API of Allure Testops
The description if all the API methods available in Allure Testops can be found by accessing the following URL: <TESTOPS>/swagger-ui.html
Limitations
All the API methods described could be used in your applications to retrieve, manage the information in Allure Testops.
There is one exception – the upload of the test results. Upload of the tests results is a proprietary workflow which could be changed any time without any notice and without any support from our side.
There is only safe and proper way to upload test results to Allure Testops – using the tools developed by Qameta Software; these are especially designed for this purpose – CI plug-ins (e.g. Allure Testops Jenkins plug-in), or allurectl
which will always support correct workflow and will guarantee the system's performance won't degrade.
Swagger page
Swagger section of Allure Testops has two main sections dedicated to API of i) report service, ii) uaa service.
API or report service
API of report service is needed to create, manage retrieve the data related to your tests:
- test cases
- test results
- launches
- statistics
- etc.
API of uaa service
API of report service is needed to create, manage retrieve the data related to Allure Testops users, license
Try it out
You can try out the API methods right in Swagger UI.
Swagger UI will show you the curl string which was used, all the parameters and will show the results of API method execution.
Authentication
When you are using swagger page to try an API call, then you are automatically authenticated via application cookies, and there are no additional parameters are required from your side for the authentication purposes.
Despite the swagger API calls contain a XSRF-TOKEN, this is not a token used for the authentication but a parameter used to prevent cross-site requests forgery. See here for the reference: https://duckduckgo.com/?q=XSRF-TOKEN
When developing your own integration using one of the programming languages, you need to be properly authenticated in Allure Testops to be able to call API methods.
For single API call you can use API token, but big amount of API calls will require a lot of CPU resources and could cause OOM failures on UAA service side if the CPU load will exceed the dedicated resources.
If you are going to use many API calls, you need to use Bearer token.
Small amount of API calls
The authentication is done using of API token which you need to generate in your profile.
When the API token is created you need to use it as in example below:
export ENDPOINT="http://localhost:8080"
export API_TOKEN="78e5e1bb-6329-483e-9b34-39fb223b19a1"
export PROJECT_ID=1
export AQL='true'
echo "Getting information about failed tests"
curl -s -G "${ENDPOINT}/api/rs/testcase/__search" \
--header "Accept: application/json" \
--header "Authorization: Api-Token ${API_TOKEN}" \
--data-urlencode "projectId=${PROJECT_ID}" \
--data-urlencode "rql=${AQL}" \
--data-urlencode "page=0" \
--data-urlencode "size=1"
This means the header --header "Authorization: Api-Token ${API_TOKEN}"
is to be added to each request you send to Allure Testops.
Considerable amount of API calls
If you perform a lot (say 1-2 API calls per a test case or per a test result in one go) of updates in Allure Testops using API calls, the usage of the authentication described above could cause crash of UAA service due to the lack of CPU resources. For mass usage of API calls we recommend doing the usage of Bearer token for the autentication as follows:
- Generate Bearer token
- Use Bearer token for the authentication of your API requests.
Generation of Bearer token
export ENDPOINT="https://demo.testops.cloud"
export USER_TOKEN="ef06773a-544b-4f0b-ad53-5a11972c8b74"
echo "Obtaining jwt token"
JWT_TOKEN=$(curl -s -X POST "${ENDPOINT}/api/uaa/oauth/token" \
--header "Expect:" \
--header "Accept: application/json" \
--form "grant_type=apitoken" \
--form "scope=openid" \
--form "token=${USER_TOKEN}" \
| jq -r .access_token)
Usage of Bearer token for the authentication of API requests
echo "Getting user information"
curl -s -G "${ENDPOINT}/api/uaa/me" \
--header "Accept: application/json" \
--header "Authorization: Bearer ${JWT_TOKEN}"
Validity of bearer token
Bearer token is generated by Allure Testops with limited validity which by default is 1 hour and this duration is defined by your instance configuration settings via ALLURE_JWT_ACCESS_TOKEN_VALIDITY_SECONDS
parameter.