2. Importing OpenAPI Documents
The demo web service comes with two OpenAPI documents. Log in to GUARDARA, then:
- Import the document named openapi.v1.yml into GUARDARA. Move to the Test Assets page and click the Import button, then select the Import OpenAPI Document option.
- GUARDARA allows importing OpenAPI documents either by providing the URL of the document or by uploading the document as a file. Select the File option from the dropdown menu and click the Upload Document button to select the OpenAPI document to upload.
- Using the Select Engine dropdown menu select the Engine you have deployed during the Environment Setup.
Considering you have likely chosen a different name for your Engine, you should see a screen very similar to the one shown below at this point.
Click on the Next button to continue the import process.
Document Static Analysis
GUARDARA analyses the OpenAPI document to identify a variety of issues such as:
- Issues related to the OpenAPI document itself
- Implementation, design and security issues affecting the web service that can be derived from the document
- Any errors that would prevent GUARDARA from processing the document or testing the service
While addressing issues falling under #3 is a must to run dynamic tests, we highly recommend you address any issues marked as being Critical, High or Medium severity before running tests.
The better your API documentation is, not only the better the generated test cases become, but you will need to tweak/customize test configurations a lot less often. Therefore, you will be able to uncover more critical issues during the tests with minimal effort.
As can be seen in the screenshot below, the document validation phase reported two issues. While both of these are problems you would like to be addressed by the time the service gets into production, let's ignore them for a minute.
Let's continue by clicking the Next button.
At this stage, GUARDARA has imported the OpenAPI document and created all the test configurations for you to run dynamic tests. If GUARDARA encountered any problems while processing the OpenAPI document, this is also the screen where you would be presented with information about the errors.
As can be seen, GUARDARA encountered two errors. There were two operations defined in the OpenAPI document that had no responses documented at all. Take the time to explore the information about the reported issues by expanding each to see the problem details.
Before continuing with the tutorial, as an exercise, fix the reported issues by documenting at least the 200 OK responses for the operations. Once done, delete the imported assets on the Test Assets page and import the updated document again. Observice the differences both on the Static Analysis and Processing Summary screens.
You may have noticed that GUARDARA has created three Projects. The Alpha version of the web service testing feature currently only supports generating single-operation test configurations, meaning API Operations are tested individually. GUARDARA, therefore, creates a dedicated project for each API Operation.
Click the Done button to complete the process and get redirected back to the Test Assets page, where you can find the test configurations created.