GET http://demo.scanapi.dev/api/devs/129e8cb2-d19c-51ad-9921-cea329bed7fa - 404
GET http://demo.scanapi.dev/api/devs/129e8cb2-d19c-41ad-9921-cea329bed7f0 - 200
DELETE http://demo.scanapi.dev/api/devs/129e8cb2-d19c-41ad-9921-cea329bed7f0 - 200
GET http://demo.scanapi.dev/api/devs/129e8cb2-d19c-41ad-9921-cea329bed7f0/languages - 200
Maybe to add some different colours to each HTTP method?
π
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.