Sample workflows

Here’s some sample workflows to show you the power of Rungutan:

LANDING PAGE

{
  "test_name": "Blog post test",
  "num_clients": 250,
  "hatch_rate": 250,
  "run_time": 60,
  "threads_per_region": 1,
  "domain_name": "my-landing-page.com",
  "protocol": "https",
  "test_region": [ "us-east-1" ],
  "workflow": [
    {
      "path": "/",
      "method": "GET"
    },
    {
      "path": "/blog",
      "method": "GET"
    },
    {
      "path": "/blog/post-1",
      "method": "GET"
    },
  ]
}

BASIC AUTH

{
  "test_name": "Blog post behind nginx HTTP access basic auth",
  "num_clients": 250,
  "hatch_rate": 250,
  "run_time": 60,
  "threads_per_region": 1,
  "domain_name": "my-basic-site.com",
  "protocol": "https",
  "test_region": [ "us-east-1" ],
  "workflow": [
    {
      "path": "/",
      "method": "GET",
      "headers": {
         "Authorization": "Basic some-token-here"
      }
    },
    {
      "path": "/blog",
      "method": "GET",
      "headers": {
         "Authorization": "Basic some-token-here"
      }
    },
    {
      "path": "/blog/post-1",
      "method": "GET",
      "headers": {
         "Authorization": "Basic some-token-here"
      }
    },
  ]
}

BASIC AUTH WITH FILE UPLOAD

{
  "test_name": "Upload file to site with basic auth",
  "num_clients": 250,
  "hatch_rate": 250,
  "run_time": 60,
  "threads_per_region": 1,
  "domain_name": "my-basic-site.com",
  "protocol": "https",
  "test_region": [ "us-east-1" ],
  "workflow": [
    {
      "path": "/",
      "method": "GET",
      "files": [
         "file1", "file2"
      ]
      "headers": {
         "Authorization": "Basic some-token-here"
      }
    },
    {
      "path": "/blog",
      "method": "GET",
      "headers": {
         "Authorization": "Basic some-token-here"
      }
    },
    {
      "path": "/blog/post-1",
      "method": "GET",
      "files": [
         "file3"
      ]
      "headers": {
         "Authorization": "Basic some-token-here"
      }
    },
  ]
}

JWT LOGIN PLATFORM

{
  "test_name": "Platform with JWT based auth",
  "num_clients": 250,
  "hatch_rate": 250,
  "run_time": 60,
  "threads_per_region": 1,
  "domain_name": "my-jwt-platform.com",
  "protocol": "https",
  "test_region": [ "us-east-1" ],
  "workflow": [
       {
           "path": "/login",
           "method": "POST",
           "headers": {
               "Content-Type": "application/x-www-form-urlencoded"
           },
           "data": "user=${vault.username}&password=${vault.password}",
           "extract": [
               {
                   "parameter_name": "authtoken",
                   "location": "body",
                   "key": "access_token"
               }
           ]
       },
       {
           "path": "/results",
           "method": "POST",
           "data": "{\"result_id\": \"1\"}"
           "headers": {
               "Authorization": "Bearer ${authtoken}"
           }
       }
   ]
}

First workflow step:

  • Hit the /login path with POST

  • Inject the username and password values from the relevant Vault keys into the payload

  • Extract the “access_token” key from the JSON response and STORE it in the variable named “authtoken”

Second workflow step:

  • Hit the /results path witht POST

  • Include a payload in the request

  • Set the header as “Bearer ${authtoken}” by referencing the value of the variable that we extracted in the previous step

LOGIN E-COMMERCE AND VIEW ORDERS

{
    "test_name": "Log in and view orders on e-commerce website",
    "num_clients": 60,
    "hatch_rate": 60,
    "run_time": 60,
    "threads_per_region": 5,
    "workflow": [
        {
            "path": "/login",
            "method": "GET",
            "headers": {
                "Content-Type": "application/x-www-form-urlencoded"
            },
            "extract": [
                {
                    "parameter_name": "csrftoken",
                    "location": "body",
                    "element_find_regex": "meta name=\"csrf-token\" content=\"(.+?)\""
                }
            ]
        },
        {
            "path": "/login",
            "method": "POST",
            "headers": {
                "Content-Type": "application/x-www-form-urlencoded"
            },
            "data": "email=${csv.testprod.0}&password=${csv.testprod.1}&csrftoken=${csrftoken}",
            "extract": [
                {
                    "parameter_name": "auth_code",
                    "location": "header",
                    "key": "SESSION"
                }
            ]
        },
        {
            "path": "/profile/orders",
            "method": "GET",
            "headers": {
                "SESSION": "${auth_code}"
            }
        }
    ],
    "domain_name": "domain.com",
    "protocol": "https",
    "test_region": [
        "us-east-1",
        "us-east-2"
    ]
}

First workflow step:

  • Hit the login URL with the METHOD GET

  • EXTRACT the CSRF token value by scanning the page for the actual value of csrf-token and STORE IT with variable name csrftoken

Second workflow step:

  • Use the value of the PREVIOUSLY STORED variable csrftoken and construct the LOGIN credentials by fetching the username and password from the CSV file testprod which are stored in columns with indexes 0 and 1 respectively

  • Hit that URL with the METHOD POST

  • EXTRACT the SESSION header value and STORE IT with variable name auth_code

Third workflow step:

  • Use the SAME value of the PREVIOUSLY STORED variable auth_code and place it in the SESSION header

  • Hit the orders URL with the METHOD GET

CSV UPDATE USER DETAILS

{
    "test_name": "Update email + phone number - 1000 users csv",
    "num_clients": 60,
    "hatch_rate": 60,
    "run_time": 60,
    "threads_per_region": 5,
    "workflow": [
        {
            "path": "/user/${csv.testprod.3}/profile",
            "method": "GET",
            "data": "",
            "headers": {
                "Content-Type": "application/json",
                "Authorization": "${vault.api_key}"
            },
            "extract": [
                {
                    "parameter_name": "profile_id",
                    "location": "body",
                    "key": "profile_id_extracted"
                }
            ]
        },
        {
            "path": "/user/${profile_id_extracted}/profile-details",
            "method": "POST",
            "data": "{\"phone_number\": \"+14041234567\"}",
            "headers": {
                "Content-Type": "application/json",
                "Authorization": "${vault.api_key}"
            }
        },
        {
            "path": "/user/${profile_id_extracted}/profile-details",
            "method": "POST",
            "data": "{\"email\": \"[email protected]"}",
            "headers": {
                "Content-Type": "application/json",
                "Authorization": "${vault.api_key}"
            }
        }
    ],
    "domain_name": "domain.com",
    "protocol": "https",
    "test_region": [
        "us-east-1",
        "us-east-2"
    ]
}

Here’s the step by step long explanation:

First workflow step:

  • Extract a random ROW from file testprod

  • From that ROW, get the value of the COLUMN with index 3

  • With that value, construct the URL -> /user/${csv.testprod.3}/profile

  • Hit that URL with the METHOD GET

  • Authenticate the API request using a VAULT key with the name api_key by placing it in the header key called “Authorization”

  • EXTRACT the parameter profile_id from the received JSON response and STORE IT with variable name profile_id_extracted

Second workflow step:

  • Use the value of the PREVIOUSLY STORED variable profile_id_extracted and construct the URL -> /user/${profile_id_extracted}/profile-details

  • Hit that URL with the METHOD POST

  • Authenticate the API request using a VAULT key with the name api_key by placing it in the header key called “Authorization”

  • Push the appropriate PAYLOAD using the json-escaped data field in order to update the phone number

Third workflow step:

  • Use the SAME value of the PREVIOUSLY STORED variable profile_id_extracted and construct the URL -> /user/${profile_id_extracted}/profile-details

  • Hit that URL with the METHOD POST

  • Authenticate the API request using a VAULT key with the name api_key by placing it in the header key called “Authorization”

  • Push the appropriate PAYLOAD using the json-escaped data field in order to update the email address