TechNotes

Tag: technology

  • What makes PactumJS awesome? A quick look at its best features.

    What makes PactumJS awesome? A quick look at its best features.

    1. Introduction
      1. Fluent and expressive syntax
      2. Data Management
        1. Data Templates
        2. Data Store for Dynamic Values
      3. Built-In Schema Validation
      4. Flexible Assertions
      5. Default Configuration 
    2. Conclusion
    3. Resources

    Introduction

    I’ve spent a fair bit of time writing API test automation. After exploring a few JavaScript-based tools and libraries, I’ve found Pactum to be particularly powerful. I wanted to take a moment to share a brief overview of my experience and why I think it stands out.

    If you’re setting up a PactumJS project from scratch, I recommend starting with the official Quick Start guide, which covers installation and basic setup clearly. Additionally, this article by Marie Cruz offers a great walkthrough of writing API tests with PactumJS and Jest, especially useful for beginners.

    Fluent and expressive syntax

    One of the aspects I appreciate the most is how naturally you can chain descriptive methods from the spec object to build complex requests with support for headers, body payloads, query parameters, and more.

    Example: 

    it('POST with existing username and valid password', async () => {
        await spec()
            .post('/auth/login')             .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                '@DATA:TEMPLATE@': 'ExistingUser'
            })
            .expectStatus(200) # assertion
            .expectJsonSchema(authenticationSchema) # assertion
    })

    More on request making: https://github.com/pactumjs/pactum/wiki/API-Testing#request-making 

    Data Management

    Data Management is a critical aspect of test automation and often one of the more challenging pain points in any automation project. Test suites frequently reuse similar request payloads, making it difficult to maintain and organize these payloads when they are scattered across different test files or folders. Without a structured approach, this can lead to duplication, inconsistency, and increased maintenance overhead. So, it is important to have an intuitive way to handle data in the test framework. 

    In PactumJS, data management is typically handled using data templates and data stores. These help you define reusable request bodies, dynamic data, or test user information in a clean and maintainable way.

    Data Templates

    Data Templates help you define reusable request bodies and user credentials. Templates can also be locally customized within individual tests without affecting the original definition.

    For example, in testing different authentication scenarios:

    1. Valid credentials
    2. Invalid password
    3. Non-existing user

    Rather than hard-coding values in each test, as it is done below: 

    describe('/authenticate', () => {
    it('POST with existing username and valid password', async () => {
        await spec()
            .post('/auth/login')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                username: process.env.USERNAME,
                password: process.env.PASSWORD,
            })
            .expectStatus(200)
            .expectJsonSchema(authenticationSchema)
    })

    it('POST with existing username and invalid password', async () => {
        await spec()
            .post('/auth/login')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                username: process.env.USERNAME,
                password: faker.internet.password(),
            })
            .expectStatus(401)
            .expectJsonMatch('error', 'Invalid credentials')
    })

    it('POST with non-existing username and password', async () => {
        await spec()
            .post('/auth/login')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                username: faker.internet.username(),
                password: faker.internet.password(),
            })
            .expectStatus(401)
            .expectJsonMatch('error', 'Invalid credentials')
    })
})

    define reusable templates:

    // auth.js

export function registerAuthTemplates() {
  stash.addDataTemplate({
    ExistingUser: {
        username: process.env.USERNAME,
        password: process.env.PASSWORD,
    },
    NonExistingUser: {
        username: faker.internet.username(),
        password: faker.internet.password(),
    }
});
}

    Then load them in global setup:

    // registerDataTemplates.js

import { registerAuthTemplates } from "./auth.js";

export function registerAllDataTemplates() {
    registerAuthTemplates();
  }

    Now, tests become cleaner and easier to maintain:

     it('POST with non-existing username and password', async () => {
        await spec()
            .post('/auth/login')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                '@DATA:TEMPLATE@': 'NonExistingUser'
            })
            .expectStatus(401)
            .expectJsonMatch('error', 'Invalid credentials')
    })

    Want to override part of a template? 

    Use @OVERRIDES@:

     it('POST with existing username and invalid password', async () => {
        await spec()
            .post('/auth/login')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                '@DATA:TEMPLATE@': 'ExistingUser',
                '@OVERRIDES@': {
                    'password': faker.internet.password()
                  }
            })
            .expectStatus(401)
            .expectJsonMatch('error', 'Invalid credentials')
    })

    This approach improves consistency and reduces duplication. When credential details change, updates can be made centrally in the datafactory without touching individual tests. As a result, test logic remains clean, focused on validating behaviour rather than being cluttered with data setup.

    More information on data templates: https://pactumjs.github.io/guides/data-management.html#data-template 

    Data Store for Dynamic Values

    In integration and e2e API testing, one common challenge is managing dynamic data between requests. For example, you might need to extract an authentication token from an authentication response and use it in the header of subsequent requests. Without a clean way to store and reuse this data, tests can become messy, brittle, and hard to maintain.

    PactumJS provides a data store feature that allows you to save custom response data during test execution in a clean way.

    Example:

    Suppose you want to send a POST request to create a room, but the endpoint requires authentication. First, you make an authentication request and receive a token in the response. Using data store functionality, you can capture and store this token, then inject it into the headers of the room creation request. 

    describe('POST Create a New Room', () => {

    beforeEach(async () => {
        await spec()
            .post('/auth/login')
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                '@DATA:TEMPLATE@': 'ExistingUser'
            }).stores('token', 'token')
    });


    it('POST: Create a New Room', async () => {
        await spec()
            .post('/room')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withHeaders('Cookie', 'token=$S{token}')
            .withJson({ '@DATA:TEMPLATE@': 'RandomRoom' })
            .expectStatus(200)
            .expectBody({
                "success": true
            })

})

    Data store functionality also supports json-query libraries. It enables you to extract and store specific values from complex JSON responses. This is particularly helpful when dealing with nested structures, where you only need to capture a portion of the response—such as an ID, token, or status—from a larger payload.

    Example:

    await spec()
            .get('/room')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .expectStatus(200)
            .stores('roomId', `rooms[roomName=${roomName}].roomid`);

        await spec()
            .get(`/room/$S{roomId}`)
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .expectStatus(200)
            .expectJson('roomName', roomName);
    })

    More on data store: https://pactumjs.github.io/guides/data-management.html#data-store 

    Built-In Schema Validation

    Unlike other setups that require integrating libraries like zod, ajv, or custom helper functions, PactumJS allows you to validate JSON responses using the expectJsonSchema method. All you need to do is define the expected schema and apply it directly in your test, no extra configuration needed.

    For example, in an authentication test case, the response schema is defined in a separate data factory:

    export const authenticationSchema = {
    "type": "object",
    "properties": {
        "token": {
            "type": "string"
        }
    },
    "additionalProperties": false,
    "required": ["token"]
}

    You can then validate the structure of the response like this:

    it('POST with existing username and valid password', async () => {
        await spec()
            .post('/auth/login')
            .inspect()
            .withHeaders('Content-Type', 'application/json')
            .withJson({
                '@DATA:TEMPLATE@': 'ExistingUser'
            })
            .expectStatus(200)
            .expectJsonSchema(authenticationSchema)
    })

    Flexible Assertions

    Most REST API responses return data in JSON format that must be validated. Fortunately, PactumJS provides a powerful and expressive assertion system that goes far beyond basic status code checks. Its assertion system allows for 

    1. Deep JSON matching:
    await spec()
    .get(`/room/$S{roomId}`)
    .inspect()
    .expectStatus(200)
    .expectJson('roomName', roomName);
})
    it('POST with non-existing username and password', async () => {
     await spec()
        .post('/auth/login')
        .inspect()
        .withJson({
            '@DATA:TEMPLATE@': 'NonExistingUser'
        })
        .expectStatus(401)
        .expectJsonMatch('error', 'Invalid credentials')
    })
    1. Partial comparisons:
    it('posts should have a item with title -"some title"', async () => {
  const response = await pactum.spec()
    .get('https://jsonplaceholder.typicode.com/posts')
    .expectStatus(200)
    .expectJsonLike([
      {
        "userId": /\d+/,
        "title": "some title"
      }
    ]);
});
    1. Path-Based Validation:
    it('get people', async () => {
  const response = await pactum.spec()
    .get('https://some-api/people')
    .expectStatus(200)
    .expectJson({
      people: [
        { name: 'Matt', country: 'NZ' },
        { name: 'Pete', country: 'AU' },
        { name: 'Mike', country: 'NZ' }
      ]
    })
    .expectJsonAt('people[country=NZ].name', 'Matt')
    .expectJsonAt('people[*].name', ['Matt', 'Pete', 'Mike']);
});
    1. Dynamic Runtime Expressions:
    it('get users', async () => {
  await pactum.spec()
    .get('/api/users')
    .expectJsonLike('$V.length === 10'); // api should return an array with length 10
    .expectJsonLike([
      {
        id: 'typeof $V === "string"',
        name: 'jon',
        age: '$V > 30' // age should be greater than 30
      }
    ]);
});

    And all of them are in a clean and readable format. 

    For example, you can validate only parts of a response, use regex or custom matchers, and even plug in JavaScript expressions or reusable assertion handlers. In my opinion, this level of granularity is a game-changer compared to assertion styles in other frameworks.

    Check more in the official documentation: https://github.com/pactumjs/pactum/wiki/API-Testing#response-validation 

    Default Configuration 

    To reduce repetition and keep tests clean, PactumJS allows you to define default values that apply globally across your test suite — such as headers, base URL, and request timeouts. This helps maintain consistency and simplifies test configuration.

    Here’s how it can be implemented:

    before(() => {
  request.setBaseUrl(process.env.BASE_URL);
  request.setDefaultHeaders('Content-Type', 'application/json');
});

    More information you can find here: https://github.com/pactumjs/pactum/wiki/API-Testing#request-settings 

    Conclusion

    In my experience, PactumJS has proven to be a well-designed and developer-friendly tool for API test automation. Its fluent syntax, robust data handling, and built-in features like schema validation and dynamic stores eliminate the need for developing third-party solutions for the test framework.

    If you’re working with API testing in JavaScript / Typescript, PactumJS is definitely worth a look.

    Resources

    1. You can find the complete set of test cases, data templates, and helper functions shown in this post in the GitHub Repo
    2. Official PactumJS Documentation: https://pactumjs.github.io/ 
    3. PactumJS WiKi Page: https://github.com/pactumjs/pactum/wiki/API-Testing 
    4. Code Examples in PactumJS GitHub: https://github.com/pactumjs/pactum-examples 
  • Automating Contract Testing in a CI/CD Pipeline with GitHub Actions

    Automating Contract Testing in a CI/CD Pipeline with GitHub Actions

    Using a Pact Broker to Manage Contracts Across Microservices

    In the previous article, I raised an important question: What if the provider and consumer microservices do not share the same repository but still need access to the contract from a third-party source? The solution to this challenge is the Pact Broker.

    In this article, we will explore how the Pact Broker works and how to implement pipeline using GitHub Actions.

    When Do You Need a Pact Broker?

    A Pact Broker is essential in scenarios where:

    • The provider and consumer microservices are in separate repositories but must share the same contract.
    • You need to manage contracts across different branches and environments.
    • Coordinating releases between multiple teams is required.

    Options for Setting Up a Pact Broker

    There are multiple ways to set up a Pact Broker:

    1. Own Contract Storage Solution – Implement your own contract-sharing mechanism.
    2. Hosted Pact Broker (PactFlow) – A cloud-based solution provided by SmartBear.
    3. Self-Hosted Open-Source Pact Broker – Deploy and manage the Pact Broker on your infrastructure.

    As a starting point, PactFlow is a great solution due to its ease of use.

    Publishing Contracts to the Pact Broker

    For demonstration purposes, we will use the free version of PactFlow. Follow these steps to publish contracts:

    1. Sign Up for PactFlow

    Visit PactFlow and create a free account.

    2. Retrieve Required Credentials

    • Broker URL: Copy the URL from the address bar (e.g., https://custom.pactflow.io/).
    • Broker API Token: Navigate to Settings → API Tokens and copy the read/write token for CI/CD pipeline authentication.

    3. Setting Up a CI/CD Pipeline with GitHub Actions

    Setting up CI/CD pipeline using GitHub Actions.

    We will configure GitHub Actions to trigger on a push or merge to the main branch. The workflow consists of the steps displayed on the diagram.

    To set up GitHub Actions, create a .yml file in the .github/workflows directory. In this example, we’ll use contract-test-sample.yml:

    name: Run contract tests

on: push

env:
  PACT_BROKER_BASE_URL: ${{ secrets.PACT_BROKER_BASE_URL }}
  PACT_BROKER_TOKEN: ${{ secrets.PACT_BROKER_TOKEN }}

jobs:
  contract-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 18
      - name: Install dependencies
        run: npm install
      - name: Run web consumer contract tests
        run: npm run test:consumer
      - name: Publish contract to PactFlow
        run: npm run publish:pact
      - name: Run provider contract tests
        run: npm run test:provider

    Before running the workflow, store the required secrets in your GitHub repository:

    1. Navigate to Repository → Settings → Secrets and Variables.
    2. Create two secrets:
      • PACT_BROKER_BASE_URL
      • PACT_BROKER_TOKEN

    Save, commit, and push your changes to the remote repository.

    Navigate to the Actions tab in GitHub to verify if the pipeline runs successfully.

    You should see all the steps running successfully like on the screenshot below:

    7. Verifying the Contract in PactFlow

    Once the pipeline runs successfully:

    • Navigate to PactFlow.
    • Verify if the contract has been published.
    • You should see two microservices and the contract established between them.
    Two microservices – Library Consumer and Library Provider
    Pact between two microservices, which is published and stored in PactFlow

    Configuring Contract Versioning

    If there are changes in the contract (e.g., if a new version of a consumer or provider is released), versioning should evolve too. Automating this process is crucial.

    A recommended approach is using GitHub Commit ID (SHA), ensuring that contract versions are traceable to relevant code changes.

    1. Define the Versioning Variable

    In the contract-test-sample.yml file, introduce a new environment variable GITHUB_SHA:

    GITHUB_SHA: ${{ github.sha }}

    2. Update the Pact Publish Script

    Modify the pact:publish script to use the automatically generated version:

    "publish:pact": "pact-broker publish ./pacts --consumer-app-version=$GITHUB_SHA --tag=main --broker-base-url=$PACT_BROKER_BASE_URL --broker-token=$PACT_BROKER_TOKEN"

    3. Update provider options with providerVersion value:

    const opts = {
            provider: "LibraryProvider",
            providerBaseUrl: "http://localhost:3000",
            pactBrokerToken: process.env.PACT_BROKER_TOKEN,
            providerVersion: process.env.GITHUB_SHA,
            publishVerificationResult: true,
            stateHandlers: {
                "A book with ID 1 exists": () => {
                    return Promise.resolve("Book with ID 1 exists")
                },
            },
        }

    Configuring Branches for Contract Management

    If multiple people are working on the product in different branches, it is crucial to assign contracts to specific branches to ensure accurate verification.

    1. Define the Branching Variable

    Add GITHUB_BRANCH to the .yml file:

    GITHUB_BRANCH: ${{ github.ref_name }}

    2. Update the Pact Publish Script for Branching

    Modify pact:publish to associate contracts with specific branches:

    "publish:pact": "pact-broker publish ./pacts --consumer-app-version=$GITHUB_SHA --branch=$GITHUB_BRANCH --broker-base-url=$PACT_BROKER_BASE_URL --broker-token=$PACT_BROKER_TOKEN"

    3. Update provider options with providerVersionBranch value:

    const opts = {
            provider: "LibraryProvider",
            providerBaseUrl: "http://localhost:3000",
            pactBrokerToken: process.env.PACT_BROKER_TOKEN,
            providerVersion: process.env.GITHUB_SHA,
            providerVersionBranch: process.env.GITHUB_BRANCH,
            publishVerificationResult: true,
            stateHandlers: {
                "A book with ID 1 exists": () => {
                    return Promise.resolve("Book with ID 1 exists")
                },
            },
        }

    Using the can-i-deploy tool

    The can-i-deploy tool is a Pact feature that queries the matrix table to verify if a contract version is safe to deploy. This ensures that new changes are successfully verified against the currently deployed versions in the environment.

    Running can-i-deploy for consumer:

    pact-broker can-i-deploy --pacticipant LibraryConsumer --version=$GITHUB_SHA

    Running can-i-deploy for provider:

    pact-broker can-i-deploy --pacticipant LibraryProvider --version=$GITHUB_SHA

    If successful, it confirms that the contract is verified and ready for deployment.

    To reuse these commands, we will create scripts for verification in package.json file:

    "can:i:deploy:consumer": "pact-broker can-i-deploy --pacticipant LibraryConsumer --version=$GITHUB_SHA"

"can:i:deploy:provider": "pact-broker can-i-deploy --pacticipant LibraryProvider --version=$GITHUB_SHA"

    And then update GitHub Actions pipeline:

    name: Run contract tests

on: push

env:
  PACT_BROKER_BASE_URL: ${{ secrets.PACT_BROKER_BASE_URL }}
  PACT_BROKER_TOKEN: ${{ secrets.PACT_BROKER_TOKEN }}
  GITHUB_SHA: ${{ github.sha }}
  GITHUB_BRANCH: ${{ github.ref_name }}

jobs:
  contract-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 18
      - name: Install dependencies
        run: npm i
      - name: Run web consumer contract tests
        run: npm run test:consumer
      - name: Publish contract to Pactflow
        run: npm run publish:pact
      - name: Run provider contract tests
        run: npm run test:provider
      - name: Can I deploy consumer?
        run: npm run can:i:deploy:consumer
      - name: Can I deploy provider?
        run: npm run can:i:deploy:provider

    Add changes, commit and push. Navigate to the Actions tab in GitHub to verify if the pipeline runs successfully.

    You should see all the steps running successfully like on the screenshot below:

    GitHub Actions pipeline contains extra steps, which verify if a contract version is safe to deploy

    Conclusion

    The Pact Broker is important for managing contracts across microservices, ensuring smooth collaboration between independent services. By automating contract versioning, branch-based contract management, and deployment workflows using GitHub Actions, teams can can reduce deployment risks, improve service reliability, and speed-up release cycles.

    For a complete implementation, refer to the final version of the code in the repository.

  • Contract Testing: Who’s Who in the Process

    Contract Testing: Who’s Who in the Process

    Introduction

    Today, I want to introduce you to the concept of contract testing using an analogy—buying the house of your dreams 🏡. Whether you already own your dream home or are still searching for it, you probably know the excitement and anticipation that comes with the process.

    Imagine you’ve finally found the perfect house. You’re happy to move forward, but before the keys are in your hand, it’s crucial to set clear expectations with the seller. This involves agreeing on the details: the price, the condition of the house, and any other terms. To formalize this, a contract is drawn up, and a neutral party, like a notary or bank, helps ensure everything is clear and fair.

    This scenario mirrors contract testing in software development, where a consumer (the buyer) and a provider (the seller) agree on a contract to ensure their interactions meet expectations. The contract broker (like the notary) acts as a mediator to validate and enforce these agreements.

    Let’s break this analogy down further.

    Consumer.

    In this scenario you’re a consumer. You have specific expectations: size, number of rooms, location, price, neighbourhood, etc. 

    In contract testing, the consumer is a service or application that needs to consume data or services from a provider. The consumer is usually a web or mobile application making a request to a backend service, also it could be another service calling a backend service.  

    A consumer test verifies that the consumer correctly creates requests, handles provider responses as expected, and uncovers any misunderstandings about the provider’s behavior.

    Provider

    Then, the seller is the person offering the house. They promise certain features in the house: a garden, a modern kitchen, friendly neighbourhood and so on. 

    Provider on the other side of the consumer in contract testing that promises to deliver specific data or functionality. Usually it is a backend service. 

    Contract

    The contract is the written agreement between you and the seller. It ensures both parties understand and agree on what is being provided and what is expected (e.g., the price, delivery date, features of the house).

    The contract is no different in software. The contract is a formal agreement between the consumer and provider about how they will interact (e.g., API specifications, request/response formats).

    Hmmm.. not really! Contract isn’t the same as JSON Schema. This article explains well the difference between schema-based and contract-based testing. 

    In short: A schema is a structural blueprint or definition of how data in JSON is organized. It describes the structure, format, and relationships of data. 

    But the schema does not specify how the data should be used, when it should be provided, or how the interaction between the consumer and provider should behave. It’s purely about the data format and structure.

    A contract includes the schema but also goes beyond it to define the behavioral and interaction agreements between the consumer and provider.

    Contract includes following data:

    • The name of the consumer and provider
    • Data requirements for the request
    • Interactions between consumer and provider
    • Matching rules for the dynamic values
    • Environment and deployment information

    Contract Broker

    The contract broker, like a bank or notary, helps validate and mediate the agreement. They ensure that both parties adhere to their commitments.

    In contract testing, the contract broker could be a tool or framework (e.g., Pact) that stores and validates contracts. It ensures the provider and consumer stick to their agreed-upon specifications.

    The broker helps verify the compatibility between the two parties independently, ensuring that both can work together smoothly.

    Can-I-Deploy Tool

    To enable consumers and providers to check if they can deploy their changes to production, Pact provides a command-line interface (CLI) tool called can-i-deploy, which enables consumer and provider to determine the verification status of the contract.

    Contract testing approaches

    There are mainly two ways to approach contract testing:

    • The consumer-driven contract testing (CDCT) approach
    • The provider-driven contract testing (PDCT) approach

    In these series I am going to discuss traditional CDCT approach.

    Consumer-Driven Testing

    In the consumer-driven approach the consumer is driving the contract. As a consumer before finalizing the house purchase, you might inspect the house to confirm it meets your expectations and publish your expectations as a contract to the broker. On another side,  the seller must ensure their house is as described in the contract and ready for sale. This is like provider-side testing, ensuring they deliver what the contract specifies.

    Contract testing ensures that consumers (buyers) and providers (sellers) are on the same page regarding their expectations and deliverables, with a broker (notary or bank) facilitating the process. This approach reduces the risk of miscommunication and ensures smooth collaboration—whether you’re buying a house or building software systems.

    Conclusion

    Contract testing acts as the bridge between consumers and providers, ensuring smooth collaboration. Much like finalizing the purchase of your dream house, both parties agree on a contract that outlines expectations and deliverables, with a broker ensuring everything aligns. Whether you’re buying a house or developing software, clear agreements lead to smoother outcomes!

    Next, we’ll explore the application under test and hit the ground running with implementation!

  • “Shift-Left” Testing Strategy with Contract Testing. Introduction.

    “Shift-Left” Testing Strategy with Contract Testing. Introduction.

    The Inspiration Behind This Series

    At the end of 2024, I ordered a book Contract Testing in Action and had been waiting for the right moment to start exploring. Recently, I finally read through most of its chapters and found its insights to be handy for development teams working with microservice architectures. Inspired by the knowledge and ideas from the book, I decided to write a series of articles to share what I’ve learned and explore how these concepts can be effectively applied in real-world scenarios. This introductory article serves as the starting point, explaining what contract testing is and how it fits into a broader testing strategy.

    Testing Strategy for Microservices.

    Over the past few decades, microservice architecture became a crucial way of building modern, scalable, and reliable applications. Traditional monolithic systems, where the database and all business logic seats under a single, tightly coupled structure, have gradually taken a backseat. In their place, independently deployable and modular services—known as microservices — have became the foundation of contemporary software development. This shift enables product teams to deliver features faster and more efficiently. However, with this huge leap comes the challenge with ensuring that each microservice operates correctly both in isolation and as part of larger systems. So, planning and executing testing strategies becomes an important component of the development lifecycle. 

    The most widespread scheme of testing of any system is the one which is proposed by  Mike Cohn in his book ‘Succeeding with Agile’.

    Source: https://semaphoreci.com/blog/testing-pyramid

    Microservices often rely on APIs to exchange data, with some services acting as providers (offering data) and others as consumers (requesting and processing data). Without a clear and tested agreement—or contract—between these services, even minor changes in one service can lead to failures across the system. This is where contract testing becomes invaluable and should be included into the pyramid as well. 

    Here is the adjusted version of the pyramid:

    Why is contract testing so important?

    Let’s take a real-life example with a banking application. Imagine a banking application with the following teams and components:

    1. Frontend Application (Consumer):
      Built by a frontend team, this React-based web app allows customers to view their account balance and transaction history by making API calls to the backend.
    2. Backend API (Provider):
      Managed by a backend team, the API provides endpoints for account details, including:
      • /account/{id}/balance – Returns the account balance.

    The frontend app is integrated with the backend API, expecting the following responses:

    Account Balance Endpoint (GET /account/{id}/balance):

    {
  "accountId": "12345",
  "balance": 5000
}

    On Friday Evening the backend engineer decides to improve the /account/{id}/balance response to rename accountId to id. The new response structure looks like this:

    {
  "id": "12345",
  "balance": 5000
}

    The engineer deploys the change, thinking it’s a harmless addition. No contract tests are in place to verify compatibility with the frontend.

    Result:

    The frontend app’s code does not recognise the renamed accountId field and instead tries to access id under the old key. This results in an error when parsing the JSON response, as the frontend is still expecting the accountId field. As a result, the frontend fails to display the account balance and shows a blank page or an error message to customers.

    Impact Over the Weekend:

    • Customers are unable to check their account balance, leading to frustration and confusion.
    • The frontend team was unaware of the backend change until Monday morning, as there were no contract tests in place to alert them about the breaking change.
    • The downtime disrupts the customer experience, potentially destroying trust in the banking application and impacting the reputation of the service.

    What could be done better?

    With contract testing, the frontend and backend teams define a clear agreement (the “contract”) about API interactions, specifying expected fields and data types. Before deployment, both consumer (frontend) and provider (backend) teams run tests to ensure compatibility, catching issues early. By integrating contract tests into the CI/CD pipeline, breaking changes are flagged during development or staging, preventing them from reaching production. This approach ensures smooth communication between services, reduces downtime, and enforces better collaboration between teams.

    What is Contract Testing in a nutshell?

    Contract testing is a technique for testing an integration point by checking each application in isolation to ensure the messages it sends or receives conform to a shared understanding that is documented in a “contract”.

    Source: Pact Documentation.

    The contract is a JSON file containing the names of the two interacting systems: in this case, the web application and backend server. The contract also lists all interactions between the two systems. 

    In the context of the test automation pyramid, contract testing bridges the gap between unit tests and end-to-end tests by focusing on the interactions between microservices. It ensures that the consumer and provider services adhere to a shared agreement (the “contract”) regarding APIs, such as expected request and response structures. By having contract testing in place, it proactively identifies and addresses these compatibility problems earlier in the development cycle.

    There is an insightful diagram in the book “Contract Testing in Action” that illustrates how some test cases can be shifted to contract tests. This shift moves them lower in the test automation pyramid, enabling issues to be identified earlier in the development lifecycle. 

    Source: Contract Testing in Action book

    As microservices continue to dominate the landscape of software development, adopting contract testing is no longer optional—it is essential. By incorporating this practice, teams can build scalable, reliable, and user-focused applications, providing a smooth experience for end users and ensuring strong collaboration across development teams.

    In the upcoming articles, we will meet contract testing players and focus on the practical implementation of contract testing, exploring tools, techniques, and best practices to integrate testing strategy into development workflow.

    As I continue learning, I also began compiling a repository of helpful resources on contract testing to serve as a reference for myself and others exploring this topic.