search

usebruno / bruno

Opensource IDE For Exploring and Testing Api's (lightweight alternative to postman/insomnia)
https://www.usebruno.com/
MIT License
25.81k stars 1.18k forks source link

[Feature Request] HTML test report format #1659

Open trusta opened 7 months ago

trusta commented 7 months ago

Hi,

It would be a good idea to implement HTML report generation for tests run in CLI for existing CI/CD pipelines that rely on Newman runner for postman collections with: https://github.com/DannyDainton/newman-reporter-htmlextra

I made a first version :

image image image image image
tlaloc911 commented 6 months ago

This report is really great!! thank you

I tuned a version for my particular needs in order to being able to share testing results with more people in my team:

1) Include a beautified version of the response. 2) Mask the Authorization element from request header.

I don't think it is a good idea to start including so many variations of the report in the project. It would be nice to include the posibility to use custom filters and templates in htnl report. What do you think?

amaillet2024 commented 6 months ago

As a user of htmlextra report from newman, this report is very promising. We also use le console display in this report, realy useful but option to remove some part (headers for me) would be nice too thanks for this contribution

trusta commented 6 months ago

@tlaloc911 @amaillet2024 I made a new PR (https://github.com/usebruno/bruno/pull/1828) to manage sensitive data with cli args (like https://www.npmjs.com/package/newman-reporter-htmlextra) :

--reporter-html-template: Specify a path to the custom template which will be used to render the HTML report. --reporter-html-title: Give your report a different main Title in the centre of the report. If this is not set, the report will show "Bruno run dashboard" --reporter-omitRequestBodies: Exclude all Request Bodies from the final report --reporter-omitResponseBodies: Exclude all Response Bodies from the final report --reporter-hideRequestBody: Exclude certain Request Bodies from the final report. Enter the minimatch pattern for the suitename you wish to hide --reporter-hideResponseBody: Exclude certain Response Bodies from the final report. Enter the minimatch pattern for the suitename you wish to hide --reporter-omitHeaders: Exclude all Headers from the final report --reporter-skipHeaders: Exclude the given Headers from the final report. Enter the header names you wish to redact --reporter-skipSensitiveData: Exclude all the Request/Response Headers and the Request/Response bodies, from each request in the final report. This will only show the main request info and the Test Results.

I think all these options will allow you to share reports as you wish :)

Don't hesitate to comment if you have any other ideas.

tlaloc911 commented 6 months ago

It is great!, thank you so much @trusta

akhot09 commented 5 months ago

I am just into something similar like this - i have shifted from Postman to Bruno, and looking forward to check whether we can use htmlextra reporter command as we use in newman while running postman collections. If so, can anyone please help me with CLI arguments for bruno how we can use the same htmlextra reporter with bruno.

kizilcali81 commented 4 months ago

Thank you @trusta for this awesome report but unfortunately we are running into the following problem:

After running the bruno tests in Jenkins we save the HTML report to be available with each build using the HTML publisher plugin. The report is then accessible via a link in the job view.

However, when opening the report through Jenkins the report is not rendered because content security policy blocks inline scripts and styles. We cannot relax the content security policy on the server.

Do you think it would be possible to overcome the strict content security policy settings when they would be referenced externally?

The specific issues are:

Refused to load the script 'https://unpkg.com/vue@3/dist/vue.global.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Refused to load the script 'https://unpkg.com/naive-ui' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Tl64+yleAhdLSDPGCtGuMkB40IfIkfYwdnkGQVR+n5U='), or a nonce ('nonce-...') is required to enable inline execution.
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-iEIZPr5lmLrAIcj30Z4iOBUJh6w21Z7CwTib7q1H/4Y='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
brvaland commented 3 months ago

@trusta @helloanoop any update when PR(#1828) will be merged and released as we have creds in request header which we would like to omit.