APIOps

A presentation at Eurostar Huddle Automation Deep Dive Webinar in July 2022 in by Daniel Kocot

Slide 1

Slide 1

APIOps Daniel Kocot, Senior Solution Architect / Head of API Experience & Operations

Slide 2

Slide 2

Name: Daniel Kocot Role: Senior Solution Architect / Head of API Experience & Operations Email: daniel.kocot@codecentric.de Twitter: @dk_1977 LinkedIn: https://www.linkedin.com/in/danielkocot/

Slide 3

Slide 3

Slide 4

Slide 4

No Buzzword Bingo!

Slide 5

Slide 5

CALMS Model

Slide 6

Slide 6

Collaboration

Slide 7

Slide 7

Automation

Slide 8

Slide 8

Lean Principles and Processes

Slide 9

Slide 9

Measurement

Slide 10

Slide 10

Sharing

Slide 11

Slide 11

API first An API is the first (and often only) interface to users of an application An API comes first — before the implementation An API is described (documented) or self-descriptive

Slide 12

Slide 12

API Design (first)

Slide 13

Slide 13

OpenAPI / AsyncAPI

Slide 14

Slide 14

OpenAPI Spec Example

Slide 15

Slide 15

Specification Version

Slide 16

Slide 16

Slide 17

Slide 17

Tooling

Slide 18

Slide 18

GIT some kind of GitFlow no direct commits to main Branch every change to specification and the pipeline has to be a pull request

Slide 19

Slide 19

Developer Setup

Slide 20

Slide 20

IDE or Editor Eclipse JetBrains Products Visual Studio Code Stoplight Studio Apicurio Studio Insomnia

Slide 21

Slide 21

local validation Redocly-CLI Spectral

Slide 22

Slide 22

Spectral > npm install -D @stoplight/spectral > npx spectral lint news.yaml OpenAPI 3.x detected No results with a severity of ‘error’ or higher found!

Slide 23

Slide 23

Ruleset formats: - oas3.0 extends: - ‘spectral:oas’ rules: tags-have-description: description: Tags must have a description. message: Description of Tag is missing given: $.tags[*] recommended: true type: style then: field: description function: truthy

Slide 24

Slide 24

local mocking

Slide 25

Slide 25

Prism > npm install -D @stoplight/prism-cli > npx prism mock news.yaml -p 8080 [17:13:00] › [CLI] … awaiting Starting Prism… [17:13:01] › [CLI] ℹ info GET http://127.0.0.1:8080/news [17:13:01] › [CLI] ▶ start Prism is listening on http://127.0.0.1:8080

Slide 26

Slide 26

local testing

Slide 27

Slide 27

Contract testing Create a test suite based directly on the spec Using a BDD framework Create a test suite based on a postman collection

Slide 28

Slide 28

Portman > npm install -D @apideck/portman > prism mock specs/news.yaml -p 8080 | portman -l specs/news.yaml -n

Slide 29

Slide 29

Portman ================================================================= Local Path: specs/news.yaml Portman Config: portman-config.default.json Postman Config: postman-config.default.json Environment: .env Inject Tests: true Run Newman: true Newman Iteration Data: false Upload to Postman: false ================================================================= ✔ Conversion successful ================================================================= Run Newman against: ================================================================= newman News API ❏ news ↳ get News GET http://localhost:8080/news [200 OK, 384B, 85ms] ✓ [GET]::/news - Status code is 2xx ✓ [GET]::/news - Content-Type is application/json ✓ [GET]::/news - Response has JSON Body

Slide 30

Slide 30

Load testing Smoke Load Stress Soak

Slide 31

Slide 31

postman-to-k6 > npm install -D postman-to-k6 > mkdir k6 > npx postman-to-k6 post-collections/news-postman-collection.json -o k6/news-k6-script.js

Slide 32

Slide 32

k6 > prism mock specs/news.yaml -p 8080 | k6 run k6/news-k6-script.js

Slide 33

Slide 33

k6 /\ /\ / \ / / \ / \ / __________
|‾‾| /‾‾/ /‾‾/ | |/ / / / | ( / ‾‾\ | |\ \ | (‾) | |__| _\ ____/ .io execution: local script: k6/news-k6-script.js output: scenarios: (100.00%) 1 scenario, 1 max VUs, 10m30s max duration (incl. graceful stop): * default: 1 iterations for each of 1 VUs (maxDuration: 10m0s, gracefulStop: 30s) running (00m00.0s), 0/1 VUs, 1 complete and 0 interrupted iterations default ✓ [======================================] 1 VUs 00m00.0s/10m0s data_received…………..: data_sent………………: http_req_blocked………..: http_req_connecting……..: http_req_duration……….: http_req_failed…………: http req receiving : 502 B 26 kB/s 134 B 7.0 kB/s avg=1.31ms min=1.31ms avg=237µs min=237µs avg=12.92ms min=12.92ms 100.00% ✓ 1 ✗ 0 avg=110µs min=110µs 1/1 iters, 1 per VU med=1.31ms max=1.31ms p(90)=1.31ms p(95 med=237µs max=237µs p(90)=237µs p(95 med=12.92ms max=12.92ms p(90)=12.92ms p(95 med=110µs max=110µs p(90)=110µs p(95

Slide 34

Slide 34

OpenAPI

Slide 35

Slide 35

YAML / JSON YAML is more human-readable JSON is more machine-readable Parsing JSON is faster ;)

Slide 36

Slide 36

Converting YAML to JSON > npm install -g yaml2json > yaml2json specs/news.yaml

Slide 37

Slide 37

Structure https://openapi-map.apihandyman.io

Slide 38

Slide 38

Splitting the structure for reuse and better overview == Design Library

Slide 39

Slide 39

Hard splitting one file per object

Slide 40

Slide 40

Soft splitting Depending on the size of the whole document or the objects

Slide 41

Slide 41

Use of references with $ref local ‘#/components/schemas/myElement’ remote ‘myElement.yaml’ url ‘http://path/to/your/myElement.yaml’

Slide 42

Slide 42

Something is needed to rebundle the files to one > npx @redocly/redocly-cli > redocly bundle specs/news.yaml —output output/news.yaml

Slide 43

Slide 43

Use of OpenAPI Extensions/X-Objects to handle own or vendor needs x-vendor-…​ x-…​ Supported by: root level info paths operation parameters responses tags security schemes

Slide 44

Slide 44

From API description to configuration as code OpenAPI with Extensions AWS Cloudformation AWS CDK Azure ARM Templates Azure Bicep Pulumi

Slide 45

Slide 45

Example AWS Cloudformation - API Spec openapi: 3.0.0 info: title: API Gateway OpenAPI Example version: 1.0.0 paths: /api/posts: get: summary: List Posts operationId: listPosts requestBody: required: true content: application/json: schema: ‘$ref’: ‘#/components/schemas/CreatePostRequestBody’ responses: ‘200’: description: Retrieve the list of Posts content: application/json: schema: ‘$ref’: ‘#/components/schemas/ListPostsResponseBody’ x-amazon-apigateway-integration:

Slide 46

Slide 46

Example AWS Cloudformation - S3 Bucket Stack AWSTemplateFormatVersion: 2010-09-09 Resources: ArtifactBucket: Type: AWS::S3::Bucket Outputs: ArtifactBucket: Description: The name of the artifact bucket Value: !Ref ArtifactBucket Export: Name: !Sub ${AWS::StackName}-artifact-bucket

Slide 47

Slide 47

Example AWS Cloudformation - AWS API-Gateway Stack AWSTemplateFormatVersion: ‘2010-09-09’ Parameters: ProjectId: Type: String Default: experiment Bucket: Type: String Default: api-gateway-openapi-artifact-bucke-artifactbucket-1wmq2pswrxwjw OpenAPIS3Key: Type: String Default: openapi.yaml Resources: Api: Type: AWS::ApiGateway::RestApi Properties: Name: !Ref AWS::StackName Description: ‘An experimental API’ FailOnWarnings: true

Slide 48

Slide 48

Some gateways vendors have their own toolsets for CaC which have to be integrated in an existing toolchain For example: Kong decK Inso (Insomnia CLI) Tyk Tyk Sync

Slide 49

Slide 49

Deployable Infrastructure based on the definition Gateways Portals Hubs Registries

Slide 50

Slide 50

Transformation to automation within CI/CD API first GIT Process Well structured and formed API specification Automated Linting Automated Testing Automated Deployment of revelant infrastructure

Slide 51

Slide 51

Slide 52

Slide 52

Should we build a framework on our own for this?

Slide 53

Slide 53

Missing Parts

Slide 54

Slide 54

Building SDKs

Slide 55

Slide 55

Security OWASP API Top 10 Security Best Practices

Slide 56

Slide 56

Policy (as Code) OPA Sentinel

Slide 57

Slide 57

Wrap Up Posts on codecentric blog: https://blog.codecentric.de/en/author/daniel-kocot/ Posts on my blog: https://danielkocot.github.io Posts on Medium: https://medium.com/@daniel.kocot

Slide 58

Slide 58

Q&A

Slide 59

Slide 59

Thank you

Slide 60

Slide 60

References Photo on slide 7 by Alice Dietrich on Unsplash Photo on slide 13 by Danial Igdery on Unsplash

Slide 61

Slide 61