Let your RESTful API development soar with OpenAPI tooling
Let your RESTful API development soar with OpenAPI tooling
By Maarten Van Hoof
6 min read
Because the OpenAPI specification is a specification, just like the EcmaScript, HTML or CSS specification, we can reliably build tooling upon it. This tooling allows us to optimise our OpenAPI workflows and let us save precious time.
- Authors
- Name
- Maarten Van Hoof
- linkedinMaarten Van Hoof
- twitter@mrtnvh
- Github
- githubvanhoofmaarten
- Website
- websiteBlog
Part of series
In the previous parts of this series, we introduced you to the OpenAPI specification, how to describe an API provider in an OpenAPI document, the approaches we can take incorporating it on workflows helping us build and integrate with RESTful APIs. In this part, we will discuss the tooling that is available to optimise our OpenAPI workflows.
Documentation
The most popular type of tooling for the OpenAPI specification is documentation generation. It allows us to take the information of an OpenAPI document and present it in a tailored fashion. For example, non-technical users might not be familiar with reading JSON or YAML-based files. With documentation generation, we can give every stakeholder of our project insights into how the data from and to an API provider flows.
Some examples of OpenAPI documentation generators:
- Swagger UI: The most well-known one. The green documentation site. Maintained by Swagger, the original author of the OpenAPI specification, formerly known as the Swagger specification.
- Stoplight Elements: A fresh take on OpenAPI documentation, focusing more on the metadata, like titles and descriptions, rather than the technical information. It also includes a code snippet generator with snippets for dozens of programming languages and their flavours.
- ReDoc: A generator that creates full-screen OpenAPI documentation experiences. Code snippets and examples live next to the section of the operation described.
Code generation
With the Code First workflow, the API provider will likely generate the OpenAPI document. For the Design First workflow, we can reverse this by generating our communication layer of providers and/or consumers.
With code generation, we don't have to write API clients anymore. The entire API description is translated into tailored SDKs for our API providers and consumers.
Paths, endpoints, parameters, request bodies, etc., are transformed into methods, functions, types, interfaces, etc., of our desired programming language.
Cross-programming language end-to-end type safety
Because an OpenAPI document also describes the types and formats of our dataflow, we have the opportunity to translate this to types and interfaces for typed programming languages. The OpenAPI specification is, therefore, a way to create full cross-programming language end-to-end type safety between API providers and consumers, just like GraphQL and tRPC give us.
The OpenAPI code generator community is very diverse, and there is no clear one solution to rule them all. However, https://openapi-generator.tech/ comes pretty close. This flavour of code generator is a Java-based templating engine that supports all kinds of different API client configurations, even from other programming languages, ranging from TypeScript to PHP and everything in between. It even allows you to generate a whole GraphQL server that resolves to the described API operations.
There are also generators built on different programming languages. For example, I like openapi-typescript-codegen, which is built into TypeScript itself. I can include it as a build tool in front-end projects or repositories and have API client code generation as part of the build process.
On OpenAPI.Tools, you can discover all sorts of OpenAPI tools and generators to add to and hone in your OpenAPI workflow.
Mocking
When developing clients that are dependent on RESTful APIs, you may face a great deal of challenges communicating with the API provider.
- The provider and consumer are developed in parallel.
- I need a reliable, easy to influence API for integration testing.
- Connections to the data provider are not optimised, possibly slowing development efficiency.
In these cases, we want to recreate a separate local API provider we can develop against, a mocking server. For this, we could build one with the information coming from the OpenAPI description. But we don't need to.
Because Stoplight provides us with a mocking server tool, Prism. Prism takes an OpenAPI document and creates a fully-fledged local server that listens to requests on described paths and methods, validates the data for the types and formats you send to it and will respond with the correct types and formats. The values of the data respect the types described but will be of a random value.
Stoplight Prism is a Node-based command line tool that you can run via NPM or Docker. It's as easy as running the command with the configuration that ingests the desired OpenAPI document, and within seconds it will start a server to which we can make requests.
This mocking automation allows teams building API consumers to develop against non-existing API dependencies or to build in parallel with planned API dependencies. It dramatically increases the independence within an API provider/consumer relation.
Static Code Analysis
With the Design First approach, each stakeholder can work or propose alterations to the data flow by editing the OpenAPI document. We could have specific API patterns or best practices in place to ensure a certain degree of quality for our API.
Analogue to how we would lint our JavaScript code with ESLint, we can analyse our OpenAPI document with Stoplight Spectral. This linter validates your OpenAPI document against specific rules. For example, are all paths kebab-cased? Do the examples adhere to the described schema?
Automation
As with every software project, automation can benefit our workflow.
We already mentioned putting an OpenAPI document in a Git repository to enable versioning of our API description. By utilising Git submodules and adding our OpenAPI document repository to our provider's and consumer's repositories as a submodule, we can have a form of language-agnostic dependency management via Git. Each commit of the provider or consumer repository is tied precisely to a specific commit of the OpenAPI repository. Pull or Merge Requests are linted by CI/CD to check for code quality before merging it into our Single Source of Truth.
We can automate the generation of API client code at each start of the development environment so that our team is always using the latest version of the described API. Our IDEs immediately notice breaking changes, compilations steps, or CI/CD builds.
Our development environments include a step that will automatically run a local mocking server, or a shared mocking server is automatically deployed when the main version of the OpenAPI document has changed.
Conclusion
Treating an OpenAPI document as a Single Source of Truth, utilising the right tools and providing automation with those tools gives our teams superpowers. We will spend less time trying to integrate and more time on the things that matter, like User Experiences, for example.
By using OpenAPI, we create full cross-programming language end-to-end type safety between API providers and consumers.
In next part of this series, we will take a look of a real-world example of how we can use OpenAPI in a front-end project.
Upcoming events
The Test Automation Meetup
PLEASE RSVP SO THAT WE KNOW HOW MUCH FOOD WE WILL NEED Test automation is a cornerstone of effective software development. It's about creating robust, predictable test suites that enhance quality and reliability. By diving into automation, you're architecting systems that ensure consistency and catch issues early. This expertise not only improves the development process but also broadens your skillset, making you a more versatile team member. Whether you're a developer looking to enhance your testing skills or a QA professional aiming to dive deeper into automation, RSVP for an evening of learning, delicious food, and the fusion of coding and quality assurance! 🚀🚀 18:00 – 🚪 Doors open to the public 18:15 – 🍕 Let’s eat 19:00 – 📢 First round of Talks 19:45 – 🍹 Small break 20:00 – 📢 Second round of Talks 20:45 – 🍻 Drinks 21:00 – 🙋♀️ See you next time? First Round of Talks: The Power of Cross-browser Component Testing - Clarke Verdel, SR. Front-end Developer at iO How can you use Component Testing to ensure consistency cross-browser? Second Round of Talks: Omg who wrote this **** code!? - Erwin Heitzman, SR. Test Automation Engineer at Rabobank How can tests help you and your team? Beyond the Unit Test - Christian Würthner, SR. Android Developer at iO How can you do advanced automated testing for, for instance, biometrics? RSVP now to secure your spot, and let's explore the fascinating world of test automation together!
| Coven of Wisdom - Amsterdam
Go to page for The Test Automation MeetupCoven of Wisdom - Herentals - Winter `24 edition
Worstelen jij en je team met automated testing en performance? Kom naar onze meetup waar ervaren sprekers hun inzichten en ervaringen delen over het bouwen van robuuste en efficiënte applicaties. Schrijf je in voor een avond vol kennis, heerlijk eten en een mix van creativiteit en technologie! 🚀 18:00 – 🚪 Deuren open 18:15 – 🍕 Food & drinks 19:00 – 📢 Talk 1 20:00 – 🍹 Kleine pauze 20:15 – 📢 Talk 2 21:00 – 🙋♀️ Drinks 22:00 – 🍻 Tot de volgende keer? Tijdens deze meetup gaan we dieper in op automated testing en performance. Onze sprekers delen heel wat praktische inzichten en ervaringen. Ze vertellen je hoe je effectieve geautomatiseerde tests kunt schrijven en onderhouden, en hoe je de prestaties van je applicatie kunt optimaliseren. Houd onze updates in de gaten voor meer informatie over de sprekers en hun specifieke onderwerpen. Over iO Wij zijn iO: een groeiend team van experts die end-to-end-diensten aanbieden voor communicatie en digitale transformatie. We denken groot en werken lokaal. Aan strategie, creatie, content, marketing en technologie. In nauwe samenwerking met onze klanten om hun merken te versterken, hun digitale systemen te verbeteren en hun toekomstbestendige groei veilig te stellen. We helpen klanten niet alleen hun zakelijke doelen te bereiken. Samen verkennen en benutten we de eindeloze mogelijkheden die markten in constante verandering bieden. De springplank voor die visie is talent. Onze campus is onze broedplaats voor innovatie, die een omgeving creëert die talent de ruimte en stimulans geeft die het nodig heeft om te ontkiemen, te ontwikkelen en te floreren. Want werken aan de infinite opportunities van morgen, dat doen we vandaag.
| Coven of Wisdom Herentals
Go to page for Coven of Wisdom - Herentals - Winter `24 editionMastering Event-Driven Design
PLEASE RSVP SO THAT WE KNOW HOW MUCH FOOD WE WILL NEED Are you and your team struggling with event-driven microservices? Join us for a meetup with Mehmet Akif Tütüncü, a senior software engineer, who has given multiple great talks so far and Allard Buijze founder of CTO and founder of AxonIQ, who built the fundaments of the Axon Framework. RSVP for an evening of learning, delicious food, and the fusion of creativity and tech! 🚀 18:00 – 🚪 Doors open to the public 18:15 – 🍕 Let’s eat 19:00 – 📢 Getting Your Axe On Event Sourcing with Axon Framework 20:00 – 🍹 Small break 20:15 – 📢 Event-Driven Microservices - Beyond the Fairy Tale 21:00 – 🙋♀️ drinks 22:00 – 🍻 See you next time? Details: Getting Your Axe On - Event Sourcing with Axon Framework In this presentation, we will explore the basics of event-driven architecture using Axon Framework. We'll start by explaining key concepts such as Event Sourcing and Command Query Responsibility Segregation (CQRS), and how they can improve the scalability and maintainability of modern applications. You will learn what Axon Framework is, how it simplifies implementing these patterns, and see hands-on examples of setting up a project with Axon Framework and Spring Boot. Whether you are new to these concepts or looking to understand them more, this session will provide practical insights and tools to help you build resilient and efficient applications. Event-Driven Microservices - Beyond the Fairy Tale Our applications need to be faster, better, bigger, smarter, and more enjoyable to meet our demanding end-users needs. In recent years, the way we build, run, and operate our software has changed significantly. We use scalable platforms to deploy and manage our applications. Instead of big monolithic deployment applications, we now deploy small, functionally consistent components as microservices. Problem. Solved. Right? Unfortunately, for most of us, microservices, and especially their event-driven variants, do not deliver on the beautiful, fairy-tale-like promises that surround them.In this session, Allard will share a different take on microservices. We will see that not much has changed in how we build software, which is why so many “microservices projects” fail nowadays. What lessons can we learn from concepts like DDD, CQRS, and Event Sourcing to help manage the complexity of our systems? He will also show how message-driven communication allows us to focus on finding the boundaries of functionally cohesive components, which we can evolve into microservices should the need arise.
| Coven of Wisdom - Utrecht
Go to page for Mastering Event-Driven Design