http/probe: apispec: generate dummy param data and request bodies #148
Conversation
…m schemas Generate realistic requests from OpenAPI/Swagger specs during HTTP probing. Populate path, query, header and body params using schema info so the probe exercises more code paths. Changes: - Substitute path params based on schema types (with brace-strip fallback) - Build query strings and headers from parameter schemas (JSON-stringify object-typed params) - Create JSON request bodies from requestBody schemas and set Content-Type - Basic multipart/form-data support (pick first field, retry with image/JSON on 500) - Merge path-level and op-level params with op-level override - Pass a headers map into requests; remove duplicate param collection work - Add tests for path substitution, query/header generation (object/array), param string generation, and param merging This improves probe coverage without changing existing flags or behavior for non-API-spec probes. Fixes: mintoolkit#73 Link: mintoolkit#73 Signed-off-by: Artem Tkachuk <artemtkachuk@yahoo.com>
|
@kcq transferred over from slimtoolkit/slim#804 :) Would appreciate your review. Thanks! |
artem-tkachuk
changed the title
|
Reviewing |
There was a problem hiding this comment.
Pull Request Overview
Enhances API spec-based HTTP probing to generate realistic requests from Swagger/OpenAPI definitions, including path/query/header parameter handling and request body generation.
- Merge path- and operation-level parameters with operation-level overrides
- Generate dummy values for path/query/header params and JSON bodies; pass headers into requests
- Update request execution to include generated headers and refined content-type handling
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| pkg/app/master/probe/http/swagger.go | Adds parameter merging, path substitution, query/header builders, and updates API call flow to use generated headers and bodies |
| pkg/app/master/probe/http/swagger_test.go | Adds unit tests for path substitution, query/header generation, parameter merging, and schema-to-string conversions |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
Feedback from Copilot incorporated |
|
Thanks again for the enhancement @artem-tkachuk ! Let me know if you have cycles for any more enhancements related or unrelated to this openapi spec call generation (for example, one of the potential enhancement could be generating more meaningful data based on the schema properties and data types potentially using fake data creation libraries like https://github.com/brianvoe/gofakeit ) |
|
@kcq of course! Would love to continue contributing to this or anything else really. What's the highest immediate priority that I could try taking on? |
@artem-tkachuk great to hear that you have cycles! The wishlist is pretty extensive :-) With HTTP probing better form detection and submission logic would be super valuable. There's a little bit of it in the api spec based probe generation logic and there's also the Better websocket support is also would be great to have give that some types of app use it extensively. Streamlit applications is a great example of that where a it's necessary to understand low level constructs and to generate the right websocket interactions. Integrating (and driving) a headless browser (possibly packaged as a container image) has been on the wishlist for a while. This headless browser is necessary to execute javascript client side to generate better application interactions. This is something the built-in crawler and the default http probes don't do. Lots of other things too including container runtime related enhancements and container/application instrumentation and observability :-) And, of course, feel free to suggest anything that jumps at you. |
2 participants
Fixes-73
What
requestBodyschemas and setContent-Typemultipart/form-datasupport (pick first field; retry with image/JSON on 500)Why
How Tested
pkg/app/master/probe/httpfor:go test ./pkg/app/master/probe/http -v(all passing)Notes
--http-probe-apispecand--http-probe-apispec-file; no new flags or changes to non-API-spec probes