Asset a specific message when multiple messages flowing through the brokers or topics

[nirmalchandra]

Created from #220

2. When testing in real environment, there will be multiple messages flowing through the brokers/topics. How can zerocode validate/asset a specific response? Ans: Use Json Path to look for a perticular message or a record key or value. Very easy! e.g.

When you have consume multiple records from a topic, that means you receive an array of records as the response. Then you can assert this way explained in the readme-file.

Where is this JSON path is applied ? In JUNIT or within Zerocode JSON config ?

For example, my test below keeps on failing. In the log, instead of just consuming the messages with the ids I have specified below. It consumes the whole array of 10 messages.

{
    "scenarioName": "consume a JSON message with id_5 & id_9 out of 10 messages produced on topic_A",
    "steps": [

        {
            "name": "consume_step",
            "url": "kafka-topic:topic_A",
            "operation": "consume",
            "request": {
                "consumerLocalConfigs": {
                    "recordType": "JSON",
                    "commitSync": true,
                    "showRecordsConsumed": true,
                    "maxNoOfRetryPollsOrTimeouts": 3
                }
            },
            "assertions": {
                "records": [
                    {
                        "key": "id_5",
                        "value": {

                            "TEST": "Test Val0"
                        }
                    },
                    {
                        "key": "id_9",
                        "value": {

                            "TEST": "Test Val9"
                        }
                    }
                ]
            }
        }
    ]
}

[authorjapps]

Hello @tghani93, Do you still want us to look at it?

[tghani93]

@authorjapps - thank you for your help so far. Just one more question: security. Could you point me to some resources / documentation where I can read about library (zerocode's) security?

TIA

[authorjapps]

Just trying to understand - Are you looking for how Zerocode supports/invokes secured APIs e.g. Https / OAuth2 / SAML / Kafka etc? or anything else in general ?

If you could be specific, then we can try to answer...

[tghani93]

Yes secure APIs as you mentioned and in general as well :) I am planning on doing a blog about Zerocode also, so wanted to obtain a deeper understanding as well.

[tghani93]

And please excuse my ignorance & naivety, how does Zerocode compares to: https://www.testcontainers.org/ The reason I am asking is as above that I an trying to push zerocode as first preference and would like an expert opinion. TIA

[authorjapps]

Yes secure APIs as you mentioned and in general as well :) I am planning on doing a blog about Zerocode also, so wanted to obtain a deeper understanding as well.

That sounds cool. 👍

• For Oauth2 one of our contributor(and user) has shared a very short and precise blog in the DZone Security Zone. I am tagging him(@santhoshTpixler ) here in case you need more details on this.

• For Corporate Proxy configuration, you can follow the README section here

  • This is for any Http api invocation, for instance REST, SOAP etc

• SAML/JWT are very straight forward - working examples are here - HelloWorld repo

• If tokens are dynamic, it's still easy to inject them into header in runtime.

  • @santhoshTpixler has explained in his blog

• If you use OpenAM or RedHat SSO or Simple Basic Auth

  • You can refer the examples in readme-file here
  • You can manually use per test-case wise or embed it to the HttpClient which is oneoff( and less maintenance overhead)

• Zerocode's Http Client supports Http and Https connections anyways.

  • But you can override and add/remove security features to match your project requirement.

  • See example here - in HelloWorld

    @Override
    public CloseableHttpClient createHttpClient() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
    LOGGER.info("###Used SSL Enabled Http Client for http/https/TLS connections");
    
    // Add your own security flavour and return the client, 
    // then all test-cases will start using this client.
    // That's it really!
    
    return HttpClients.custom()
            .setSSLContext(sslContext)
            .setSSLHostnameVerifier(new NoopHostnameVerifier())
            .setDefaultCookieStore(cookieStore)
            .build();
    }

• Then it's very simple and straight forward to use like below-

  Just annotate your test class or suite class.

@UseHttpClient(CustomHttpClient.class)

• In similar fashion, you can inject any custom headers you need. Explained here e.g.

  @Override
  public Map<String, Object> amendRequestHeaders(Map<String, Object> headers) {
      // ----------------------------------------------------
      // Add your custom headers here(if any).
      // e.g. Your auth tokens, client_id or client_secret etc
      // ----------------------------------------------------
      if (headers != null) {
          addCustomHeaders(headers);
      } else {
          headers = new HashMap<>();
          addCustomHeaders(headers);
      }
  
      return headers;
  }

[authorjapps]

And please excuse my ignorance & naivety, how does Zerocode compares to: https://www.testcontainers.org/ The reason I am asking is as above that I an trying to push zerocode as first preference and would like an expert opinion. TIA

Sorry mate for the delay. These two are very different tools for different purposes not worth comparing.

testcontainers.org >>Mostly for anything ... that can run in a Docker container.

Zerocode is for

• Application Integration Testing
• End to End testing
• System Integration testing
• Load/Stress testing
• API Mock making (using wiremock JSON DSLs)

in a declarative way reducing the hassles to zero for Developers/Testers.

But on the feature-comparison front- We are in the process of collecting the feedback/data from our customers to capture why they are migrating from their existing tools to Zerocode e.g.

1. From Postman(collections) to Zerocode
2. From other Step-Definition based BDD tools to Zerocode etc.

We will spin up a Wiki page or a Google doc once that's ready. That might throw some light on this line.

But our advise will be choose a tool/lib/framework

• Which is easy to use
• Less syntax overhead
• Easy dealing with payload
• Easy to extend the test runners
• easy to add custom security featured
• Easy for manual testers to understand the test flow

Hope this helps!

Also we are excited to see your blog when it's ready ❗️

and wish you good luck 🙏

[tghani93]

@authorjapps , very grateful for your responses and pointers. Will have keep you posted on the blog! :)

[tghani93]

@authorjapps, just letting you know that I will be recycling some of your awesome pointers above in the blog!! :)

[authorjapps]

Sounds cool mate. 👍 Please try to keep the blog precise/short, easily understandable for first timers as well as experience developer/testers :-) Good luck!