1use crate::crud_flow::{CrudFlowConfig, CrudFlowDetector};
4use crate::data_driven::{DataDistribution, DataDrivenConfig, DataDrivenGenerator, DataMapping};
5use crate::dynamic_params::{DynamicParamProcessor, DynamicPlaceholder};
6use crate::error::{BenchError, Result};
7use crate::executor::K6Executor;
8use crate::invalid_data::{InvalidDataConfig, InvalidDataGenerator};
9use crate::k6_gen::{K6Config, K6ScriptGenerator};
10use crate::mock_integration::{
11 MockIntegrationConfig, MockIntegrationGenerator, MockServerDetector,
12};
13use crate::owasp_api::{OwaspApiConfig, OwaspApiGenerator, OwaspCategory, ReportFormat};
14use crate::parallel_executor::{AggregatedResults, ParallelExecutor};
15use crate::parallel_requests::{ParallelConfig, ParallelRequestGenerator};
16use crate::param_overrides::ParameterOverrides;
17use crate::reporter::TerminalReporter;
18use crate::request_gen::RequestGenerator;
19use crate::scenarios::LoadScenario;
20use crate::security_payloads::{
21 SecurityCategory, SecurityPayload, SecurityPayloads, SecurityTestConfig, SecurityTestGenerator,
22};
23use crate::spec_dependencies::{
24 topological_sort, DependencyDetector, ExtractedValues, SpecDependencyConfig,
25};
26use crate::spec_parser::SpecParser;
27use crate::target_parser::parse_targets_file;
28use crate::wafbench::WafBenchLoader;
29use mockforge_openapi::multi_spec::{
30 load_specs_from_directory, load_specs_from_files, merge_specs, ConflictStrategy,
31};
32use mockforge_openapi::spec::OpenApiSpec;
33use std::collections::{HashMap, HashSet};
34use std::path::{Path, PathBuf};
35use std::str::FromStr;
36
37pub fn parse_header_string(inputs: &[String]) -> Result<HashMap<String, String>> {
45 let mut headers = HashMap::new();
46
47 for pair in inputs {
48 let pair = pair.trim();
49 if pair.is_empty() {
50 continue;
51 }
52 let parts: Vec<&str> = pair.splitn(2, ':').collect();
53 if parts.len() != 2 {
54 return Err(BenchError::Other(format!(
55 "Invalid header format: '{}'. Expected 'Key:Value'",
56 pair
57 )));
58 }
59 headers.insert(parts[0].trim().to_string(), parts[1].trim().to_string());
60 }
61
62 Ok(headers)
63}
64
65pub struct BenchCommand {
67 pub spec: Vec<PathBuf>,
69 pub spec_dir: Option<PathBuf>,
71 pub merge_conflicts: String,
73 pub spec_mode: String,
75 pub dependency_config: Option<PathBuf>,
77 pub target: String,
78 pub base_path: Option<String>,
81 pub duration: String,
82 pub vus: u32,
83 pub target_rps: Option<u32>,
89 pub no_keep_alive: bool,
94 pub scenario: String,
95 pub operations: Option<String>,
96 pub exclude_operations: Option<String>,
100 pub auth: Option<String>,
101 pub headers: Vec<String>,
104 pub output: PathBuf,
105 pub generate_only: bool,
106 pub script_output: Option<PathBuf>,
107 pub threshold_percentile: String,
108 pub threshold_ms: u64,
109 pub max_error_rate: f64,
110 pub verbose: bool,
111 pub skip_tls_verify: bool,
112 pub chunked_request_bodies: bool,
117 pub targets_file: Option<PathBuf>,
119 pub max_concurrency: Option<u32>,
121 pub results_format: String,
123 pub params_file: Option<PathBuf>,
128
129 pub crud_flow: bool,
132 pub flow_config: Option<PathBuf>,
134 pub extract_fields: Option<String>,
136
137 pub parallel_create: Option<u32>,
140
141 pub data_file: Option<PathBuf>,
144 pub data_distribution: String,
146 pub data_mappings: Option<String>,
148 pub per_uri_control: bool,
150
151 pub error_rate: Option<f64>,
154 pub error_types: Option<String>,
156
157 pub security_test: bool,
160 pub security_payloads: Option<PathBuf>,
162 pub security_categories: Option<String>,
164 pub security_target_fields: Option<String>,
166
167 pub wafbench_dir: Option<String>,
170 pub wafbench_cycle_all: bool,
172
173 pub conformance: bool,
176 pub conformance_api_key: Option<String>,
178 pub conformance_basic_auth: Option<String>,
180 pub conformance_report: PathBuf,
182 pub conformance_categories: Option<String>,
184 pub conformance_report_format: String,
186 pub conformance_headers: Vec<String>,
189 pub conformance_all_operations: bool,
192 pub conformance_custom: Option<PathBuf>,
194 pub conformance_delay_ms: u64,
197 pub use_k6: bool,
199 pub conformance_custom_filter: Option<String>,
203 pub export_requests: bool,
206 pub validate_requests: bool,
209 pub conformance_self_test: bool,
216 pub conformance_self_test_capture: bool,
220 pub validate_response_schemas: bool,
226 pub conformance_self_test_iterations: u32,
231 pub conformance_self_test_duration: Option<String>,
236
237 pub source_ips: Vec<String>,
242 pub geo_source_ips: Vec<String>,
246 pub geo_source_headers: Vec<String>,
250
251 pub report_missed_cap: Option<u32>,
258
259 pub owasp_api_top10: bool,
262 pub owasp_categories: Option<String>,
264 pub owasp_auth_header: String,
266 pub owasp_auth_token: Option<String>,
268 pub owasp_admin_paths: Option<PathBuf>,
270 pub owasp_id_fields: Option<String>,
272 pub owasp_report: Option<PathBuf>,
274 pub owasp_report_format: String,
276 pub owasp_iterations: u32,
278}
279
280fn parse_ip_list(raw: &[String], flag_name: &str) -> Vec<std::net::IpAddr> {
294 use std::net::IpAddr;
295 const MAX_CIDR_EXPANSION: usize = 256;
296 let mut out = Vec::new();
297 for entry in raw {
298 for piece in entry.split(',') {
299 let s = piece.trim();
300 if s.is_empty() {
301 continue;
302 }
303 if let Some((addr_part, prefix_part)) = s.split_once('/') {
305 let prefix: u32 = match prefix_part.parse() {
306 Ok(p) => p,
307 Err(e) => {
308 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad CIDR prefix: {e}");
309 continue;
310 }
311 };
312 let net_addr: IpAddr = match addr_part.parse() {
313 Ok(a) => a,
314 Err(e) => {
315 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad CIDR address: {e}");
316 continue;
317 }
318 };
319 expand_cidr(net_addr, prefix, MAX_CIDR_EXPANSION, flag_name, s, &mut out);
320 continue;
321 }
322 if let Some((start_str, end_str)) = s.split_once('-') {
328 let start_s = start_str.trim();
329 let end_s = end_str.trim();
330 if start_s.contains(':') || end_s.contains(':') {
334 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{s}': IPv6 range syntax not supported (use CIDR like 2001:db8::/126 instead)");
335 continue;
336 }
337 let start: IpAddr = match start_s.parse() {
338 Ok(a) => a,
339 Err(e) => {
340 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad range start: {e}");
341 continue;
342 }
343 };
344 let end: IpAddr = match end_s.parse() {
345 Ok(a) => a,
346 Err(e) => {
347 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{s}': bad range end: {e}");
348 continue;
349 }
350 };
351 expand_range(start, end, MAX_CIDR_EXPANSION, flag_name, s, &mut out);
352 continue;
353 }
354 match s.parse::<IpAddr>() {
356 Ok(ip) => out.push(ip),
357 Err(e) => {
358 tracing::warn!(target: "mockforge::bench", "ignoring malformed --{flag_name} value '{s}': {e}");
359 }
360 }
361 }
362 }
363 out
364}
365
366fn expand_range(
370 start: std::net::IpAddr,
371 end: std::net::IpAddr,
372 cap: usize,
373 flag_name: &str,
374 raw: &str,
375 out: &mut Vec<std::net::IpAddr>,
376) {
377 use std::net::{IpAddr, Ipv4Addr};
378 let (start_v4, end_v4) = match (start, end) {
379 (IpAddr::V4(a), IpAddr::V4(b)) => (a, b),
380 _ => {
381 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': range start/end must both be IPv4");
382 return;
383 }
384 };
385 let start_u32 = u32::from(start_v4);
386 let end_u32 = u32::from(end_v4);
387 if end_u32 < start_u32 {
388 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': range end {end_v4} is before start {start_v4}");
389 return;
390 }
391 let total = (end_u32 - start_u32).saturating_add(1) as usize;
392 let take = total.min(cap);
393 if total > cap {
394 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': range has {total} addresses, capping at {cap}");
395 }
396 for i in 0..take as u32 {
397 out.push(IpAddr::V4(Ipv4Addr::from(start_u32 + i)));
398 }
399}
400
401fn expand_cidr(
405 net: std::net::IpAddr,
406 prefix: u32,
407 cap: usize,
408 flag_name: &str,
409 raw: &str,
410 out: &mut Vec<std::net::IpAddr>,
411) {
412 use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
413 match net {
414 IpAddr::V4(ipv4) => {
415 if prefix > 32 {
416 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{raw}': IPv4 prefix must be <= 32");
417 return;
418 }
419 let total: u64 = 1u64 << (32 - prefix);
420 let take = total.min(cap as u64) as u32;
421 if total > cap as u64 {
422 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': CIDR has {total} addresses, capping at {cap}");
423 }
424 let mask: u32 = if prefix == 0 {
425 0
426 } else {
427 !0u32 << (32 - prefix)
428 };
429 let net_u32 = u32::from(ipv4) & mask;
430 for i in 0..take {
431 out.push(IpAddr::V4(Ipv4Addr::from(net_u32.wrapping_add(i))));
432 }
433 }
434 IpAddr::V6(ipv6) => {
435 if prefix > 128 {
436 tracing::warn!(target: "mockforge::bench", "ignoring --{flag_name} '{raw}': IPv6 prefix must be <= 128");
437 return;
438 }
439 let mask: u128 = if prefix == 0 {
443 0
444 } else {
445 !0u128 << (128 - prefix)
446 };
447 let net_u128 = u128::from(ipv6) & mask;
448 let remaining_bits = 128 - prefix;
449 let total_capped = if remaining_bits >= 64 {
452 cap as u128
453 } else {
454 (1u128 << remaining_bits).min(cap as u128)
455 };
456 if remaining_bits < 128 && (1u128 << remaining_bits) > cap as u128 {
457 tracing::warn!(target: "mockforge::bench", "--{flag_name} '{raw}': IPv6 CIDR exceeds {cap} addresses, capping");
458 }
459 for i in 0..total_capped {
460 out.push(IpAddr::V6(Ipv6Addr::from(net_u128.wrapping_add(i))));
461 }
462 }
463 }
464}
465
466impl BenchCommand {
467 pub async fn load_and_merge_specs(&self) -> Result<OpenApiSpec> {
469 let mut all_specs: Vec<(PathBuf, OpenApiSpec)> = Vec::new();
470
471 if !self.spec.is_empty() {
473 let specs = load_specs_from_files(self.spec.clone())
474 .await
475 .map_err(|e| BenchError::Other(format!("Failed to load spec files: {}", e)))?;
476 all_specs.extend(specs);
477 }
478
479 if let Some(spec_dir) = &self.spec_dir {
481 let dir_specs = load_specs_from_directory(spec_dir).await.map_err(|e| {
482 BenchError::Other(format!("Failed to load specs from directory: {}", e))
483 })?;
484 all_specs.extend(dir_specs);
485 }
486
487 if all_specs.is_empty() {
488 return Err(BenchError::Other(
489 "No spec files provided. Use --spec or --spec-dir.".to_string(),
490 ));
491 }
492
493 if all_specs.len() == 1 {
495 return Ok(all_specs.into_iter().next().expect("checked len() == 1 above").1);
497 }
498
499 let conflict_strategy = match self.merge_conflicts.as_str() {
501 "first" => ConflictStrategy::First,
502 "last" => ConflictStrategy::Last,
503 _ => ConflictStrategy::Error,
504 };
505
506 merge_specs(all_specs, conflict_strategy)
507 .map_err(|e| BenchError::Other(format!("Failed to merge specs: {}", e)))
508 }
509
510 fn get_spec_display_name(&self) -> String {
512 if self.spec.len() == 1 {
513 self.spec[0].to_string_lossy().to_string()
514 } else if !self.spec.is_empty() {
515 format!("{} spec files", self.spec.len())
516 } else if let Some(dir) = &self.spec_dir {
517 format!("specs from {}", dir.display())
518 } else {
519 "no specs".to_string()
520 }
521 }
522
523 fn advise_capacity(&self) {
530 let target_count = self
531 .targets_file
532 .as_ref()
533 .and_then(|p| std::fs::read_to_string(p).ok())
534 .and_then(|s| serde_json::from_str::<serde_json::Value>(&s).ok())
535 .and_then(|v| v.as_array().map(|a| a.len()))
536 .unwrap_or(1);
537 let vus = self.vus.max(1);
538 let rps_total = self.target_rps.unwrap_or(0) as usize * target_count.max(1);
539 let load_product = target_count * vus as usize;
543 if load_product >= 150 {
544 let est_ram_gb =
545 (vus as usize * 50) / 1024 + (target_count * 10 * 2) / 1024 + target_count / 2;
546 let est_cores = ((vus as usize) / 50).max(2);
547 TerminalReporter::print_warning(&format!(
548 "Capacity advisory: targets={target_count}, VUs={vus}, RPS-total≈{rps_total}. \
549 Single-client estimate: ~{est_cores} CPU cores, ~{est_ram_gb} GB RAM. \
550 If your machine is below that, expect OOM hangs partway through the run. \
551 See https://docs.mockforge.dev/reference/bench-capacity-sizing.html \
552 for the sizing table and sharding guide."
553 ));
554 }
555 }
556
557 pub async fn execute(&self) -> Result<()> {
559 if self.conformance_self_test && self.use_k6 {
566 TerminalReporter::print_warning(
567 "--use-k6 has no effect with --conformance-self-test: the self-test driver runs and returns before k6 is invoked. Drop one or the other depending on whether you want the spec-driven self-test or a k6 bench run.",
568 );
569 }
570
571 self.advise_capacity();
577
578 if let Some(targets_file) = &self.targets_file {
580 if self.conformance {
581 return self.execute_multi_target_conformance(targets_file).await;
582 }
583 return self.execute_multi_target(targets_file).await;
584 }
585
586 if self.spec_mode == "sequential" && (self.spec.len() > 1 || self.spec_dir.is_some()) {
588 return self.execute_sequential_specs().await;
589 }
590
591 TerminalReporter::print_header(
594 &self.get_spec_display_name(),
595 &self.target,
596 0, &self.scenario,
598 Self::parse_duration(&self.duration)?,
599 );
600
601 if !K6Executor::is_k6_installed() {
603 TerminalReporter::print_error("k6 is not installed");
604 TerminalReporter::print_warning(
605 "Install k6 from: https://k6.io/docs/get-started/installation/",
606 );
607 return Err(BenchError::K6NotFound);
608 }
609
610 if self.conformance {
612 return self.execute_conformance_test().await;
613 }
614
615 TerminalReporter::print_progress("Loading OpenAPI specification(s)...");
617 let merged_spec = self.load_and_merge_specs().await?;
618 let parser = SpecParser::from_spec(merged_spec);
619 if self.spec.len() > 1 || self.spec_dir.is_some() {
620 TerminalReporter::print_success(&format!(
621 "Loaded and merged {} specification(s)",
622 self.spec.len() + self.spec_dir.as_ref().map(|_| 1).unwrap_or(0)
623 ));
624 } else {
625 TerminalReporter::print_success("Specification loaded");
626 }
627
628 let mock_config = self.build_mock_config().await;
630 if mock_config.is_mock_server {
631 TerminalReporter::print_progress("Mock server integration enabled");
632 }
633
634 if self.crud_flow {
636 return self.execute_crud_flow(&parser).await;
637 }
638
639 if self.owasp_api_top10 {
641 return self.execute_owasp_test(&parser).await;
642 }
643
644 TerminalReporter::print_progress("Extracting API operations...");
646 let mut operations = if let Some(filter) = &self.operations {
647 parser.filter_operations(filter)?
648 } else {
649 parser.get_operations()
650 };
651
652 if let Some(exclude) = &self.exclude_operations {
654 let before_count = operations.len();
655 operations = parser.exclude_operations(operations, exclude)?;
656 let excluded_count = before_count - operations.len();
657 if excluded_count > 0 {
658 TerminalReporter::print_progress(&format!(
659 "Excluded {} operations matching '{}'",
660 excluded_count, exclude
661 ));
662 }
663 }
664
665 if operations.is_empty() {
666 return Err(BenchError::Other("No operations found in spec".to_string()));
667 }
668
669 TerminalReporter::print_success(&format!("Found {} operations", operations.len()));
670
671 let param_overrides = if let Some(params_file) = &self.params_file {
673 TerminalReporter::print_progress("Loading parameter overrides...");
674 let overrides = ParameterOverrides::from_file(params_file)?;
675 TerminalReporter::print_success(&format!(
676 "Loaded parameter overrides ({} operation-specific, {} defaults)",
677 overrides.operations.len(),
678 if overrides.defaults.is_empty() { 0 } else { 1 }
679 ));
680 Some(overrides)
681 } else {
682 None
683 };
684
685 TerminalReporter::print_progress("Generating request templates...");
687 let templates: Vec<_> = operations
688 .iter()
689 .map(|op| {
690 let op_overrides = param_overrides.as_ref().map(|po| {
691 po.get_for_operation(op.operation_id.as_deref(), &op.method, &op.path)
692 });
693 RequestGenerator::generate_template_with_overrides(op, op_overrides.as_ref())
694 })
695 .collect::<Result<Vec<_>>>()?;
696 TerminalReporter::print_success("Request templates generated");
697
698 let custom_headers = self.parse_headers()?;
700
701 let base_path = self.resolve_base_path(&parser);
703 if let Some(ref bp) = base_path {
704 TerminalReporter::print_progress(&format!("Using base path: {}", bp));
705 }
706
707 TerminalReporter::print_progress("Generating k6 load test script...");
709 let scenario =
710 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
711
712 let security_testing_enabled = self.security_test || self.wafbench_dir.is_some();
713
714 let num_ops = operations.len() as u32;
732 if let Some(rps) = self.target_rps {
733 let probe =
734 crate::preflight::probe_target_latency(&self.target, 3, self.skip_tls_verify).await;
735
736 let (required_vus, basis) = match probe {
737 Some(p) => (
738 p.required_vus(rps, num_ops),
739 format!("avg {:.1}ms (measured)", p.avg_latency.as_secs_f64() * 1000.0),
740 ),
741 None => {
742 let fallback = (rps as u64)
744 .saturating_mul(num_ops.max(1) as u64)
745 .div_ceil(10)
746 .min(u32::MAX as u64) as u32;
747 (fallback, "~100ms (default — probe failed)".to_string())
748 }
749 };
750
751 if self.vus < required_vus {
752 const VU_RECOMMENDATION_CAP: u32 = 1000;
758 let recommendation = required_vus.max(self.vus + 1);
759 if recommendation > VU_RECOMMENDATION_CAP {
760 TerminalReporter::print_warning(&format!(
761 "Workload is very large: --rps {} × {} ops/iteration × {} \
762 baseline ⇒ ~{} VUs needed end-to-end, far beyond what's \
763 practical to drive. Two ways to fix:\n 1. Reduce \
764 operations per iteration with `--operations 'pattern,…'` \
765 (or `--exclude-operations`) to focus the bench on a \
766 representative subset.\n 2. Drop `--rps` and use \
767 `--vus {}` alone — closed-model load runs as fast as \
768 the VU pool allows, bounded by latency, with no per-\
769 iteration deadline. Expect 1-iteration coverage of ~{} \
770 operations in {}s.",
771 rps,
772 num_ops,
773 basis,
774 recommendation,
775 self.vus.max(5),
776 num_ops,
777 Self::parse_duration(&self.duration).unwrap_or(0),
778 ));
779 } else {
780 TerminalReporter::print_warning(&format!(
781 "--vus {} may be insufficient for --rps {} × {} ops/iteration \
782 (baseline latency {}). k6's constant-arrival-rate counts ITERATIONS \
783 and each runs every operation in the spec — required ≈ rps × ops × \
784 latency_secs VUs. Bump --vus to ~{} if you see \"Insufficient VUs\" \
785 warnings.",
786 self.vus, rps, num_ops, basis, recommendation,
787 ));
788 }
789 } else if probe.is_some() {
790 TerminalReporter::print_progress(&format!(
791 "Pre-flight probe: target latency {}, {} ops/iteration — --vus {} \
792 is sufficient for --rps {}",
793 basis, num_ops, self.vus, rps,
794 ));
795 }
796 }
797
798 let k6_config = K6Config {
799 target_url: self.target.clone(),
800 base_path,
801 scenario,
802 duration_secs: Self::parse_duration(&self.duration)?,
803 max_vus: self.vus,
804 threshold_percentile: self.threshold_percentile.clone(),
805 threshold_ms: self.threshold_ms,
806 max_error_rate: self.max_error_rate,
807 auth_header: self.auth.clone(),
808 custom_headers,
809 skip_tls_verify: self.skip_tls_verify,
810 security_testing_enabled,
811 chunked_request_bodies: self.chunked_request_bodies,
812 target_rps: self.target_rps,
813 no_keep_alive: self.no_keep_alive,
814 geo_source_ips: parse_ip_list(&self.geo_source_ips, "geo-source-ip")
820 .into_iter()
821 .map(|ip| ip.to_string())
822 .collect(),
823 geo_source_headers: if self.geo_source_headers.is_empty()
824 && !self.geo_source_ips.is_empty()
825 {
826 crate::conformance::self_test::default_geo_source_headers()
827 } else {
828 self.geo_source_headers.clone()
829 },
830 };
831
832 let generator = K6ScriptGenerator::new(k6_config, templates);
833 let mut script = generator.generate()?;
834 TerminalReporter::print_success("k6 script generated");
835
836 let has_advanced_features = self.data_file.is_some()
838 || self.error_rate.is_some()
839 || self.security_test
840 || self.parallel_create.is_some()
841 || self.wafbench_dir.is_some();
842
843 if has_advanced_features {
845 script = self.generate_enhanced_script(&script)?;
846 }
847
848 if mock_config.is_mock_server {
850 let setup_code = MockIntegrationGenerator::generate_setup(&mock_config);
851 let teardown_code = MockIntegrationGenerator::generate_teardown(&mock_config);
852 let helper_code = MockIntegrationGenerator::generate_vu_id_helper();
853
854 if let Some(import_end) = script.find("export const options") {
856 script.insert_str(
857 import_end,
858 &format!(
859 "\n// === Mock Server Integration ===\n{}\n{}\n{}\n",
860 helper_code, setup_code, teardown_code
861 ),
862 );
863 }
864 }
865
866 TerminalReporter::print_progress("Validating k6 script...");
868 let validation_errors = K6ScriptGenerator::validate_script(&script);
869 if !validation_errors.is_empty() {
870 TerminalReporter::print_error("Script validation failed");
871 for error in &validation_errors {
872 eprintln!(" {}", error);
873 }
874 return Err(BenchError::Other(format!(
875 "Generated k6 script has {} validation error(s). Please check the output above.",
876 validation_errors.len()
877 )));
878 }
879 TerminalReporter::print_success("Script validation passed");
880
881 let script_path = if let Some(output) = &self.script_output {
883 output.clone()
884 } else {
885 self.output.join("k6-script.js")
886 };
887
888 if let Some(parent) = script_path.parent() {
889 std::fs::create_dir_all(parent)?;
890 }
891 std::fs::write(&script_path, &script)?;
892 TerminalReporter::print_success(&format!("Script written to: {}", script_path.display()));
893
894 if self.generate_only {
896 println!("\nScript generated successfully. Run it with:");
897 println!(" k6 run {}", script_path.display());
898 return Ok(());
899 }
900
901 TerminalReporter::print_progress("Executing load test...");
903 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
904
905 std::fs::create_dir_all(&self.output)?;
906
907 let results = executor.execute(&script_path, Some(&self.output), self.verbose).await?;
908
909 let duration_secs = Self::parse_duration(&self.duration)?;
911 TerminalReporter::print_summary_full(
912 &results,
913 duration_secs,
914 self.no_keep_alive,
915 Some(num_ops),
916 );
917
918 println!("\nResults saved to: {}", self.output.display());
919
920 Ok(())
921 }
922
923 async fn execute_multi_target(&self, targets_file: &Path) -> Result<()> {
925 TerminalReporter::print_progress("Parsing targets file...");
926 let targets = parse_targets_file(targets_file)?;
927 let num_targets = targets.len();
928 TerminalReporter::print_success(&format!("Loaded {} targets", num_targets));
929
930 if targets.is_empty() {
931 return Err(BenchError::Other("No targets found in file".to_string()));
932 }
933
934 let max_concurrency = self.max_concurrency.unwrap_or(10) as usize;
936 let max_concurrency = max_concurrency.min(num_targets); TerminalReporter::print_header(
940 &self.get_spec_display_name(),
941 &format!("{} targets", num_targets),
942 0,
943 &self.scenario,
944 Self::parse_duration(&self.duration)?,
945 );
946
947 let executor = ParallelExecutor::new(
949 BenchCommand {
950 spec: self.spec.clone(),
952 spec_dir: self.spec_dir.clone(),
953 merge_conflicts: self.merge_conflicts.clone(),
954 spec_mode: self.spec_mode.clone(),
955 dependency_config: self.dependency_config.clone(),
956 target: self.target.clone(), base_path: self.base_path.clone(),
958 duration: self.duration.clone(),
959 vus: self.vus,
960 target_rps: self.target_rps,
961 no_keep_alive: self.no_keep_alive,
962 scenario: self.scenario.clone(),
963 operations: self.operations.clone(),
964 exclude_operations: self.exclude_operations.clone(),
965 auth: self.auth.clone(),
966 headers: self.headers.clone(),
967 output: self.output.clone(),
968 generate_only: self.generate_only,
969 script_output: self.script_output.clone(),
970 threshold_percentile: self.threshold_percentile.clone(),
971 threshold_ms: self.threshold_ms,
972 max_error_rate: self.max_error_rate,
973 verbose: self.verbose,
974 skip_tls_verify: self.skip_tls_verify,
975 chunked_request_bodies: self.chunked_request_bodies,
976 targets_file: None,
977 max_concurrency: None,
978 results_format: self.results_format.clone(),
979 params_file: self.params_file.clone(),
980 crud_flow: self.crud_flow,
981 flow_config: self.flow_config.clone(),
982 extract_fields: self.extract_fields.clone(),
983 parallel_create: self.parallel_create,
984 data_file: self.data_file.clone(),
985 data_distribution: self.data_distribution.clone(),
986 data_mappings: self.data_mappings.clone(),
987 per_uri_control: self.per_uri_control,
988 error_rate: self.error_rate,
989 error_types: self.error_types.clone(),
990 security_test: self.security_test,
991 security_payloads: self.security_payloads.clone(),
992 security_categories: self.security_categories.clone(),
993 security_target_fields: self.security_target_fields.clone(),
994 wafbench_dir: self.wafbench_dir.clone(),
995 wafbench_cycle_all: self.wafbench_cycle_all,
996 owasp_api_top10: self.owasp_api_top10,
997 owasp_categories: self.owasp_categories.clone(),
998 owasp_auth_header: self.owasp_auth_header.clone(),
999 owasp_auth_token: self.owasp_auth_token.clone(),
1000 owasp_admin_paths: self.owasp_admin_paths.clone(),
1001 owasp_id_fields: self.owasp_id_fields.clone(),
1002 owasp_report: self.owasp_report.clone(),
1003 owasp_report_format: self.owasp_report_format.clone(),
1004 owasp_iterations: self.owasp_iterations,
1005 conformance: false,
1006 conformance_api_key: None,
1007 conformance_basic_auth: None,
1008 conformance_report: PathBuf::from("conformance-report.json"),
1009 conformance_categories: None,
1010 conformance_report_format: "json".to_string(),
1011 conformance_headers: vec![],
1012 conformance_all_operations: false,
1013 conformance_custom: None,
1014 conformance_delay_ms: 0,
1015 use_k6: false,
1016 conformance_custom_filter: None,
1017 export_requests: false,
1018 validate_requests: false,
1019 conformance_self_test: false,
1020 conformance_self_test_capture: false,
1021 conformance_self_test_iterations: 1,
1022 conformance_self_test_duration: None,
1023 validate_response_schemas: false,
1024 source_ips: Vec::new(),
1025 geo_source_ips: Vec::new(),
1026 geo_source_headers: Vec::new(),
1027 report_missed_cap: None,
1028 },
1029 targets,
1030 max_concurrency,
1031 );
1032
1033 let start_time = std::time::Instant::now();
1035 let aggregated_results = executor.execute_all().await?;
1036 let elapsed = start_time.elapsed();
1037
1038 self.report_multi_target_results(&aggregated_results, elapsed)?;
1040
1041 Ok(())
1042 }
1043
1044 fn report_multi_target_results(
1046 &self,
1047 results: &AggregatedResults,
1048 elapsed: std::time::Duration,
1049 ) -> Result<()> {
1050 TerminalReporter::print_multi_target_summary(results);
1052
1053 let total_secs = elapsed.as_secs();
1055 let hours = total_secs / 3600;
1056 let minutes = (total_secs % 3600) / 60;
1057 let seconds = total_secs % 60;
1058 if hours > 0 {
1059 println!("\n Total Elapsed Time: {}h {}m {}s", hours, minutes, seconds);
1060 } else if minutes > 0 {
1061 println!("\n Total Elapsed Time: {}m {}s", minutes, seconds);
1062 } else {
1063 println!("\n Total Elapsed Time: {}s", seconds);
1064 }
1065
1066 if self.results_format == "aggregated" || self.results_format == "both" {
1068 let summary_path = self.output.join("aggregated_summary.json");
1069 let summary_json = serde_json::json!({
1070 "total_elapsed_seconds": elapsed.as_secs(),
1071 "total_targets": results.total_targets,
1072 "successful_targets": results.successful_targets,
1073 "failed_targets": results.failed_targets,
1074 "aggregated_metrics": {
1075 "total_requests": results.aggregated_metrics.total_requests,
1076 "total_failed_requests": results.aggregated_metrics.total_failed_requests,
1077 "avg_duration_ms": results.aggregated_metrics.avg_duration_ms,
1078 "p95_duration_ms": results.aggregated_metrics.p95_duration_ms,
1079 "p99_duration_ms": results.aggregated_metrics.p99_duration_ms,
1080 "error_rate": results.aggregated_metrics.error_rate,
1081 "total_rps": results.aggregated_metrics.total_rps,
1082 "avg_rps": results.aggregated_metrics.avg_rps,
1083 "total_vus_max": results.aggregated_metrics.total_vus_max,
1084 },
1085 "target_results": results.target_results.iter().map(|r| {
1086 serde_json::json!({
1087 "target_url": r.target_url,
1088 "target_index": r.target_index,
1089 "success": r.success,
1090 "error": r.error,
1091 "total_requests": r.results.total_requests,
1092 "failed_requests": r.results.failed_requests,
1093 "avg_duration_ms": r.results.avg_duration_ms,
1094 "min_duration_ms": r.results.min_duration_ms,
1095 "med_duration_ms": r.results.med_duration_ms,
1096 "p90_duration_ms": r.results.p90_duration_ms,
1097 "p95_duration_ms": r.results.p95_duration_ms,
1098 "p99_duration_ms": r.results.p99_duration_ms,
1099 "max_duration_ms": r.results.max_duration_ms,
1100 "rps": r.results.rps,
1101 "vus_max": r.results.vus_max,
1102 "output_dir": r.output_dir.to_string_lossy(),
1103 })
1104 }).collect::<Vec<_>>(),
1105 });
1106
1107 std::fs::write(&summary_path, serde_json::to_string_pretty(&summary_json)?)?;
1108 TerminalReporter::print_success(&format!(
1109 "Aggregated summary saved to: {}",
1110 summary_path.display()
1111 ));
1112 }
1113
1114 let csv_path = self.output.join("all_targets.csv");
1116 let mut csv = String::from(
1117 "target_url,success,requests,failed,rps,vus,min_ms,avg_ms,med_ms,p90_ms,p95_ms,p99_ms,max_ms,error\n",
1118 );
1119 for r in &results.target_results {
1120 csv.push_str(&format!(
1121 "{},{},{},{},{:.1},{},{:.1},{:.1},{:.1},{:.1},{:.1},{:.1},{:.1},{}\n",
1122 r.target_url,
1123 r.success,
1124 r.results.total_requests,
1125 r.results.failed_requests,
1126 r.results.rps,
1127 r.results.vus_max,
1128 r.results.min_duration_ms,
1129 r.results.avg_duration_ms,
1130 r.results.med_duration_ms,
1131 r.results.p90_duration_ms,
1132 r.results.p95_duration_ms,
1133 r.results.p99_duration_ms,
1134 r.results.max_duration_ms,
1135 r.error.as_deref().unwrap_or(""),
1136 ));
1137 }
1138 let _ = std::fs::write(&csv_path, &csv);
1139
1140 println!("\nResults saved to: {}", self.output.display());
1141 println!(" - Per-target results: {}", self.output.join("target_*").display());
1142 println!(" - All targets CSV: {}", csv_path.display());
1143 if self.results_format == "aggregated" || self.results_format == "both" {
1144 println!(
1145 " - Aggregated summary: {}",
1146 self.output.join("aggregated_summary.json").display()
1147 );
1148 }
1149
1150 Ok(())
1151 }
1152
1153 pub fn parse_duration(duration: &str) -> Result<u64> {
1155 let duration = duration.trim();
1156
1157 if let Some(secs) = duration.strip_suffix('s') {
1158 secs.parse::<u64>()
1159 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1160 } else if let Some(mins) = duration.strip_suffix('m') {
1161 mins.parse::<u64>()
1162 .map(|m| m * 60)
1163 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1164 } else if let Some(hours) = duration.strip_suffix('h') {
1165 hours
1166 .parse::<u64>()
1167 .map(|h| h * 3600)
1168 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1169 } else {
1170 duration
1172 .parse::<u64>()
1173 .map_err(|_| BenchError::Other(format!("Invalid duration: {}", duration)))
1174 }
1175 }
1176
1177 pub fn parse_headers(&self) -> Result<HashMap<String, String>> {
1179 let mut headers = parse_header_string(&self.headers)?;
1180
1181 let already_has = |hs: &HashMap<String, String>, name: &str| -> bool {
1192 hs.keys().any(|k| k.eq_ignore_ascii_case(name))
1193 };
1194
1195 if !already_has(&headers, "Authorization") {
1196 if let Some(b) = self.conformance_basic_auth.as_ref().filter(|s| !s.is_empty()) {
1197 use base64::Engine as _;
1198 let encoded = base64::engine::general_purpose::STANDARD.encode(b.as_bytes());
1199 headers.insert("Authorization".to_string(), format!("Basic {}", encoded));
1200 }
1201 }
1202
1203 for line in &self.conformance_headers {
1209 let Some((name, value)) = line.split_once(':') else {
1210 continue;
1211 };
1212 let name = name.trim();
1213 let value = value.trim();
1214 if name.is_empty() || already_has(&headers, name) {
1215 continue;
1216 }
1217 headers.insert(name.to_string(), value.to_string());
1218 }
1219
1220 if !self.conformance && self.conformance_api_key.is_some() {
1226 TerminalReporter::print_warning(
1227 "--conformance-api-key only fires under --conformance. For plain bench use --header 'X-API-Key: ...'.",
1228 );
1229 }
1230
1231 Ok(headers)
1232 }
1233
1234 fn parse_extracted_values(output_dir: &Path) -> Result<ExtractedValues> {
1235 let extracted_path = output_dir.join("extracted_values.json");
1236 if !extracted_path.exists() {
1237 return Ok(ExtractedValues::new());
1238 }
1239
1240 let content = std::fs::read_to_string(&extracted_path)
1241 .map_err(|e| BenchError::ResultsParseError(e.to_string()))?;
1242 let parsed: serde_json::Value = serde_json::from_str(&content)
1243 .map_err(|e| BenchError::ResultsParseError(e.to_string()))?;
1244
1245 let mut extracted = ExtractedValues::new();
1246 if let Some(values) = parsed.as_object() {
1247 for (key, value) in values {
1248 extracted.set(key.clone(), value.clone());
1249 }
1250 }
1251
1252 Ok(extracted)
1253 }
1254
1255 fn resolve_base_path(&self, parser: &SpecParser) -> Option<String> {
1264 if let Some(cli_base_path) = &self.base_path {
1266 if cli_base_path.is_empty() {
1267 return None;
1269 }
1270 return Some(cli_base_path.clone());
1271 }
1272
1273 parser.get_base_path()
1275 }
1276
1277 async fn build_mock_config(&self) -> MockIntegrationConfig {
1279 if MockServerDetector::looks_like_mock_server(&self.target) {
1281 if let Ok(info) = MockServerDetector::detect(&self.target).await {
1283 if info.is_mockforge {
1284 TerminalReporter::print_success(&format!(
1285 "Detected MockForge server (version: {})",
1286 info.version.as_deref().unwrap_or("unknown")
1287 ));
1288 return MockIntegrationConfig::mock_server();
1289 }
1290 }
1291 }
1292 MockIntegrationConfig::real_api()
1293 }
1294
1295 fn build_crud_flow_config(&self) -> Option<CrudFlowConfig> {
1297 if !self.crud_flow {
1298 return None;
1299 }
1300
1301 if let Some(config_path) = &self.flow_config {
1303 match CrudFlowConfig::from_file(config_path) {
1304 Ok(config) => return Some(config),
1305 Err(e) => {
1306 TerminalReporter::print_warning(&format!(
1307 "Failed to load flow config: {}. Using auto-detection.",
1308 e
1309 ));
1310 }
1311 }
1312 }
1313
1314 let extract_fields = self
1316 .extract_fields
1317 .as_ref()
1318 .map(|f| f.split(',').map(|s| s.trim().to_string()).collect())
1319 .unwrap_or_else(|| vec!["id".to_string(), "uuid".to_string()]);
1320
1321 Some(CrudFlowConfig {
1322 flows: Vec::new(), default_extract_fields: extract_fields,
1324 })
1325 }
1326
1327 fn build_data_driven_config(&self) -> Option<DataDrivenConfig> {
1329 let data_file = self.data_file.as_ref()?;
1330
1331 let distribution = DataDistribution::from_str(&self.data_distribution)
1332 .unwrap_or(DataDistribution::UniquePerVu);
1333
1334 let mappings = self
1335 .data_mappings
1336 .as_ref()
1337 .map(|m| DataMapping::parse_mappings(m).unwrap_or_default())
1338 .unwrap_or_default();
1339
1340 Some(DataDrivenConfig {
1341 file_path: data_file.to_string_lossy().to_string(),
1342 distribution,
1343 mappings,
1344 csv_has_header: true,
1345 per_uri_control: self.per_uri_control,
1346 per_uri_columns: crate::data_driven::PerUriColumns::default(),
1347 })
1348 }
1349
1350 fn build_invalid_data_config(&self) -> Option<InvalidDataConfig> {
1352 let error_rate = self.error_rate?;
1353
1354 let error_types = self
1355 .error_types
1356 .as_ref()
1357 .map(|types| InvalidDataConfig::parse_error_types(types).unwrap_or_default())
1358 .unwrap_or_default();
1359
1360 Some(InvalidDataConfig {
1361 error_rate,
1362 error_types,
1363 target_fields: Vec::new(),
1364 })
1365 }
1366
1367 fn build_security_config(&self) -> Option<SecurityTestConfig> {
1369 if !self.security_test {
1370 return None;
1371 }
1372
1373 let categories = self
1374 .security_categories
1375 .as_ref()
1376 .map(|cats| SecurityTestConfig::parse_categories(cats).unwrap_or_default())
1377 .unwrap_or_else(|| {
1378 let mut default = HashSet::new();
1379 default.insert(SecurityCategory::SqlInjection);
1380 default.insert(SecurityCategory::Xss);
1381 default
1382 });
1383
1384 let target_fields = self
1385 .security_target_fields
1386 .as_ref()
1387 .map(|fields| fields.split(',').map(|f| f.trim().to_string()).collect())
1388 .unwrap_or_default();
1389
1390 let custom_payloads_file =
1391 self.security_payloads.as_ref().map(|p| p.to_string_lossy().to_string());
1392
1393 Some(SecurityTestConfig {
1394 enabled: true,
1395 categories,
1396 target_fields,
1397 custom_payloads_file,
1398 include_high_risk: false,
1399 })
1400 }
1401
1402 fn build_parallel_config(&self) -> Option<ParallelConfig> {
1404 let count = self.parallel_create?;
1405
1406 Some(ParallelConfig::new(count))
1407 }
1408
1409 fn load_wafbench_payloads(&self) -> Vec<SecurityPayload> {
1411 let Some(ref wafbench_dir) = self.wafbench_dir else {
1412 return Vec::new();
1413 };
1414
1415 let mut loader = WafBenchLoader::new();
1416
1417 if let Err(e) = loader.load_from_pattern(wafbench_dir) {
1418 TerminalReporter::print_warning(&format!("Failed to load WAFBench tests: {}", e));
1419 return Vec::new();
1420 }
1421
1422 let stats = loader.stats();
1423
1424 if stats.files_processed == 0 {
1425 TerminalReporter::print_warning(&format!(
1426 "No WAFBench YAML files found matching '{}'",
1427 wafbench_dir
1428 ));
1429 if !stats.parse_errors.is_empty() {
1431 TerminalReporter::print_warning("Some files were found but failed to parse:");
1432 for error in &stats.parse_errors {
1433 TerminalReporter::print_warning(&format!(" - {}", error));
1434 }
1435 }
1436 return Vec::new();
1437 }
1438
1439 TerminalReporter::print_progress(&format!(
1440 "Loaded {} WAFBench files, {} test cases, {} payloads",
1441 stats.files_processed, stats.test_cases_loaded, stats.payloads_extracted
1442 ));
1443
1444 for (category, count) in &stats.by_category {
1446 TerminalReporter::print_progress(&format!(" - {}: {} tests", category, count));
1447 }
1448
1449 for error in &stats.parse_errors {
1451 TerminalReporter::print_warning(&format!(" Parse error: {}", error));
1452 }
1453
1454 loader.to_security_payloads()
1455 }
1456
1457 pub(crate) fn generate_enhanced_script(&self, base_script: &str) -> Result<String> {
1459 let mut enhanced_script = base_script.to_string();
1460 let mut additional_code = String::new();
1461
1462 if let Some(config) = self.build_data_driven_config() {
1464 TerminalReporter::print_progress("Adding data-driven testing support...");
1465 additional_code.push_str(&DataDrivenGenerator::generate_setup(&config));
1466 additional_code.push('\n');
1467 TerminalReporter::print_success("Data-driven testing enabled");
1468 }
1469
1470 if let Some(config) = self.build_invalid_data_config() {
1472 TerminalReporter::print_progress("Adding invalid data testing support...");
1473 additional_code.push_str(&InvalidDataGenerator::generate_invalidation_logic());
1474 additional_code.push('\n');
1475 additional_code
1476 .push_str(&InvalidDataGenerator::generate_should_invalidate(config.error_rate));
1477 additional_code.push('\n');
1478 additional_code
1479 .push_str(&InvalidDataGenerator::generate_type_selection(&config.error_types));
1480 additional_code.push('\n');
1481 TerminalReporter::print_success(&format!(
1482 "Invalid data testing enabled ({}% error rate)",
1483 (self.error_rate.unwrap_or(0.0) * 100.0) as u32
1484 ));
1485 }
1486
1487 let security_config = self.build_security_config();
1489 let wafbench_payloads = self.load_wafbench_payloads();
1490 let security_requested = security_config.is_some() || self.wafbench_dir.is_some();
1491
1492 if security_config.is_some() || !wafbench_payloads.is_empty() {
1493 TerminalReporter::print_progress("Adding security testing support...");
1494
1495 let mut payload_list: Vec<SecurityPayload> = Vec::new();
1497
1498 if let Some(ref config) = security_config {
1499 payload_list.extend(SecurityPayloads::get_payloads(config));
1500 }
1501
1502 if !wafbench_payloads.is_empty() {
1504 TerminalReporter::print_progress(&format!(
1505 "Loading {} WAFBench attack patterns...",
1506 wafbench_payloads.len()
1507 ));
1508 payload_list.extend(wafbench_payloads);
1509 }
1510
1511 let target_fields =
1512 security_config.as_ref().map(|c| c.target_fields.clone()).unwrap_or_default();
1513
1514 additional_code.push_str(&SecurityTestGenerator::generate_payload_selection(
1515 &payload_list,
1516 self.wafbench_cycle_all,
1517 ));
1518 additional_code.push('\n');
1519 additional_code
1520 .push_str(&SecurityTestGenerator::generate_apply_payload(&target_fields));
1521 additional_code.push('\n');
1522 additional_code.push_str(&SecurityTestGenerator::generate_security_checks());
1523 additional_code.push('\n');
1524
1525 let mode = if self.wafbench_cycle_all {
1526 "cycle-all"
1527 } else {
1528 "random"
1529 };
1530 TerminalReporter::print_success(&format!(
1531 "Security testing enabled ({} payloads, {} mode)",
1532 payload_list.len(),
1533 mode
1534 ));
1535 } else if security_requested {
1536 TerminalReporter::print_warning(
1540 "Security testing was requested but no payloads were loaded. \
1541 Ensure --wafbench-dir points to valid CRS YAML files or add --security-test.",
1542 );
1543 additional_code
1544 .push_str(&SecurityTestGenerator::generate_payload_selection(&[], false));
1545 additional_code.push('\n');
1546 additional_code.push_str(&SecurityTestGenerator::generate_apply_payload(&[]));
1547 additional_code.push('\n');
1548 }
1549
1550 if let Some(config) = self.build_parallel_config() {
1552 TerminalReporter::print_progress("Adding parallel execution support...");
1553 additional_code.push_str(&ParallelRequestGenerator::generate_batch_helper(&config));
1554 additional_code.push('\n');
1555 TerminalReporter::print_success(&format!(
1556 "Parallel execution enabled (count: {})",
1557 config.count
1558 ));
1559 }
1560
1561 if !additional_code.is_empty() {
1563 if let Some(import_end) = enhanced_script.find("export const options") {
1565 enhanced_script.insert_str(
1566 import_end,
1567 &format!("\n// === Advanced Testing Features ===\n{}\n", additional_code),
1568 );
1569 }
1570 }
1571
1572 Ok(enhanced_script)
1573 }
1574
1575 async fn execute_sequential_specs(&self) -> Result<()> {
1577 TerminalReporter::print_progress("Sequential spec mode: Loading specs individually...");
1578
1579 let mut all_specs: Vec<(PathBuf, OpenApiSpec)> = Vec::new();
1581
1582 if !self.spec.is_empty() {
1583 let specs = load_specs_from_files(self.spec.clone())
1584 .await
1585 .map_err(|e| BenchError::Other(format!("Failed to load spec files: {}", e)))?;
1586 all_specs.extend(specs);
1587 }
1588
1589 if let Some(spec_dir) = &self.spec_dir {
1590 let dir_specs = load_specs_from_directory(spec_dir).await.map_err(|e| {
1591 BenchError::Other(format!("Failed to load specs from directory: {}", e))
1592 })?;
1593 all_specs.extend(dir_specs);
1594 }
1595
1596 if all_specs.is_empty() {
1597 return Err(BenchError::Other(
1598 "No spec files found for sequential execution".to_string(),
1599 ));
1600 }
1601
1602 TerminalReporter::print_success(&format!("Loaded {} spec(s)", all_specs.len()));
1603
1604 let execution_order = if let Some(config_path) = &self.dependency_config {
1606 TerminalReporter::print_progress("Loading dependency configuration...");
1607 let config = SpecDependencyConfig::from_file(config_path)?;
1608
1609 if !config.disable_auto_detect && config.execution_order.is_empty() {
1610 self.detect_and_sort_specs(&all_specs)?
1612 } else {
1613 config.execution_order.iter().flat_map(|g| g.specs.clone()).collect()
1615 }
1616 } else {
1617 self.detect_and_sort_specs(&all_specs)?
1619 };
1620
1621 TerminalReporter::print_success(&format!(
1622 "Execution order: {}",
1623 execution_order
1624 .iter()
1625 .map(|p| p.file_name().unwrap_or_default().to_string_lossy().to_string())
1626 .collect::<Vec<_>>()
1627 .join(" → ")
1628 ));
1629
1630 let mut extracted_values = ExtractedValues::new();
1632 let total_specs = execution_order.len();
1633
1634 for (index, spec_path) in execution_order.iter().enumerate() {
1635 let spec_name = spec_path.file_name().unwrap_or_default().to_string_lossy().to_string();
1636
1637 TerminalReporter::print_progress(&format!(
1638 "[{}/{}] Executing spec: {}",
1639 index + 1,
1640 total_specs,
1641 spec_name
1642 ));
1643
1644 let spec = all_specs
1646 .iter()
1647 .find(|(p, _)| {
1648 p == spec_path
1649 || p.file_name() == spec_path.file_name()
1650 || p.file_name() == Some(spec_path.as_os_str())
1651 })
1652 .map(|(_, s)| s.clone())
1653 .ok_or_else(|| {
1654 BenchError::Other(format!("Spec not found: {}", spec_path.display()))
1655 })?;
1656
1657 let new_values = self.execute_single_spec(&spec, &spec_name, &extracted_values).await?;
1659
1660 extracted_values.merge(&new_values);
1662
1663 TerminalReporter::print_success(&format!(
1664 "[{}/{}] Completed: {} (extracted {} values)",
1665 index + 1,
1666 total_specs,
1667 spec_name,
1668 new_values.values.len()
1669 ));
1670 }
1671
1672 TerminalReporter::print_success(&format!(
1673 "Sequential execution complete: {} specs executed",
1674 total_specs
1675 ));
1676
1677 Ok(())
1678 }
1679
1680 fn detect_and_sort_specs(&self, specs: &[(PathBuf, OpenApiSpec)]) -> Result<Vec<PathBuf>> {
1682 TerminalReporter::print_progress("Auto-detecting spec dependencies...");
1683
1684 let mut detector = DependencyDetector::new();
1685 let dependencies = detector.detect_dependencies(specs);
1686
1687 if dependencies.is_empty() {
1688 TerminalReporter::print_progress("No dependencies detected, using file order");
1689 return Ok(specs.iter().map(|(p, _)| p.clone()).collect());
1690 }
1691
1692 TerminalReporter::print_progress(&format!(
1693 "Detected {} cross-spec dependencies",
1694 dependencies.len()
1695 ));
1696
1697 for dep in &dependencies {
1698 TerminalReporter::print_progress(&format!(
1699 " {} → {} (via field '{}')",
1700 dep.dependency_spec.file_name().unwrap_or_default().to_string_lossy(),
1701 dep.dependent_spec.file_name().unwrap_or_default().to_string_lossy(),
1702 dep.field_name
1703 ));
1704 }
1705
1706 topological_sort(specs, &dependencies)
1707 }
1708
1709 async fn execute_single_spec(
1711 &self,
1712 spec: &OpenApiSpec,
1713 spec_name: &str,
1714 _external_values: &ExtractedValues,
1715 ) -> Result<ExtractedValues> {
1716 let parser = SpecParser::from_spec(spec.clone());
1717
1718 if self.crud_flow {
1720 self.execute_crud_flow_with_extraction(&parser, spec_name).await
1722 } else {
1723 self.execute_standard_spec(&parser, spec_name).await?;
1725 Ok(ExtractedValues::new())
1726 }
1727 }
1728
1729 async fn execute_crud_flow_with_extraction(
1731 &self,
1732 parser: &SpecParser,
1733 spec_name: &str,
1734 ) -> Result<ExtractedValues> {
1735 let operations = parser.get_operations();
1736 let flows = CrudFlowDetector::detect_flows(&operations);
1737
1738 if flows.is_empty() {
1739 TerminalReporter::print_warning(&format!("No CRUD flows detected in {}", spec_name));
1740 return Ok(ExtractedValues::new());
1741 }
1742
1743 TerminalReporter::print_progress(&format!(
1744 " {} CRUD flow(s) in {}",
1745 flows.len(),
1746 spec_name
1747 ));
1748
1749 let mut handlebars = handlebars::Handlebars::new();
1751 handlebars.register_helper(
1753 "json",
1754 Box::new(
1755 |h: &handlebars::Helper,
1756 _: &handlebars::Handlebars,
1757 _: &handlebars::Context,
1758 _: &mut handlebars::RenderContext,
1759 out: &mut dyn handlebars::Output|
1760 -> handlebars::HelperResult {
1761 let param = h.param(0).map(|v| v.value()).unwrap_or(&serde_json::Value::Null);
1762 out.write(&serde_json::to_string(param).unwrap_or_else(|_| "[]".to_string()))?;
1763 Ok(())
1764 },
1765 ),
1766 );
1767 let template = include_str!("templates/k6_crud_flow.hbs");
1768 let output_dir = self.output.join(format!("{}_results", spec_name.replace('.', "_")));
1769
1770 let custom_headers = self.parse_headers()?;
1771 let config = self.build_crud_flow_config().unwrap_or_default();
1772
1773 let param_overrides = if let Some(params_file) = &self.params_file {
1775 let overrides = ParameterOverrides::from_file(params_file)?;
1776 Some(overrides)
1777 } else {
1778 None
1779 };
1780
1781 let duration_secs = Self::parse_duration(&self.duration)?;
1783 let scenario =
1784 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
1785 let stages = scenario.generate_stages(duration_secs, self.vus);
1786
1787 let api_base_path = self.resolve_base_path(parser);
1789
1790 let mut all_headers = custom_headers.clone();
1792 if let Some(auth) = &self.auth {
1793 all_headers.insert("Authorization".to_string(), auth.clone());
1794 }
1795 let headers_json = serde_json::to_string(&all_headers).unwrap_or_else(|_| "{}".to_string());
1796
1797 let mut all_placeholders: HashSet<DynamicPlaceholder> = HashSet::new();
1799
1800 let flows_data: Vec<serde_json::Value> = flows.iter().map(|f| {
1801 let sanitized_name = K6ScriptGenerator::sanitize_k6_metric_name(&f.name);
1805 serde_json::json!({
1806 "name": sanitized_name.clone(),
1807 "display_name": f.name,
1808 "base_path": f.base_path,
1809 "steps": f.steps.iter().enumerate().map(|(idx, s)| {
1810 let parts: Vec<&str> = s.operation.splitn(2, ' ').collect();
1812 let method_raw = if !parts.is_empty() {
1813 parts[0].to_uppercase()
1814 } else {
1815 "GET".to_string()
1816 };
1817 let method = if !parts.is_empty() {
1818 let m = parts[0].to_lowercase();
1819 if m == "delete" { "del".to_string() } else { m }
1821 } else {
1822 "get".to_string()
1823 };
1824 let raw_path = if parts.len() >= 2 { parts[1] } else { "/" };
1825 let path = if let Some(ref bp) = api_base_path {
1827 format!("{}{}", bp, raw_path)
1828 } else {
1829 raw_path.to_string()
1830 };
1831 let is_get_or_head = method == "get" || method == "head";
1832 let has_body = matches!(method.as_str(), "post" | "put" | "patch");
1834
1835 let body_value = if has_body {
1837 param_overrides.as_ref()
1838 .map(|po| po.get_for_operation(None, &method_raw, raw_path))
1839 .and_then(|oo| oo.body)
1840 .unwrap_or_else(|| serde_json::json!({}))
1841 } else {
1842 serde_json::json!({})
1843 };
1844
1845 let processed_body = DynamicParamProcessor::process_json_body(&body_value);
1847
1848 let body_has_extracted_placeholders = processed_body.value.contains("${extracted.");
1850 let body_is_dynamic = processed_body.is_dynamic || body_has_extracted_placeholders;
1851
1852 serde_json::json!({
1853 "operation": s.operation,
1854 "method": method,
1855 "path": path,
1856 "extract": s.extract,
1857 "use_values": s.use_values,
1858 "use_body": s.use_body,
1859 "merge_body": if s.merge_body.is_empty() { None } else { Some(&s.merge_body) },
1860 "inject_attacks": s.inject_attacks,
1861 "attack_types": s.attack_types,
1862 "description": s.description,
1863 "display_name": s.description.clone().unwrap_or_else(|| format!("Step {}", idx)),
1864 "is_get_or_head": is_get_or_head,
1865 "has_body": has_body,
1866 "body": processed_body.value,
1867 "body_is_dynamic": body_is_dynamic,
1868 "_placeholders": processed_body.placeholders.iter().map(|p| format!("{:?}", p)).collect::<Vec<_>>(),
1869 })
1870 }).collect::<Vec<_>>(),
1871 })
1872 }).collect();
1873
1874 for flow_data in &flows_data {
1876 if let Some(steps) = flow_data.get("steps").and_then(|s| s.as_array()) {
1877 for step in steps {
1878 if let Some(placeholders_arr) =
1879 step.get("_placeholders").and_then(|p| p.as_array())
1880 {
1881 for p_str in placeholders_arr {
1882 if let Some(p_name) = p_str.as_str() {
1883 match p_name {
1884 "VU" => {
1885 all_placeholders.insert(DynamicPlaceholder::VU);
1886 }
1887 "Iteration" => {
1888 all_placeholders.insert(DynamicPlaceholder::Iteration);
1889 }
1890 "Timestamp" => {
1891 all_placeholders.insert(DynamicPlaceholder::Timestamp);
1892 }
1893 "UUID" => {
1894 all_placeholders.insert(DynamicPlaceholder::UUID);
1895 }
1896 "Random" => {
1897 all_placeholders.insert(DynamicPlaceholder::Random);
1898 }
1899 "Counter" => {
1900 all_placeholders.insert(DynamicPlaceholder::Counter);
1901 }
1902 "Date" => {
1903 all_placeholders.insert(DynamicPlaceholder::Date);
1904 }
1905 "VuIter" => {
1906 all_placeholders.insert(DynamicPlaceholder::VuIter);
1907 }
1908 _ => {}
1909 }
1910 }
1911 }
1912 }
1913 }
1914 }
1915 }
1916
1917 let required_imports = DynamicParamProcessor::get_required_imports(&all_placeholders);
1919 let required_globals = DynamicParamProcessor::get_required_globals(&all_placeholders);
1920
1921 let security_testing_enabled = self.wafbench_dir.is_some() || self.security_test;
1923
1924 let data = serde_json::json!({
1925 "base_url": self.target,
1926 "flows": flows_data,
1927 "extract_fields": config.default_extract_fields,
1928 "duration_secs": duration_secs,
1929 "max_vus": self.vus,
1930 "auth_header": self.auth,
1931 "custom_headers": custom_headers,
1932 "skip_tls_verify": self.skip_tls_verify,
1933 "stages": stages.iter().map(|s| serde_json::json!({
1935 "duration": s.duration,
1936 "target": s.target,
1937 })).collect::<Vec<_>>(),
1938 "threshold_percentile": self.threshold_percentile,
1939 "threshold_ms": self.threshold_ms,
1940 "max_error_rate": self.max_error_rate,
1941 "headers": headers_json,
1942 "dynamic_imports": required_imports,
1943 "dynamic_globals": required_globals,
1944 "extracted_values_output_path": output_dir.join("extracted_values.json").to_string_lossy(),
1945 "security_testing_enabled": security_testing_enabled,
1947 "has_custom_headers": !custom_headers.is_empty(),
1948 });
1949
1950 let mut script = handlebars
1951 .render_template(template, &data)
1952 .map_err(|e| BenchError::ScriptGenerationFailed(e.to_string()))?;
1953
1954 if security_testing_enabled {
1956 script = self.generate_enhanced_script(&script)?;
1957 }
1958
1959 let script_path =
1961 self.output.join(format!("k6-{}-crud-flow.js", spec_name.replace('.', "_")));
1962
1963 std::fs::create_dir_all(self.output.clone())?;
1964 std::fs::write(&script_path, &script)?;
1965
1966 if !self.generate_only {
1967 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
1968 std::fs::create_dir_all(&output_dir)?;
1969
1970 executor.execute(&script_path, Some(&output_dir), self.verbose).await?;
1971
1972 let extracted = Self::parse_extracted_values(&output_dir)?;
1973 TerminalReporter::print_progress(&format!(
1974 " Extracted {} value(s) from {}",
1975 extracted.values.len(),
1976 spec_name
1977 ));
1978 return Ok(extracted);
1979 }
1980
1981 Ok(ExtractedValues::new())
1982 }
1983
1984 async fn execute_standard_spec(&self, parser: &SpecParser, spec_name: &str) -> Result<()> {
1986 let mut operations = if let Some(filter) = &self.operations {
1987 parser.filter_operations(filter)?
1988 } else {
1989 parser.get_operations()
1990 };
1991
1992 if let Some(exclude) = &self.exclude_operations {
1993 operations = parser.exclude_operations(operations, exclude)?;
1994 }
1995
1996 if operations.is_empty() {
1997 TerminalReporter::print_warning(&format!("No operations found in {}", spec_name));
1998 return Ok(());
1999 }
2000
2001 TerminalReporter::print_progress(&format!(
2002 " {} operations in {}",
2003 operations.len(),
2004 spec_name
2005 ));
2006
2007 let templates: Vec<_> = operations
2009 .iter()
2010 .map(RequestGenerator::generate_template)
2011 .collect::<Result<Vec<_>>>()?;
2012
2013 let custom_headers = self.parse_headers()?;
2015
2016 let base_path = self.resolve_base_path(parser);
2018
2019 let scenario =
2021 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
2022
2023 let security_testing_enabled = self.security_test || self.wafbench_dir.is_some();
2024
2025 let k6_config = K6Config {
2026 target_url: self.target.clone(),
2027 base_path,
2028 scenario,
2029 duration_secs: Self::parse_duration(&self.duration)?,
2030 max_vus: self.vus,
2031 threshold_percentile: self.threshold_percentile.clone(),
2032 threshold_ms: self.threshold_ms,
2033 max_error_rate: self.max_error_rate,
2034 auth_header: self.auth.clone(),
2035 custom_headers,
2036 skip_tls_verify: self.skip_tls_verify,
2037 security_testing_enabled,
2038 chunked_request_bodies: self.chunked_request_bodies,
2039 target_rps: self.target_rps,
2040 no_keep_alive: self.no_keep_alive,
2041 geo_source_ips: parse_ip_list(&self.geo_source_ips, "geo-source-ip")
2043 .into_iter()
2044 .map(|ip| ip.to_string())
2045 .collect(),
2046 geo_source_headers: if self.geo_source_headers.is_empty()
2047 && !self.geo_source_ips.is_empty()
2048 {
2049 crate::conformance::self_test::default_geo_source_headers()
2050 } else {
2051 self.geo_source_headers.clone()
2052 },
2053 };
2054
2055 let generator = K6ScriptGenerator::new(k6_config, templates);
2056 let mut script = generator.generate()?;
2057
2058 let has_advanced_features = self.data_file.is_some()
2060 || self.error_rate.is_some()
2061 || self.security_test
2062 || self.parallel_create.is_some()
2063 || self.wafbench_dir.is_some();
2064
2065 if has_advanced_features {
2066 script = self.generate_enhanced_script(&script)?;
2067 }
2068
2069 let script_path = self.output.join(format!("k6-{}.js", spec_name.replace('.', "_")));
2071
2072 std::fs::create_dir_all(self.output.clone())?;
2073 std::fs::write(&script_path, &script)?;
2074
2075 if !self.generate_only {
2076 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
2077 let output_dir = self.output.join(format!("{}_results", spec_name.replace('.', "_")));
2078 std::fs::create_dir_all(&output_dir)?;
2079
2080 executor.execute(&script_path, Some(&output_dir), self.verbose).await?;
2081 }
2082
2083 Ok(())
2084 }
2085
2086 async fn execute_crud_flow(&self, parser: &SpecParser) -> Result<()> {
2088 let config = self.build_crud_flow_config().unwrap_or_default();
2090
2091 let flows = if !config.flows.is_empty() {
2093 TerminalReporter::print_progress("Using custom flow configuration...");
2094 config.flows.clone()
2095 } else {
2096 TerminalReporter::print_progress("Detecting CRUD operations...");
2097 let operations = parser.get_operations();
2098 CrudFlowDetector::detect_flows(&operations)
2099 };
2100
2101 if flows.is_empty() {
2102 return Err(BenchError::Other(
2103 "No CRUD flows detected in spec. Ensure spec has POST/GET/PUT/DELETE operations on related paths.".to_string(),
2104 ));
2105 }
2106
2107 if config.flows.is_empty() {
2108 TerminalReporter::print_success(&format!("Detected {} CRUD flow(s)", flows.len()));
2109 } else {
2110 TerminalReporter::print_success(&format!("Loaded {} custom flow(s)", flows.len()));
2111 }
2112
2113 for flow in &flows {
2114 TerminalReporter::print_progress(&format!(
2115 " - {}: {} steps",
2116 flow.name,
2117 flow.steps.len()
2118 ));
2119 }
2120
2121 let mut handlebars = handlebars::Handlebars::new();
2123 handlebars.register_helper(
2125 "json",
2126 Box::new(
2127 |h: &handlebars::Helper,
2128 _: &handlebars::Handlebars,
2129 _: &handlebars::Context,
2130 _: &mut handlebars::RenderContext,
2131 out: &mut dyn handlebars::Output|
2132 -> handlebars::HelperResult {
2133 let param = h.param(0).map(|v| v.value()).unwrap_or(&serde_json::Value::Null);
2134 out.write(&serde_json::to_string(param).unwrap_or_else(|_| "[]".to_string()))?;
2135 Ok(())
2136 },
2137 ),
2138 );
2139 let template = include_str!("templates/k6_crud_flow.hbs");
2140
2141 let custom_headers = self.parse_headers()?;
2142
2143 let param_overrides = if let Some(params_file) = &self.params_file {
2145 TerminalReporter::print_progress("Loading parameter overrides...");
2146 let overrides = ParameterOverrides::from_file(params_file)?;
2147 TerminalReporter::print_success(&format!(
2148 "Loaded parameter overrides ({} operation-specific, {} defaults)",
2149 overrides.operations.len(),
2150 if overrides.defaults.is_empty() { 0 } else { 1 }
2151 ));
2152 Some(overrides)
2153 } else {
2154 None
2155 };
2156
2157 let duration_secs = Self::parse_duration(&self.duration)?;
2159 let scenario =
2160 LoadScenario::from_str(&self.scenario).map_err(BenchError::InvalidScenario)?;
2161 let stages = scenario.generate_stages(duration_secs, self.vus);
2162
2163 let api_base_path = self.resolve_base_path(parser);
2165 if let Some(ref bp) = api_base_path {
2166 TerminalReporter::print_progress(&format!("Using base path: {}", bp));
2167 }
2168
2169 let mut all_headers = custom_headers.clone();
2171 if let Some(auth) = &self.auth {
2172 all_headers.insert("Authorization".to_string(), auth.clone());
2173 }
2174 let headers_json = serde_json::to_string(&all_headers).unwrap_or_else(|_| "{}".to_string());
2175
2176 let mut all_placeholders: HashSet<DynamicPlaceholder> = HashSet::new();
2178
2179 let flows_data: Vec<serde_json::Value> = flows.iter().map(|f| {
2180 let sanitized_name = K6ScriptGenerator::sanitize_k6_metric_name(&f.name);
2185 serde_json::json!({
2186 "name": sanitized_name.clone(), "display_name": f.name, "base_path": f.base_path,
2189 "steps": f.steps.iter().enumerate().map(|(idx, s)| {
2190 let parts: Vec<&str> = s.operation.splitn(2, ' ').collect();
2192 let method_raw = if !parts.is_empty() {
2193 parts[0].to_uppercase()
2194 } else {
2195 "GET".to_string()
2196 };
2197 let method = if !parts.is_empty() {
2198 let m = parts[0].to_lowercase();
2199 if m == "delete" { "del".to_string() } else { m }
2201 } else {
2202 "get".to_string()
2203 };
2204 let raw_path = if parts.len() >= 2 { parts[1] } else { "/" };
2205 let path = if let Some(ref bp) = api_base_path {
2207 format!("{}{}", bp, raw_path)
2208 } else {
2209 raw_path.to_string()
2210 };
2211 let is_get_or_head = method == "get" || method == "head";
2212 let has_body = matches!(method.as_str(), "post" | "put" | "patch");
2214
2215 let body_value = if has_body {
2217 param_overrides.as_ref()
2218 .map(|po| po.get_for_operation(None, &method_raw, raw_path))
2219 .and_then(|oo| oo.body)
2220 .unwrap_or_else(|| serde_json::json!({}))
2221 } else {
2222 serde_json::json!({})
2223 };
2224
2225 let processed_body = DynamicParamProcessor::process_json_body(&body_value);
2227 let body_has_extracted_placeholders = processed_body.value.contains("${extracted.");
2232 let body_is_dynamic = processed_body.is_dynamic || body_has_extracted_placeholders;
2233
2234 serde_json::json!({
2235 "operation": s.operation,
2236 "method": method,
2237 "path": path,
2238 "extract": s.extract,
2239 "use_values": s.use_values,
2240 "use_body": s.use_body,
2241 "merge_body": if s.merge_body.is_empty() { None } else { Some(&s.merge_body) },
2242 "inject_attacks": s.inject_attacks,
2243 "attack_types": s.attack_types,
2244 "description": s.description,
2245 "display_name": s.description.clone().unwrap_or_else(|| format!("Step {}", idx)),
2246 "is_get_or_head": is_get_or_head,
2247 "has_body": has_body,
2248 "body": processed_body.value,
2249 "body_is_dynamic": body_is_dynamic,
2250 "_placeholders": processed_body.placeholders.iter().map(|p| format!("{:?}", p)).collect::<Vec<_>>(),
2251 })
2252 }).collect::<Vec<_>>(),
2253 })
2254 }).collect();
2255
2256 for flow_data in &flows_data {
2258 if let Some(steps) = flow_data.get("steps").and_then(|s| s.as_array()) {
2259 for step in steps {
2260 if let Some(placeholders_arr) =
2261 step.get("_placeholders").and_then(|p| p.as_array())
2262 {
2263 for p_str in placeholders_arr {
2264 if let Some(p_name) = p_str.as_str() {
2265 match p_name {
2267 "VU" => {
2268 all_placeholders.insert(DynamicPlaceholder::VU);
2269 }
2270 "Iteration" => {
2271 all_placeholders.insert(DynamicPlaceholder::Iteration);
2272 }
2273 "Timestamp" => {
2274 all_placeholders.insert(DynamicPlaceholder::Timestamp);
2275 }
2276 "UUID" => {
2277 all_placeholders.insert(DynamicPlaceholder::UUID);
2278 }
2279 "Random" => {
2280 all_placeholders.insert(DynamicPlaceholder::Random);
2281 }
2282 "Counter" => {
2283 all_placeholders.insert(DynamicPlaceholder::Counter);
2284 }
2285 "Date" => {
2286 all_placeholders.insert(DynamicPlaceholder::Date);
2287 }
2288 "VuIter" => {
2289 all_placeholders.insert(DynamicPlaceholder::VuIter);
2290 }
2291 _ => {}
2292 }
2293 }
2294 }
2295 }
2296 }
2297 }
2298 }
2299
2300 let required_imports = DynamicParamProcessor::get_required_imports(&all_placeholders);
2302 let required_globals = DynamicParamProcessor::get_required_globals(&all_placeholders);
2303
2304 let invalid_data_config = self.build_invalid_data_config();
2306 let error_injection_enabled = invalid_data_config.is_some();
2307 let error_rate = self.error_rate.unwrap_or(0.0);
2308 let error_types: Vec<String> = invalid_data_config
2309 .as_ref()
2310 .map(|c| c.error_types.iter().map(|t| format!("{:?}", t)).collect())
2311 .unwrap_or_default();
2312
2313 if error_injection_enabled {
2314 TerminalReporter::print_progress(&format!(
2315 "Error injection enabled ({}% rate)",
2316 (error_rate * 100.0) as u32
2317 ));
2318 }
2319
2320 let security_testing_enabled = self.wafbench_dir.is_some() || self.security_test;
2322
2323 let data = serde_json::json!({
2324 "base_url": self.target,
2325 "flows": flows_data,
2326 "extract_fields": config.default_extract_fields,
2327 "duration_secs": duration_secs,
2328 "max_vus": self.vus,
2329 "auth_header": self.auth,
2330 "custom_headers": custom_headers,
2331 "skip_tls_verify": self.skip_tls_verify,
2332 "stages": stages.iter().map(|s| serde_json::json!({
2334 "duration": s.duration,
2335 "target": s.target,
2336 })).collect::<Vec<_>>(),
2337 "threshold_percentile": self.threshold_percentile,
2338 "threshold_ms": self.threshold_ms,
2339 "max_error_rate": self.max_error_rate,
2340 "headers": headers_json,
2341 "dynamic_imports": required_imports,
2342 "dynamic_globals": required_globals,
2343 "extracted_values_output_path": self
2344 .output
2345 .join("crud_flow_extracted_values.json")
2346 .to_string_lossy(),
2347 "error_injection_enabled": error_injection_enabled,
2349 "error_rate": error_rate,
2350 "error_types": error_types,
2351 "security_testing_enabled": security_testing_enabled,
2353 "has_custom_headers": !custom_headers.is_empty(),
2354 });
2355
2356 let mut script = handlebars
2357 .render_template(template, &data)
2358 .map_err(|e| BenchError::ScriptGenerationFailed(e.to_string()))?;
2359
2360 if security_testing_enabled {
2362 script = self.generate_enhanced_script(&script)?;
2363 }
2364
2365 TerminalReporter::print_progress("Validating CRUD flow script...");
2367 let validation_errors = K6ScriptGenerator::validate_script(&script);
2368 if !validation_errors.is_empty() {
2369 TerminalReporter::print_error("CRUD flow script validation failed");
2370 for error in &validation_errors {
2371 eprintln!(" {}", error);
2372 }
2373 return Err(BenchError::Other(format!(
2374 "CRUD flow script validation failed with {} error(s)",
2375 validation_errors.len()
2376 )));
2377 }
2378
2379 TerminalReporter::print_success("CRUD flow script generated");
2380
2381 let script_path = if let Some(output) = &self.script_output {
2383 output.clone()
2384 } else {
2385 self.output.join("k6-crud-flow-script.js")
2386 };
2387
2388 if let Some(parent) = script_path.parent() {
2389 std::fs::create_dir_all(parent)?;
2390 }
2391 std::fs::write(&script_path, &script)?;
2392 TerminalReporter::print_success(&format!("Script written to: {}", script_path.display()));
2393
2394 if self.generate_only {
2395 println!("\nScript generated successfully. Run it with:");
2396 println!(" k6 run {}", script_path.display());
2397 return Ok(());
2398 }
2399
2400 TerminalReporter::print_progress("Executing CRUD flow test...");
2402 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
2403 std::fs::create_dir_all(&self.output)?;
2404
2405 let results = executor.execute(&script_path, Some(&self.output), self.verbose).await?;
2406
2407 let duration_secs = Self::parse_duration(&self.duration)?;
2408 TerminalReporter::print_summary_with_mode(&results, duration_secs, self.no_keep_alive);
2409
2410 Ok(())
2411 }
2412
2413 async fn execute_conformance_test(&self) -> Result<()> {
2415 use crate::conformance::generator::{ConformanceConfig, ConformanceGenerator};
2416 use crate::conformance::report::ConformanceReport;
2417 use crate::conformance::spec::ConformanceFeature;
2418
2419 TerminalReporter::print_progress("OpenAPI 3.0.0 Conformance Testing Mode");
2420
2421 TerminalReporter::print_progress(
2424 "Conformance mode runs 1 VU, 1 iteration per endpoint (--vus and -d are ignored)",
2425 );
2426
2427 let categories = self.conformance_categories.as_ref().map(|cats_str| {
2429 cats_str
2430 .split(',')
2431 .filter_map(|s| {
2432 let trimmed = s.trim();
2433 if let Some(canonical) = ConformanceFeature::category_from_cli_name(trimmed) {
2434 Some(canonical.to_string())
2435 } else {
2436 TerminalReporter::print_warning(&format!(
2437 "Unknown conformance category: '{}'. Valid categories: {}",
2438 trimmed,
2439 ConformanceFeature::cli_category_names()
2440 .iter()
2441 .map(|(cli, _)| *cli)
2442 .collect::<Vec<_>>()
2443 .join(", ")
2444 ));
2445 None
2446 }
2447 })
2448 .collect::<Vec<String>>()
2449 });
2450
2451 let custom_headers: Vec<(String, String)> = self
2453 .conformance_headers
2454 .iter()
2455 .filter_map(|h| {
2456 let (name, value) = h.split_once(':')?;
2457 Some((name.trim().to_string(), value.trim().to_string()))
2458 })
2459 .collect();
2460
2461 if !custom_headers.is_empty() {
2462 TerminalReporter::print_progress(&format!(
2463 "Using {} custom header(s) for authentication",
2464 custom_headers.len()
2465 ));
2466 }
2467
2468 if self.conformance_delay_ms > 0 {
2469 TerminalReporter::print_progress(&format!(
2470 "Using {}ms delay between conformance requests",
2471 self.conformance_delay_ms
2472 ));
2473 }
2474
2475 std::fs::create_dir_all(&self.output)?;
2477
2478 let config = ConformanceConfig {
2479 target_url: self.target.clone(),
2480 api_key: self.conformance_api_key.clone(),
2481 basic_auth: self.conformance_basic_auth.clone(),
2482 skip_tls_verify: self.skip_tls_verify,
2483 categories,
2484 base_path: self.base_path.clone(),
2485 custom_headers,
2486 output_dir: Some(self.output.clone()),
2487 all_operations: self.conformance_all_operations,
2488 custom_checks_file: self.conformance_custom.clone(),
2489 request_delay_ms: self.conformance_delay_ms,
2490 custom_filter: self.conformance_custom_filter.clone(),
2491 export_requests: self.export_requests,
2492 validate_requests: self.validate_requests,
2493 };
2494
2495 let mut resolved_base_path: Option<String> = None;
2503 let annotated_ops = if !self.spec.is_empty() {
2504 TerminalReporter::print_progress("Spec-driven conformance mode: analyzing spec...");
2505 let parser = SpecParser::from_file(&self.spec[0]).await?;
2506 resolved_base_path = self.resolve_base_path(&parser);
2507
2508 let mut operations = if let Some(filter) = &self.operations {
2513 parser.filter_operations(filter)?
2514 } else {
2515 parser.get_operations()
2516 };
2517 if let Some(exclude) = &self.exclude_operations {
2518 let before_count = operations.len();
2519 operations = parser.exclude_operations(operations, exclude)?;
2520 let excluded_count = before_count - operations.len();
2521 if excluded_count > 0 {
2522 TerminalReporter::print_progress(&format!(
2523 "Excluded {} operations matching '{}'",
2524 excluded_count, exclude
2525 ));
2526 }
2527 }
2528
2529 let annotated =
2530 crate::conformance::spec_driven::SpecDrivenConformanceGenerator::annotate_operations(
2531 &operations,
2532 parser.spec(),
2533 );
2534 TerminalReporter::print_success(&format!(
2535 "Analyzed {} operations, found {} feature annotations",
2536 operations.len(),
2537 annotated.iter().map(|a| a.features.len()).sum::<usize>()
2538 ));
2539 Some(annotated)
2540 } else {
2541 None
2542 };
2543
2544 if self.conformance_self_test {
2551 let Some(ops) = annotated_ops else {
2552 TerminalReporter::print_error(
2553 "--conformance-self-test requires --spec; no operations to test",
2554 );
2555 return Ok(());
2556 };
2557 let cfg = crate::conformance::self_test::SelfTestConfig {
2558 target_url: self.target.clone(),
2559 skip_tls_verify: self.skip_tls_verify,
2560 timeout: std::time::Duration::from_secs(30),
2561 extra_headers: self
2565 .conformance_headers
2566 .iter()
2567 .filter_map(|h| {
2568 let (n, v) = h.split_once(':')?;
2569 Some((n.trim().to_string(), v.trim().to_string()))
2570 })
2571 .collect(),
2572 delay_between_requests: std::time::Duration::from_millis(self.conformance_delay_ms),
2573 base_path: resolved_base_path.clone(),
2577 source_ips: parse_ip_list(&self.source_ips, "source-ip"),
2581 geo_source_ips: parse_ip_list(&self.geo_source_ips, "geo-source-ip"),
2582 geo_source_headers: if self.geo_source_headers.is_empty() {
2583 crate::conformance::self_test::default_geo_source_headers()
2584 } else {
2585 self.geo_source_headers.clone()
2586 },
2587 capture: if self.conformance_self_test_capture || self.validate_response_schemas {
2591 Some(std::sync::Arc::new(std::sync::Mutex::new(Vec::new())))
2597 } else {
2598 None
2599 },
2600 validate_response_schemas: self.validate_response_schemas,
2601 spec_label: self.spec.first().map(|p| {
2607 p.file_name()
2608 .map(|s| s.to_string_lossy().into_owned())
2609 .unwrap_or_else(|| p.to_string_lossy().into_owned())
2610 }),
2611 network_events: Some(std::sync::Arc::new(std::sync::Mutex::new(Vec::new()))),
2618 };
2619 let capture_sink = cfg.capture.clone();
2620 let network_events_sink = cfg.network_events.clone();
2621 TerminalReporter::print_progress(&format!(
2622 "Self-test mode: driving {} operations with positive + per-category negative cases",
2623 ops.len()
2624 ));
2625 let target_iterations = self.conformance_self_test_iterations.max(1);
2632 let duration_budget = self
2633 .conformance_self_test_duration
2634 .as_ref()
2635 .map(|s| Self::parse_duration(s))
2636 .transpose()?
2637 .map(std::time::Duration::from_secs);
2638 let start = std::time::Instant::now();
2639 let mut report = crate::conformance::self_test::run_self_test(&ops, &cfg)
2640 .await
2641 .map_err(|e| BenchError::Other(format!("self-test client error: {e}")))?;
2642 let mut iter_done: u32 = 1;
2643 loop {
2644 let by_iter = iter_done >= target_iterations;
2645 let by_dur = duration_budget.map(|d| start.elapsed() >= d).unwrap_or(true);
2646 if by_iter && by_dur {
2647 break;
2648 }
2649 let next = crate::conformance::self_test::run_self_test(&ops, &cfg)
2650 .await
2651 .map_err(|e| BenchError::Other(format!("self-test client error: {e}")))?;
2652 report.merge_iteration(next);
2653 iter_done = iter_done.saturating_add(1);
2654 }
2655 if iter_done > 1 {
2656 TerminalReporter::print_progress(&format!(
2657 "Self-test repeated {} iteration(s) ({:.1?} elapsed)",
2658 iter_done,
2659 start.elapsed(),
2660 ));
2661 }
2662 let per_endpoint_summary: Vec<
2672 crate::conformance::per_endpoint_summary::PerEndpointSummary,
2673 >;
2674 if let Some(sink) = capture_sink {
2675 if let Ok(guard) = sink.lock() {
2676 let jsonl_path = self.output.join("conformance-self-test-requests.jsonl");
2677 let mut lines = String::with_capacity(guard.len() * 256);
2678 for entry in guard.iter() {
2679 if let Ok(line) = serde_json::to_string(entry) {
2680 lines.push_str(&line);
2681 lines.push('\n');
2682 }
2683 }
2684 let _ = std::fs::write(&jsonl_path, lines);
2685 let html_path = self.output.join("conformance-self-test-requests.html");
2686 let html =
2687 crate::conformance::capture_html::render_capture_html(guard.as_slice());
2688 let _ = std::fs::write(&html_path, html);
2689
2690 per_endpoint_summary =
2694 crate::conformance::per_endpoint_summary::build_summary(guard.as_slice());
2695 let summary_path = self.output.join("conformance-per-endpoint.json");
2696 if let Ok(json) = serde_json::to_string_pretty(&per_endpoint_summary) {
2697 let _ = std::fs::write(&summary_path, json);
2698 TerminalReporter::print_progress(&format!(
2699 "Self-test request/response capture written to {} ({} entries) + {} + {}",
2700 jsonl_path.display(),
2701 guard.len(),
2702 html_path.display(),
2703 summary_path.display(),
2704 ));
2705 } else {
2706 TerminalReporter::print_progress(&format!(
2707 "Self-test request/response capture written to {} ({} entries) + {}",
2708 jsonl_path.display(),
2709 guard.len(),
2710 html_path.display(),
2711 ));
2712 }
2713 } else {
2714 per_endpoint_summary = Vec::new();
2715 }
2716 } else {
2717 per_endpoint_summary = Vec::new();
2718 }
2719 TerminalReporter::print_progress(&report.render_summary());
2720 if let Some(sink) = network_events_sink {
2727 if let Ok(guard) = sink.lock() {
2728 let path = self.output.join("conformance-network-events.json");
2729 if let Ok(json) = serde_json::to_string_pretty(&*guard) {
2730 let _ = std::fs::write(&path, json);
2731 if guard.is_empty() {
2732 TerminalReporter::print_progress(
2733 "No wire-level network failures during self-test (file written empty)",
2734 );
2735 } else {
2736 TerminalReporter::print_warning(&format!(
2737 "Recorded {} wire-level network event(s) to {}",
2738 guard.len(),
2739 path.display()
2740 ));
2741 }
2742 }
2743 }
2744 }
2745 let json_path = self.output.join("conformance-self-test.json");
2749 if let Ok(json) = serde_json::to_string_pretty(&report) {
2750 let _ = std::fs::write(&json_path, json);
2751 TerminalReporter::print_progress(&format!(
2752 "Self-test report written to {}",
2753 json_path.display()
2754 ));
2755 }
2756 if let Some(status) = report.detect_target_misconfiguration() {
2765 let hint = match status {
2766 404 => " Likely cause: spec paths don't match deployed routes — check --base-path and the spec's `servers` block.",
2767 401 | 403 => " Likely cause: authentication header is missing or invalid — check --conformance-header.",
2768 _ => "",
2769 };
2770 TerminalReporter::print_warning(&format!(
2771 "Self-test misconfiguration: every positive case returned {status}.{hint} Negative results below are meaningless under this condition."
2772 ));
2773 } else if !report.all_passed() {
2774 TerminalReporter::print_warning(
2775 "Self-test detected gaps — server let through at least one request that should have been a 4xx",
2776 );
2777 } else {
2778 TerminalReporter::print_success(
2779 "Self-test passed — all positive cases accepted and all negative cases rejected",
2780 );
2781 }
2782 let html_path = self.output.join("conformance-report.html");
2789 let audit_path = self.output.join("conformance-spec-audit.json");
2790 let audit_value = std::fs::read_to_string(&audit_path)
2791 .ok()
2792 .and_then(|s| serde_json::from_str::<serde_json::Value>(&s).ok());
2793 let render_opts = crate::conformance::report_html::RenderOptions {
2798 missed_cap: match self.report_missed_cap {
2799 Some(0) => None,
2800 Some(n) => Some(n as usize),
2801 None => Some(200),
2802 },
2803 };
2804 let mut html = crate::conformance::report_html::render_html_with_options(
2805 &report,
2806 audit_value.as_ref(),
2807 &render_opts,
2808 );
2809 let summary_section = crate::conformance::per_endpoint_summary::render_html_section(
2815 &per_endpoint_summary,
2816 );
2817 if !summary_section.is_empty() {
2818 if let Some(idx) = html.rfind("</body>") {
2819 html.insert_str(idx, &summary_section);
2820 } else {
2821 html.push_str(&summary_section);
2822 }
2823 }
2824 if std::fs::write(&html_path, html).is_ok() {
2825 TerminalReporter::print_progress(&format!(
2826 "HTML report written to {}",
2827 html_path.display()
2828 ));
2829 }
2830 return Ok(());
2831 }
2832
2833 if self.validate_requests && !self.spec.is_empty() {
2835 TerminalReporter::print_progress("Validating requests against OpenAPI spec...");
2836 let violation_count = crate::conformance::request_validator::run_request_validation(
2837 &self.spec,
2838 self.conformance_custom.as_deref(),
2839 self.base_path.as_deref(),
2840 &self.output,
2841 )
2842 .await?;
2843 if violation_count > 0 {
2844 TerminalReporter::print_warning(&format!(
2845 "{} request validation violation(s) found — see conformance-request-violations.json",
2846 violation_count
2847 ));
2848 } else {
2849 TerminalReporter::print_success("All requests conform to the OpenAPI spec");
2850 }
2851 }
2852
2853 if self.generate_only || self.use_k6 {
2855 let script = if let Some(annotated) = &annotated_ops {
2856 let gen = crate::conformance::spec_driven::SpecDrivenConformanceGenerator::new(
2857 config,
2858 annotated.clone(),
2859 );
2860 let op_count = gen.operation_count();
2861 let (script, check_count) = gen.generate()?;
2862 TerminalReporter::print_success(&format!(
2863 "Conformance: {} operations analyzed, {} unique checks generated",
2864 op_count, check_count
2865 ));
2866 script
2867 } else {
2868 let generator = ConformanceGenerator::new(config);
2869 generator.generate()?
2870 };
2871
2872 let script_path = self.output.join("k6-conformance.js");
2873 std::fs::write(&script_path, &script).map_err(|e| {
2874 BenchError::Other(format!("Failed to write conformance script: {}", e))
2875 })?;
2876 TerminalReporter::print_success(&format!(
2877 "Conformance script generated: {}",
2878 script_path.display()
2879 ));
2880
2881 if self.generate_only {
2882 println!("\nScript generated. Run with:");
2883 println!(" k6 run {}", script_path.display());
2884 return Ok(());
2885 }
2886
2887 if !K6Executor::is_k6_installed() {
2889 TerminalReporter::print_error("k6 is not installed");
2890 TerminalReporter::print_warning(
2891 "Install k6 from: https://k6.io/docs/get-started/installation/",
2892 );
2893 return Err(BenchError::K6NotFound);
2894 }
2895
2896 TerminalReporter::print_progress("Running conformance tests via k6...");
2897 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
2898 executor.execute(&script_path, Some(&self.output), self.verbose).await?;
2899
2900 let report_path = self.output.join("conformance-report.json");
2901 if report_path.exists() {
2902 let report = ConformanceReport::from_file(&report_path)?;
2903 report.print_report_with_options(self.conformance_all_operations);
2904 self.save_conformance_report(&report, &report_path)?;
2905 } else {
2906 TerminalReporter::print_warning(
2907 "Conformance report not generated (k6 handleSummary may not have run)",
2908 );
2909 }
2910
2911 if self.validate_requests && self.export_requests && !self.spec.is_empty() {
2923 let n = crate::conformance::request_validator::validate_emitted_requests_with_base_path(
2924 &self.spec,
2925 &self.output,
2926 self.base_path.as_deref(),
2927 )
2928 .await?;
2929 if n > 0 {
2930 TerminalReporter::print_warning(&format!(
2931 "{} emitted request(s) violated the spec — see conformance-request-violations.json",
2932 n
2933 ));
2934 }
2935 }
2936
2937 return Ok(());
2938 }
2939
2940 TerminalReporter::print_progress("Running conformance tests (native executor)...");
2942
2943 let mut executor = crate::conformance::executor::NativeConformanceExecutor::new(config)?;
2944
2945 let custom_only = annotated_ops.is_none() && self.conformance_custom.is_some();
2955 executor = if let Some(annotated) = &annotated_ops {
2956 executor.with_spec_driven_checks(annotated)
2957 } else if custom_only {
2958 executor
2959 } else {
2960 executor.with_reference_checks()
2961 };
2962 executor = executor.with_custom_checks()?;
2963
2964 TerminalReporter::print_success(&format!(
2965 "Executing {} conformance checks...",
2966 executor.check_count()
2967 ));
2968
2969 let report = executor.execute().await?;
2970 report.print_report_with_options(self.conformance_all_operations);
2971
2972 let failure_details = report.failure_details();
2974 if !failure_details.is_empty() {
2975 let details_path = self.output.join("conformance-failure-details.json");
2976 if let Ok(json) = serde_json::to_string_pretty(&failure_details) {
2977 let _ = std::fs::write(&details_path, json);
2978 TerminalReporter::print_success(&format!(
2979 "Failure details saved to: {}",
2980 details_path.display()
2981 ));
2982 }
2983 }
2984
2985 let report_path = self.output.join("conformance-report.json");
2987 let report_json = serde_json::to_string_pretty(&report.to_json())
2988 .map_err(|e| BenchError::Other(format!("Failed to serialize report: {}", e)))?;
2989 std::fs::write(&report_path, &report_json)
2990 .map_err(|e| BenchError::Other(format!("Failed to write report: {}", e)))?;
2991 TerminalReporter::print_success(&format!("Report saved to: {}", report_path.display()));
2992
2993 self.save_conformance_report(&report, &report_path)?;
2994
2995 if self.validate_requests && self.export_requests && !self.spec.is_empty() {
3006 let n =
3007 crate::conformance::request_validator::validate_emitted_requests_with_base_path(
3008 &self.spec,
3009 &self.output,
3010 self.base_path.as_deref(),
3011 )
3012 .await?;
3013 if n > 0 {
3014 TerminalReporter::print_warning(&format!(
3015 "{} emitted request(s) violated the spec — see conformance-request-violations.json",
3016 n
3017 ));
3018 }
3019 }
3020
3021 Ok(())
3022 }
3023
3024 fn save_conformance_report(
3026 &self,
3027 report: &crate::conformance::report::ConformanceReport,
3028 report_path: &Path,
3029 ) -> Result<()> {
3030 if self.conformance_report_format == "sarif" {
3031 use crate::conformance::sarif::ConformanceSarifReport;
3032 ConformanceSarifReport::write(report, &self.target, &self.conformance_report)?;
3033 TerminalReporter::print_success(&format!(
3034 "SARIF report saved to: {}",
3035 self.conformance_report.display()
3036 ));
3037 } else if self.conformance_report != *report_path {
3038 std::fs::copy(report_path, &self.conformance_report)?;
3039 TerminalReporter::print_success(&format!(
3040 "Report saved to: {}",
3041 self.conformance_report.display()
3042 ));
3043 }
3044 Ok(())
3045 }
3046
3047 async fn execute_multi_target_conformance(&self, targets_file: &Path) -> Result<()> {
3053 use crate::conformance::generator::{ConformanceConfig, ConformanceGenerator};
3054 use crate::conformance::report::ConformanceReport;
3055 use crate::conformance::spec::ConformanceFeature;
3056
3057 TerminalReporter::print_progress("Multi-target OpenAPI 3.0.0 Conformance Testing Mode");
3058
3059 TerminalReporter::print_progress("Parsing targets file...");
3061 let targets = parse_targets_file(targets_file)?;
3062 let num_targets = targets.len();
3063 TerminalReporter::print_success(&format!("Loaded {} targets", num_targets));
3064
3065 if targets.is_empty() {
3066 return Err(BenchError::Other("No targets found in file".to_string()));
3067 }
3068
3069 TerminalReporter::print_progress(
3070 "Conformance mode runs 1 VU, 1 iteration per endpoint (--vus and -d are ignored)",
3071 );
3072
3073 let categories = self.conformance_categories.as_ref().map(|cats_str| {
3075 cats_str
3076 .split(',')
3077 .filter_map(|s| {
3078 let trimmed = s.trim();
3079 if let Some(canonical) = ConformanceFeature::category_from_cli_name(trimmed) {
3080 Some(canonical.to_string())
3081 } else {
3082 TerminalReporter::print_warning(&format!(
3083 "Unknown conformance category: '{}'. Valid categories: {}",
3084 trimmed,
3085 ConformanceFeature::cli_category_names()
3086 .iter()
3087 .map(|(cli, _)| *cli)
3088 .collect::<Vec<_>>()
3089 .join(", ")
3090 ));
3091 None
3092 }
3093 })
3094 .collect::<Vec<String>>()
3095 });
3096
3097 let base_custom_headers: Vec<(String, String)> = self
3099 .conformance_headers
3100 .iter()
3101 .filter_map(|h| {
3102 let (name, value) = h.split_once(':')?;
3103 Some((name.trim().to_string(), value.trim().to_string()))
3104 })
3105 .collect();
3106
3107 if !base_custom_headers.is_empty() {
3108 TerminalReporter::print_progress(&format!(
3109 "Using {} base custom header(s) for authentication",
3110 base_custom_headers.len()
3111 ));
3112 }
3113
3114 let annotated_ops = if !self.spec.is_empty() {
3116 TerminalReporter::print_progress("Spec-driven conformance mode: analyzing spec...");
3117 let parser = SpecParser::from_file(&self.spec[0]).await?;
3118 let operations = parser.get_operations();
3119 let annotated =
3120 crate::conformance::spec_driven::SpecDrivenConformanceGenerator::annotate_operations(
3121 &operations,
3122 parser.spec(),
3123 );
3124 TerminalReporter::print_success(&format!(
3125 "Analyzed {} operations, found {} feature annotations",
3126 operations.len(),
3127 annotated.iter().map(|a| a.features.len()).sum::<usize>()
3128 ));
3129 Some(annotated)
3130 } else {
3131 None
3132 };
3133
3134 std::fs::create_dir_all(&self.output)?;
3136
3137 struct TargetResult {
3139 url: String,
3140 passed: usize,
3141 failed: usize,
3142 elapsed: std::time::Duration,
3143 report_json: serde_json::Value,
3144 owasp_coverage: Vec<crate::conformance::report::OwaspCoverageEntry>,
3145 }
3146
3147 let mut target_results: Vec<TargetResult> = Vec::with_capacity(num_targets);
3148 let total_start = std::time::Instant::now();
3149
3150 for (idx, target) in targets.iter().enumerate() {
3151 tracing::info!(
3152 "Running conformance tests against target {}/{}: {}",
3153 idx + 1,
3154 num_targets,
3155 target.url
3156 );
3157 TerminalReporter::print_progress(&format!(
3158 "\n--- Target {}/{}: {} ---",
3159 idx + 1,
3160 num_targets,
3161 target.url
3162 ));
3163
3164 let mut merged_headers = base_custom_headers.clone();
3166 if let Some(ref target_headers) = target.headers {
3167 for (name, value) in target_headers {
3168 if let Some(existing) = merged_headers.iter_mut().find(|(n, _)| n == name) {
3170 existing.1 = value.clone();
3171 } else {
3172 merged_headers.push((name.clone(), value.clone()));
3173 }
3174 }
3175 }
3176 if let Some(ref auth) = target.auth {
3178 if let Some(existing) =
3179 merged_headers.iter_mut().find(|(n, _)| n.eq_ignore_ascii_case("Authorization"))
3180 {
3181 existing.1 = auth.clone();
3182 } else {
3183 merged_headers.push(("Authorization".to_string(), auth.clone()));
3184 }
3185 }
3186
3187 let target_dir = self.output.join(format!("target_{}", idx));
3193 std::fs::create_dir_all(&target_dir)?;
3194
3195 let config = ConformanceConfig {
3196 target_url: target.url.clone(),
3197 api_key: self.conformance_api_key.clone(),
3198 basic_auth: self.conformance_basic_auth.clone(),
3199 skip_tls_verify: self.skip_tls_verify,
3200 categories: categories.clone(),
3201 base_path: self.base_path.clone(),
3202 custom_headers: merged_headers,
3203 output_dir: Some(target_dir.clone()),
3204 all_operations: self.conformance_all_operations,
3205 custom_checks_file: self.conformance_custom.clone(),
3206 request_delay_ms: self.conformance_delay_ms,
3207 custom_filter: self.conformance_custom_filter.clone(),
3208 export_requests: self.export_requests,
3209 validate_requests: self.validate_requests,
3210 };
3211
3212 let target_start = std::time::Instant::now();
3213 let report = if self.use_k6 {
3214 if !K6Executor::is_k6_installed() {
3215 TerminalReporter::print_error("k6 is not installed");
3216 TerminalReporter::print_warning(
3217 "Install k6 from: https://k6.io/docs/get-started/installation/",
3218 );
3219 return Err(BenchError::K6NotFound);
3220 }
3221
3222 let script = if let Some(ref annotated) = annotated_ops {
3223 let gen = crate::conformance::spec_driven::SpecDrivenConformanceGenerator::new(
3224 config.clone(),
3225 annotated.clone(),
3226 );
3227 let (script, _check_count) = gen.generate()?;
3228 script
3229 } else {
3230 let generator = ConformanceGenerator::new(config.clone());
3231 generator.generate()?
3232 };
3233
3234 let script_path = target_dir.join("k6-conformance.js");
3235 std::fs::write(&script_path, &script).map_err(|e| {
3236 BenchError::Other(format!("Failed to write conformance script: {}", e))
3237 })?;
3238 TerminalReporter::print_success(&format!(
3239 "Conformance script generated: {}",
3240 script_path.display()
3241 ));
3242
3243 TerminalReporter::print_progress(&format!(
3244 "Running conformance tests via k6 against {}...",
3245 target.url
3246 ));
3247 let k6 = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
3248 let api_port = 6565u16.saturating_add(idx as u16);
3250 k6.execute_with_port(&script_path, Some(&target_dir), self.verbose, Some(api_port))
3251 .await?;
3252
3253 let report_path = target_dir.join("conformance-report.json");
3254 if report_path.exists() {
3255 ConformanceReport::from_file(&report_path)?
3256 } else {
3257 TerminalReporter::print_warning(&format!(
3258 "Conformance report not generated for target {} (k6 handleSummary may not have run)",
3259 target.url
3260 ));
3261 continue;
3262 }
3263 } else {
3264 let mut executor =
3265 crate::conformance::executor::NativeConformanceExecutor::new(config)?;
3266
3267 let custom_only = annotated_ops.is_none() && self.conformance_custom.is_some();
3270 executor = if let Some(ref annotated) = annotated_ops {
3271 executor.with_spec_driven_checks(annotated)
3272 } else if custom_only {
3273 executor
3274 } else {
3275 executor.with_reference_checks()
3276 };
3277 executor = executor.with_custom_checks()?;
3278
3279 TerminalReporter::print_success(&format!(
3280 "Executing {} conformance checks against {}...",
3281 executor.check_count(),
3282 target.url
3283 ));
3284
3285 executor.execute().await?
3286 };
3287 let target_elapsed = target_start.elapsed();
3288
3289 let report_json = report.to_json();
3290
3291 let passed = report_json["summary"]["passed"].as_u64().unwrap_or(0) as usize;
3293 let failed = report_json["summary"]["failed"].as_u64().unwrap_or(0) as usize;
3294 let total_checks = passed + failed;
3295 let rate = if total_checks == 0 {
3296 0.0
3297 } else {
3298 (passed as f64 / total_checks as f64) * 100.0
3299 };
3300
3301 TerminalReporter::print_success(&format!(
3302 "Target {}: {}/{} passed ({:.1}%) in {:.1}s",
3303 target.url,
3304 passed,
3305 total_checks,
3306 rate,
3307 target_elapsed.as_secs_f64()
3308 ));
3309
3310 let target_report_path = target_dir.join("conformance-report.json");
3312 let report_str = serde_json::to_string_pretty(&report_json)
3313 .map_err(|e| BenchError::Other(format!("Failed to serialize report: {}", e)))?;
3314 std::fs::write(&target_report_path, &report_str)
3315 .map_err(|e| BenchError::Other(format!("Failed to write report: {}", e)))?;
3316
3317 let failure_details = report.failure_details();
3319 if !failure_details.is_empty() {
3320 let details_path = target_dir.join("conformance-failure-details.json");
3321 if let Ok(json) = serde_json::to_string_pretty(&failure_details) {
3322 let _ = std::fs::write(&details_path, json);
3323 }
3324 }
3325
3326 if self.validate_requests && self.export_requests && !self.spec.is_empty() {
3333 let n = crate::conformance::request_validator::validate_emitted_requests_with_base_path(
3334 &self.spec,
3335 &target_dir,
3336 self.base_path.as_deref(),
3337 )
3338 .await?;
3339 if n > 0 {
3340 TerminalReporter::print_warning(&format!(
3341 "Target {}: {} emitted request(s) violated the spec — see {}/conformance-request-violations.json",
3342 target.url,
3343 n,
3344 target_dir.display()
3345 ));
3346 }
3347 }
3348
3349 let owasp_coverage = report.owasp_coverage_data();
3351
3352 target_results.push(TargetResult {
3353 url: target.url.clone(),
3354 passed,
3355 failed,
3356 elapsed: target_elapsed,
3357 report_json,
3358 owasp_coverage,
3359 });
3360 }
3361
3362 let total_elapsed = total_start.elapsed();
3363
3364 println!("\n{}", "=".repeat(80));
3366 println!(" Multi-Target Conformance Summary");
3367 println!("{}", "=".repeat(80));
3368 println!(
3369 " {:<40} {:>8} {:>8} {:>8} {:>8}",
3370 "Target URL", "Passed", "Failed", "Rate", "Time"
3371 );
3372 println!(" {}", "-".repeat(76));
3373
3374 let mut total_passed = 0usize;
3375 let mut total_failed = 0usize;
3376
3377 for result in &target_results {
3378 let total_checks = result.passed + result.failed;
3379 let rate = if total_checks == 0 {
3380 0.0
3381 } else {
3382 (result.passed as f64 / total_checks as f64) * 100.0
3383 };
3384
3385 let display_url = if result.url.len() > 38 {
3387 format!("{}...", &result.url[..35])
3388 } else {
3389 result.url.clone()
3390 };
3391
3392 println!(
3393 " {:<40} {:>8} {:>8} {:>7.1}% {:>6.1}s",
3394 display_url,
3395 result.passed,
3396 result.failed,
3397 rate,
3398 result.elapsed.as_secs_f64()
3399 );
3400
3401 total_passed += result.passed;
3402 total_failed += result.failed;
3403 }
3404
3405 let grand_total = total_passed + total_failed;
3406 let overall_rate = if grand_total == 0 {
3407 0.0
3408 } else {
3409 (total_passed as f64 / grand_total as f64) * 100.0
3410 };
3411
3412 println!(" {}", "-".repeat(76));
3413 println!(
3414 " {:<40} {:>8} {:>8} {:>7.1}% {:>6.1}s",
3415 format!("TOTAL ({} targets)", num_targets),
3416 total_passed,
3417 total_failed,
3418 overall_rate,
3419 total_elapsed.as_secs_f64()
3420 );
3421 println!("{}", "=".repeat(80));
3422
3423 for result in &target_results {
3425 println!("\n OWASP API Security Top 10 Coverage for {}:", result.url);
3426 for entry in &result.owasp_coverage {
3427 let status = if !entry.tested {
3428 "-"
3429 } else if entry.all_passed {
3430 "pass"
3431 } else {
3432 "FAIL"
3433 };
3434 let via = if entry.via_categories.is_empty() {
3435 String::new()
3436 } else {
3437 format!(" (via {})", entry.via_categories.join(", "))
3438 };
3439 println!(" {:<12} {:<40} {}{}", entry.id, entry.name, status, via);
3440 }
3441 }
3442
3443 let per_target_summaries: Vec<serde_json::Value> = target_results
3445 .iter()
3446 .enumerate()
3447 .map(|(idx, r)| {
3448 let total_checks = r.passed + r.failed;
3449 let rate = if total_checks == 0 {
3450 0.0
3451 } else {
3452 (r.passed as f64 / total_checks as f64) * 100.0
3453 };
3454 let owasp_json: Vec<serde_json::Value> = r
3455 .owasp_coverage
3456 .iter()
3457 .map(|e| {
3458 serde_json::json!({
3459 "id": e.id,
3460 "name": e.name,
3461 "tested": e.tested,
3462 "all_passed": e.all_passed,
3463 "via_categories": e.via_categories,
3464 })
3465 })
3466 .collect();
3467 serde_json::json!({
3468 "target_url": r.url,
3469 "target_index": idx,
3470 "checks_passed": r.passed,
3471 "checks_failed": r.failed,
3472 "total_checks": total_checks,
3473 "pass_rate": rate,
3474 "elapsed_seconds": r.elapsed.as_secs_f64(),
3475 "report": r.report_json,
3476 "owasp_coverage": owasp_json,
3477 })
3478 })
3479 .collect();
3480
3481 let combined_summary = serde_json::json!({
3482 "total_targets": num_targets,
3483 "total_checks_passed": total_passed,
3484 "total_checks_failed": total_failed,
3485 "overall_pass_rate": overall_rate,
3486 "total_elapsed_seconds": total_elapsed.as_secs_f64(),
3487 "targets": per_target_summaries,
3488 });
3489
3490 let summary_path = self.output.join("multi-target-conformance-summary.json");
3491 let summary_str = serde_json::to_string_pretty(&combined_summary)
3492 .map_err(|e| BenchError::Other(format!("Failed to serialize summary: {}", e)))?;
3493 std::fs::write(&summary_path, &summary_str)
3494 .map_err(|e| BenchError::Other(format!("Failed to write summary: {}", e)))?;
3495 TerminalReporter::print_success(&format!(
3496 "Combined summary saved to: {}",
3497 summary_path.display()
3498 ));
3499
3500 Ok(())
3501 }
3502
3503 async fn execute_owasp_test(&self, parser: &SpecParser) -> Result<()> {
3505 TerminalReporter::print_progress("OWASP API Security Top 10 Testing Mode");
3506
3507 let custom_headers = self.parse_headers()?;
3509
3510 let mut config = OwaspApiConfig::new()
3512 .with_auth_header(&self.owasp_auth_header)
3513 .with_verbose(self.verbose)
3514 .with_insecure(self.skip_tls_verify)
3515 .with_concurrency(self.vus as usize)
3516 .with_iterations(self.owasp_iterations as usize)
3517 .with_base_path(self.base_path.clone())
3518 .with_custom_headers(custom_headers);
3519
3520 if let Some(ref token) = self.owasp_auth_token {
3522 config = config.with_valid_auth_token(token);
3523 }
3524
3525 if let Some(ref cats_str) = self.owasp_categories {
3527 let categories: Vec<OwaspCategory> = cats_str
3528 .split(',')
3529 .filter_map(|s| {
3530 let trimmed = s.trim();
3531 match trimmed.parse::<OwaspCategory>() {
3532 Ok(cat) => Some(cat),
3533 Err(e) => {
3534 TerminalReporter::print_warning(&e);
3535 None
3536 }
3537 }
3538 })
3539 .collect();
3540
3541 if !categories.is_empty() {
3542 config = config.with_categories(categories);
3543 }
3544 }
3545
3546 if let Some(ref admin_paths_file) = self.owasp_admin_paths {
3548 config.admin_paths_file = Some(admin_paths_file.clone());
3549 if let Err(e) = config.load_admin_paths() {
3550 TerminalReporter::print_warning(&format!("Failed to load admin paths file: {}", e));
3551 }
3552 }
3553
3554 if let Some(ref id_fields_str) = self.owasp_id_fields {
3556 let id_fields: Vec<String> = id_fields_str
3557 .split(',')
3558 .map(|s| s.trim().to_string())
3559 .filter(|s| !s.is_empty())
3560 .collect();
3561 if !id_fields.is_empty() {
3562 config = config.with_id_fields(id_fields);
3563 }
3564 }
3565
3566 if let Some(ref report_path) = self.owasp_report {
3568 config = config.with_report_path(report_path);
3569 }
3570 if let Ok(format) = self.owasp_report_format.parse::<ReportFormat>() {
3571 config = config.with_report_format(format);
3572 }
3573
3574 let categories = config.categories_to_test();
3576 TerminalReporter::print_success(&format!(
3577 "Testing {} OWASP categories: {}",
3578 categories.len(),
3579 categories.iter().map(|c| c.cli_name()).collect::<Vec<_>>().join(", ")
3580 ));
3581
3582 if config.valid_auth_token.is_some() {
3583 TerminalReporter::print_progress("Using provided auth token for baseline requests");
3584 }
3585
3586 TerminalReporter::print_progress("Generating OWASP security test script...");
3588 let generator = OwaspApiGenerator::new(config, self.target.clone(), parser);
3589
3590 let script = generator.generate()?;
3592 TerminalReporter::print_success("OWASP security test script generated");
3593
3594 let script_path = if let Some(output) = &self.script_output {
3596 output.clone()
3597 } else {
3598 self.output.join("k6-owasp-security-test.js")
3599 };
3600
3601 if let Some(parent) = script_path.parent() {
3602 std::fs::create_dir_all(parent)?;
3603 }
3604 std::fs::write(&script_path, &script)?;
3605 TerminalReporter::print_success(&format!("Script written to: {}", script_path.display()));
3606
3607 if self.generate_only {
3609 println!("\nOWASP security test script generated. Run it with:");
3610 println!(" k6 run {}", script_path.display());
3611 return Ok(());
3612 }
3613
3614 TerminalReporter::print_progress("Executing OWASP security tests...");
3616 let executor = K6Executor::new()?.with_local_ips(self.source_ips.join(","));
3617 std::fs::create_dir_all(&self.output)?;
3618
3619 let results = executor.execute(&script_path, Some(&self.output), self.verbose).await?;
3620
3621 let duration_secs = Self::parse_duration(&self.duration)?;
3622 TerminalReporter::print_summary_with_mode(&results, duration_secs, self.no_keep_alive);
3623
3624 println!("\nOWASP security test results saved to: {}", self.output.display());
3625
3626 Ok(())
3627 }
3628}
3629
3630#[cfg(test)]
3631mod tests {
3632 use super::*;
3633 use tempfile::tempdir;
3634
3635 #[test]
3636 fn test_parse_duration() {
3637 assert_eq!(BenchCommand::parse_duration("30s").unwrap(), 30);
3638 assert_eq!(BenchCommand::parse_duration("5m").unwrap(), 300);
3639 assert_eq!(BenchCommand::parse_duration("1h").unwrap(), 3600);
3640 assert_eq!(BenchCommand::parse_duration("60").unwrap(), 60);
3641 }
3642
3643 #[test]
3647 fn parse_ip_list_ipv4_range_inclusive() {
3648 let v = parse_ip_list(&["10.0.0.5-10.0.0.27".into()], "source-ip");
3649 assert_eq!(v.len(), 23);
3650 assert_eq!(v.first().unwrap().to_string(), "10.0.0.5");
3651 assert_eq!(v.last().unwrap().to_string(), "10.0.0.27");
3652 }
3653
3654 #[test]
3657 fn parse_ip_list_range_rejects_backwards() {
3658 let v = parse_ip_list(&["10.0.0.10-10.0.0.5".into()], "source-ip");
3659 assert!(v.is_empty(), "backwards range should produce no IPs; got {v:?}");
3660 }
3661
3662 #[test]
3666 fn parse_ip_list_rejects_ipv6_range_syntax() {
3667 let v = parse_ip_list(&["2001:db8::1-2001:db8::5".into()], "geo-source-ip");
3668 assert!(v.is_empty(), "IPv6 range should be rejected; got {v:?}");
3669 }
3670
3671 #[test]
3673 fn parse_ip_list_range_capped_at_256() {
3674 let v = parse_ip_list(&["10.0.0.0-10.0.5.0".into()], "source-ip");
3675 assert_eq!(v.len(), 256);
3676 assert_eq!(v.first().unwrap().to_string(), "10.0.0.0");
3677 }
3678
3679 #[test]
3682 fn parse_ip_list_plain_and_comma() {
3683 let v = parse_ip_list(&["10.0.0.5".into(), "10.0.0.6,10.0.0.7".into()], "source-ip");
3684 assert_eq!(v.len(), 3);
3685 assert_eq!(v[0].to_string(), "10.0.0.5");
3686 assert_eq!(v[2].to_string(), "10.0.0.7");
3687 }
3688
3689 #[test]
3692 fn parse_ip_list_ipv4_cidr_29_expands_to_8() {
3693 let v = parse_ip_list(&["10.0.0.0/29".into()], "source-ip");
3694 assert_eq!(v.len(), 8);
3695 assert_eq!(v[0].to_string(), "10.0.0.0");
3696 assert_eq!(v[7].to_string(), "10.0.0.7");
3697 }
3698
3699 #[test]
3702 fn parse_ip_list_ipv4_cidr_8_capped_at_256() {
3703 let v = parse_ip_list(&["10.0.0.0/8".into()], "source-ip");
3704 assert_eq!(v.len(), 256);
3705 assert_eq!(v[0].to_string(), "10.0.0.0");
3706 assert_eq!(v[255].to_string(), "10.0.0.255");
3707 }
3708
3709 #[test]
3711 fn parse_ip_list_ipv6_cidr_126_expands_to_4() {
3712 let v = parse_ip_list(&["2001:db8::/126".into()], "geo-source-ip");
3713 assert_eq!(v.len(), 4);
3714 assert!(v[0].is_ipv6());
3715 assert_eq!(v[0].to_string(), "2001:db8::");
3716 assert_eq!(v[3].to_string(), "2001:db8::3");
3717 }
3718
3719 #[test]
3721 fn parse_ip_list_mixed_v4_v6_cidr() {
3722 let v = parse_ip_list(&["10.0.0.0/30,2001:db8::1,203.0.113.42".into()], "geo-source-ip");
3723 assert_eq!(v.len(), 6); assert!(v.iter().any(|ip| ip.to_string() == "2001:db8::1"));
3725 assert!(v.iter().any(|ip| ip.to_string() == "203.0.113.42"));
3726 }
3727
3728 #[test]
3731 fn parse_ip_list_skips_malformed() {
3732 let v = parse_ip_list(
3733 &[
3734 "10.0.0.5".into(),
3735 "not-an-ip".into(),
3736 "10.0.0.6".into(),
3737 "/24".into(),
3738 "1.2.3.4/200".into(),
3739 ],
3740 "source-ip",
3741 );
3742 assert_eq!(v.len(), 2);
3743 assert_eq!(v[0].to_string(), "10.0.0.5");
3744 assert_eq!(v[1].to_string(), "10.0.0.6");
3745 }
3746
3747 #[test]
3748 fn test_parse_duration_invalid() {
3749 assert!(BenchCommand::parse_duration("invalid").is_err());
3750 assert!(BenchCommand::parse_duration("30x").is_err());
3751 }
3752
3753 #[test]
3754 fn test_parse_headers() {
3755 let cmd = BenchCommand {
3756 spec: vec![PathBuf::from("test.yaml")],
3757 spec_dir: None,
3758 merge_conflicts: "error".to_string(),
3759 spec_mode: "merge".to_string(),
3760 dependency_config: None,
3761 target: "http://localhost".to_string(),
3762 base_path: None,
3763 duration: "1m".to_string(),
3764 vus: 10,
3765 scenario: "ramp-up".to_string(),
3766 operations: None,
3767 exclude_operations: None,
3768 auth: None,
3769 headers: vec![
3770 "X-API-Key:test123".to_string(),
3771 "X-Client-ID:client456".to_string(),
3772 ],
3773 output: PathBuf::from("output"),
3774 generate_only: false,
3775 script_output: None,
3776 threshold_percentile: "p(95)".to_string(),
3777 threshold_ms: 500,
3778 max_error_rate: 0.05,
3779 verbose: false,
3780 skip_tls_verify: false,
3781 chunked_request_bodies: false,
3782 target_rps: None,
3783 no_keep_alive: false,
3784 targets_file: None,
3785 max_concurrency: None,
3786 results_format: "both".to_string(),
3787 params_file: None,
3788 crud_flow: false,
3789 flow_config: None,
3790 extract_fields: None,
3791 parallel_create: None,
3792 data_file: None,
3793 data_distribution: "unique-per-vu".to_string(),
3794 data_mappings: None,
3795 per_uri_control: false,
3796 error_rate: None,
3797 error_types: None,
3798 security_test: false,
3799 security_payloads: None,
3800 security_categories: None,
3801 security_target_fields: None,
3802 wafbench_dir: None,
3803 wafbench_cycle_all: false,
3804 owasp_api_top10: false,
3805 owasp_categories: None,
3806 owasp_auth_header: "Authorization".to_string(),
3807 owasp_auth_token: None,
3808 owasp_admin_paths: None,
3809 owasp_id_fields: None,
3810 owasp_report: None,
3811 owasp_report_format: "json".to_string(),
3812 owasp_iterations: 1,
3813 conformance: false,
3814 conformance_api_key: None,
3815 conformance_basic_auth: None,
3816 conformance_report: PathBuf::from("conformance-report.json"),
3817 conformance_categories: None,
3818 conformance_report_format: "json".to_string(),
3819 conformance_headers: vec![],
3820 conformance_all_operations: false,
3821 conformance_custom: None,
3822 conformance_delay_ms: 0,
3823 use_k6: false,
3824 conformance_custom_filter: None,
3825 export_requests: false,
3826 validate_requests: false,
3827 conformance_self_test: false,
3828 conformance_self_test_capture: false,
3829 conformance_self_test_iterations: 1,
3830 conformance_self_test_duration: None,
3831 validate_response_schemas: false,
3832 source_ips: Vec::new(),
3833 geo_source_ips: Vec::new(),
3834 geo_source_headers: Vec::new(),
3835 report_missed_cap: None,
3836 };
3837
3838 let headers = cmd.parse_headers().unwrap();
3839 assert_eq!(headers.get("X-API-Key"), Some(&"test123".to_string()));
3840 assert_eq!(headers.get("X-Client-ID"), Some(&"client456".to_string()));
3841 }
3842
3843 #[test]
3844 fn test_parse_header_string_preserves_comma_in_value() {
3845 let inputs = vec![
3848 "Cookie:session=abc; expires=Thu, 01 Jan 2099 00:00:00 GMT".to_string(),
3849 "X-Trace:1".to_string(),
3850 ];
3851 let headers = parse_header_string(&inputs).unwrap();
3852 assert_eq!(
3853 headers.get("Cookie"),
3854 Some(&"session=abc; expires=Thu, 01 Jan 2099 00:00:00 GMT".to_string())
3855 );
3856 assert_eq!(headers.get("X-Trace"), Some(&"1".to_string()));
3857 }
3858
3859 #[test]
3860 fn test_get_spec_display_name() {
3861 let cmd = BenchCommand {
3862 spec: vec![PathBuf::from("test.yaml")],
3863 spec_dir: None,
3864 merge_conflicts: "error".to_string(),
3865 spec_mode: "merge".to_string(),
3866 dependency_config: None,
3867 target: "http://localhost".to_string(),
3868 base_path: None,
3869 duration: "1m".to_string(),
3870 vus: 10,
3871 scenario: "ramp-up".to_string(),
3872 operations: None,
3873 exclude_operations: None,
3874 auth: None,
3875 headers: Vec::new(),
3876 output: PathBuf::from("output"),
3877 generate_only: false,
3878 script_output: None,
3879 threshold_percentile: "p(95)".to_string(),
3880 threshold_ms: 500,
3881 max_error_rate: 0.05,
3882 verbose: false,
3883 skip_tls_verify: false,
3884 chunked_request_bodies: false,
3885 target_rps: None,
3886 no_keep_alive: false,
3887 targets_file: None,
3888 max_concurrency: None,
3889 results_format: "both".to_string(),
3890 params_file: None,
3891 crud_flow: false,
3892 flow_config: None,
3893 extract_fields: None,
3894 parallel_create: None,
3895 data_file: None,
3896 data_distribution: "unique-per-vu".to_string(),
3897 data_mappings: None,
3898 per_uri_control: false,
3899 error_rate: None,
3900 error_types: None,
3901 security_test: false,
3902 security_payloads: None,
3903 security_categories: None,
3904 security_target_fields: None,
3905 wafbench_dir: None,
3906 wafbench_cycle_all: false,
3907 owasp_api_top10: false,
3908 owasp_categories: None,
3909 owasp_auth_header: "Authorization".to_string(),
3910 owasp_auth_token: None,
3911 owasp_admin_paths: None,
3912 owasp_id_fields: None,
3913 owasp_report: None,
3914 owasp_report_format: "json".to_string(),
3915 owasp_iterations: 1,
3916 conformance: false,
3917 conformance_api_key: None,
3918 conformance_basic_auth: None,
3919 conformance_report: PathBuf::from("conformance-report.json"),
3920 conformance_categories: None,
3921 conformance_report_format: "json".to_string(),
3922 conformance_headers: vec![],
3923 conformance_all_operations: false,
3924 conformance_custom: None,
3925 conformance_delay_ms: 0,
3926 use_k6: false,
3927 conformance_custom_filter: None,
3928 export_requests: false,
3929 validate_requests: false,
3930 conformance_self_test: false,
3931 conformance_self_test_capture: false,
3932 conformance_self_test_iterations: 1,
3933 conformance_self_test_duration: None,
3934 validate_response_schemas: false,
3935 source_ips: Vec::new(),
3936 geo_source_ips: Vec::new(),
3937 geo_source_headers: Vec::new(),
3938 report_missed_cap: None,
3939 };
3940
3941 assert_eq!(cmd.get_spec_display_name(), "test.yaml");
3942
3943 let cmd_multi = BenchCommand {
3945 spec: vec![PathBuf::from("a.yaml"), PathBuf::from("b.yaml")],
3946 spec_dir: None,
3947 merge_conflicts: "error".to_string(),
3948 spec_mode: "merge".to_string(),
3949 dependency_config: None,
3950 target: "http://localhost".to_string(),
3951 base_path: None,
3952 duration: "1m".to_string(),
3953 vus: 10,
3954 scenario: "ramp-up".to_string(),
3955 operations: None,
3956 exclude_operations: None,
3957 auth: None,
3958 headers: Vec::new(),
3959 output: PathBuf::from("output"),
3960 generate_only: false,
3961 script_output: None,
3962 threshold_percentile: "p(95)".to_string(),
3963 threshold_ms: 500,
3964 max_error_rate: 0.05,
3965 verbose: false,
3966 skip_tls_verify: false,
3967 chunked_request_bodies: false,
3968 target_rps: None,
3969 no_keep_alive: false,
3970 targets_file: None,
3971 max_concurrency: None,
3972 results_format: "both".to_string(),
3973 params_file: None,
3974 crud_flow: false,
3975 flow_config: None,
3976 extract_fields: None,
3977 parallel_create: None,
3978 data_file: None,
3979 data_distribution: "unique-per-vu".to_string(),
3980 data_mappings: None,
3981 per_uri_control: false,
3982 error_rate: None,
3983 error_types: None,
3984 security_test: false,
3985 security_payloads: None,
3986 security_categories: None,
3987 security_target_fields: None,
3988 wafbench_dir: None,
3989 wafbench_cycle_all: false,
3990 owasp_api_top10: false,
3991 owasp_categories: None,
3992 owasp_auth_header: "Authorization".to_string(),
3993 owasp_auth_token: None,
3994 owasp_admin_paths: None,
3995 owasp_id_fields: None,
3996 owasp_report: None,
3997 owasp_report_format: "json".to_string(),
3998 owasp_iterations: 1,
3999 conformance: false,
4000 conformance_api_key: None,
4001 conformance_basic_auth: None,
4002 conformance_report: PathBuf::from("conformance-report.json"),
4003 conformance_categories: None,
4004 conformance_report_format: "json".to_string(),
4005 conformance_headers: vec![],
4006 conformance_all_operations: false,
4007 conformance_custom: None,
4008 conformance_delay_ms: 0,
4009 use_k6: false,
4010 conformance_custom_filter: None,
4011 export_requests: false,
4012 validate_requests: false,
4013 conformance_self_test: false,
4014 conformance_self_test_capture: false,
4015 conformance_self_test_iterations: 1,
4016 conformance_self_test_duration: None,
4017 validate_response_schemas: false,
4018 source_ips: Vec::new(),
4019 geo_source_ips: Vec::new(),
4020 geo_source_headers: Vec::new(),
4021 report_missed_cap: None,
4022 };
4023
4024 assert_eq!(cmd_multi.get_spec_display_name(), "2 spec files");
4025 }
4026
4027 #[test]
4028 fn test_parse_extracted_values_from_output_dir() {
4029 let dir = tempdir().unwrap();
4030 let path = dir.path().join("extracted_values.json");
4031 std::fs::write(
4032 &path,
4033 r#"{
4034 "pool_id": "abc123",
4035 "count": 0,
4036 "enabled": false,
4037 "metadata": { "owner": "team-a" }
4038}"#,
4039 )
4040 .unwrap();
4041
4042 let extracted = BenchCommand::parse_extracted_values(dir.path()).unwrap();
4043 assert_eq!(extracted.get("pool_id"), Some(&serde_json::json!("abc123")));
4044 assert_eq!(extracted.get("count"), Some(&serde_json::json!(0)));
4045 assert_eq!(extracted.get("enabled"), Some(&serde_json::json!(false)));
4046 assert_eq!(extracted.get("metadata"), Some(&serde_json::json!({"owner": "team-a"})));
4047 }
4048
4049 #[test]
4050 fn test_parse_extracted_values_missing_file() {
4051 let dir = tempdir().unwrap();
4052 let extracted = BenchCommand::parse_extracted_values(dir.path()).unwrap();
4053 assert!(extracted.values.is_empty());
4054 }
4055}