SOA Contract Testing

One of the most important aspect of a SOA approach is testing. In order to get this right you should have several levels of tests, is very hard to match all things you should have just with unit tests.

If you think on abstractions a Service in Service Orientation(SO) it`s a composed by a service implementation and a contract.

A service could implement multiples contracts. I like to have one contract per service but there are scenarios where you could like to have more than one, for service aggregates or domain segregation cases.

So whats is a contract? For SOA contract is DATA, thats the real contract, but this could be seeing as many things, so i like to thing in some things to define what is the contract.  SOA is about Design so this could change depending of your main architecture design but in the way that i see it a contract would composed by the following elements.

Contract parts


  1. Name (key identifiers, id, interface name, whatever that identify(unique) the service).
  2. Access Point(uri, url, ip, whatever that points to the service)
  3. Operations (names, inboud objects, outbound objects, interfaces, definitions, schema or schema -less)
  4. Behavior (what the service does and how it does.
  5. Protocol (REST?, Soap?, Rmi?, Ejb?, Http?)
  6. Serialization Format (Xml, Json, binary, protocol buffers, stream, etc...)
  7. Data Format (What is the date formats, list formats, specific data formats)
  8. Transport/Media (Http, Rmi, Actors, js, java, memory, disk, ipc, etc..)
You will need to have contract test, so basically you will test this things. Your service might have different consumers, so the contract test will be great because you can also use him as backward compatibility test to make you dont break consumers with code changes and data changes.


Service operations could be very expensive, so i heavily recommend you do mock your dependencies and make contract test focused on just data. This could be hard so you need to have a great design in place, for service that are just data and very few business rules tests could be just check if the data is there and you might have mixed feelings but still better to have them nothing but you can judge if it worth while doing it or not.

Levels of Testing

Unit test is not enought, is hard to manage it and is hard to get proper feedback. You might see some overlap on my test levels, thats why you need to have clever engineering in order to reuse tests and change context so you create a solution where you inject fake mock or real objects to make tests become from contract to integration(3rd party dependency tests).

This will speed up development because you can use mocked data to Unit and Contract level so developers can run tests on they machines quickly and thats really important for XP developers.

Integration tests take time, same people have dedicated machines or jenkins replicas just to run this on separate threads since they will call databases, and other heavy services you might have. Interoperability are important for external consumer or for the cases you have different parts of your business or partners coding with different languages so you need make sure stuff works in other langs. REST and JSon can be very trick, so i recommend you have some of this tests.

A Great why to Do BDD?

The best spot to do BDD in SOA for me in not the Unit but the Contract, so you can do something like TDC, Test Contract Development and write tests in formars of specifications using stuff like cucumber or specs 2 this is great because it make it clear what the services does and people that are less technical can check just one place to understand the whole service.

Why is important talk about contracts?

In SOA, Services are citizen of first class. So you need to balance what goes to Services(contracts), Apps, Applications and UI. So you need establish concerns and profiles for services and that you make you able to think about features and decide what put where. 

I see contracts as a kind of reflect of the real business, software architecture is bound to the business constraints, so you need to have business people involved on contract definitions and development and this is not something static, is something that never stops , you always need keep having discussions in order to make sure you keep doing right decisions.

Cheers,

Popular posts from this blog

Kafka Streams with Java 15

Image
Kafka Streams is a Streaming library similar to Spark and Flink which works with Apache Kafka. Kafka stream can be useful to process historical and near-real-time big data workloads but also for non-realtime analytical computations at scale for the online world as well. Kafka-Streams is elastic, highly scalable, fault-tolerant, and fully integrated with Kafka. You can use Kafka Stream with Java, Scala, Kotlin JVM applications and also have exactly-once processing semantics. Kafka-Streams is being used by the New York Times, Pinterest, Line, Trivago, Zalando, and many other companies. Today I want to share a video of Kafka-Streams running with Kafka 2.6 and Java JDK 15. So Let's get started. 
read more »

Rust and Java Interoperability

Image
Rust does not stop for one second to amaze me. It looks like Rust was designed to talk to every other language so easily. No kidding, it's clear way Web Assembly and rust have lots in common. Java is never an easy lang to interop with. Today I will show how easily we can interop Java & Rust. In order to do so, we will need to use the Java and Rust compilers. For Java, we will not require any other lib than the standard JDK. For Rust, we will need to create a lib project in cargo and we will need to use the crate JNI. I love this feature because java does not allow low-level code on the main language. So if we need to do something low level, efficiently Rust is my first choice, not only for safety reasons but because is really fast.  Let's get started.
read more »

HMAC in Java

Image
In 2018 AWS CTO(Vogels) said : "Security is everyone's job". For the last 2 years, there was so many famous and big data leaks and breaks that made that statement be very true more than ever. Security often could mean worst performance and worst user experience so in order to get it right you really need to think about the designs before jumping into to code and consider performance and user experience has main requirements.  I was thinking about writing about how to do HMAC in Java for a while and recently Redis 6.0.0 come out and to my surprise, there was a refactoring on the password part in order to use HMAC.  Security easily could scare engineers often because it is not something well spread yet but I believe this will change soon. It does not matter if you have to deal with PII Data or not, security is super relevant because everybody is running their workloads at the cloud or with IoT and Edge devices which means more distribution, more code, more points of fail
read more »