frain-dev / immune Goto Github PK

Immune should be able to generate reports, somewhat like what vegeta does.

Allow error bubbling via an Error method in the signal type

Allow authentication configuration, so we can test against authenticated APIs

After long discussions with the team, we have decided to implement isolation of test cases in the following way:

"test_cases": [
        {
            "setup": [
                "setup_group",
                "setup_app",
                "setup_app_endpoint",
            ],
            "http_method": "POST",
            "endpoint": "/events?groupID={group_id}",
            "callback": {
                "enabled": true,
                "times": 2
            },
            "request_body": {
                "app_id": "{app_id}",
                "event_type": "payment.failed",
                "data": {
                    "sc": "gene",
                    "marvel": "stark"
                }
            },
            "response_body": true,
        }
    ]

Where the setup array references the names of the setup funcs to be run before this test case is run
After each test case finishes the db is truncated.

The way it works now, consecutive test cases that require callbacks may spill over. For instance, if a test case specifies 1 callback but 2 come through for it, the next test case to require a callback will first of all drain the excess callback from the channel. This corrupts the system & makes its integrity false.

Ways to solve this may include:

• would be to scope that for each channel, it is a single channel that receives its callback, a new channel for the next test case.
• duplicate the net object that executes test cases, this way we can tweak it to ensure the server object starts each test case with a new channel
• have an array of channels for each respective test case.

I will give this some thought before trying to solve it.

Immune callbacks should validate webhook events. It means when a callback receives an event. It should:

1. Sign the payload with the shared secret.
2. Compare the derived hash with the header's hash.

A success in step 2 indicates a successful test else a failure.

This feature is essential for verifying that Convoy is signing the payload properly, and bugs like this don't repeat themselves.

The test cases should register a channel with the callback server with its callback id in this manner:

cs := callback.NewServer()
cs.RegisterCallbackChannel(uid string, ch chan struct{})

The cs.RegisterCallbackChannel method should look like this:

func (s *Server) RegisterCallbackChannel(uid string, ch chan struct{}) {
   s.chanMap[uid] = ch
}

And when a callback is received the uuid should be extracted and the channel gotten from that map, then a struct{}{} sent on it. This allows the callback signalling to be disjointed, and is one step to allowing us run test cases concurrently.

Need to put more work into the context & automatic cancellations

Searching the Request body for variable references should take into consideration array values like:

{
 "groups": [
   "{group_id}"
  ]
}