1use crate::crud_flow::{CrudFlowConfig, CrudFlowDetector};
4use crate::data_driven::{DataDistribution, DataDrivenConfig, DataDrivenGenerator, DataMapping};
5use crate::dynamic_params::{DynamicParamProcessor, DynamicPlaceholder};
6use crate::error::{BenchError, Result};
7use crate::executor::K6Executor;
8use crate::invalid_data::{InvalidDataConfig, InvalidDataGenerator};
9use crate::k6_gen::{K6Config, K6ScriptGenerator};
10use crate::mock_integration::{
11 MockIntegrationConfig, MockIntegrationGenerator, MockServerDetector,
12};
13use crate::owasp_api::{OwaspApiConfig, OwaspApiGenerator, OwaspCategory, ReportFormat};
14use crate::parallel_executor::{AggregatedResults, ParallelExecutor};
15use crate::parallel_requests::{ParallelConfig, ParallelRequestGenerator};
16use crate::param_overrides::ParameterOverrides;
17use crate::reporter::TerminalReporter;
18use crate::request_gen::RequestGenerator;
19use crate::scenarios::LoadScenario;
20use crate::security_payloads::{
21 SecurityCategory, SecurityPayload, SecurityPayloads, SecurityTestConfig, SecurityTestGenerator,
22};
23use crate::spec_dependencies::{
24 topological_sort, DependencyDetector, ExtractedValues, SpecDependencyConfig,
25};
26use crate::spec_parser::SpecParser;
27use crate::target_parser::parse_targets_file;
28use crate::wafbench::WafBenchLoader;
29use mockforge_openapi::multi_spec::{
30 load_specs_from_directory, load_specs_from_files, merge_specs, ConflictStrategy,
31};
32use mockforge_openapi::spec::OpenApiSpec;
33use std::collections::{HashMap, HashSet};
34use std::path::{Path, PathBuf};
35use std::str::FromStr;
36
37pub fn parse_header_string(inputs: &[String]) -> Result<HashMap<String, String>> {
45 let mut headers = HashMap::new();
46
47 for pair in inputs {
48 let pair = pair.trim();
49 if pair.is_empty() {
50 continue;
51 }
52 let parts: Vec<&str> = pair.splitn(2, ':').collect();
53 if parts.len() != 2 {
54 return Err(BenchError::Other(format!(
55 "Invalid header format: '{}'. Expected 'Key:Value'",
56 pair
57 )));
58 }
59 headers.insert(parts[0].trim().to_string(), parts[1].trim().to_string());
60 }
61
62 Ok(headers)
63}
64
65pub struct BenchCommand {
67 pub spec: Vec<PathBuf>,
69 pub spec_dir: Option<PathBuf>,
71 pub merge_conflicts: String,
73 pub spec_mode: String,
75 pub dependency_config: Option<PathBuf>,
77 pub target: String,
78 pub base_path: Option<String>,
81 pub duration: String,
82 pub vus: u32,
83 pub target_rps: Option<u32>,
89 pub no_keep_alive: bool,
94 pub scenario: String,
95 pub operations: Option<String>,
96 pub exclude_operations: Option<String>,
100 pub auth: Option<String>,
101 pub headers: Vec<String>,
104 pub output: PathBuf,
105 pub generate_only: bool,
106 pub script_output: Option<PathBuf>,
107 pub threshold_percentile: String,
108 pub threshold_ms: u64,
109 pub max_error_rate: f64,
110 pub verbose: bool,
111 pub skip_tls_verify: bool,
112 pub chunked_request_bodies: bool,
117 pub targets_file: Option<PathBuf>,
119 pub max_concurrency: Option<u32>,
121 pub results_format: String,
123 pub params_file: Option<PathBuf>,
128
129 pub crud_flow: bool,
132 pub flow_config: Option<PathBuf>,
134 pub extract_fields: Option<String>,
136
137 pub parallel_create: Option<u32>,
140
141 pub data_file: Option<PathBuf>,
144 pub data_distribution: String,
146 pub data_mappings: Option<String>,
148 pub per_uri_control: bool,
150
151 pub error_rate: Option<f64>,
154 pub error_types: Option<String>,
156
157 pub security_test: bool,
160 pub security_payloads: Option<PathBuf>,
162 pub security_categories: Option<String>,
164 pub security_target_fields: Option<String>,
166
167 pub wafbench_dir: Option<String>,
170 pub wafbench_cycle_all: bool,
172
173 pub conformance: bool,
176 pub conformance_api_key: Option<String>,
178 pub conformance_basic_auth: Option<String>,
180 pub conformance_report: PathBuf,
182 pub conformance_categories: Option<String>,
184 pub conformance_report_format: String,
186 pub conformance_headers: Vec<String>,
189 pub conformance_all_operations: bool,
192 pub conformance_custom: Option<PathBuf>,
194 pub conformance_delay_ms: u64,
197 pub use_k6: bool,
199 pub conformance_custom_filter: Option<String>,
203 pub export_requests: bool,
206 pub validate_requests: bool,
209 pub conformance_self_test: bool,
216 pub conformance_self_test_capture: bool,
220 pub validate_response_schemas: bool,
226
227 pub source_ips: Vec<String>,
232 pub geo_source_ips: Vec<String>,
236 pub geo_source_headers: Vec<String>,
240
241 pub report_missed_cap: Option<u32>,
248
249 pub owasp_api_top10: bool,
252 pub owasp_categories: Option<String>,
254 pub owasp_auth_header: String,
256 pub owasp_auth_token: Option<String>,
258 pub owasp_admin_paths: Option<PathBuf>,
260 pub owasp_id_fields: Option<String>,
262 pub owasp_report: Option<PathBuf>,
264 pub owasp_report_format: String,
266 pub owasp_iterations: u32,
268}
269
270fn parse_ip_list(raw: &[String], flag_name: &str) -> Vec<std::net::IpAddr> {
284 use std::net::IpAddr;
285 const MAX_CIDR_EXPANSION: usize = 256;
286 let mut out = Vec::new();
287 for entry in raw {
288 for piece in entry.split(',') {
289 let s = piece.trim();
290 if s.is_empty() {
291 continue;
292 }
293 if let Some((addr_part, prefix_part)) = s.split_once('/') {
295 let prefix: u32 = match prefix_part.parse() {
296 Ok(p) => p,
297 Err(e) => {
298 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad CIDR prefix: {e}");
299 continue;
300 }
301 };
302 let net_addr: IpAddr = match addr_part.parse() {
303 Ok(a) => a,
304 Err(e) => {
305 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad CIDR address: {e}");
306 continue;
307 }
308 };
309 expand_cidr(net_addr, prefix, MAX_CIDR_EXPANSION, flag_name, s, &mut out);
310 continue;
311 }
312 if let Some((start_str, end_str)) = s.split_once('-') {
318 let start_s = start_str.trim();
319 let end_s = end_str.trim();
320 if start_s.contains(':') || end_s.contains(':') {
324 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{s}': IPv6 range syntax not supported (use CIDR like 2001:db8::/126 instead)");
325 continue;
326 }
327 let start: IpAddr = match start_s.parse() {
328 Ok(a) => a,
329 Err(e) => {
330 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad range start: {e}");
331 continue;
332 }
333 };
334 let end: IpAddr = match end_s.parse() {
335 Ok(a) => a,
336 Err(e) => {
337 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad range end: {e}");
338 continue;
339 }
340 };
341 expand_range(start, end, MAX_CIDR_EXPANSION, flag_name, s, &mut out);
342 continue;
343 }
344 match s.parse::<IpAddr>() {
346 Ok(ip) => out.push(ip),
347 Err(e) => {
348 tracing::warn!(target: "mockforge::bench", "ignoring malformed --{flag_name} value '{s}': {e}");
349 }
350 }
351 }
352 }
353 out
354}
355
356fn expand_range(
360 start: std::net::IpAddr,
361 end: std::net::IpAddr,
362 cap: usize,
363 flag_name: &str,
364 raw: &str,
365 out: &mut Vec<std::net::IpAddr>,
366) {
367 use std::net::{IpAddr, Ipv4Addr};
368 let (start_v4, end_v4) = match (start, end) {
369 (IpAddr::V4(a), IpAddr::V4(b)) => (a, b),
370 _ => {
371 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': range start/end must both be IPv4");
372 return;
373 }
374 };
375 let start_u32 = u32::from(start_v4);
376 let end_u32 = u32::from(end_v4);
377 if end_u32 < start_u32 {
378 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': range end {end_v4} is before start {start_v4}");
379 return;
380 }
381 let total = (end_u32 - start_u32).saturating_add(1) as usize;
382 let take = total.min(cap);
383 if total > cap {
384 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': range has {total} addresses, capping at {cap}");
385 }
386 for i in 0..take as u32 {
387 out.push(IpAddr::V4(Ipv4Addr::from(start_u32 + i)));
388 }
389}
390
391fn expand_cidr(
395 net: std::net::IpAddr,
396 prefix: u32,
397 cap: usize,
398 flag_name: &str,
399 raw: &str,
400 out: &mut Vec<std::net::IpAddr>,
401) {
402 use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
403 match net {
404 IpAddr::V4(ipv4) => {
405 if prefix > 32 {
406 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{raw}': IPv4 prefix must be <= 32");
407 return;
408 }
409 let total: u64 = 1u64 << (32 - prefix);
410 let take = total.min(cap as u64) as u32;
411 if total > cap as u64 {
412 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': CIDR has {total} addresses, capping at {cap}");
413 }
414 let mask: u32 = if prefix == 0 {
415 0
416 } else {
417 !0u32 << (32 - prefix)
418 };
419 let net_u32 = u32::from(ipv4) & mask;
420 for i in 0..take {
421 out.push(IpAddr::V4(Ipv4Addr::from(net_u32.wrapping_add(i))));
422 }
423 }
424 IpAddr::V6(ipv6) => {
425 if prefix > 128 {
426 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{raw}': IPv6 prefix must be <= 128");
427 return;
428 }
429 let mask: u128 = if prefix == 0 {
433 0
434 } else {
435 !0u128 << (128 - prefix)
436 };
437 let net_u128 = u128::from(ipv6) & mask;
438 let remaining_bits = 128 - prefix;
439 let total_capped = if remaining_bits >= 64 {
442 cap as u128
443 } else {
444 (1u128 << remaining_bits).min(cap as u128)
445 };
446 if remaining_bits < 128 && (1u128 << remaining_bits) > cap as u128 {
447 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': IPv6 CIDR exceeds {cap} addresses, capping");
448 }
449 for i in 0..total_capped {
450 out.push(IpAddr::V6(Ipv6Addr::from(net_u128.wrapping_add(i))));
451 }
452 }
453 }
454}
455
456impl BenchCommand {
457 pub async fn load_and_merge_specs(&self) -> Result<OpenApiSpec> {
459 let mut all_specs: Vec<(PathBuf, OpenApiSpec)> = Vec::new();
460
461 if !self.spec.is_empty() {
463 let specs = load_specs_from_files(self.spec.clone())
464 .await
465 .map_err(|e| BenchError::Other(format!("Failed to load spec files: {}", e)))?;
466 all_specs.extend(specs);
467 }
468
469 if let Some(spec_dir) = &self.spec_dir {
471 let dir_specs = load_specs_from_directory(spec_dir).await.map_err(|e| {
472 BenchError::Other(format!("Failed to load specs from directory: {}", e))
473 })?;
474 all_specs.extend(dir_specs);
475 }
476
477 if all_specs.is_empty() {
478 return Err(BenchError::Other(
479 "No spec files provided. Use --spec or --spec-dir.".to_string(),
480 ));
481 }
482
483 if all_specs.len() == 1 {
485 return Ok(all_specs.into_iter().next().expect("checked len() == 1 above").1);
487 }
488
489 let conflict_strategy = match self.merge_conflicts.as_str() {
491 "first" => ConflictStrategy::First,
492 "last" => ConflictStrategy::Last,
493 _ => ConflictStrategy::Error,
494 };
495
496 merge_specs(all_specs, conflict_strategy)
497 .map_err(|e| BenchError::Other(format!("Failed to merge specs: {}", e)))
498 }
499
500 fn get_spec_display_name(&self) -> String {
502 if self.spec.len() == 1 {
503 self.spec[0].to_string_lossy().to_string()
504 } else if !self.spec.is_empty() {
505 format!("{} spec files", self.spec.len())
506 } else if let Some(dir) = &self.spec_dir {
507 format!("specs from {}", dir.display())
508 } else {
509 "no specs".to_string()
510 }
511 }
512
513 fn advise_capacity(&self) {
520 let target_count = self
521 .targets_file
522 .as_ref()
523 .and_then(|p| std::fs::read_to_string(p).ok())
524 .and_then(|s| serde_json::from_str::<serde_json::Value>(&s).ok())
525 .and_then(|v| v.as_array().map(|a| a.len()))
526 .unwrap_or(1);
527 let vus = self.vus.max(1);
528 let rps_total = self.target_rps.unwrap_or(0) as usize * target_count.max(1);
529 let load_product = target_count * vus as usize;
533 if load_product >= 150 {
534 let est_ram_gb =
535 (vus as usize * 50) / 1024 + (target_count * 10 * 2) / 1024 + target_count / 2;
536 let est_cores = ((vus as usize) / 50).max(2);
537 TerminalReporter::print_warning(&format!(
538 "Capacity advisory: targets={target_count}, VUs={vus}, RPS-total≈{rps_total}. \
539 Single-client estimate: ~{est_cores} CPU cores, ~{est_ram_gb} GB RAM. \
540 If your machine is below that, expect OOM hangs partway through the run. \
541 See https://docs.mockforge.dev/reference/bench-capacity-sizing.html \
542 for the sizing table and sharding guide."
543 ));
544 }
545 }
546
547 pub async fn execute(&self) -> Result<()> {
549 if self.conformance_self_test && self.use_k6 {
556 TerminalReporter::print_warning(
557 "--use-k6 has no effect with --conformance-self-test: the self-test driver runs and returns before k6 is invoked. Drop one or the other depending on whether you want the spec-driven self-test or a k6 bench run.",
558 );
559 }
560
561 self.advise_capacity();
567
568 if let Some(targets_file) = &self.targets_file {
570 if self.conformance {
571 return self.execute_multi_target_conformance(targets_file).await;
572 }
573 return self.execute_multi_target(targets_file).await;
574 }
575
576 if self.spec_mode == "sequential" && (self.spec.len() > 1 || self.spec_dir.is_some()) {
578 return self.execute_sequential_specs().await;
579 }
580
581 TerminalReporter::print_header(
584 &self.get_spec_display_name(),
585 &self.target,
586 0, &self.scenario,
588 Self::parse_duration(&self.duration)?,
589 );
590
591 if !K6Executor::is_k6_installed() {
593 TerminalReporter::print_error("k6 is not installed");
594 TerminalReporter::print_warning(
595 "Install k6 from: https://k6.io/docs/get-started/installation/",
596 );
597 return Err(BenchError::K6NotFound);
598 }
599
600 if self.conformance {
602 return self.execute_conformance_test().await;
603 }
604
605 TerminalReporter::print_progress("Loading OpenAPI specification(s)...");
607 let merged_spec = self.load_and_merge_specs().await?;
608 let parser = SpecParser::from_spec(merged_spec);
609 if self.spec.len() > 1 || self.spec_dir.is_some() {
610 TerminalReporter::print_success(&format!(
611 "Loaded and merged {} specification(s)",
612 self.spec.len() + self.spec_dir.as_ref().map(|_| 1).unwrap_or(0)
613 ));
614 } else {
615 TerminalReporter::print_success("Specification loaded");
616 }
617
618 let mock_config = self.build_mock_config().await;
620 if mock_config.is_mock_server {
621 TerminalReporter::print_progress("Mock server integration enabled");
622 }
623
624 if self.crud_flow {
626 return self.execute_crud_flow(&parser).await;
627 }
628
629 if self.owasp_api_top10 {
631 return self.execute_owasp_test(&parser).await;
632 }
633
634 TerminalReporter::print_progress("Extracting API operations...");
636 let mut operations = if let Some(filter) = &self.operations {
637 parser.filter_operations(filter)?
638 } else {
639 parser.get_operations()
640 };
641
642 if let Some(exclude) = &self.exclude_operations {
644 let before_count = operations.len();
645 operations = parser.exclude_operations(operations, exclude)?;
646 let excluded_count = before_count - operations.len();
647 if excluded_count > 0 {
648 TerminalReporter::print_progress(&format!(
649 "Excluded {} operations matching '{}'",
650 excluded_count, exclude
651 ));
652 }
653 }
654
655 if operations.is_empty() {
656 return Err(BenchError::Other("No operations found in spec".to_string()));
657 }
658
659 TerminalReporter::print_success(&format!("Found {} operations", operations.len()));
660
661 let param_overrides = if let Some(params_file) = &self.params_file {
663 TerminalReporter::print_progress("Loading parameter overrides...");
664 let overrides = ParameterOverrides::from_file(params_file)?;
665 TerminalReporter::print_success(&format!(
666 "Loaded parameter overrides ({} operation-specific, {} defaults)",
667 overrides.operations.len(),
668 if overrides.defaults.is_empty() { 0 } else { 1 }
669 ));
670 Some(overrides)
671 } else {
672 None
673 };
674
675 TerminalReporter::print_progress("Generating request templates...");
677 let templates: Vec<_> = operations
678 .iter()
679 .map(|op| {
680 let op_overrides = param_overrides.as_ref().map(|po| {
681 po.get_for_operation(op.operation_id.as_deref(), &op.method, &op.path)
682 });
683 RequestGenerator::generate_template_with_overrides(op, op_overrides.as_ref())
684 })
685 .collect::<Result<Vec<_>>>()?;
686 TerminalReporter::print_success("Request templates generated");
687
688 let custom_headers = self.parse_headers()?;
690
691 let base_path = self.resolve_base_path(&parser);
693 if let Some(ref bp) = base_path {
694 TerminalReporter::print_progress(&format!("Using base path: {}", bp));
695 }
696
697 TerminalReporter::print_progress("Generating k6 load test script...");
699 let scenario =
700 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
701
702 let security_testing_enabled = self.security_test || self.wafbench_dir.is_some();
703
704 let num_ops = operations.len() as u32;
722 if let Some(rps) = self.target_rps {
723 let probe =
724 crate::preflight::probe_target_latency(&self.target, 3, self.skip_tls_verify).await;
725
726 let (required_vus, basis) = match probe {
727 Some(p) => (
728 p.required_vus(rps, num_ops),
729 format!("avg {:.1}ms (measured)", p.avg_latency.as_secs_f64() * 1000.0),
730 ),
731 None => {
732 let fallback = (rps as u64)
734 .saturating_mul(num_ops.max(1) as u64)
735 .div_ceil(10)
736 .min(u32::MAX as u64) as u32;
737 (fallback, "~100ms (default — probe failed)".to_string())
738 }
739 };
740
741 if self.vus < required_vus {
742 const VU_RECOMMENDATION_CAP: u32 = 1000;
748 let recommendation = required_vus.max(self.vus + 1);
749 if recommendation > VU_RECOMMENDATION_CAP {
750 TerminalReporter::print_warning(&format!(
751 "Workload is very large: --rps {} × {} ops/iteration × {} \
752 baseline ⇒ ~{} VUs needed end-to-end, far beyond what's \
753 practical to drive. Two ways to fix:\n 1. Reduce \
754 operations per iteration with `--operations 'pattern,…'` \
755 (or `--exclude-operations`) to focus the bench on a \
756 representative subset.\n 2. Drop `--rps` and use \
757 `--vus {}` alone — closed-model load runs as fast as \
758 the VU pool allows, bounded by latency, with no per-\
759 iteration deadline. Expect 1-iteration coverage of ~{} \
760 operations in {}s.",
761 rps,
762 num_ops,
763 basis,
764 recommendation,
765 self.vus.max(5),
766 num_ops,
767 Self::parse_duration(&self.duration).unwrap_or(0),
768 ));
769 } else {
770 TerminalReporter::print_warning(&format!(
771 "--vus {} may be insufficient for --rps {} × {} ops/iteration \
772 (baseline latency {}). k6's constant-arrival-rate counts ITERATIONS \
773 and each runs every operation in the spec — required ≈ rps × ops × \
774 latency_secs VUs. Bump --vus to ~{} if you see \"Insufficient VUs\" \
775 warnings.",
776 self.vus, rps, num_ops, basis, recommendation,
777 ));
778 }
779 } else if probe.is_some() {
780 TerminalReporter::print_progress(&format!(
781 "Pre-flight probe: target latency {}, {} ops/iteration — --vus {} \
782 is sufficient for --rps {}",
783 basis, num_ops, self.vus, rps,
784 ));
785 }
786 }
787
788 let k6_config = K6Config {
789 target_url: self.target.clone(),
790 base_path,
791 scenario,
792 duration_secs: Self::parse_duration(&self.duration)?,
793 max_vus: self.vus,
794 threshold_percentile: self.threshold_percentile.clone(),
795 threshold_ms: self.threshold_ms,
796 max_error_rate: self.max_error_rate,
797 auth_header: self.auth.clone(),
798 custom_headers,
799 skip_tls_verify: self.skip_tls_verify,
800 security_testing_enabled,
801 chunked_request_bodies: self.chunked_request_bodies,
802 target_rps: self.target_rps,
803 no_keep_alive: self.no_keep_alive,
804 geo_source_ips: parse_ip_list(&self.geo_source_ips, "geo-source-ip")
810 .into_iter()
811 .map(|ip| ip.to_string())
812 .collect(),
813 geo_source_headers: if self.geo_source_headers.is_empty()
814 && !self.geo_source_ips.is_empty()
815 {
816 crate::conformance::self_test::default_geo_source_headers()
817 } else {
818 self.geo_source_headers.clone()
819 },
820 };
821
822 let generator = K6ScriptGenerator::new(k6_config, templates);
823 let mut script = generator.generate()?;
824 TerminalReporter::print_success("k6 script generated");
825
826 let has_advanced_features = self.data_file.is_some()
828 || self.error_rate.is_some()
829 || self.security_test
830 || self.parallel_create.is_some()
831 || self.wafbench_dir.is_some();
832
833 if has_advanced_features {
835 script = self.generate_enhanced_script(&script)?;
836 }
837
838 if mock_config.is_mock_server {
840 let setup_code = MockIntegrationGenerator::generate_setup(&mock_config);
841 let teardown_code = MockIntegrationGenerator::generate_teardown(&mock_config);
842 let helper_code = MockIntegrationGenerator::generate_vu_id_helper();
843
844 if let Some(import_end) = script.find("export const options") {
846 script.insert_str(
847 import_end,
848 &format!(
849 "\n// === Mock Server Integration ===\n{}\n{}\n{}\n",
850 helper_code, setup_code, teardown_code
851 ),
852 );
853 }
854 }
855
856 TerminalReporter::print_progress("Validating k6 script...");
858 let validation_errors = K6ScriptGenerator::validate_script(&script);
859 if !validation_errors.is_empty() {
860 TerminalReporter::print_error("Script validation failed");
861 for error in &validation_errors {
862 eprintln!(" {}", error);
863 }
864 return Err(BenchError::Other(format!(
865 "Generated k6 script has {} validation error(s). Please check the output above.",
866 validation_errors.len()
867 )));
868 }
869 TerminalReporter::print_success("Script validation passed");
870
871 let script_path = if let Some(output) = &self.script_output {
873 output.clone()
874 } else {
875 self.output.join("k6-script.js")
876 };
877
878 if let Some(parent) = script_path.parent() {
879 std::fs::create_dir_all(parent)?;
880 }
881 std::fs::write(&script_path, &script)?;
882 TerminalReporter::print_success(&format!("Script written to: {}", script_path.display()));
883
884 if self.generate_only {
886 println!("\nScript generated successfully. Run it with:");
887 println!(" k6 run {}", script_path.display());
888 return Ok(());
889 }
890
891 TerminalReporter::print_progress("Executing load test...");
893 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
894
895 std::fs::create_dir_all(&self.output)?;
896
897 let results = executor.execute(&script_path, Some(&self.output), self.verbose).await?;
898
899 let duration_secs = Self::parse_duration(&self.duration)?;
901 TerminalReporter::print_summary_full(
902 &results,
903 duration_secs,
904 self.no_keep_alive,
905 Some(num_ops),
906 );
907
908 println!("\nResults saved to: {}", self.output.display());
909
910 Ok(())
911 }
912
913 async fn execute_multi_target(&self, targets_file: &Path) -> Result<()> {
915 TerminalReporter::print_progress("Parsing targets file...");
916 let targets = parse_targets_file(targets_file)?;
917 let num_targets = targets.len();
918 TerminalReporter::print_success(&format!("Loaded {} targets", num_targets));
919
920 if targets.is_empty() {
921 return Err(BenchError::Other("No targets found in file".to_string()));
922 }
923
924 let max_concurrency = self.max_concurrency.unwrap_or(10) as usize;
926 let max_concurrency = max_concurrency.min(num_targets); TerminalReporter::print_header(
930 &self.get_spec_display_name(),
931 &format!("{} targets", num_targets),
932 0,
933 &self.scenario,
934 Self::parse_duration(&self.duration)?,
935 );
936
937 let executor = ParallelExecutor::new(
939 BenchCommand {
940 spec: self.spec.clone(),
942 spec_dir: self.spec_dir.clone(),
943 merge_conflicts: self.merge_conflicts.clone(),
944 spec_mode: self.spec_mode.clone(),
945 dependency_config: self.dependency_config.clone(),
946 target: self.target.clone(), base_path: self.base_path.clone(),
948 duration: self.duration.clone(),
949 vus: self.vus,
950 target_rps: self.target_rps,
951 no_keep_alive: self.no_keep_alive,
952 scenario: self.scenario.clone(),
953 operations: self.operations.clone(),
954 exclude_operations: self.exclude_operations.clone(),
955 auth: self.auth.clone(),
956 headers: self.headers.clone(),
957 output: self.output.clone(),
958 generate_only: self.generate_only,
959 script_output: self.script_output.clone(),
960 threshold_percentile: self.threshold_percentile.clone(),
961 threshold_ms: self.threshold_ms,
962 max_error_rate: self.max_error_rate,
963 verbose: self.verbose,
964 skip_tls_verify: self.skip_tls_verify,
965 chunked_request_bodies: self.chunked_request_bodies,
966 targets_file: None,
967 max_concurrency: None,
968 results_format: self.results_format.clone(),
969 params_file: self.params_file.clone(),
970 crud_flow: self.crud_flow,
971 flow_config: self.flow_config.clone(),
972 extract_fields: self.extract_fields.clone(),
973 parallel_create: self.parallel_create,
974 data_file: self.data_file.clone(),
975 data_distribution: self.data_distribution.clone(),
976 data_mappings: self.data_mappings.clone(),
977 per_uri_control: self.per_uri_control,
978 error_rate: self.error_rate,
979 error_types: self.error_types.clone(),
980 security_test: self.security_test,
981 security_payloads: self.security_payloads.clone(),
982 security_categories: self.security_categories.clone(),
983 security_target_fields: self.security_target_fields.clone(),
984 wafbench_dir: self.wafbench_dir.clone(),
985 wafbench_cycle_all: self.wafbench_cycle_all,
986 owasp_api_top10: self.owasp_api_top10,
987 owasp_categories: self.owasp_categories.clone(),
988 owasp_auth_header: self.owasp_auth_header.clone(),
989 owasp_auth_token: self.owasp_auth_token.clone(),
990 owasp_admin_paths: self.owasp_admin_paths.clone(),
991 owasp_id_fields: self.owasp_id_fields.clone(),
992 owasp_report: self.owasp_report.clone(),
993 owasp_report_format: self.owasp_report_format.clone(),
994 owasp_iterations: self.owasp_iterations,
995 conformance: false,
996 conformance_api_key: None,
997 conformance_basic_auth: None,
998 conformance_report: PathBuf::from("conformance-report.json"),
999 conformance_categories: None,
1000 conformance_report_format: "json".to_string(),
1001 conformance_headers: vec![],
1002 conformance_all_operations: false,
1003 conformance_custom: None,
1004 conformance_delay_ms: 0,
1005 use_k6: false,
1006 conformance_custom_filter: None,
1007 export_requests: false,
1008 validate_requests: false,
1009 conformance_self_test: false,
1010 conformance_self_test_capture: false,
1011 validate_response_schemas: false,
1012 source_ips: Vec::new(),
1013 geo_source_ips: Vec::new(),
1014 geo_source_headers: Vec::new(),
1015 report_missed_cap: None,
1016 },
1017 targets,
1018 max_concurrency,
1019 );
1020
1021 let start_time = std::time::Instant::now();
1023 let aggregated_results = executor.execute_all().await?;
1024 let elapsed = start_time.elapsed();
1025
1026 self.report_multi_target_results(&aggregated_results, elapsed)?;
1028
1029 Ok(())
1030 }
1031
1032 fn report_multi_target_results(
1034 &self,
1035 results: &AggregatedResults,
1036 elapsed: std::time::Duration,
1037 ) -> Result<()> {
1038 TerminalReporter::print_multi_target_summary(results);
1040
1041 let total_secs = elapsed.as_secs();
1043 let hours = total_secs / 3600;
1044 let minutes = (total_secs % 3600) / 60;
1045 let seconds = total_secs % 60;
1046 if hours > 0 {
1047 println!("\n Total Elapsed Time: {}h {}m {}s", hours, minutes, seconds);
1048 } else if minutes > 0 {
1049 println!("\n Total Elapsed Time: {}m {}s", minutes, seconds);
1050 } else {
1051 println!("\n Total Elapsed Time: {}s", seconds);
1052 }
1053
1054 if self.results_format == "aggregated" || self.results_format == "both" {
1056 let summary_path = self.output.join("aggregated_summary.json");
1057 let summary_json = serde_json::json!({
1058 "total_elapsed_seconds": elapsed.as_secs(),
1059 "total_targets": results.total_targets,
1060 "successful_targets": results.successful_targets,
1061 "failed_targets": results.failed_targets,
1062 "aggregated_metrics": {
1063 "total_requests": results.aggregated_metrics.total_requests,
1064 "total_failed_requests": results.aggregated_metrics.total_failed_requests,
1065 "avg_duration_ms": results.aggregated_metrics.avg_duration_ms,
1066 "p95_duration_ms": results.aggregated_metrics.p95_duration_ms,
1067 "p99_duration_ms": results.aggregated_metrics.p99_duration_ms,
1068 "error_rate": results.aggregated_metrics.error_rate,
1069 "total_rps": results.aggregated_metrics.total_rps,
1070 "avg_rps": results.aggregated_metrics.avg_rps,
1071 "total_vus_max": results.aggregated_metrics.total_vus_max,
1072 },
1073 "target_results": results.target_results.iter().map(|r| {
1074 serde_json::json!({
1075 "target_url": r.target_url,
1076 "target_index": r.target_index,
1077 "success": r.success,
1078 "error": r.error,
1079 "total_requests": r.results.total_requests,
1080 "failed_requests": r.results.failed_requests,
1081 "avg_duration_ms": r.results.avg_duration_ms,
1082 "min_duration_ms": r.results.min_duration_ms,
1083 "med_duration_ms": r.results.med_duration_ms,
1084 "p90_duration_ms": r.results.p90_duration_ms,
1085 "p95_duration_ms": r.results.p95_duration_ms,
1086 "p99_duration_ms": r.results.p99_duration_ms,
1087 "max_duration_ms": r.results.max_duration_ms,
1088 "rps": r.results.rps,
1089 "vus_max": r.results.vus_max,
1090 "output_dir": r.output_dir.to_string_lossy(),
1091 })
1092 }).collect::<Vec<_>>(),
1093 });
1094
1095 std::fs::write(&summary_path, serde_json::to_string_pretty(&summary_json)?)?;
1096 TerminalReporter::print_success(&format!(
1097 "Aggregated summary saved to: {}",
1098 summary_path.display()
1099 ));
1100 }
1101
1102 let csv_path = self.output.join("all_targets.csv");
1104 let mut csv = String::from(
1105 "target_url,success,requests,failed,rps,vus,min_ms,avg_ms,med_ms,p90_ms,p95_ms,p99_ms,max_ms,error\n",
1106 );
1107 for r in &results.target_results {
1108 csv.push_str(&format!(
1109 "{},{},{},{},{:.1},{},{:.1},{:.1},{:.1},{:.1},{:.1},{:.1},{:.1},{}\n",
1110 r.target_url,
1111 r.success,
1112 r.results.total_requests,
1113 r.results.failed_requests,
1114 r.results.rps,
1115 r.results.vus_max,
1116 r.results.min_duration_ms,
1117 r.results.avg_duration_ms,
1118 r.results.med_duration_ms,
1119 r.results.p90_duration_ms,
1120 r.results.p95_duration_ms,
1121 r.results.p99_duration_ms,
1122 r.results.max_duration_ms,
1123 r.error.as_deref().unwrap_or(""),
1124 ));
1125 }
1126 let _ = std::fs::write(&csv_path, &csv);
1127
1128 println!("\nResults saved to: {}", self.output.display());
1129 println!(" - Per-target results: {}", self.output.join("target_*").display());
1130 println!(" - All targets CSV: {}", csv_path.display());
1131 if self.results_format == "aggregated" || self.results_format == "both" {
1132 println!(
1133 " - Aggregated summary: {}",
1134 self.output.join("aggregated_summary.json").display()
1135 );
1136 }
1137
1138 Ok(())
1139 }
1140
1141 pub fn parse_duration(duration: &str) -> Result<u64> {
1143 let duration = duration.trim();
1144
1145 if let Some(secs) = duration.strip_suffix('s') {
1146 secs.parse::<u64>()
1147 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1148 } else if let Some(mins) = duration.strip_suffix('m') {
1149 mins.parse::<u64>()
1150 .map(|m| m * 60)
1151 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1152 } else if let Some(hours) = duration.strip_suffix('h') {
1153 hours
1154 .parse::<u64>()
1155 .map(|h| h * 3600)
1156 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1157 } else {
1158 duration
1160 .parse::<u64>()
1161 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1162 }
1163 }
1164
1165 pub fn parse_headers(&self) -> Result<HashMap<String, String>> {
1167 parse_header_string(&self.headers)
1168 }
1169
1170 fn parse_extracted_values(output_dir: &Path) -> Result<ExtractedValues> {
1171 let extracted_path = output_dir.join("extracted_values.json");
1172 if !extracted_path.exists() {
1173 return Ok(ExtractedValues::new());
1174 }
1175
1176 let content = std::fs::read_to_string(&extracted_path)
1177 .map_err(|e| BenchError::ResultsParseError(e.to_string()))?;
1178 let parsed: serde_json::Value = serde_json::from_str(&content)
1179 .map_err(|e| BenchError::ResultsParseError(e.to_string()))?;
1180
1181 let mut extracted = ExtractedValues::new();
1182 if let Some(values) = parsed.as_object() {
1183 for (key, value) in values {
1184 extracted.set(key.clone(), value.clone());
1185 }
1186 }
1187
1188 Ok(extracted)
1189 }
1190
1191 fn resolve_base_path(&self, parser: &SpecParser) -> Option<String> {
1200 if let Some(cli_base_path) = &self.base_path {
1202 if cli_base_path.is_empty() {
1203 return None;
1205 }
1206 return Some(cli_base_path.clone());
1207 }
1208
1209 parser.get_base_path()
1211 }
1212
1213 async fn build_mock_config(&self) -> MockIntegrationConfig {
1215 if MockServerDetector::looks_like_mock_server(&self.target) {
1217 if let Ok(info) = MockServerDetector::detect(&self.target).await {
1219 if info.is_mockforge {
1220 TerminalReporter::print_success(&format!(
1221 "Detected MockForge server (version: {})",
1222 info.version.as_deref().unwrap_or("unknown")
1223 ));
1224 return MockIntegrationConfig::mock_server();
1225 }
1226 }
1227 }
1228 MockIntegrationConfig::real_api()
1229 }
1230
1231 fn build_crud_flow_config(&self) -> Option<CrudFlowConfig> {
1233 if !self.crud_flow {
1234 return None;
1235 }
1236
1237 if let Some(config_path) = &self.flow_config {
1239 match CrudFlowConfig::from_file(config_path) {
1240 Ok(config) => return Some(config),
1241 Err(e) => {
1242 TerminalReporter::print_warning(&format!(
1243 "Failed to load flow config: {}. Using auto-detection.",
1244 e
1245 ));
1246 }
1247 }
1248 }
1249
1250 let extract_fields = self
1252 .extract_fields
1253 .as_ref()
1254 .map(|f| f.split(',').map(|s| s.trim().to_string()).collect())
1255 .unwrap_or_else(|| vec!["id".to_string(), "uuid".to_string()]);
1256
1257 Some(CrudFlowConfig {
1258 flows: Vec::new(), default_extract_fields: extract_fields,
1260 })
1261 }
1262
1263 fn build_data_driven_config(&self) -> Option<DataDrivenConfig> {
1265 let data_file = self.data_file.as_ref()?;
1266
1267 let distribution = DataDistribution::from_str(&self.data_distribution)
1268 .unwrap_or(DataDistribution::UniquePerVu);
1269
1270 let mappings = self
1271 .data_mappings
1272 .as_ref()
1273 .map(|m| DataMapping::parse_mappings(m).unwrap_or_default())
1274 .unwrap_or_default();
1275
1276 Some(DataDrivenConfig {
1277 file_path: data_file.to_string_lossy().to_string(),
1278 distribution,
1279 mappings,
1280 csv_has_header: true,
1281 per_uri_control: self.per_uri_control,
1282 per_uri_columns: crate::data_driven::PerUriColumns::default(),
1283 })
1284 }
1285
1286 fn build_invalid_data_config(&self) -> Option<InvalidDataConfig> {
1288 let error_rate = self.error_rate?;
1289
1290 let error_types = self
1291 .error_types
1292 .as_ref()
1293 .map(|types| InvalidDataConfig::parse_error_types(types).unwrap_or_default())
1294 .unwrap_or_default();
1295
1296 Some(InvalidDataConfig {
1297 error_rate,
1298 error_types,
1299 target_fields: Vec::new(),
1300 })
1301 }
1302
1303 fn build_security_config(&self) -> Option<SecurityTestConfig> {
1305 if !self.security_test {
1306 return None;
1307 }
1308
1309 let categories = self
1310 .security_categories
1311 .as_ref()
1312 .map(|cats| SecurityTestConfig::parse_categories(cats).unwrap_or_default())
1313 .unwrap_or_else(|| {
1314 let mut default = HashSet::new();
1315 default.insert(SecurityCategory::SqlInjection);
1316 default.insert(SecurityCategory::Xss);
1317 default
1318 });
1319
1320 let target_fields = self
1321 .security_target_fields
1322 .as_ref()
1323 .map(|fields| fields.split(',').map(|f| f.trim().to_string()).collect())
1324 .unwrap_or_default();
1325
1326 let custom_payloads_file =
1327 self.security_payloads.as_ref().map(|p| p.to_string_lossy().to_string());
1328
1329 Some(SecurityTestConfig {
1330 enabled: true,
1331 categories,
1332 target_fields,
1333 custom_payloads_file,
1334 include_high_risk: false,
1335 })
1336 }
1337
1338 fn build_parallel_config(&self) -> Option<ParallelConfig> {
1340 let count = self.parallel_create?;
1341
1342 Some(ParallelConfig::new(count))
1343 }
1344
1345 fn load_wafbench_payloads(&self) -> Vec<SecurityPayload> {
1347 let Some(ref wafbench_dir) = self.wafbench_dir else {
1348 return Vec::new();
1349 };
1350
1351 let mut loader = WafBenchLoader::new();
1352
1353 if let Err(e) = loader.load_from_pattern(wafbench_dir) {
1354 TerminalReporter::print_warning(&format!("Failed to load WAFBench tests: {}", e));
1355 return Vec::new();
1356 }
1357
1358 let stats = loader.stats();
1359
1360 if stats.files_processed == 0 {
1361 TerminalReporter::print_warning(&format!(
1362 "No WAFBench YAML files found matching '{}'",
1363 wafbench_dir
1364 ));
1365 if !stats.parse_errors.is_empty() {
1367 TerminalReporter::print_warning("Some files were found but failed to parse:");
1368 for error in &stats.parse_errors {
1369 TerminalReporter::print_warning(&format!(" - {}", error));
1370 }
1371 }
1372 return Vec::new();
1373 }
1374
1375 TerminalReporter::print_progress(&format!(
1376 "Loaded {} WAFBench files, {} test cases, {} payloads",
1377 stats.files_processed, stats.test_cases_loaded, stats.payloads_extracted
1378 ));
1379
1380 for (category, count) in &stats.by_category {
1382 TerminalReporter::print_progress(&format!(" - {}: {} tests", category, count));
1383 }
1384
1385 for error in &stats.parse_errors {
1387 TerminalReporter::print_warning(&format!(" Parse error: {}", error));
1388 }
1389
1390 loader.to_security_payloads()
1391 }
1392
1393 pub(crate) fn generate_enhanced_script(&self, base_script: &str) -> Result<String> {
1395 let mut enhanced_script = base_script.to_string();
1396 let mut additional_code = String::new();
1397
1398 if let Some(config) = self.build_data_driven_config() {
1400 TerminalReporter::print_progress("Adding data-driven testing support...");
1401 additional_code.push_str(&DataDrivenGenerator::generate_setup(&config));
1402 additional_code.push('\n');
1403 TerminalReporter::print_success("Data-driven testing enabled");
1404 }
1405
1406 if let Some(config) = self.build_invalid_data_config() {
1408 TerminalReporter::print_progress("Adding invalid data testing support...");
1409 additional_code.push_str(&InvalidDataGenerator::generate_invalidation_logic());
1410 additional_code.push('\n');
1411 additional_code
1412 .push_str(&InvalidDataGenerator::generate_should_invalidate(config.error_rate));
1413 additional_code.push('\n');
1414 additional_code
1415 .push_str(&InvalidDataGenerator::generate_type_selection(&config.error_types));
1416 additional_code.push('\n');
1417 TerminalReporter::print_success(&format!(
1418 "Invalid data testing enabled ({}% error rate)",
1419 (self.error_rate.unwrap_or(0.0) * 100.0) as u32
1420 ));
1421 }
1422
1423 let security_config = self.build_security_config();
1425 let wafbench_payloads = self.load_wafbench_payloads();
1426 let security_requested = security_config.is_some() || self.wafbench_dir.is_some();
1427
1428 if security_config.is_some() || !wafbench_payloads.is_empty() {
1429 TerminalReporter::print_progress("Adding security testing support...");
1430
1431 let mut payload_list: Vec<SecurityPayload> = Vec::new();
1433
1434 if let Some(ref config) = security_config {
1435 payload_list.extend(SecurityPayloads::get_payloads(config));
1436 }
1437
1438 if !wafbench_payloads.is_empty() {
1440 TerminalReporter::print_progress(&format!(
1441 "Loading {} WAFBench attack patterns...",
1442 wafbench_payloads.len()
1443 ));
1444 payload_list.extend(wafbench_payloads);
1445 }
1446
1447 let target_fields =
1448 security_config.as_ref().map(|c| c.target_fields.clone()).unwrap_or_default();
1449
1450 additional_code.push_str(&SecurityTestGenerator::generate_payload_selection(
1451 &payload_list,
1452 self.wafbench_cycle_all,
1453 ));
1454 additional_code.push('\n');
1455 additional_code
1456 .push_str(&SecurityTestGenerator::generate_apply_payload(&target_fields));
1457 additional_code.push('\n');
1458 additional_code.push_str(&SecurityTestGenerator::generate_security_checks());
1459 additional_code.push('\n');
1460
1461 let mode = if self.wafbench_cycle_all {
1462 "cycle-all"
1463 } else {
1464 "random"
1465 };
1466 TerminalReporter::print_success(&format!(
1467 "Security testing enabled ({} payloads, {} mode)",
1468 payload_list.len(),
1469 mode
1470 ));
1471 } else if security_requested {
1472 TerminalReporter::print_warning(
1476 "Security testing was requested but no payloads were loaded. \
1477 Ensure --wafbench-dir points to valid CRS YAML files or add --security-test.",
1478 );
1479 additional_code
1480 .push_str(&SecurityTestGenerator::generate_payload_selection(&[], false));
1481 additional_code.push('\n');
1482 additional_code.push_str(&SecurityTestGenerator::generate_apply_payload(&[]));
1483 additional_code.push('\n');
1484 }
1485
1486 if let Some(config) = self.build_parallel_config() {
1488 TerminalReporter::print_progress("Adding parallel execution support...");
1489 additional_code.push_str(&ParallelRequestGenerator::generate_batch_helper(&config));
1490 additional_code.push('\n');
1491 TerminalReporter::print_success(&format!(
1492 "Parallel execution enabled (count: {})",
1493 config.count
1494 ));
1495 }
1496
1497 if !additional_code.is_empty() {
1499 if let Some(import_end) = enhanced_script.find("export const options") {
1501 enhanced_script.insert_str(
1502 import_end,
1503 &format!("\n// === Advanced Testing Features ===\n{}\n", additional_code),
1504 );
1505 }
1506 }
1507
1508 Ok(enhanced_script)
1509 }
1510
1511 async fn execute_sequential_specs(&self) -> Result<()> {
1513 TerminalReporter::print_progress("Sequential spec mode: Loading specs individually...");
1514
1515 let mut all_specs: Vec<(PathBuf, OpenApiSpec)> = Vec::new();
1517
1518 if !self.spec.is_empty() {
1519 let specs = load_specs_from_files(self.spec.clone())
1520 .await
1521 .map_err(|e| BenchError::Other(format!("Failed to load spec files: {}", e)))?;
1522 all_specs.extend(specs);
1523 }
1524
1525 if let Some(spec_dir) = &self.spec_dir {
1526 let dir_specs = load_specs_from_directory(spec_dir).await.map_err(|e| {
1527 BenchError::Other(format!("Failed to load specs from directory: {}", e))
1528 })?;
1529 all_specs.extend(dir_specs);
1530 }
1531
1532 if all_specs.is_empty() {
1533 return Err(BenchError::Other(
1534 "No spec files found for sequential execution".to_string(),
1535 ));
1536 }
1537
1538 TerminalReporter::print_success(&format!("Loaded {} spec(s)", all_specs.len()));
1539
1540 let execution_order = if let Some(config_path) = &self.dependency_config {
1542 TerminalReporter::print_progress("Loading dependency configuration...");
1543 let config = SpecDependencyConfig::from_file(config_path)?;
1544
1545 if !config.disable_auto_detect && config.execution_order.is_empty() {
1546 self.detect_and_sort_specs(&all_specs)?
1548 } else {
1549 config.execution_order.iter().flat_map(|g| g.specs.clone()).collect()
1551 }
1552 } else {
1553 self.detect_and_sort_specs(&all_specs)?
1555 };
1556
1557 TerminalReporter::print_success(&format!(
1558 "Execution order: {}",
1559 execution_order
1560 .iter()
1561 .map(|p| p.file_name().unwrap_or_default().to_string_lossy().to_string())
1562 .collect::<Vec<_>>()
1563 .join(" → ")
1564 ));
1565
1566 let mut extracted_values = ExtractedValues::new();
1568 let total_specs = execution_order.len();
1569
1570 for (index, spec_path) in execution_order.iter().enumerate() {
1571 let spec_name = spec_path.file_name().unwrap_or_default().to_string_lossy().to_string();
1572
1573 TerminalReporter::print_progress(&format!(
1574 "[{}/{}] Executing spec: {}",
1575 index + 1,
1576 total_specs,
1577 spec_name
1578 ));
1579
1580 let spec = all_specs
1582 .iter()
1583 .find(|(p, _)| {
1584 p == spec_path
1585 || p.file_name() == spec_path.file_name()
1586 || p.file_name() == Some(spec_path.as_os_str())
1587 })
1588 .map(|(_, s)| s.clone())
1589 .ok_or_else(|| {
1590 BenchError::Other(format!("Spec not found: {}", spec_path.display()))
1591 })?;
1592
1593 let new_values = self.execute_single_spec(&spec, &spec_name, &extracted_values).await?;
1595
1596 extracted_values.merge(&new_values);
1598
1599 TerminalReporter::print_success(&format!(
1600 "[{}/{}] Completed: {} (extracted {} values)",
1601 index + 1,
1602 total_specs,
1603 spec_name,
1604 new_values.values.len()
1605 ));
1606 }
1607
1608 TerminalReporter::print_success(&format!(
1609 "Sequential execution complete: {} specs executed",
1610 total_specs
1611 ));
1612
1613 Ok(())
1614 }
1615
1616 fn detect_and_sort_specs(&self, specs: &[(PathBuf, OpenApiSpec)]) -> Result<Vec<PathBuf>> {
1618 TerminalReporter::print_progress("Auto-detecting spec dependencies...");
1619
1620 let mut detector = DependencyDetector::new();
1621 let dependencies = detector.detect_dependencies(specs);
1622
1623 if dependencies.is_empty() {
1624 TerminalReporter::print_progress("No dependencies detected, using file order");
1625 return Ok(specs.iter().map(|(p, _)| p.clone()).collect());
1626 }
1627
1628 TerminalReporter::print_progress(&format!(
1629 "Detected {} cross-spec dependencies",
1630 dependencies.len()
1631 ));
1632
1633 for dep in &dependencies {
1634 TerminalReporter::print_progress(&format!(
1635 " {} → {} (via field '{}')",
1636 dep.dependency_spec.file_name().unwrap_or_default().to_string_lossy(),
1637 dep.dependent_spec.file_name().unwrap_or_default().to_string_lossy(),
1638 dep.field_name
1639 ));
1640 }
1641
1642 topological_sort(specs, &dependencies)
1643 }
1644
1645 async fn execute_single_spec(
1647 &self,
1648 spec: &OpenApiSpec,
1649 spec_name: &str,
1650 _external_values: &ExtractedValues,
1651 ) -> Result<ExtractedValues> {
1652 let parser = SpecParser::from_spec(spec.clone());
1653
1654 if self.crud_flow {
1656 self.execute_crud_flow_with_extraction(&parser, spec_name).await
1658 } else {
1659 self.execute_standard_spec(&parser, spec_name).await?;
1661 Ok(ExtractedValues::new())
1662 }
1663 }
1664
1665 async fn execute_crud_flow_with_extraction(
1667 &self,
1668 parser: &SpecParser,
1669 spec_name: &str,
1670 ) -> Result<ExtractedValues> {
1671 let operations = parser.get_operations();
1672 let flows = CrudFlowDetector::detect_flows(&operations);
1673
1674 if flows.is_empty() {
1675 TerminalReporter::print_warning(&format!("No CRUD flows detected in {}", spec_name));
1676 return Ok(ExtractedValues::new());
1677 }
1678
1679 TerminalReporter::print_progress(&format!(
1680 " {} CRUD flow(s) in {}",
1681 flows.len(),
1682 spec_name
1683 ));
1684
1685 let mut handlebars = handlebars::Handlebars::new();
1687 handlebars.register_helper(
1689 "json",
1690 Box::new(
1691 |h: &handlebars::Helper,
1692 _: &handlebars::Handlebars,
1693 _: &handlebars::Context,
1694 _: &mut handlebars::RenderContext,
1695 out: &mut dyn handlebars::Output|
1696 -> handlebars::HelperResult {
1697 let param = h.param(0).map(|v| v.value()).unwrap_or(&serde_json::Value::Null);
1698 out.write(&serde_json::to_string(param).unwrap_or_else(|_| "[]".to_string()))?;
1699 Ok(())
1700 },
1701 ),
1702 );
1703 let template = include_str!("templates/k6_crud_flow.hbs");
1704 let output_dir = self.output.join(format!("{}_results", spec_name.replace('.', "_")));
1705
1706 let custom_headers = self.parse_headers()?;
1707 let config = self.build_crud_flow_config().unwrap_or_default();
1708
1709 let param_overrides = if let Some(params_file) = &self.params_file {
1711 let overrides = ParameterOverrides::from_file(params_file)?;
1712 Some(overrides)
1713 } else {
1714 None
1715 };
1716
1717 let duration_secs = Self::parse_duration(&self.duration)?;
1719 let scenario =
1720 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
1721 let stages = scenario.generate_stages(duration_secs, self.vus);
1722
1723 let api_base_path = self.resolve_base_path(parser);
1725
1726 let mut all_headers = custom_headers.clone();
1728 if let Some(auth) = &self.auth {
1729 all_headers.insert("Authorization".to_string(), auth.clone());
1730 }
1731 let headers_json = serde_json::to_string(&all_headers).unwrap_or_else(|_| "{}".to_string());
1732
1733 let mut all_placeholders: HashSet<DynamicPlaceholder> = HashSet::new();
1735
1736 let flows_data: Vec<serde_json::Value> = flows.iter().map(|f| {
1737 let sanitized_name = K6ScriptGenerator::sanitize_k6_metric_name(&f.name);
1741 serde_json::json!({
1742 "name": sanitized_name.clone(),
1743 "display_name": f.name,
1744 "base_path": f.base_path,
1745 "steps": f.steps.iter().enumerate().map(|(idx, s)| {
1746 let parts: Vec<&str> = s.operation.splitn(2, ' ').collect();
1748 let method_raw = if !parts.is_empty() {
1749 parts[0].to_uppercase()
1750 } else {
1751 "GET".to_string()
1752 };
1753 let method = if !parts.is_empty() {
1754 let m = parts[0].to_lowercase();
1755 if m == "delete" { "del".to_string() } else { m }
1757 } else {
1758 "get".to_string()
1759 };
1760 let raw_path = if parts.len() >= 2 { parts[1] } else { "/" };
1761 let path = if let Some(ref bp) = api_base_path {
1763 format!("{}{}", bp, raw_path)
1764 } else {
1765 raw_path.to_string()
1766 };
1767 let is_get_or_head = method == "get" || method == "head";
1768 let has_body = matches!(method.as_str(), "post" | "put" | "patch");
1770
1771 let body_value = if has_body {
1773 param_overrides.as_ref()
1774 .map(|po| po.get_for_operation(None, &method_raw, raw_path))
1775 .and_then(|oo| oo.body)
1776 .unwrap_or_else(|| serde_json::json!({}))
1777 } else {
1778 serde_json::json!({})
1779 };
1780
1781 let processed_body = DynamicParamProcessor::process_json_body(&body_value);
1783
1784 let body_has_extracted_placeholders = processed_body.value.contains("${extracted.");
1786 let body_is_dynamic = processed_body.is_dynamic || body_has_extracted_placeholders;
1787
1788 serde_json::json!({
1789 "operation": s.operation,
1790 "method": method,
1791 "path": path,
1792 "extract": s.extract,
1793 "use_values": s.use_values,
1794 "use_body": s.use_body,
1795 "merge_body": if s.merge_body.is_empty() { None } else { Some(&s.merge_body) },
1796 "inject_attacks": s.inject_attacks,
1797 "attack_types": s.attack_types,
1798 "description": s.description,
1799 "display_name": s.description.clone().unwrap_or_else(|| format!("Step {}", idx)),
1800 "is_get_or_head": is_get_or_head,
1801 "has_body": has_body,
1802 "body": processed_body.value,
1803 "body_is_dynamic": body_is_dynamic,
1804 "_placeholders": processed_body.placeholders.iter().map(|p| format!("{:?}", p)).collect::<Vec<_>>(),
1805 })
1806 }).collect::<Vec<_>>(),
1807 })
1808 }).collect();
1809
1810 for flow_data in &flows_data {
1812 if let Some(steps) = flow_data.get("steps").and_then(|s| s.as_array()) {
1813 for step in steps {
1814 if let Some(placeholders_arr) =
1815 step.get("_placeholders").and_then(|p| p.as_array())
1816 {
1817 for p_str in placeholders_arr {
1818 if let Some(p_name) = p_str.as_str() {
1819 match p_name {
1820 "VU" => {
1821 all_placeholders.insert(DynamicPlaceholder::VU);
1822 }
1823 "Iteration" => {
1824 all_placeholders.insert(DynamicPlaceholder::Iteration);
1825 }
1826 "Timestamp" => {
1827 all_placeholders.insert(DynamicPlaceholder::Timestamp);
1828 }
1829 "UUID" => {
1830 all_placeholders.insert(DynamicPlaceholder::UUID);
1831 }
1832 "Random" => {
1833 all_placeholders.insert(DynamicPlaceholder::Random);
1834 }
1835 "Counter" => {
1836 all_placeholders.insert(DynamicPlaceholder::Counter);
1837 }
1838 "Date" => {
1839 all_placeholders.insert(DynamicPlaceholder::Date);
1840 }
1841 "VuIter" => {
1842 all_placeholders.insert(DynamicPlaceholder::VuIter);
1843 }
1844 _ => {}
1845 }
1846 }
1847 }
1848 }
1849 }
1850 }
1851 }
1852
1853 let required_imports = DynamicParamProcessor::get_required_imports(&all_placeholders);
1855 let required_globals = DynamicParamProcessor::get_required_globals(&all_placeholders);
1856
1857 let security_testing_enabled = self.wafbench_dir.is_some() || self.security_test;
1859
1860 let data = serde_json::json!({
1861 "base_url": self.target,
1862 "flows": flows_data,
1863 "extract_fields": config.default_extract_fields,
1864 "duration_secs": duration_secs,
1865 "max_vus": self.vus,
1866 "auth_header": self.auth,
1867 "custom_headers": custom_headers,
1868 "skip_tls_verify": self.skip_tls_verify,
1869 "stages": stages.iter().map(|s| serde_json::json!({
1871 "duration": s.duration,
1872 "target": s.target,
1873 })).collect::<Vec<_>>(),
1874 "threshold_percentile": self.threshold_percentile,
1875 "threshold_ms": self.threshold_ms,
1876 "max_error_rate": self.max_error_rate,
1877 "headers": headers_json,
1878 "dynamic_imports": required_imports,
1879 "dynamic_globals": required_globals,
1880 "extracted_values_output_path": output_dir.join("extracted_values.json").to_string_lossy(),
1881 "security_testing_enabled": security_testing_enabled,
1883 "has_custom_headers": !custom_headers.is_empty(),
1884 });
1885
1886 let mut script = handlebars
1887 .render_template(template, &data)
1888 .map_err(|e| BenchError::ScriptGenerationFailed(e.to_string()))?;
1889
1890 if security_testing_enabled {
1892 script = self.generate_enhanced_script(&script)?;
1893 }
1894
1895 let script_path =
1897 self.output.join(format!("k6-{}-crud-flow.js", spec_name.replace('.', "_")));
1898
1899 std::fs::create_dir_all(self.output.clone())?;
1900 std::fs::write(&script_path, &script)?;
1901
1902 if !self.generate_only {
1903 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
1904 std::fs::create_dir_all(&output_dir)?;
1905
1906 executor.execute(&script_path, Some(&output_dir), self.verbose).await?;
1907
1908 let extracted = Self::parse_extracted_values(&output_dir)?;
1909 TerminalReporter::print_progress(&format!(
1910 " Extracted {} value(s) from {}",
1911 extracted.values.len(),
1912 spec_name
1913 ));
1914 return Ok(extracted);
1915 }
1916
1917 Ok(ExtractedValues::new())
1918 }
1919
1920 async fn execute_standard_spec(&self, parser: &SpecParser, spec_name: &str) -> Result<()> {
1922 let mut operations = if let Some(filter) = &self.operations {
1923 parser.filter_operations(filter)?
1924 } else {
1925 parser.get_operations()
1926 };
1927
1928 if let Some(exclude) = &self.exclude_operations {
1929 operations = parser.exclude_operations(operations, exclude)?;
1930 }
1931
1932 if operations.is_empty() {
1933 TerminalReporter::print_warning(&format!("No operations found in {}", spec_name));
1934 return Ok(());
1935 }
1936
1937 TerminalReporter::print_progress(&format!(
1938 " {} operations in {}",
1939 operations.len(),
1940 spec_name
1941 ));
1942
1943 let templates: Vec<_> = operations
1945 .iter()
1946 .map(RequestGenerator::generate_template)
1947 .collect::<Result<Vec<_>>>()?;
1948
1949 let custom_headers = self.parse_headers()?;
1951
1952 let base_path = self.resolve_base_path(parser);
1954
1955 let scenario =
1957 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
1958
1959 let security_testing_enabled = self.security_test || self.wafbench_dir.is_some();
1960
1961 let k6_config = K6Config {
1962 target_url: self.target.clone(),
1963 base_path,
1964 scenario,
1965 duration_secs: Self::parse_duration(&self.duration)?,
1966 max_vus: self.vus,
1967 threshold_percentile: self.threshold_percentile.clone(),
1968 threshold_ms: self.threshold_ms,
1969 max_error_rate: self.max_error_rate,
1970 auth_header: self.auth.clone(),
1971 custom_headers,
1972 skip_tls_verify: self.skip_tls_verify,
1973 security_testing_enabled,
1974 chunked_request_bodies: self.chunked_request_bodies,
1975 target_rps: self.target_rps,
1976 no_keep_alive: self.no_keep_alive,
1977 geo_source_ips: parse_ip_list(&self.geo_source_ips, "geo-source-ip")
1979 .into_iter()
1980 .map(|ip| ip.to_string())
1981 .collect(),
1982 geo_source_headers: if self.geo_source_headers.is_empty()
1983 && !self.geo_source_ips.is_empty()
1984 {
1985 crate::conformance::self_test::default_geo_source_headers()
1986 } else {
1987 self.geo_source_headers.clone()
1988 },
1989 };
1990
1991 let generator = K6ScriptGenerator::new(k6_config, templates);
1992 let mut script = generator.generate()?;
1993
1994 let has_advanced_features = self.data_file.is_some()
1996 || self.error_rate.is_some()
1997 || self.security_test
1998 || self.parallel_create.is_some()
1999 || self.wafbench_dir.is_some();
2000
2001 if has_advanced_features {
2002 script = self.generate_enhanced_script(&script)?;
2003 }
2004
2005 let script_path = self.output.join(format!("k6-{}.js", spec_name.replace('.', "_")));
2007
2008 std::fs::create_dir_all(self.output.clone())?;
2009 std::fs::write(&script_path, &script)?;
2010
2011 if !self.generate_only {
2012 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
2013 let output_dir = self.output.join(format!("{}_results", spec_name.replace('.', "_")));
2014 std::fs::create_dir_all(&output_dir)?;
2015
2016 executor.execute(&script_path, Some(&output_dir), self.verbose).await?;
2017 }
2018
2019 Ok(())
2020 }
2021
2022 async fn execute_crud_flow(&self, parser: &SpecParser) -> Result<()> {
2024 let config = self.build_crud_flow_config().unwrap_or_default();
2026
2027 let flows = if !config.flows.is_empty() {
2029 TerminalReporter::print_progress("Using custom flow configuration...");
2030 config.flows.clone()
2031 } else {
2032 TerminalReporter::print_progress("Detecting CRUD operations...");
2033 let operations = parser.get_operations();
2034 CrudFlowDetector::detect_flows(&operations)
2035 };
2036
2037 if flows.is_empty() {
2038 return Err(BenchError::Other(
2039 "No CRUD flows detected in spec. Ensure spec has POST/GET/PUT/DELETE operations on related paths.".to_string(),
2040 ));
2041 }
2042
2043 if config.flows.is_empty() {
2044 TerminalReporter::print_success(&format!("Detected {} CRUD flow(s)", flows.len()));
2045 } else {
2046 TerminalReporter::print_success(&format!("Loaded {} custom flow(s)", flows.len()));
2047 }
2048
2049 for flow in &flows {
2050 TerminalReporter::print_progress(&format!(
2051 " - {}: {} steps",
2052 flow.name,
2053 flow.steps.len()
2054 ));
2055 }
2056
2057 let mut handlebars = handlebars::Handlebars::new();
2059 handlebars.register_helper(
2061 "json",
2062 Box::new(
2063 |h: &handlebars::Helper,
2064 _: &handlebars::Handlebars,
2065 _: &handlebars::Context,
2066 _: &mut handlebars::RenderContext,
2067 out: &mut dyn handlebars::Output|
2068 -> handlebars::HelperResult {
2069 let param = h.param(0).map(|v| v.value()).unwrap_or(&serde_json::Value::Null);
2070 out.write(&serde_json::to_string(param).unwrap_or_else(|_| "[]".to_string()))?;
2071 Ok(())
2072 },
2073 ),
2074 );
2075 let template = include_str!("templates/k6_crud_flow.hbs");
2076
2077 let custom_headers = self.parse_headers()?;
2078
2079 let param_overrides = if let Some(params_file) = &self.params_file {
2081 TerminalReporter::print_progress("Loading parameter overrides...");
2082 let overrides = ParameterOverrides::from_file(params_file)?;
2083 TerminalReporter::print_success(&format!(
2084 "Loaded parameter overrides ({} operation-specific, {} defaults)",
2085 overrides.operations.len(),
2086 if overrides.defaults.is_empty() { 0 } else { 1 }
2087 ));
2088 Some(overrides)
2089 } else {
2090 None
2091 };
2092
2093 let duration_secs = Self::parse_duration(&self.duration)?;
2095 let scenario =
2096 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
2097 let stages = scenario.generate_stages(duration_secs, self.vus);
2098
2099 let api_base_path = self.resolve_base_path(parser);
2101 if let Some(ref bp) = api_base_path {
2102 TerminalReporter::print_progress(&format!("Using base path: {}", bp));
2103 }
2104
2105 let mut all_headers = custom_headers.clone();
2107 if let Some(auth) = &self.auth {
2108 all_headers.insert("Authorization".to_string(), auth.clone());
2109 }
2110 let headers_json = serde_json::to_string(&all_headers).unwrap_or_else(|_| "{}".to_string());
2111
2112 let mut all_placeholders: HashSet<DynamicPlaceholder> = HashSet::new();
2114
2115 let flows_data: Vec<serde_json::Value> = flows.iter().map(|f| {
2116 let sanitized_name = K6ScriptGenerator::sanitize_k6_metric_name(&f.name);
2121 serde_json::json!({
2122 "name": sanitized_name.clone(), "display_name": f.name, "base_path": f.base_path,
2125 "steps": f.steps.iter().enumerate().map(|(idx, s)| {
2126 let parts: Vec<&str> = s.operation.splitn(2, ' ').collect();
2128 let method_raw = if !parts.is_empty() {
2129 parts[0].to_uppercase()
2130 } else {
2131 "GET".to_string()
2132 };
2133 let method = if !parts.is_empty() {
2134 let m = parts[0].to_lowercase();
2135 if m == "delete" { "del".to_string() } else { m }
2137 } else {
2138 "get".to_string()
2139 };
2140 let raw_path = if parts.len() >= 2 { parts[1] } else { "/" };
2141 let path = if let Some(ref bp) = api_base_path {
2143 format!("{}{}", bp, raw_path)
2144 } else {
2145 raw_path.to_string()
2146 };
2147 let is_get_or_head = method == "get" || method == "head";
2148 let has_body = matches!(method.as_str(), "post" | "put" | "patch");
2150
2151 let body_value = if has_body {
2153 param_overrides.as_ref()
2154 .map(|po| po.get_for_operation(None, &method_raw, raw_path))
2155 .and_then(|oo| oo.body)
2156 .unwrap_or_else(|| serde_json::json!({}))
2157 } else {
2158 serde_json::json!({})
2159 };
2160
2161 let processed_body = DynamicParamProcessor::process_json_body(&body_value);
2163 let body_has_extracted_placeholders = processed_body.value.contains("${extracted.");
2168 let body_is_dynamic = processed_body.is_dynamic || body_has_extracted_placeholders;
2169
2170 serde_json::json!({
2171 "operation": s.operation,
2172 "method": method,
2173 "path": path,
2174 "extract": s.extract,
2175 "use_values": s.use_values,
2176 "use_body": s.use_body,
2177 "merge_body": if s.merge_body.is_empty() { None } else { Some(&s.merge_body) },
2178 "inject_attacks": s.inject_attacks,
2179 "attack_types": s.attack_types,
2180 "description": s.description,
2181 "display_name": s.description.clone().unwrap_or_else(|| format!("Step {}", idx)),
2182 "is_get_or_head": is_get_or_head,
2183 "has_body": has_body,
2184 "body": processed_body.value,
2185 "body_is_dynamic": body_is_dynamic,
2186 "_placeholders": processed_body.placeholders.iter().map(|p| format!("{:?}", p)).collect::<Vec<_>>(),
2187 })
2188 }).collect::<Vec<_>>(),
2189 })
2190 }).collect();
2191
2192 for flow_data in &flows_data {
2194 if let Some(steps) = flow_data.get("steps").and_then(|s| s.as_array()) {
2195 for step in steps {
2196 if let Some(placeholders_arr) =
2197 step.get("_placeholders").and_then(|p| p.as_array())
2198 {
2199 for p_str in placeholders_arr {
2200 if let Some(p_name) = p_str.as_str() {
2201 match p_name {
2203 "VU" => {
2204 all_placeholders.insert(DynamicPlaceholder::VU);
2205 }
2206 "Iteration" => {
2207 all_placeholders.insert(DynamicPlaceholder::Iteration);
2208 }
2209 "Timestamp" => {
2210 all_placeholders.insert(DynamicPlaceholder::Timestamp);
2211 }
2212 "UUID" => {
2213 all_placeholders.insert(DynamicPlaceholder::UUID);
2214 }
2215 "Random" => {
2216 all_placeholders.insert(DynamicPlaceholder::Random);
2217 }
2218 "Counter" => {
2219 all_placeholders.insert(DynamicPlaceholder::Counter);
2220 }
2221 "Date" => {
2222 all_placeholders.insert(DynamicPlaceholder::Date);
2223 }
2224 "VuIter" => {
2225 all_placeholders.insert(DynamicPlaceholder::VuIter);
2226 }
2227 _ => {}
2228 }
2229 }
2230 }
2231 }
2232 }
2233 }
2234 }
2235
2236 let required_imports = DynamicParamProcessor::get_required_imports(&all_placeholders);
2238 let required_globals = DynamicParamProcessor::get_required_globals(&all_placeholders);
2239
2240 let invalid_data_config = self.build_invalid_data_config();
2242 let error_injection_enabled = invalid_data_config.is_some();
2243 let error_rate = self.error_rate.unwrap_or(0.0);
2244 let error_types: Vec<String> = invalid_data_config
2245 .as_ref()
2246 .map(|c| c.error_types.iter().map(|t| format!("{:?}", t)).collect())
2247 .unwrap_or_default();
2248
2249 if error_injection_enabled {
2250 TerminalReporter::print_progress(&format!(
2251 "Error injection enabled ({}% rate)",
2252 (error_rate * 100.0) as u32
2253 ));
2254 }
2255
2256 let security_testing_enabled = self.wafbench_dir.is_some() || self.security_test;
2258
2259 let data = serde_json::json!({
2260 "base_url": self.target,
2261 "flows": flows_data,
2262 "extract_fields": config.default_extract_fields,
2263 "duration_secs": duration_secs,
2264 "max_vus": self.vus,
2265 "auth_header": self.auth,
2266 "custom_headers": custom_headers,
2267 "skip_tls_verify": self.skip_tls_verify,
2268 "stages": stages.iter().map(|s| serde_json::json!({
2270 "duration": s.duration,
2271 "target": s.target,
2272 })).collect::<Vec<_>>(),
2273 "threshold_percentile": self.threshold_percentile,
2274 "threshold_ms": self.threshold_ms,
2275 "max_error_rate": self.max_error_rate,
2276 "headers": headers_json,
2277 "dynamic_imports": required_imports,
2278 "dynamic_globals": required_globals,
2279 "extracted_values_output_path": self
2280 .output
2281 .join("crud_flow_extracted_values.json")
2282 .to_string_lossy(),
2283 "error_injection_enabled": error_injection_enabled,
2285 "error_rate": error_rate,
2286 "error_types": error_types,
2287 "security_testing_enabled": security_testing_enabled,
2289 "has_custom_headers": !custom_headers.is_empty(),
2290 });
2291
2292 let mut script = handlebars
2293 .render_template(template, &data)
2294 .map_err(|e| BenchError::ScriptGenerationFailed(e.to_string()))?;
2295
2296 if security_testing_enabled {
2298 script = self.generate_enhanced_script(&script)?;
2299 }
2300
2301 TerminalReporter::print_progress("Validating CRUD flow script...");
2303 let validation_errors = K6ScriptGenerator::validate_script(&script);
2304 if !validation_errors.is_empty() {
2305 TerminalReporter::print_error("CRUD flow script validation failed");
2306 for error in &validation_errors {
2307 eprintln!(" {}", error);
2308 }
2309 return Err(BenchError::Other(format!(
2310 "CRUD flow script validation failed with {} error(s)",
2311 validation_errors.len()
2312 )));
2313 }
2314
2315 TerminalReporter::print_success("CRUD flow script generated");
2316
2317 let script_path = if let Some(output) = &self.script_output {
2319 output.clone()
2320 } else {
2321 self.output.join("k6-crud-flow-script.js")
2322 };
2323
2324 if let Some(parent) = script_path.parent() {
2325 std::fs::create_dir_all(parent)?;
2326 }
2327 std::fs::write(&script_path, &script)?;
2328 TerminalReporter::print_success(&format!("Script written to: {}", script_path.display()));
2329
2330 if self.generate_only {
2331 println!("\nScript generated successfully. Run it with:");
2332 println!(" k6 run {}", script_path.display());
2333 return Ok(());
2334 }
2335
2336 TerminalReporter::print_progress("Executing CRUD flow test...");
2338 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
2339 std::fs::create_dir_all(&self.output)?;
2340
2341 let results = executor.execute(&script_path, Some(&self.output), self.verbose).await?;
2342
2343 let duration_secs = Self::parse_duration(&self.duration)?;
2344 TerminalReporter::print_summary_with_mode(&results, duration_secs, self.no_keep_alive);
2345
2346 Ok(())
2347 }
2348
2349 async fn execute_conformance_test(&self) -> Result<()> {
2351 use crate::conformance::generator::{ConformanceConfig, ConformanceGenerator};
2352 use crate::conformance::report::ConformanceReport;
2353 use crate::conformance::spec::ConformanceFeature;
2354
2355 TerminalReporter::print_progress("OpenAPI 3.0.0 Conformance Testing Mode");
2356
2357 TerminalReporter::print_progress(
2360 "Conformance mode runs 1 VU, 1 iteration per endpoint (--vus and -d are ignored)",
2361 );
2362
2363 let categories = self.conformance_categories.as_ref().map(|cats_str| {
2365 cats_str
2366 .split(',')
2367 .filter_map(|s| {
2368 let trimmed = s.trim();
2369 if let Some(canonical) = ConformanceFeature::category_from_cli_name(trimmed) {
2370 Some(canonical.to_string())
2371 } else {
2372 TerminalReporter::print_warning(&format!(
2373 "Unknown conformance category: '{}'. Valid categories: {}",
2374 trimmed,
2375 ConformanceFeature::cli_category_names()
2376 .iter()
2377 .map(|(cli, _)| *cli)
2378 .collect::<Vec<_>>()
2379 .join(", ")
2380 ));
2381 None
2382 }
2383 })
2384 .collect::<Vec<String>>()
2385 });
2386
2387 let custom_headers: Vec<(String, String)> = self
2389 .conformance_headers
2390 .iter()
2391 .filter_map(|h| {
2392 let (name, value) = h.split_once(':')?;
2393 Some((name.trim().to_string(), value.trim().to_string()))
2394 })
2395 .collect();
2396
2397 if !custom_headers.is_empty() {
2398 TerminalReporter::print_progress(&format!(
2399 "Using {} custom header(s) for authentication",
2400 custom_headers.len()
2401 ));
2402 }
2403
2404 if self.conformance_delay_ms > 0 {
2405 TerminalReporter::print_progress(&format!(
2406 "Using {}ms delay between conformance requests",
2407 self.conformance_delay_ms
2408 ));
2409 }
2410
2411 std::fs::create_dir_all(&self.output)?;
2413
2414 let config = ConformanceConfig {
2415 target_url: self.target.clone(),
2416 api_key: self.conformance_api_key.clone(),
2417 basic_auth: self.conformance_basic_auth.clone(),
2418 skip_tls_verify: self.skip_tls_verify,
2419 categories,
2420 base_path: self.base_path.clone(),
2421 custom_headers,
2422 output_dir: Some(self.output.clone()),
2423 all_operations: self.conformance_all_operations,
2424 custom_checks_file: self.conformance_custom.clone(),
2425 request_delay_ms: self.conformance_delay_ms,
2426 custom_filter: self.conformance_custom_filter.clone(),
2427 export_requests: self.export_requests,
2428 validate_requests: self.validate_requests,
2429 };
2430
2431 let mut resolved_base_path: Option<String> = None;
2439 let annotated_ops = if !self.spec.is_empty() {
2440 TerminalReporter::print_progress("Spec-driven conformance mode: analyzing spec...");
2441 let parser = SpecParser::from_file(&self.spec[0]).await?;
2442 resolved_base_path = self.resolve_base_path(&parser);
2443
2444 let mut operations = if let Some(filter) = &self.operations {
2449 parser.filter_operations(filter)?
2450 } else {
2451 parser.get_operations()
2452 };
2453 if let Some(exclude) = &self.exclude_operations {
2454 let before_count = operations.len();
2455 operations = parser.exclude_operations(operations, exclude)?;
2456 let excluded_count = before_count - operations.len();
2457 if excluded_count > 0 {
2458 TerminalReporter::print_progress(&format!(
2459 "Excluded {} operations matching '{}'",
2460 excluded_count, exclude
2461 ));
2462 }
2463 }
2464
2465 let annotated =
2466 crate::conformance::spec_driven::SpecDrivenConformanceGenerator::annotate_operations(
2467 &operations,
2468 parser.spec(),
2469 );
2470 TerminalReporter::print_success(&format!(
2471 "Analyzed {} operations, found {} feature annotations",
2472 operations.len(),
2473 annotated.iter().map(|a| a.features.len()).sum::<usize>()
2474 ));
2475 Some(annotated)
2476 } else {
2477 None
2478 };
2479
2480 if self.conformance_self_test {
2487 let Some(ops) = annotated_ops else {
2488 TerminalReporter::print_error(
2489 "--conformance-self-test requires --spec; no operations to test",
2490 );
2491 return Ok(());
2492 };
2493 let cfg = crate::conformance::self_test::SelfTestConfig {
2494 target_url: self.target.clone(),
2495 skip_tls_verify: self.skip_tls_verify,
2496 timeout: std::time::Duration::from_secs(30),
2497 extra_headers: self
2501 .conformance_headers
2502 .iter()
2503 .filter_map(|h| {
2504 let (n, v) = h.split_once(':')?;
2505 Some((n.trim().to_string(), v.trim().to_string()))
2506 })
2507 .collect(),
2508 delay_between_requests: std::time::Duration::from_millis(self.conformance_delay_ms),
2509 base_path: resolved_base_path.clone(),
2513 source_ips: parse_ip_list(&self.source_ips, "source-ip"),
2517 geo_source_ips: parse_ip_list(&self.geo_source_ips, "geo-source-ip"),
2518 geo_source_headers: if self.geo_source_headers.is_empty() {
2519 crate::conformance::self_test::default_geo_source_headers()
2520 } else {
2521 self.geo_source_headers.clone()
2522 },
2523 capture: if self.conformance_self_test_capture || self.validate_response_schemas {
2527 Some(std::sync::Arc::new(std::sync::Mutex::new(Vec::new())))
2533 } else {
2534 None
2535 },
2536 validate_response_schemas: self.validate_response_schemas,
2537 spec_label: self.spec.first().map(|p| {
2543 p.file_name()
2544 .map(|s| s.to_string_lossy().into_owned())
2545 .unwrap_or_else(|| p.to_string_lossy().into_owned())
2546 }),
2547 };
2548 let capture_sink = cfg.capture.clone();
2549 TerminalReporter::print_progress(&format!(
2550 "Self-test mode: driving {} operations with positive + per-category negative cases",
2551 ops.len()
2552 ));
2553 let report = crate::conformance::self_test::run_self_test(&ops, &cfg)
2554 .await
2555 .map_err(|e| BenchError::Other(format!("self-test client error: {e}")))?;
2556 let per_endpoint_summary: Vec<
2566 crate::conformance::per_endpoint_summary::PerEndpointSummary,
2567 >;
2568 if let Some(sink) = capture_sink {
2569 if let Ok(guard) = sink.lock() {
2570 let jsonl_path = self.output.join("conformance-self-test-requests.jsonl");
2571 let mut lines = String::with_capacity(guard.len() * 256);
2572 for entry in guard.iter() {
2573 if let Ok(line) = serde_json::to_string(entry) {
2574 lines.push_str(&line);
2575 lines.push('\n');
2576 }
2577 }
2578 let _ = std::fs::write(&jsonl_path, lines);
2579 let html_path = self.output.join("conformance-self-test-requests.html");
2580 let html =
2581 crate::conformance::capture_html::render_capture_html(guard.as_slice());
2582 let _ = std::fs::write(&html_path, html);
2583
2584 per_endpoint_summary =
2588 crate::conformance::per_endpoint_summary::build_summary(guard.as_slice());
2589 let summary_path = self.output.join("conformance-per-endpoint.json");
2590 if let Ok(json) = serde_json::to_string_pretty(&per_endpoint_summary) {
2591 let _ = std::fs::write(&summary_path, json);
2592 TerminalReporter::print_progress(&format!(
2593 "Self-test request/response capture written to {} ({} entries) + {} + {}",
2594 jsonl_path.display(),
2595 guard.len(),
2596 html_path.display(),
2597 summary_path.display(),
2598 ));
2599 } else {
2600 TerminalReporter::print_progress(&format!(
2601 "Self-test request/response capture written to {} ({} entries) + {}",
2602 jsonl_path.display(),
2603 guard.len(),
2604 html_path.display(),
2605 ));
2606 }
2607 } else {
2608 per_endpoint_summary = Vec::new();
2609 }
2610 } else {
2611 per_endpoint_summary = Vec::new();
2612 }
2613 TerminalReporter::print_progress(&report.render_summary());
2614 let json_path = self.output.join("conformance-self-test.json");
2618 if let Ok(json) = serde_json::to_string_pretty(&report) {
2619 let _ = std::fs::write(&json_path, json);
2620 TerminalReporter::print_progress(&format!(
2621 "Self-test report written to {}",
2622 json_path.display()
2623 ));
2624 }
2625 if let Some(status) = report.detect_target_misconfiguration() {
2634 let hint = match status {
2635 404 => " Likely cause: spec paths don't match deployed routes — check --base-path and the spec's `servers` block.",
2636 401 | 403 => " Likely cause: authentication header is missing or invalid — check --conformance-header.",
2637 _ => "",
2638 };
2639 TerminalReporter::print_warning(&format!(
2640 "Self-test misconfiguration: every positive case returned {status}.{hint} Negative results below are meaningless under this condition."
2641 ));
2642 } else if !report.all_passed() {
2643 TerminalReporter::print_warning(
2644 "Self-test detected gaps — server let through at least one request that should have been a 4xx",
2645 );
2646 } else {
2647 TerminalReporter::print_success(
2648 "Self-test passed — all positive cases accepted and all negative cases rejected",
2649 );
2650 }
2651 let html_path = self.output.join("conformance-report.html");
2658 let audit_path = self.output.join("conformance-spec-audit.json");
2659 let audit_value = std::fs::read_to_string(&audit_path)
2660 .ok()
2661 .and_then(|s| serde_json::from_str::<serde_json::Value>(&s).ok());
2662 let render_opts = crate::conformance::report_html::RenderOptions {
2667 missed_cap: match self.report_missed_cap {
2668 Some(0) => None,
2669 Some(n) => Some(n as usize),
2670 None => Some(200),
2671 },
2672 };
2673 let mut html = crate::conformance::report_html::render_html_with_options(
2674 &report,
2675 audit_value.as_ref(),
2676 &render_opts,
2677 );
2678 let summary_section = crate::conformance::per_endpoint_summary::render_html_section(
2684 &per_endpoint_summary,
2685 );
2686 if !summary_section.is_empty() {
2687 if let Some(idx) = html.rfind("</body>") {
2688 html.insert_str(idx, &summary_section);
2689 } else {
2690 html.push_str(&summary_section);
2691 }
2692 }
2693 if std::fs::write(&html_path, html).is_ok() {
2694 TerminalReporter::print_progress(&format!(
2695 "HTML report written to {}",
2696 html_path.display()
2697 ));
2698 }
2699 return Ok(());
2700 }
2701
2702 if self.validate_requests && !self.spec.is_empty() {
2704 TerminalReporter::print_progress("Validating requests against OpenAPI spec...");
2705 let violation_count = crate::conformance::request_validator::run_request_validation(
2706 &self.spec,
2707 self.conformance_custom.as_deref(),
2708 self.base_path.as_deref(),
2709 &self.output,
2710 )
2711 .await?;
2712 if violation_count > 0 {
2713 TerminalReporter::print_warning(&format!(
2714 "{} request validation violation(s) found — see conformance-request-violations.json",
2715 violation_count
2716 ));
2717 } else {
2718 TerminalReporter::print_success("All requests conform to the OpenAPI spec");
2719 }
2720 }
2721
2722 if self.generate_only || self.use_k6 {
2724 let script = if let Some(annotated) = &annotated_ops {
2725 let gen = crate::conformance::spec_driven::SpecDrivenConformanceGenerator::new(
2726 config,
2727 annotated.clone(),
2728 );
2729 let op_count = gen.operation_count();
2730 let (script, check_count) = gen.generate()?;
2731 TerminalReporter::print_success(&format!(
2732 "Conformance: {} operations analyzed, {} unique checks generated",
2733 op_count, check_count
2734 ));
2735 script
2736 } else {
2737 let generator = ConformanceGenerator::new(config);
2738 generator.generate()?
2739 };
2740
2741 let script_path = self.output.join("k6-conformance.js");
2742 std::fs::write(&script_path, &script).map_err(|e| {
2743 BenchError::Other(format!("Failed to write conformance script: {}", e))
2744 })?;
2745 TerminalReporter::print_success(&format!(
2746 "Conformance script generated: {}",
2747 script_path.display()
2748 ));
2749
2750 if self.generate_only {
2751 println!("\nScript generated. Run with:");
2752 println!(" k6 run {}", script_path.display());
2753 return Ok(());
2754 }
2755
2756 if !K6Executor::is_k6_installed() {
2758 TerminalReporter::print_error("k6 is not installed");
2759 TerminalReporter::print_warning(
2760 "Install k6 from: https://k6.io/docs/get-started/installation/",
2761 );
2762 return Err(BenchError::K6NotFound);
2763 }
2764
2765 TerminalReporter::print_progress("Running conformance tests via k6...");
2766 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
2767 executor.execute(&script_path, Some(&self.output), self.verbose).await?;
2768
2769 let report_path = self.output.join("conformance-report.json");
2770 if report_path.exists() {
2771 let report = ConformanceReport::from_file(&report_path)?;
2772 report.print_report_with_options(self.conformance_all_operations);
2773 self.save_conformance_report(&report, &report_path)?;
2774 } else {
2775 TerminalReporter::print_warning(
2776 "Conformance report not generated (k6 handleSummary may not have run)",
2777 );
2778 }
2779
2780 if self.validate_requests && self.export_requests && !self.spec.is_empty() {
2792 let n = crate::conformance::request_validator::validate_emitted_requests(
2793 &self.spec,
2794 &self.output,
2795 )
2796 .await?;
2797 if n > 0 {
2798 TerminalReporter::print_warning(&format!(
2799 "{} emitted request(s) violated the spec — see conformance-request-violations.json",
2800 n
2801 ));
2802 }
2803 }
2804
2805 return Ok(());
2806 }
2807
2808 TerminalReporter::print_progress("Running conformance tests (native executor)...");
2810
2811 let mut executor = crate::conformance::executor::NativeConformanceExecutor::new(config)?;
2812
2813 let custom_only = annotated_ops.is_none() && self.conformance_custom.is_some();
2823 executor = if let Some(annotated) = &annotated_ops {
2824 executor.with_spec_driven_checks(annotated)
2825 } else if custom_only {
2826 executor
2827 } else {
2828 executor.with_reference_checks()
2829 };
2830 executor = executor.with_custom_checks()?;
2831
2832 TerminalReporter::print_success(&format!(
2833 "Executing {} conformance checks...",
2834 executor.check_count()
2835 ));
2836
2837 let report = executor.execute().await?;
2838 report.print_report_with_options(self.conformance_all_operations);
2839
2840 let failure_details = report.failure_details();
2842 if !failure_details.is_empty() {
2843 let details_path = self.output.join("conformance-failure-details.json");
2844 if let Ok(json) = serde_json::to_string_pretty(&failure_details) {
2845 let _ = std::fs::write(&details_path, json);
2846 TerminalReporter::print_success(&format!(
2847 "Failure details saved to: {}",
2848 details_path.display()
2849 ));
2850 }
2851 }
2852
2853 let report_path = self.output.join("conformance-report.json");
2855 let report_json = serde_json::to_string_pretty(&report.to_json())
2856 .map_err(|e| BenchError::Other(format!("Failed to serialize report: {}", e)))?;
2857 std::fs::write(&report_path, &report_json)
2858 .map_err(|e| BenchError::Other(format!("Failed to write report: {}", e)))?;
2859 TerminalReporter::print_success(&format!("Report saved to: {}", report_path.display()));
2860
2861 self.save_conformance_report(&report, &report_path)?;
2862
2863 Ok(())
2864 }
2865
2866 fn save_conformance_report(
2868 &self,
2869 report: &crate::conformance::report::ConformanceReport,
2870 report_path: &Path,
2871 ) -> Result<()> {
2872 if self.conformance_report_format == "sarif" {
2873 use crate::conformance::sarif::ConformanceSarifReport;
2874 ConformanceSarifReport::write(report, &self.target, &self.conformance_report)?;
2875 TerminalReporter::print_success(&format!(
2876 "SARIF report saved to: {}",
2877 self.conformance_report.display()
2878 ));
2879 } else if self.conformance_report != *report_path {
2880 std::fs::copy(report_path, &self.conformance_report)?;
2881 TerminalReporter::print_success(&format!(
2882 "Report saved to: {}",
2883 self.conformance_report.display()
2884 ));
2885 }
2886 Ok(())
2887 }
2888
2889 async fn execute_multi_target_conformance(&self, targets_file: &Path) -> Result<()> {
2895 use crate::conformance::generator::{ConformanceConfig, ConformanceGenerator};
2896 use crate::conformance::report::ConformanceReport;
2897 use crate::conformance::spec::ConformanceFeature;
2898
2899 TerminalReporter::print_progress("Multi-target OpenAPI 3.0.0 Conformance Testing Mode");
2900
2901 TerminalReporter::print_progress("Parsing targets file...");
2903 let targets = parse_targets_file(targets_file)?;
2904 let num_targets = targets.len();
2905 TerminalReporter::print_success(&format!("Loaded {} targets", num_targets));
2906
2907 if targets.is_empty() {
2908 return Err(BenchError::Other("No targets found in file".to_string()));
2909 }
2910
2911 TerminalReporter::print_progress(
2912 "Conformance mode runs 1 VU, 1 iteration per endpoint (--vus and -d are ignored)",
2913 );
2914
2915 let categories = self.conformance_categories.as_ref().map(|cats_str| {
2917 cats_str
2918 .split(',')
2919 .filter_map(|s| {
2920 let trimmed = s.trim();
2921 if let Some(canonical) = ConformanceFeature::category_from_cli_name(trimmed) {
2922 Some(canonical.to_string())
2923 } else {
2924 TerminalReporter::print_warning(&format!(
2925 "Unknown conformance category: '{}'. Valid categories: {}",
2926 trimmed,
2927 ConformanceFeature::cli_category_names()
2928 .iter()
2929 .map(|(cli, _)| *cli)
2930 .collect::<Vec<_>>()
2931 .join(", ")
2932 ));
2933 None
2934 }
2935 })
2936 .collect::<Vec<String>>()
2937 });
2938
2939 let base_custom_headers: Vec<(String, String)> = self
2941 .conformance_headers
2942 .iter()
2943 .filter_map(|h| {
2944 let (name, value) = h.split_once(':')?;
2945 Some((name.trim().to_string(), value.trim().to_string()))
2946 })
2947 .collect();
2948
2949 if !base_custom_headers.is_empty() {
2950 TerminalReporter::print_progress(&format!(
2951 "Using {} base custom header(s) for authentication",
2952 base_custom_headers.len()
2953 ));
2954 }
2955
2956 let annotated_ops = if !self.spec.is_empty() {
2958 TerminalReporter::print_progress("Spec-driven conformance mode: analyzing spec...");
2959 let parser = SpecParser::from_file(&self.spec[0]).await?;
2960 let operations = parser.get_operations();
2961 let annotated =
2962 crate::conformance::spec_driven::SpecDrivenConformanceGenerator::annotate_operations(
2963 &operations,
2964 parser.spec(),
2965 );
2966 TerminalReporter::print_success(&format!(
2967 "Analyzed {} operations, found {} feature annotations",
2968 operations.len(),
2969 annotated.iter().map(|a| a.features.len()).sum::<usize>()
2970 ));
2971 Some(annotated)
2972 } else {
2973 None
2974 };
2975
2976 std::fs::create_dir_all(&self.output)?;
2978
2979 struct TargetResult {
2981 url: String,
2982 passed: usize,
2983 failed: usize,
2984 elapsed: std::time::Duration,
2985 report_json: serde_json::Value,
2986 owasp_coverage: Vec<crate::conformance::report::OwaspCoverageEntry>,
2987 }
2988
2989 let mut target_results: Vec<TargetResult> = Vec::with_capacity(num_targets);
2990 let total_start = std::time::Instant::now();
2991
2992 for (idx, target) in targets.iter().enumerate() {
2993 tracing::info!(
2994 "Running conformance tests against target {}/{}: {}",
2995 idx + 1,
2996 num_targets,
2997 target.url
2998 );
2999 TerminalReporter::print_progress(&format!(
3000 "\n--- Target {}/{}: {} ---",
3001 idx + 1,
3002 num_targets,
3003 target.url
3004 ));
3005
3006 let mut merged_headers = base_custom_headers.clone();
3008 if let Some(ref target_headers) = target.headers {
3009 for (name, value) in target_headers {
3010 if let Some(existing) = merged_headers.iter_mut().find(|(n, _)| n == name) {
3012 existing.1 = value.clone();
3013 } else {
3014 merged_headers.push((name.clone(), value.clone()));
3015 }
3016 }
3017 }
3018 if let Some(ref auth) = target.auth {
3020 if let Some(existing) =
3021 merged_headers.iter_mut().find(|(n, _)| n.eq_ignore_ascii_case("Authorization"))
3022 {
3023 existing.1 = auth.clone();
3024 } else {
3025 merged_headers.push(("Authorization".to_string(), auth.clone()));
3026 }
3027 }
3028
3029 let target_dir = self.output.join(format!("target_{}", idx));
3035 std::fs::create_dir_all(&target_dir)?;
3036
3037 let config = ConformanceConfig {
3038 target_url: target.url.clone(),
3039 api_key: self.conformance_api_key.clone(),
3040 basic_auth: self.conformance_basic_auth.clone(),
3041 skip_tls_verify: self.skip_tls_verify,
3042 categories: categories.clone(),
3043 base_path: self.base_path.clone(),
3044 custom_headers: merged_headers,
3045 output_dir: Some(target_dir.clone()),
3046 all_operations: self.conformance_all_operations,
3047 custom_checks_file: self.conformance_custom.clone(),
3048 request_delay_ms: self.conformance_delay_ms,
3049 custom_filter: self.conformance_custom_filter.clone(),
3050 export_requests: self.export_requests,
3051 validate_requests: self.validate_requests,
3052 };
3053
3054 let target_start = std::time::Instant::now();
3055 let report = if self.use_k6 {
3056 if !K6Executor::is_k6_installed() {
3057 TerminalReporter::print_error("k6 is not installed");
3058 TerminalReporter::print_warning(
3059 "Install k6 from: https://k6.io/docs/get-started/installation/",
3060 );
3061 return Err(BenchError::K6NotFound);
3062 }
3063
3064 let script = if let Some(ref annotated) = annotated_ops {
3065 let gen = crate::conformance::spec_driven::SpecDrivenConformanceGenerator::new(
3066 config.clone(),
3067 annotated.clone(),
3068 );
3069 let (script, _check_count) = gen.generate()?;
3070 script
3071 } else {
3072 let generator = ConformanceGenerator::new(config.clone());
3073 generator.generate()?
3074 };
3075
3076 let script_path = target_dir.join("k6-conformance.js");
3077 std::fs::write(&script_path, &script).map_err(|e| {
3078 BenchError::Other(format!("Failed to write conformance script: {}", e))
3079 })?;
3080 TerminalReporter::print_success(&format!(
3081 "Conformance script generated: {}",
3082 script_path.display()
3083 ));
3084
3085 TerminalReporter::print_progress(&format!(
3086 "Running conformance tests via k6 against {}...",
3087 target.url
3088 ));
3089 let k6 = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
3090 let api_port = 6565u16.saturating_add(idx as u16);
3092 k6.execute_with_port(&script_path, Some(&target_dir), self.verbose, Some(api_port))
3093 .await?;
3094
3095 let report_path = target_dir.join("conformance-report.json");
3096 if report_path.exists() {
3097 ConformanceReport::from_file(&report_path)?
3098 } else {
3099 TerminalReporter::print_warning(&format!(
3100 "Conformance report not generated for target {} (k6 handleSummary may not have run)",
3101 target.url
3102 ));
3103 continue;
3104 }
3105 } else {
3106 let mut executor =
3107 crate::conformance::executor::NativeConformanceExecutor::new(config)?;
3108
3109 let custom_only = annotated_ops.is_none() && self.conformance_custom.is_some();
3112 executor = if let Some(ref annotated) = annotated_ops {
3113 executor.with_spec_driven_checks(annotated)
3114 } else if custom_only {
3115 executor
3116 } else {
3117 executor.with_reference_checks()
3118 };
3119 executor = executor.with_custom_checks()?;
3120
3121 TerminalReporter::print_success(&format!(
3122 "Executing {} conformance checks against {}...",
3123 executor.check_count(),
3124 target.url
3125 ));
3126
3127 executor.execute().await?
3128 };
3129 let target_elapsed = target_start.elapsed();
3130
3131 let report_json = report.to_json();
3132
3133 let passed = report_json["summary"]["passed"].as_u64().unwrap_or(0) as usize;
3135 let failed = report_json["summary"]["failed"].as_u64().unwrap_or(0) as usize;
3136 let total_checks = passed + failed;
3137 let rate = if total_checks == 0 {
3138 0.0
3139 } else {
3140 (passed as f64 / total_checks as f64) * 100.0
3141 };
3142
3143 TerminalReporter::print_success(&format!(
3144 "Target {}: {}/{} passed ({:.1}%) in {:.1}s",
3145 target.url,
3146 passed,
3147 total_checks,
3148 rate,
3149 target_elapsed.as_secs_f64()
3150 ));
3151
3152 let target_report_path = target_dir.join("conformance-report.json");
3154 let report_str = serde_json::to_string_pretty(&report_json)
3155 .map_err(|e| BenchError::Other(format!("Failed to serialize report: {}", e)))?;
3156 std::fs::write(&target_report_path, &report_str)
3157 .map_err(|e| BenchError::Other(format!("Failed to write report: {}", e)))?;
3158
3159 let failure_details = report.failure_details();
3161 if !failure_details.is_empty() {
3162 let details_path = target_dir.join("conformance-failure-details.json");
3163 if let Ok(json) = serde_json::to_string_pretty(&failure_details) {
3164 let _ = std::fs::write(&details_path, json);
3165 }
3166 }
3167
3168 let owasp_coverage = report.owasp_coverage_data();
3170
3171 target_results.push(TargetResult {
3172 url: target.url.clone(),
3173 passed,
3174 failed,
3175 elapsed: target_elapsed,
3176 report_json,
3177 owasp_coverage,
3178 });
3179 }
3180
3181 let total_elapsed = total_start.elapsed();
3182
3183 println!("\n{}", "=".repeat(80));
3185 println!(" Multi-Target Conformance Summary");
3186 println!("{}", "=".repeat(80));
3187 println!(
3188 " {:<40} {:>8} {:>8} {:>8} {:>8}",
3189 "Target URL", "Passed", "Failed", "Rate", "Time"
3190 );
3191 println!(" {}", "-".repeat(76));
3192
3193 let mut total_passed = 0usize;
3194 let mut total_failed = 0usize;
3195
3196 for result in &target_results {
3197 let total_checks = result.passed + result.failed;
3198 let rate = if total_checks == 0 {
3199 0.0
3200 } else {
3201 (result.passed as f64 / total_checks as f64) * 100.0
3202 };
3203
3204 let display_url = if result.url.len() > 38 {
3206 format!("{}...", &result.url[..35])
3207 } else {
3208 result.url.clone()
3209 };
3210
3211 println!(
3212 " {:<40} {:>8} {:>8} {:>7.1}% {:>6.1}s",
3213 display_url,
3214 result.passed,
3215 result.failed,
3216 rate,
3217 result.elapsed.as_secs_f64()
3218 );
3219
3220 total_passed += result.passed;
3221 total_failed += result.failed;
3222 }
3223
3224 let grand_total = total_passed + total_failed;
3225 let overall_rate = if grand_total == 0 {
3226 0.0
3227 } else {
3228 (total_passed as f64 / grand_total as f64) * 100.0
3229 };
3230
3231 println!(" {}", "-".repeat(76));
3232 println!(
3233 " {:<40} {:>8} {:>8} {:>7.1}% {:>6.1}s",
3234 format!("TOTAL ({} targets)", num_targets),
3235 total_passed,
3236 total_failed,
3237 overall_rate,
3238 total_elapsed.as_secs_f64()
3239 );
3240 println!("{}", "=".repeat(80));
3241
3242 for result in &target_results {
3244 println!("\n OWASP API Security Top 10 Coverage for {}:", result.url);
3245 for entry in &result.owasp_coverage {
3246 let status = if !entry.tested {
3247 "-"
3248 } else if entry.all_passed {
3249 "pass"
3250 } else {
3251 "FAIL"
3252 };
3253 let via = if entry.via_categories.is_empty() {
3254 String::new()
3255 } else {
3256 format!(" (via {})", entry.via_categories.join(", "))
3257 };
3258 println!(" {:<12} {:<40} {}{}", entry.id, entry.name, status, via);
3259 }
3260 }
3261
3262 let per_target_summaries: Vec<serde_json::Value> = target_results
3264 .iter()
3265 .enumerate()
3266 .map(|(idx, r)| {
3267 let total_checks = r.passed + r.failed;
3268 let rate = if total_checks == 0 {
3269 0.0
3270 } else {
3271 (r.passed as f64 / total_checks as f64) * 100.0
3272 };
3273 let owasp_json: Vec<serde_json::Value> = r
3274 .owasp_coverage
3275 .iter()
3276 .map(|e| {
3277 serde_json::json!({
3278 "id": e.id,
3279 "name": e.name,
3280 "tested": e.tested,
3281 "all_passed": e.all_passed,
3282 "via_categories": e.via_categories,
3283 })
3284 })
3285 .collect();
3286 serde_json::json!({
3287 "target_url": r.url,
3288 "target_index": idx,
3289 "checks_passed": r.passed,
3290 "checks_failed": r.failed,
3291 "total_checks": total_checks,
3292 "pass_rate": rate,
3293 "elapsed_seconds": r.elapsed.as_secs_f64(),
3294 "report": r.report_json,
3295 "owasp_coverage": owasp_json,
3296 })
3297 })
3298 .collect();
3299
3300 let combined_summary = serde_json::json!({
3301 "total_targets": num_targets,
3302 "total_checks_passed": total_passed,
3303 "total_checks_failed": total_failed,
3304 "overall_pass_rate": overall_rate,
3305 "total_elapsed_seconds": total_elapsed.as_secs_f64(),
3306 "targets": per_target_summaries,
3307 });
3308
3309 let summary_path = self.output.join("multi-target-conformance-summary.json");
3310 let summary_str = serde_json::to_string_pretty(&combined_summary)
3311 .map_err(|e| BenchError::Other(format!("Failed to serialize summary: {}", e)))?;
3312 std::fs::write(&summary_path, &summary_str)
3313 .map_err(|e| BenchError::Other(format!("Failed to write summary: {}", e)))?;
3314 TerminalReporter::print_success(&format!(
3315 "Combined summary saved to: {}",
3316 summary_path.display()
3317 ));
3318
3319 Ok(())
3320 }
3321
3322 async fn execute_owasp_test(&self, parser: &SpecParser) -> Result<()> {
3324 TerminalReporter::print_progress("OWASP API Security Top 10 Testing Mode");
3325
3326 let custom_headers = self.parse_headers()?;
3328
3329 let mut config = OwaspApiConfig::new()
3331 .with_auth_header(&self.owasp_auth_header)
3332 .with_verbose(self.verbose)
3333 .with_insecure(self.skip_tls_verify)
3334 .with_concurrency(self.vus as usize)
3335 .with_iterations(self.owasp_iterations as usize)
3336 .with_base_path(self.base_path.clone())
3337 .with_custom_headers(custom_headers);
3338
3339 if let Some(ref token) = self.owasp_auth_token {
3341 config = config.with_valid_auth_token(token);
3342 }
3343
3344 if let Some(ref cats_str) = self.owasp_categories {
3346 let categories: Vec<OwaspCategory> = cats_str
3347 .split(',')
3348 .filter_map(|s| {
3349 let trimmed = s.trim();
3350 match trimmed.parse::<OwaspCategory>() {
3351 Ok(cat) => Some(cat),
3352 Err(e) => {
3353 TerminalReporter::print_warning(&e);
3354 None
3355 }
3356 }
3357 })
3358 .collect();
3359
3360 if !categories.is_empty() {
3361 config = config.with_categories(categories);
3362 }
3363 }
3364
3365 if let Some(ref admin_paths_file) = self.owasp_admin_paths {
3367 config.admin_paths_file = Some(admin_paths_file.clone());
3368 if let Err(e) = config.load_admin_paths() {
3369 TerminalReporter::print_warning(&format!("Failed to load admin paths file: {}", e));
3370 }
3371 }
3372
3373 if let Some(ref id_fields_str) = self.owasp_id_fields {
3375 let id_fields: Vec<String> = id_fields_str
3376 .split(',')
3377 .map(|s| s.trim().to_string())
3378 .filter(|s| !s.is_empty())
3379 .collect();
3380 if !id_fields.is_empty() {
3381 config = config.with_id_fields(id_fields);
3382 }
3383 }
3384
3385 if let Some(ref report_path) = self.owasp_report {
3387 config = config.with_report_path(report_path);
3388 }
3389 if let Ok(format) = self.owasp_report_format.parse::<ReportFormat>() {
3390 config = config.with_report_format(format);
3391 }
3392
3393 let categories = config.categories_to_test();
3395 TerminalReporter::print_success(&format!(
3396 "Testing {} OWASP categories: {}",
3397 categories.len(),
3398 categories.iter().map(|c| c.cli_name()).collect::<Vec<_>>().join(", ")
3399 ));
3400
3401 if config.valid_auth_token.is_some() {
3402 TerminalReporter::print_progress("Using provided auth token for baseline requests");
3403 }
3404
3405 TerminalReporter::print_progress("Generating OWASP security test script...");
3407 let generator = OwaspApiGenerator::new(config, self.target.clone(), parser);
3408
3409 let script = generator.generate()?;
3411 TerminalReporter::print_success("OWASP security test script generated");
3412
3413 let script_path = if let Some(output) = &self.script_output {
3415 output.clone()
3416 } else {
3417 self.output.join("k6-owasp-security-test.js")
3418 };
3419
3420 if let Some(parent) = script_path.parent() {
3421 std::fs::create_dir_all(parent)?;
3422 }
3423 std::fs::write(&script_path, &script)?;
3424 TerminalReporter::print_success(&format!("Script written to: {}", script_path.display()));
3425
3426 if self.generate_only {
3428 println!("\nOWASP security test script generated. Run it with:");
3429 println!(" k6 run {}", script_path.display());
3430 return Ok(());
3431 }
3432
3433 TerminalReporter::print_progress("Executing OWASP security tests...");
3435 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
3436 std::fs::create_dir_all(&self.output)?;
3437
3438 let results = executor.execute(&script_path, Some(&self.output), self.verbose).await?;
3439
3440 let duration_secs = Self::parse_duration(&self.duration)?;
3441 TerminalReporter::print_summary_with_mode(&results, duration_secs, self.no_keep_alive);
3442
3443 println!("\nOWASP security test results saved to: {}", self.output.display());
3444
3445 Ok(())
3446 }
3447}
3448
3449#[cfg(test)]
3450mod tests {
3451 use super::*;
3452 use tempfile::tempdir;
3453
3454 #[test]
3455 fn test_parse_duration() {
3456 assert_eq!(BenchCommand::parse_duration("30s").unwrap(), 30);
3457 assert_eq!(BenchCommand::parse_duration("5m").unwrap(), 300);
3458 assert_eq!(BenchCommand::parse_duration("1h").unwrap(), 3600);
3459 assert_eq!(BenchCommand::parse_duration("60").unwrap(), 60);
3460 }
3461
3462 #[test]
3466 fn parse_ip_list_ipv4_range_inclusive() {
3467 let v = parse_ip_list(&["10.0.0.5-10.0.0.27".into()], "source-ip");
3468 assert_eq!(v.len(), 23);
3469 assert_eq!(v.first().unwrap().to_string(), "10.0.0.5");
3470 assert_eq!(v.last().unwrap().to_string(), "10.0.0.27");
3471 }
3472
3473 #[test]
3476 fn parse_ip_list_range_rejects_backwards() {
3477 let v = parse_ip_list(&["10.0.0.10-10.0.0.5".into()], "source-ip");
3478 assert!(v.is_empty(), "backwards range should produce no IPs; got {v:?}");
3479 }
3480
3481 #[test]
3485 fn parse_ip_list_rejects_ipv6_range_syntax() {
3486 let v = parse_ip_list(&["2001:db8::1-2001:db8::5".into()], "geo-source-ip");
3487 assert!(v.is_empty(), "IPv6 range should be rejected; got {v:?}");
3488 }
3489
3490 #[test]
3492 fn parse_ip_list_range_capped_at_256() {
3493 let v = parse_ip_list(&["10.0.0.0-10.0.5.0".into()], "source-ip");
3494 assert_eq!(v.len(), 256);
3495 assert_eq!(v.first().unwrap().to_string(), "10.0.0.0");
3496 }
3497
3498 #[test]
3501 fn parse_ip_list_plain_and_comma() {
3502 let v = parse_ip_list(&["10.0.0.5".into(), "10.0.0.6,10.0.0.7".into()], "source-ip");
3503 assert_eq!(v.len(), 3);
3504 assert_eq!(v[0].to_string(), "10.0.0.5");
3505 assert_eq!(v[2].to_string(), "10.0.0.7");
3506 }
3507
3508 #[test]
3511 fn parse_ip_list_ipv4_cidr_29_expands_to_8() {
3512 let v = parse_ip_list(&["10.0.0.0/29".into()], "source-ip");
3513 assert_eq!(v.len(), 8);
3514 assert_eq!(v[0].to_string(), "10.0.0.0");
3515 assert_eq!(v[7].to_string(), "10.0.0.7");
3516 }
3517
3518 #[test]
3521 fn parse_ip_list_ipv4_cidr_8_capped_at_256() {
3522 let v = parse_ip_list(&["10.0.0.0/8".into()], "source-ip");
3523 assert_eq!(v.len(), 256);
3524 assert_eq!(v[0].to_string(), "10.0.0.0");
3525 assert_eq!(v[255].to_string(), "10.0.0.255");
3526 }
3527
3528 #[test]
3530 fn parse_ip_list_ipv6_cidr_126_expands_to_4() {
3531 let v = parse_ip_list(&["2001:db8::/126".into()], "geo-source-ip");
3532 assert_eq!(v.len(), 4);
3533 assert!(v[0].is_ipv6());
3534 assert_eq!(v[0].to_string(), "2001:db8::");
3535 assert_eq!(v[3].to_string(), "2001:db8::3");
3536 }
3537
3538 #[test]
3540 fn parse_ip_list_mixed_v4_v6_cidr() {
3541 let v = parse_ip_list(&["10.0.0.0/30,2001:db8::1,203.0.113.42".into()], "geo-source-ip");
3542 assert_eq!(v.len(), 6); assert!(v.iter().any(|ip| ip.to_string() == "2001:db8::1"));
3544 assert!(v.iter().any(|ip| ip.to_string() == "203.0.113.42"));
3545 }
3546
3547 #[test]
3550 fn parse_ip_list_skips_malformed() {
3551 let v = parse_ip_list(
3552 &[
3553 "10.0.0.5".into(),
3554 "not-an-ip".into(),
3555 "10.0.0.6".into(),
3556 "/24".into(),
3557 "1.2.3.4/200".into(),
3558 ],
3559 "source-ip",
3560 );
3561 assert_eq!(v.len(), 2);
3562 assert_eq!(v[0].to_string(), "10.0.0.5");
3563 assert_eq!(v[1].to_string(), "10.0.0.6");
3564 }
3565
3566 #[test]
3567 fn test_parse_duration_invalid() {
3568 assert!(BenchCommand::parse_duration("invalid").is_err());
3569 assert!(BenchCommand::parse_duration("30x").is_err());
3570 }
3571
3572 #[test]
3573 fn test_parse_headers() {
3574 let cmd = BenchCommand {
3575 spec: vec![PathBuf::from("test.yaml")],
3576 spec_dir: None,
3577 merge_conflicts: "error".to_string(),
3578 spec_mode: "merge".to_string(),
3579 dependency_config: None,
3580 target: "http://localhost".to_string(),
3581 base_path: None,
3582 duration: "1m".to_string(),
3583 vus: 10,
3584 scenario: "ramp-up".to_string(),
3585 operations: None,
3586 exclude_operations: None,
3587 auth: None,
3588 headers: vec![
3589 "X-API-Key:test123".to_string(),
3590 "X-Client-ID:client456".to_string(),
3591 ],
3592 output: PathBuf::from("output"),
3593 generate_only: false,
3594 script_output: None,
3595 threshold_percentile: "p(95)".to_string(),
3596 threshold_ms: 500,
3597 max_error_rate: 0.05,
3598 verbose: false,
3599 skip_tls_verify: false,
3600 chunked_request_bodies: false,
3601 target_rps: None,
3602 no_keep_alive: false,
3603 targets_file: None,
3604 max_concurrency: None,
3605 results_format: "both".to_string(),
3606 params_file: None,
3607 crud_flow: false,
3608 flow_config: None,
3609 extract_fields: None,
3610 parallel_create: None,
3611 data_file: None,
3612 data_distribution: "unique-per-vu".to_string(),
3613 data_mappings: None,
3614 per_uri_control: false,
3615 error_rate: None,
3616 error_types: None,
3617 security_test: false,
3618 security_payloads: None,
3619 security_categories: None,
3620 security_target_fields: None,
3621 wafbench_dir: None,
3622 wafbench_cycle_all: false,
3623 owasp_api_top10: false,
3624 owasp_categories: None,
3625 owasp_auth_header: "Authorization".to_string(),
3626 owasp_auth_token: None,
3627 owasp_admin_paths: None,
3628 owasp_id_fields: None,
3629 owasp_report: None,
3630 owasp_report_format: "json".to_string(),
3631 owasp_iterations: 1,
3632 conformance: false,
3633 conformance_api_key: None,
3634 conformance_basic_auth: None,
3635 conformance_report: PathBuf::from("conformance-report.json"),
3636 conformance_categories: None,
3637 conformance_report_format: "json".to_string(),
3638 conformance_headers: vec![],
3639 conformance_all_operations: false,
3640 conformance_custom: None,
3641 conformance_delay_ms: 0,
3642 use_k6: false,
3643 conformance_custom_filter: None,
3644 export_requests: false,
3645 validate_requests: false,
3646 conformance_self_test: false,
3647 conformance_self_test_capture: false,
3648 validate_response_schemas: false,
3649 source_ips: Vec::new(),
3650 geo_source_ips: Vec::new(),
3651 geo_source_headers: Vec::new(),
3652 report_missed_cap: None,
3653 };
3654
3655 let headers = cmd.parse_headers().unwrap();
3656 assert_eq!(headers.get("X-API-Key"), Some(&"test123".to_string()));
3657 assert_eq!(headers.get("X-Client-ID"), Some(&"client456".to_string()));
3658 }
3659
3660 #[test]
3661 fn test_parse_header_string_preserves_comma_in_value() {
3662 let inputs = vec![
3665 "Cookie:session=abc; expires=Thu, 01 Jan 2099 00:00:00 GMT".to_string(),
3666 "X-Trace:1".to_string(),
3667 ];
3668 let headers = parse_header_string(&inputs).unwrap();
3669 assert_eq!(
3670 headers.get("Cookie"),
3671 Some(&"session=abc; expires=Thu, 01 Jan 2099 00:00:00 GMT".to_string())
3672 );
3673 assert_eq!(headers.get("X-Trace"), Some(&"1".to_string()));
3674 }
3675
3676 #[test]
3677 fn test_get_spec_display_name() {
3678 let cmd = BenchCommand {
3679 spec: vec![PathBuf::from("test.yaml")],
3680 spec_dir: None,
3681 merge_conflicts: "error".to_string(),
3682 spec_mode: "merge".to_string(),
3683 dependency_config: None,
3684 target: "http://localhost".to_string(),
3685 base_path: None,
3686 duration: "1m".to_string(),
3687 vus: 10,
3688 scenario: "ramp-up".to_string(),
3689 operations: None,
3690 exclude_operations: None,
3691 auth: None,
3692 headers: Vec::new(),
3693 output: PathBuf::from("output"),
3694 generate_only: false,
3695 script_output: None,
3696 threshold_percentile: "p(95)".to_string(),
3697 threshold_ms: 500,
3698 max_error_rate: 0.05,
3699 verbose: false,
3700 skip_tls_verify: false,
3701 chunked_request_bodies: false,
3702 target_rps: None,
3703 no_keep_alive: false,
3704 targets_file: None,
3705 max_concurrency: None,
3706 results_format: "both".to_string(),
3707 params_file: None,
3708 crud_flow: false,
3709 flow_config: None,
3710 extract_fields: None,
3711 parallel_create: None,
3712 data_file: None,
3713 data_distribution: "unique-per-vu".to_string(),
3714 data_mappings: None,
3715 per_uri_control: false,
3716 error_rate: None,
3717 error_types: None,
3718 security_test: false,
3719 security_payloads: None,
3720 security_categories: None,
3721 security_target_fields: None,
3722 wafbench_dir: None,
3723 wafbench_cycle_all: false,
3724 owasp_api_top10: false,
3725 owasp_categories: None,
3726 owasp_auth_header: "Authorization".to_string(),
3727 owasp_auth_token: None,
3728 owasp_admin_paths: None,
3729 owasp_id_fields: None,
3730 owasp_report: None,
3731 owasp_report_format: "json".to_string(),
3732 owasp_iterations: 1,
3733 conformance: false,
3734 conformance_api_key: None,
3735 conformance_basic_auth: None,
3736 conformance_report: PathBuf::from("conformance-report.json"),
3737 conformance_categories: None,
3738 conformance_report_format: "json".to_string(),
3739 conformance_headers: vec![],
3740 conformance_all_operations: false,
3741 conformance_custom: None,
3742 conformance_delay_ms: 0,
3743 use_k6: false,
3744 conformance_custom_filter: None,
3745 export_requests: false,
3746 validate_requests: false,
3747 conformance_self_test: false,
3748 conformance_self_test_capture: false,
3749 validate_response_schemas: false,
3750 source_ips: Vec::new(),
3751 geo_source_ips: Vec::new(),
3752 geo_source_headers: Vec::new(),
3753 report_missed_cap: None,
3754 };
3755
3756 assert_eq!(cmd.get_spec_display_name(), "test.yaml");
3757
3758 let cmd_multi = BenchCommand {
3760 spec: vec![PathBuf::from("a.yaml"), PathBuf::from("b.yaml")],
3761 spec_dir: None,
3762 merge_conflicts: "error".to_string(),
3763 spec_mode: "merge".to_string(),
3764 dependency_config: None,
3765 target: "http://localhost".to_string(),
3766 base_path: None,
3767 duration: "1m".to_string(),
3768 vus: 10,
3769 scenario: "ramp-up".to_string(),
3770 operations: None,
3771 exclude_operations: None,
3772 auth: None,
3773 headers: Vec::new(),
3774 output: PathBuf::from("output"),
3775 generate_only: false,
3776 script_output: None,
3777 threshold_percentile: "p(95)".to_string(),
3778 threshold_ms: 500,
3779 max_error_rate: 0.05,
3780 verbose: false,
3781 skip_tls_verify: false,
3782 chunked_request_bodies: false,
3783 target_rps: None,
3784 no_keep_alive: false,
3785 targets_file: None,
3786 max_concurrency: None,
3787 results_format: "both".to_string(),
3788 params_file: None,
3789 crud_flow: false,
3790 flow_config: None,
3791 extract_fields: None,
3792 parallel_create: None,
3793 data_file: None,
3794 data_distribution: "unique-per-vu".to_string(),
3795 data_mappings: None,
3796 per_uri_control: false,
3797 error_rate: None,
3798 error_types: None,
3799 security_test: false,
3800 security_payloads: None,
3801 security_categories: None,
3802 security_target_fields: None,
3803 wafbench_dir: None,
3804 wafbench_cycle_all: false,
3805 owasp_api_top10: false,
3806 owasp_categories: None,
3807 owasp_auth_header: "Authorization".to_string(),
3808 owasp_auth_token: None,
3809 owasp_admin_paths: None,
3810 owasp_id_fields: None,
3811 owasp_report: None,
3812 owasp_report_format: "json".to_string(),
3813 owasp_iterations: 1,
3814 conformance: false,
3815 conformance_api_key: None,
3816 conformance_basic_auth: None,
3817 conformance_report: PathBuf::from("conformance-report.json"),
3818 conformance_categories: None,
3819 conformance_report_format: "json".to_string(),
3820 conformance_headers: vec![],
3821 conformance_all_operations: false,
3822 conformance_custom: None,
3823 conformance_delay_ms: 0,
3824 use_k6: false,
3825 conformance_custom_filter: None,
3826 export_requests: false,
3827 validate_requests: false,
3828 conformance_self_test: false,
3829 conformance_self_test_capture: false,
3830 validate_response_schemas: false,
3831 source_ips: Vec::new(),
3832 geo_source_ips: Vec::new(),
3833 geo_source_headers: Vec::new(),
3834 report_missed_cap: None,
3835 };
3836
3837 assert_eq!(cmd_multi.get_spec_display_name(), "2 spec files");
3838 }
3839
3840 #[test]
3841 fn test_parse_extracted_values_from_output_dir() {
3842 let dir = tempdir().unwrap();
3843 let path = dir.path().join("extracted_values.json");
3844 std::fs::write(
3845 &path,
3846 r#"{
3847 "pool_id": "abc123",
3848 "count": 0,
3849 "enabled": false,
3850 "metadata": { "owner": "team-a" }
3851}"#,
3852 )
3853 .unwrap();
3854
3855 let extracted = BenchCommand::parse_extracted_values(dir.path()).unwrap();
3856 assert_eq!(extracted.get("pool_id"), Some(&serde_json::json!("abc123")));
3857 assert_eq!(extracted.get("count"), Some(&serde_json::json!(0)));
3858 assert_eq!(extracted.get("enabled"), Some(&serde_json::json!(false)));
3859 assert_eq!(extracted.get("metadata"), Some(&serde_json::json!({"owner": "team-a"})));
3860 }
3861
3862 #[test]
3863 fn test_parse_extracted_values_missing_file() {
3864 let dir = tempdir().unwrap();
3865 let extracted = BenchCommand::parse_extracted_values(dir.path()).unwrap();
3866 assert!(extracted.values.is_empty());
3867 }
3868}