- Description
- Tech Stack & Tools
- Project Architecture
- Allure Reporting Features
- Test Coverage
- Execution Guide
- CI/CD Workflow
This is the second part of the graduation project: an API Automation Framework for the Stellar Burgers service.
The suite validates core backend functionalities including user lifecycle management (registration, auth, profile updates) and complex order processing logic using the Requests library.
- Language: Python 3.13+
- Testing Framework: Pytest
- HTTP Client: Requests
- Reporting: Allure Framework
- CI/CD: GitHub Actions
Diplom_2/
├── .github/workflows/ # CI/CD pipeline configuration
├── allure-results/ # Raw test execution data (generated after run)
├── src/ # Support data and modules
│ ├── config.py # API Endpoints and Base URL
│ ├── data.py # Static test data#
│ ├── helpers.py # Random data generators
│
├── tests/ # API Test scenarios
│ ├── test_create_order.py
│ ├── test_create_user.py
│ ├── test_login_user.py
│ ├── test_update_and_change_user_data.py
│ ├── test_user_orders.py
│
├── conftest.py # Global fixtures (auth, user cleanup)
├── pytest.ini # Pytest & Allure configuration
├── requirements.txt # Project dependencies
└── README.md # Comprehensive project documentation
The project is integrated with the Allure Framework to provide deep visibility into the API automation process. Key features include:
- Request & Response Transparency: Comprehensive logging of HTTP requests (Endpoints, Headers, Payloads) and Server responses, enabling rapid debugging directly from the report interface.
- Functional Hierarchy: Tests are logically grouped by Features (e.g., User Management) and Stories (e.g., User Registration, Authorization), providing a structured overview for stakeholders.
- Data-Driven Visualization: Clear representation of parameterized test cases, showing exactly which input (e.g., missing email or invalid password) triggered a specific system response.
- Granular Step Execution: Detailed
@allure.steptracking for multi-stage processes, such as:- Dynamic user data generation.
- Account registration.
- Authentication and token retrieval.
- Final data validation or cleanup.
- Success & Failure Analysis: Instant access to failure reasons with embedded error messages and status code mismatches, reducing the time required for root-cause analysis.
The automation suite provides comprehensive coverage for the Stellar Burgers REST API, validating all core business processes and boundary cases:
- Registration:
- Successful creation of a unique user with dynamic data generation.
- Prevention of duplicate registrations (403 Forbidden).
- Validation of mandatory fields: ensuring registration fails if email, password, or name is missing.
- Authentication:
- Successful login with valid credentials and token retrieval (
accessToken,refreshToken). - Handling failed login attempts with incorrect or missing credentials (401 Unauthorized).
- Successful login with valid credentials and token retrieval (
- Profile Updates:
- Verifying that an authorized user can successfully update their email and name.
- Ensuring unauthorized users cannot modify profile data.
- Validation that the system prevents changing an email to one that is already registered.
- Order Creation:
- Successful order placement by an authorized user with valid ingredients.
- System behavior when an unauthorized user creates an order (verifying redirect or status).
- Error handling for orders created without ingredients (400 Bad Request).
- Stability check when sending invalid ingredient hashes (500 Internal Server Error).
- Order History:
- Retrieving a specific user's order list with proper authorization.
- Validating the response structure: presence of
orders,total, andtotalTodayfields. - Verification of data sorting (by
updatedAtin descending order) and the 50-order limit per response. - Ensuring unauthorized users cannot access any order history.
- Status Codes: Strict verification of HTTP response codes (200, 400, 401, 403, 500).
- JSON Schema: Validation of complex nested objects in API responses.
- Data Integrity: Cross-checking that the data sent in the request matches the data returned in the response.
Clone the repository and set up a local virtual environment to ensure dependency isolation:
- Clone repository
git clone https://github.com/AlyaSmirnova/Diplom_2 cd Diplom_2
📦 Repository: Sprint_5
- Create a virtual environment
python -m venv venv
- Activate the virtual environment
source venv/bin/activate
- Install required dependencies
$ pip install -r requirements.txt
The framework is pre-configured via pytest.ini. You can execute the full test suite with a single command:
pytest
To transform the test results into a visual, interactive HTML report:
allure serve allure-results
The project is fully automated using GitHub Actions. Upon every push to the main or develop2 branches, or any Pull Request creation:
- Environment Provisioning: A clean Ubuntu runner is initialized in the cloud environment.
- Dependency Management: The Python 3.13 environment is configured, and all required API libraries (
Requests,Pytest,Allure-pytest) are installed fromrequirements.txt. - Automated API Execution: The full suite of REST API tests is executed against the Stellar Burgers production/staging environment.
- Security & Auth Validation: Verification of Bearer-token authentication, access rights (401/403 errors), and data integrity.
- Artifact Collection: Allure execution data and JSON logs are collected to prepare the final report.
- Continuous Deployment: The Allure Report is automatically generated and deployed to GitHub Pages, providing a live dashboard of the API health.