TL;DR notes from articles I read today.
Full post here, 16 mins read
Covering the “how to avoid” part here
- Be stingy with data you are sending through your APIs. Figure out what’s the absolute minimum amount of data that satisfies the requirements you are trying to meet.
- Represent upstream data internally as a Domain Object. You can both circumvent some bugs and provide a more consistent API by doing this.
- Try to name attributes of objects in your API responses in such a way that they can be forward compatible with any future updates.
- Apply Robustness Principle: “Be conservative in what you do, be liberal in what you accept from others.” Ensure all the API responses follow conventions and best practices but be accepting of inconsistent forms of requests (whenever you can) and normalize them into a consistent format at your end.
Full post here, 15 mins read
- 3 steps for having your APIs tested continuously: Write good test collection. Run tests on schedule and on-demand. Look at analytics & set up smart alerts.
- You should be running contract tests, integration tests and end-to-end tests in your build system on demand - when code changes happen or code merges happen.
- You should have some scheduled tests run regularly. These are the ones for API health checks, DNS checks, security checks, and any infrastructure related checks.
- For complete test coverage of your APIs, you will need both scheduled and on-demand tests.
- Analytics from data generated from these tests will give you a view of system health, performance, stability, resiliency, quality and agility over time. Use it to find underlying problems and set up effective alerts.
Full post here, 7 mins read