roost-io · harishagrawal · Dec 8, 2025
diff --git a/Roost-README.md b/Roost-README.md
@@ -0,0 +1,25 @@
+
+# RoostGPT generated pytest code for API Testing
+
+RoostGPT generats code in `tests` folder within given project path.
+Dependency file i.e. `requirements-roost.txt` is also created in the given project path
+
+Below are the sample steps to run the generated tests. Sample commands contains use of package manager i.e. `uv`. Alternatively python and pip can be used directly. 
+1. ( Optional ) Create virtual Env .
+2. Install dependencies
+```
+uv venv                                   // Create virtual Env
+uv pip install -r requirements-roost.txt  // Install all dependencies
+
+```
+
+Test configurations and test_data is loaded from config.yml. e.g. API HOST, auth, common path parameters of endpoint. 
+Either set defalt value in this config.yml file OR use ENV. e.g. export API_HOST="https://example.com/api/v2"
+
+Once configuration values are set, use below commands to run the tests.
+```
+// Run generated tests
+uv run pytest -m smoke                    // Run only smoke tests
+uv run pytest -s tests/generated-test.py  // Run specific test file
+```
+
diff --git a/requirements-roost.txt b/requirements-roost.txt
@@ -0,0 +1,14 @@
+
+connexion
+Flask
+flask_testing
+jsonschema
+pytest
+python_dateutil
+PyYAML
+referencing
+Requests
+setuptools
+six
+urllib3
+xmltodict
diff --git a/tests/MEDUSA_STOREFRONT_API/api.json b/tests/MEDUSA_STOREFRONT_API/api.json
diff --git a/tests/MEDUSA_STOREFRONT_API/auth_customer_auth_provider_update.json b/tests/MEDUSA_STOREFRONT_API/auth_customer_auth_provider_update.json
@@ -0,0 +1,62 @@
+[
+  {
+    "auth_provider": "emailpassword",
+    "statusCode": 200,
+    "scenario": "Successful responses: OK"
+  },
+  {
+    "auth_provider": "auth0",
+    "statusCode": 200,
+    "scenario": "Successful responses: OK"
+  },
+  {
+    "auth_provider": "invalid provider!",
+    "statusCode": 400,
+    "scenario": "Client error responses: Bad Request"
+  },
+  {
+    "auth_provider": "google",
+    "statusCode": 401,
+    "scenario": "Client error responses: Unauthorized"
+  },
+  {
+    "auth_provider": "twitter",
+    "statusCode": 404,
+    "scenario": "Client error responses: Not Found"
+  },
+  {
+    "auth_provider": "line",
+    "statusCode": 404,
+    "scenario": "Client error responses: Not Found"
+  },
+  {
+    "auth_provider": "apple",
+    "statusCode": 409,
+    "scenario": "Client error responses: Conflict"
+  },
+  {
+    "auth_provider": "emailpassword",
+    "statusCode": 422,
+    "scenario": "Client error responses: Unprocessable Entity"
+  },
+  {
+    "auth_provider": "facebook",
+    "statusCode": 500,
+    "scenario": "Server error responses: Internal Server Error"
+  },
+  {
+    "auth_provider": "github",
+    "statusCode": 400,
+    "scenario": "Client error responses: Bad Request"
+  },
+  {
+    "auth_provider": "okta",
+    "statusCode": 409,
+    "scenario": "Client error responses: Conflict"
+  },
+  {
+    "auth_provider": "saml",
+    "statusCode": 422,
+    "scenario": "Client error responses: Unprocessable Entity"
+  }
+]
diff --git a/tests/MEDUSA_STOREFRONT_API/config.yml b/tests/MEDUSA_STOREFRONT_API/config.yml
@@ -0,0 +1,27 @@
+
+# This config.yml contains user provided data for api testing. Allows to define values here or use ENV to load values. e.g. ENV[API_HOST] = "https://exampl2.com"
+# api:
+#   host: "${API_HOST:-https://example.com/api/v2}" # includes base path
+# auth:
+#   api_key: "${API_KEY:-}"
+#   api_key_header: "${KEYNAME:-DefaultValue}"     # openapi.spec.security.KEY_NAME
+#   basic_auth: "${username:-}:${password:-}"
+# test_data:
+#   id: "${TEST_ID:-282739-1238371-219393-2833}"    # Any test data key value pair e.g. GET /api/v1/cart/:id
+#   context-id: "${TEST_context-id:-}"              #                                   GET /api/v1/{context-id}/summary
+
+
+
+api:
+  host: "${MEDUSA_STOREFRONT_API_BASE_URL:-https://api.medusajs.com}"
+auth:
+  jwt_token: "${JWT_TOKEN:-}"
+  cookie_auth: "${connect.sid:-}"
+  reset_password: "${RESET_TOKEN:-}"
+test_data:
+  auth_provider: "${TEST_auth_provider:-}"
+  id: "${TEST_id:-}"
+  line_id: "${TEST_line_id:-}"
+  code: "${TEST_code:-}"
+  address_id: "${TEST_address_id:-}"
+  idOrCode: "${TEST_idOrCode:-}"
diff --git a/tests/MEDUSA_STOREFRONT_API/conftest.py b/tests/MEDUSA_STOREFRONT_API/conftest.py
@@ -0,0 +1,238 @@
+import os
+import json
+import re
+from pathlib import Path
+
+import pytest
+import requests
+import yaml
+from requests.adapters import HTTPAdapter
+from urllib3.util.retry import Retry
+
+
+_ENV_VAR_PATTERN = re.compile(r"\$\{([^}:s]+):-([^}]+)\}")
+
+
+def _expand_env_vars(value):
+    def _expand_str(s: str) -> str:
+        # Expand all ${VAR:-default} occurrences with environment or default
+        def repl(match: re.Match) -> str:
+            var_name = match.group(1)
+            default_val = match.group(2)
+            env_val = os.environ.get(var_name)
+            if env_val is None or env_val == "":
+                return default_val
+            return env_val
+
+        # Keep expanding until no further matches (handles nested expansions)
+        prev = None
+        current = s
+        while prev != current and _ENV_VAR_PATTERN.search(current):
+            prev = current
+            current = _ENV_VAR_PATTERN.sub(repl, current)
+        return current
+
+    if isinstance(value, dict):
+        return {k: _expand_env_vars(v) for k, v in value.items()}
+    if isinstance(value, list):
+        return [_expand_env_vars(v) for v in value]
+    if isinstance(value, str):
+        return _expand_str(value)
+    return value
+
+
+def _load_yaml_config(file_path: Path) -> dict:
+    if not file_path.exists():
+        raise pytest.UsageError(f"config.yml not found at: {file_path}")
+    try:
+        with file_path.open("r", encoding="utf-8") as f:
+            data = yaml.safe_load(f) or {}
+    except yaml.YAMLError as e:
+        raise pytest.UsageError(f"Invalid YAML in config.yml: {e}") from e
+    except Exception as e:
+        raise pytest.UsageError(f"Could not read config.yml: {e}") from e
+    return _expand_env_vars(data)
+
+
+@pytest.fixture(scope="session")
+def config():
+    base_dir = Path(__file__).parent
+    config_path = base_dir / "config.yml"
+    return _load_yaml_config(config_path)
+
+
+@pytest.fixture
+def load_endpoint_test_data(request):
+    def _loader(path):
+        if isinstance(path, Path):
+            candidate_paths = [path]
+        else:
+            path = str(path)
+            candidate_paths = [
+                Path(path),
+                Path(request.fspath).parent.joinpath(path),
+                Path(__file__).parent.joinpath(path),
+                Path.cwd().joinpath(path),
+            ]
+        target = next((p for p in candidate_paths if p.exists() and p.is_file()), None)
+        if target is None:
+            raise pytest.UsageError(
+                f"Endpoint test data JSON file not found. Tried: {', '.join(str(p) for p in candidate_paths)}"
+            )
+        try:
+            with target.open("r", encoding="utf-8") as f:
+                return json.load(f)
+        except json.JSONDecodeError as e:
+            raise pytest.UsageError(f"Invalid JSON in {target}: {e}") from e
+        except Exception as e:
+            raise pytest.UsageError(f"Could not read JSON file {target}: {e}") from e
+
+    return _loader
+
+
+@pytest.fixture
+def merged_test_data(config, load_endpoint_test_data):
+    def _merge(path=None, data=None):
+        base = config.get("test_data") or {}
+        base = dict(base) if isinstance(base, dict) else {}
+        endpoint_data = {}
+        if path:
+            endpoint_data = load_endpoint_test_data(path) or {}
+        if data and isinstance(data, dict):
+            # If both JSON and provided data have same keys, last one wins (data)
+            endpoint_data.update(data)
+        # Endpoint test data overrides config.yml test_data
+        merged = dict(base)
+        merged.update(endpoint_data)
+        return merged
+
+    return _merge
+
+
+class APIClient:
+    def __init__(
+        self,
+        base_url: str,
+        timeout: float = 30.0,
+        retries: int = 3,
+        backoff_factor: float = 0.3,
+        status_forcelist=None,
+        default_headers=None,
+    ):
+        self.base_url = (base_url or "").strip().rstrip("/")
+        if not self.base_url:
+            raise pytest.UsageError("API base URL is empty. Check config['api']['host'].")
+        self.timeout = timeout
+        self.default_headers = default_headers or {}
+        self.session = requests.Session()
+
+        if status_forcelist is None:
+            status_forcelist = [500, 502, 503, 504]
+
+        retry = Retry(
+            total=retries,
+            connect=retries,
+            read=retries,
+            status=retries,
+            backoff_factor=backoff_factor,
+            status_forcelist=tuple(status_forcelist),
+            allowed_methods=frozenset({"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"}),
+            raise_on_status=False,
+        )
+        adapter = HTTPAdapter(max_retries=retry)
+        self.session.mount("http://", adapter)
+        self.session.mount("https://", adapter)
+
+    def _build_url(self, endpoint: str) -> str:
+        if not endpoint:
+            return self.base_url
+        if str(endpoint).startswith("http://") or str(endpoint).startswith("https://"):
+            return str(endpoint)
+        return f"{self.base_url}/{str(endpoint).lstrip('/')}"
+
+    def make_request(self, endpoint, method="GET", headers=None, timeout=None, **kwargs):
+        url = self._build_url(endpoint)
+        req_headers = dict(self.default_headers)
+        if headers:
+            req_headers.update(headers)
+        to = self.timeout if timeout is None else timeout
+        response = self.session.request(method=method.upper(), url=url, headers=req_headers, timeout=to, **kwargs)
+        return response
+
+    def get(self, endpoint, **kwargs):
+        return self.make_request(endpoint, method="GET", **kwargs)
+
+    def post(self, endpoint, **kwargs):
+        return self.make_request(endpoint, method="POST", **kwargs)
+
+    def put(self, endpoint, **kwargs):
+        return self.make_request(endpoint, method="PUT", **kwargs)
+
+    def patch(self, endpoint, **kwargs):
+        return self.make_request(endpoint, method="PATCH", **kwargs)
+
+    def delete(self, endpoint, **kwargs):
+        return self.make_request(endpoint, method="DELETE", **kwargs)
+
+
+@pytest.fixture
+def api_client(config):
+    api_cfg = config.get("api") or {}
+    auth_cfg = config.get("auth") or {}
+
+    host = str(api_cfg.get("host", "")).strip()
+    timeout = api_cfg.get("timeout", 30.0)
+    retries = api_cfg.get("retries", 3)
+    backoff_factor = api_cfg.get("retry_backoff_factor", 0.3)
+    status_forcelist = api_cfg.get("status_forcelist", [500, 502, 503, 504])
+
+    default_headers = {}
+
+    # Optional Authorization header if provided in config.auth.jwt_token (non-empty)
+    jwt_token = auth_cfg.get("jwt_token")
+    if isinstance(jwt_token, str) and jwt_token.strip():
+        default_headers["Authorization"] = f"Bearer {jwt_token.strip()}"
+
+    # Optional Cookie header if provided in config.auth.cookie_auth (non-empty)
+    cookie_auth = auth_cfg.get("cookie_auth")
+    if isinstance(cookie_auth, str) and cookie_auth.strip():
+        # If a full cookie string is provided, set directly
+        default_headers["Cookie"] = cookie_auth.strip()
+
+    # Optional custom API key header if provided in config.auth.api_key_header and value
+    # Example: auth: { api_key_header: "x-api-key", api_key: "foo" }
+    api_key_header = auth_cfg.get("api_key_header")
+    api_key_value = auth_cfg.get("api_key")
+    if isinstance(api_key_header, str) and api_key_header.strip() and isinstance(api_key_value, str) and api_key_value.strip():
+        default_headers[api_key_header.strip()] = api_key_value.strip()
+
+    client = APIClient(
+        base_url=host,
+        timeout=timeout,
+        retries=retries,
+        backoff_factor=backoff_factor,
+        status_forcelist=status_forcelist,
+        default_headers=default_headers,
+    )
+    return client
+
+
+@pytest.fixture(scope="session")
+def get_config(config):
+    def _get(dotted_key: str, default=None):
+        if not dotted_key:
+            return default
+        parts = str(dotted_key).split(".")
+        cur = config
+        for part in parts:
+            if isinstance(cur, dict) and part in cur:
+                cur = cur[part]
+            else:
+                return default
+        return cur
+
+    return _get
+
+
+def pytest_configure(config):
+    config.addinivalue_line("markers", "smoke: mark test as part of the smoke test suite")