qa-ai-repo 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/test-pyramid/agents/test-architect.md +44 -0
- package/test-pyramid/objective.json +4 -0
- package/test-pyramid/skills/test-pyramid/SKILL.md +72 -0
- package/test-pyramid/skills/test-pyramid/layer-test-matrix.md +50 -0
- package/test-pyramid/skills/test-pyramid/plan-template.md +58 -0
package/package.json
CHANGED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: test-architect
|
|
3
|
+
description: Use to analyze a full-stack application (frontend, backend, middleware) and produce a complete test pyramid strategy — what to test in the FE, what in the BE, what at the middleware/seams, and at which level. It inspects the codebase, maps the layers, and writes a per-layer test plan with tooling and CI wiring.
|
|
4
|
+
tools: Read, Grep, Glob, Bash, Write
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
You are a test architect. You design testing for an application as a whole
|
|
8
|
+
system of layers, so every behavior is verified at the lowest effective level
|
|
9
|
+
and seams are covered by contracts rather than heavy end-to-end tests.
|
|
10
|
+
|
|
11
|
+
## Process
|
|
12
|
+
|
|
13
|
+
1. **Discover the architecture.** Inspect the repo to identify each layer and its
|
|
14
|
+
stack: frontend framework/state/routing; backend services, API style, data
|
|
15
|
+
stores; middleware (gateway/BFF, auth, queues/event bus, cache, workers,
|
|
16
|
+
third-party integrations). Read package manifests, framework configs, `src/`
|
|
17
|
+
layout, infra/compose files, and CI. Confirm findings; don't assume.
|
|
18
|
+
2. **Inventory current tests** and their pyramid shape (unit vs integration vs
|
|
19
|
+
E2E). Flag if it's inverted (mostly slow E2E).
|
|
20
|
+
3. **List behaviors per layer**, then assign each to the **lowest** level that
|
|
21
|
+
can prove it:
|
|
22
|
+
- pure logic/rendering/validation → unit
|
|
23
|
+
- needs a real collaborator (DB, rendered tree + network, queue) → integration/component
|
|
24
|
+
- agreement across a boundary → contract (Pact / OpenAPI / AsyncAPI)
|
|
25
|
+
- only a full critical journey → E2E (keep to a handful)
|
|
26
|
+
4. **Cover every seam with a contract** instead of re-testing both sides via E2E.
|
|
27
|
+
5. **Write `TEST-PYRAMID.md`** with: architecture map; FE / BE / middleware test
|
|
28
|
+
plans (concrete tests + tools); a seams→contracts table; the few E2E journeys;
|
|
29
|
+
target proportions vs. current gap; tooling summary; and a Now/Next/Later
|
|
30
|
+
build order with owners.
|
|
31
|
+
|
|
32
|
+
## Principles
|
|
33
|
+
|
|
34
|
+
- Push tests down; contracts replace integration E2E.
|
|
35
|
+
- Test behavior, not implementation — especially in the FE (assert what the user
|
|
36
|
+
sees, not internal state), and never drive backend rules through the UI.
|
|
37
|
+
- Concentrate depth on revenue/safety-critical flows.
|
|
38
|
+
- Be specific: name the actual modules/endpoints/queues to cover and the tool for
|
|
39
|
+
each, not generic advice.
|
|
40
|
+
|
|
41
|
+
## Report
|
|
42
|
+
|
|
43
|
+
The path to `TEST-PYRAMID.md`, the layers found, the biggest coverage gaps, and
|
|
44
|
+
the top 3 tests to add first.
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
{
|
|
2
|
+
"title": "Full-Stack Test Pyramid Strategy",
|
|
3
|
+
"description": "Analyze an application end to end — frontend, backend, and middleware — and produce a complete test pyramid: exactly what to test at each layer and each level (unit, integration/component, contract, E2E), where each behavior belongs, and which tools to use."
|
|
4
|
+
}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: test-pyramid
|
|
3
|
+
description: Analyze a full-stack application (frontend, backend, middleware) and design a complete test pyramid — deciding exactly which tests belong in the FE, which in the BE, which at middleware/seams, and at what level (unit, integration/component, contract, E2E). Use when asked to "design a testing strategy for the whole app", "what should we test where", "build a test pyramid", or to rebalance an inverted (E2E-heavy) suite.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Full-Stack Test Pyramid
|
|
7
|
+
|
|
8
|
+
Design testing for an application **as a whole system of layers**, not one suite.
|
|
9
|
+
The goal: every behavior is tested at the **lowest level that can meaningfully
|
|
10
|
+
verify it**, seams are covered by **contract tests**, and only a handful of
|
|
11
|
+
journeys reach **end-to-end**. See `layer-test-matrix.md` for the full
|
|
12
|
+
layer × level grid of what to test and which tools to use.
|
|
13
|
+
|
|
14
|
+
## Method
|
|
15
|
+
|
|
16
|
+
1. **Map the architecture.** Identify each layer and its technology:
|
|
17
|
+
- **Frontend** — SPA/SSR framework, state management, design system, routes.
|
|
18
|
+
- **Backend** — services, APIs (REST/GraphQL/gRPC), domain logic, data stores.
|
|
19
|
+
- **Middleware** — API gateway/BFF, auth, message queues/event bus, caching,
|
|
20
|
+
service mesh, background workers, third-party integrations.
|
|
21
|
+
Inspect the repo (package manifests, framework configs, `src/` layout, CI) and
|
|
22
|
+
confirm rather than assume.
|
|
23
|
+
|
|
24
|
+
2. **List behaviors per layer**, then **assign each to the lowest suitable
|
|
25
|
+
level** using this decision order:
|
|
26
|
+
- Pure logic / rendering / validation → **unit**.
|
|
27
|
+
- Behavior that needs a real collaborator (DB, rendered tree + network, queue)
|
|
28
|
+
→ **integration / component**.
|
|
29
|
+
- Agreement across a boundary (FE↔API, service↔service, producer↔consumer)
|
|
30
|
+
→ **contract** (Pact / OpenAPI / AsyncAPI) — this is what lets you keep E2E small.
|
|
31
|
+
- Only a full critical user journey that no lower level can prove → **E2E**.
|
|
32
|
+
|
|
33
|
+
3. **Cover the seams, not the internals twice.** Where two layers meet, use a
|
|
34
|
+
contract test once instead of re-testing both sides through E2E.
|
|
35
|
+
|
|
36
|
+
4. **Set the shape.** Aim for a true pyramid, roughly:
|
|
37
|
+
- ~70% unit · ~20% integration/component · <10% contract+E2E (E2E a small
|
|
38
|
+
handful). If the current suite is an inverted "ice-cream cone" (mostly E2E),
|
|
39
|
+
call it out and give the rebalancing plan.
|
|
40
|
+
|
|
41
|
+
5. **Output the plan** using `plan-template.md`: per-layer test lists, the seam
|
|
42
|
+
contracts, the few E2E journeys, target proportions, tooling, CI wiring, and
|
|
43
|
+
what to build first.
|
|
44
|
+
|
|
45
|
+
## What goes where (summary — detail in `layer-test-matrix.md`)
|
|
46
|
+
|
|
47
|
+
- **Frontend:** unit test component logic/hooks/reducers/utils; component-test
|
|
48
|
+
rendered UI with mocked network (Testing Library + MSW), accessibility (axe),
|
|
49
|
+
and visual regression; **consumer contract** tests against the API; a few E2E
|
|
50
|
+
journeys. Do NOT drive backend business rules through the UI.
|
|
51
|
+
- **Backend:** unit test domain/business logic and validators; integration-test
|
|
52
|
+
repositories and route handlers against a real (containerized) DB and real
|
|
53
|
+
adapters; **provider contract** verification + OpenAPI/schema conformance;
|
|
54
|
+
service/component tests with downstreams mocked.
|
|
55
|
+
- **Middleware:** unit test routing/transformation/auth/rate-limit logic;
|
|
56
|
+
integration-test queue producers/consumers, gateway routing, and cache
|
|
57
|
+
behavior with real infra (Testcontainers); **message/event contracts**
|
|
58
|
+
(AsyncAPI, Pact message pacts); resilience tests for retries, timeouts,
|
|
59
|
+
circuit breakers, and idempotency.
|
|
60
|
+
- **Cross-cutting (top):** a small set of full E2E journeys, plus performance/
|
|
61
|
+
load (k6) and security (SAST/DAST) as their own tracks.
|
|
62
|
+
|
|
63
|
+
## Principles
|
|
64
|
+
|
|
65
|
+
- **Push tests down.** A bug catchable by a unit test should not need an E2E.
|
|
66
|
+
- **Contracts replace integration E2E.** Seams verified by contracts let you
|
|
67
|
+
delete most cross-service E2E.
|
|
68
|
+
- **Test behavior, not implementation.** Especially in the FE — assert what the
|
|
69
|
+
user sees, not internal state.
|
|
70
|
+
- **Isolation + speed at the base**, realism concentrated at the seams, breadth
|
|
71
|
+
only at the tip.
|
|
72
|
+
- **Right-size to risk:** put the extra depth on revenue/safety-critical flows.
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
# Layer × Level Test Matrix
|
|
2
|
+
|
|
3
|
+
For each layer, what to test at each pyramid level and typical tools. Assign each
|
|
4
|
+
behavior to the **lowest** level that can prove it.
|
|
5
|
+
|
|
6
|
+
## Frontend (UI)
|
|
7
|
+
|
|
8
|
+
| Level | What to test in the FE | Tools |
|
|
9
|
+
|-------|------------------------|-------|
|
|
10
|
+
| Unit | Pure logic: hooks, reducers/stores, selectors, formatters, validation, utility fns | Jest / Vitest |
|
|
11
|
+
| Component / integration | Rendered components & flows with **network mocked**; forms, conditional UI, routing; accessibility; visual regression | Testing Library, MSW, jest-axe, Storybook + Playwright/Chromatic snapshots |
|
|
12
|
+
| Contract (consumer) | The shape/behavior the FE expects from each API it calls | Pact (consumer), or types generated from OpenAPI/GraphQL schema |
|
|
13
|
+
| E2E | A few critical user journeys through the real app | Playwright / Cypress |
|
|
14
|
+
|
|
15
|
+
**Don't** test backend business rules or data validation *through* the UI — mock
|
|
16
|
+
the API and test those rules in the BE.
|
|
17
|
+
|
|
18
|
+
## Backend (services / APIs)
|
|
19
|
+
|
|
20
|
+
| Level | What to test in the BE | Tools |
|
|
21
|
+
|-------|------------------------|-------|
|
|
22
|
+
| Unit | Domain/business logic, calculations, state machines, validators, mappers — no I/O | Jest/Vitest, Pytest, JUnit, Go test, RSpec |
|
|
23
|
+
| Integration | Repositories/ORM against a **real DB**, route/controller handlers, external adapters, migrations | Testcontainers, Supertest, test DB, WireMock for third parties |
|
|
24
|
+
| Contract (provider) | Verify the provider satisfies every consumer contract; conform to the published OpenAPI/GraphQL schema | Pact (provider verification), Schemathesis, Dredd, oasdiff |
|
|
25
|
+
| Component / service | The whole service in isolation with downstreams stubbed | in-process HTTP + mocked deps |
|
|
26
|
+
|
|
27
|
+
## Middleware (gateway / queues / auth / cache / workers)
|
|
28
|
+
|
|
29
|
+
| Level | What to test in middleware | Tools |
|
|
30
|
+
|-------|----------------------------|-------|
|
|
31
|
+
| Unit | Routing/transformation rules, auth/authorization middleware, rate limiting, serialization | framework test runner |
|
|
32
|
+
| Integration | Queue producers/consumers, event handlers, gateway routing/BFF aggregation, cache read/write/invalidation | Testcontainers (Kafka/RabbitMQ/Redis), LocalStack |
|
|
33
|
+
| Contract (message/event) | Event & message schemas between producers and consumers | AsyncAPI validation, Pact message pacts |
|
|
34
|
+
| Resilience | Retries, timeouts, circuit breakers, idempotency, dead-letter handling, backpressure | Toxiproxy, fault-injection, chaos tests |
|
|
35
|
+
|
|
36
|
+
## Cross-cutting (top of the pyramid — keep small)
|
|
37
|
+
|
|
38
|
+
| Concern | What | Tools |
|
|
39
|
+
|---------|------|-------|
|
|
40
|
+
| E2E journeys | A handful of full-stack critical paths only | Playwright / Cypress |
|
|
41
|
+
| Performance / load | Throughput, latency, soak, spike | k6, Gatling, Locust |
|
|
42
|
+
| Security | SAST, dependency scan, DAST | Semgrep/CodeQL, Snyk/Dependabot, OWASP ZAP |
|
|
43
|
+
| Accessibility | End-to-end a11y on key flows | axe, Lighthouse CI |
|
|
44
|
+
|
|
45
|
+
## Target shape
|
|
46
|
+
|
|
47
|
+
- ~70% unit · ~20% integration/component · ~7% contract · ~3% E2E (a small,
|
|
48
|
+
fixed set). Contracts do the heavy lifting at seams so E2E stays tiny.
|
|
49
|
+
- Inverted suite (mostly slow E2E)? Push each E2E down: replace with a component
|
|
50
|
+
test (FE), an integration test (BE), or a contract test (seam) wherever possible.
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# Test Pyramid Strategy — <Application Name>
|
|
2
|
+
|
|
3
|
+
> Generated <date> · Scope: frontend + backend + middleware
|
|
4
|
+
|
|
5
|
+
## 0. Architecture map
|
|
6
|
+
Layers detected and their tech:
|
|
7
|
+
- **Frontend:** framework, state, routing, design system.
|
|
8
|
+
- **Backend:** services, API style (REST/GraphQL/gRPC), data stores.
|
|
9
|
+
- **Middleware:** gateway/BFF, auth, queues/event bus, cache, workers, 3rd parties.
|
|
10
|
+
Diagram or bullet list of how requests/events flow across layers.
|
|
11
|
+
|
|
12
|
+
## 1. Frontend test plan
|
|
13
|
+
- **Unit:** <hooks/reducers/utils/validators to cover> — tool.
|
|
14
|
+
- **Component/integration:** <rendered flows, forms, a11y, visual> — tool.
|
|
15
|
+
- **Consumer contracts:** <each API the FE consumes> — tool.
|
|
16
|
+
- Explicitly **not** in the FE: <backend rules to push down>.
|
|
17
|
+
|
|
18
|
+
## 2. Backend test plan
|
|
19
|
+
- **Unit:** <domain logic, calculations, validators>.
|
|
20
|
+
- **Integration:** <repositories, handlers, adapters, migrations> — real DB via Testcontainers.
|
|
21
|
+
- **Provider contracts / schema conformance:** <APIs to verify>.
|
|
22
|
+
- **Service/component:** <services to test in isolation>.
|
|
23
|
+
|
|
24
|
+
## 3. Middleware test plan
|
|
25
|
+
- **Unit:** <routing/auth/rate-limit/transform logic>.
|
|
26
|
+
- **Integration:** <queues, gateway, cache> with real infra.
|
|
27
|
+
- **Message/event contracts:** <topics/queues and their schemas>.
|
|
28
|
+
- **Resilience:** <retries, timeouts, circuit breakers, idempotency>.
|
|
29
|
+
|
|
30
|
+
## 4. Seams & contracts (the glue)
|
|
31
|
+
Table of every boundary → contract that covers it, so E2E can stay small.
|
|
32
|
+
| Seam | Consumer | Provider | Contract |
|
|
33
|
+
|------|----------|----------|----------|
|
|
34
|
+
| FE ↔ Orders API | web app | orders-svc | Pact / OpenAPI |
|
|
35
|
+
| orders-svc ↔ payments | orders-svc | payments-svc | Pact |
|
|
36
|
+
| orders-svc → events | producer | notif-worker | AsyncAPI / message pact |
|
|
37
|
+
|
|
38
|
+
## 5. End-to-end journeys (keep to a handful)
|
|
39
|
+
List the few critical full-stack paths that justify E2E, and why each can't be
|
|
40
|
+
covered lower down.
|
|
41
|
+
|
|
42
|
+
## 6. Cross-cutting
|
|
43
|
+
Performance/load, security (SAST/DAST/deps), accessibility — owners and cadence.
|
|
44
|
+
|
|
45
|
+
## 7. Target proportions & current gap
|
|
46
|
+
| Level | Target | Now | Action |
|
|
47
|
+
|-------|--------|-----|--------|
|
|
48
|
+
| Unit | ~70% | ? | |
|
|
49
|
+
| Integration/component | ~20% | ? | |
|
|
50
|
+
| Contract | ~7% | ? | |
|
|
51
|
+
| E2E | ~3% | ? | |
|
|
52
|
+
Note if the current suite is inverted and the rebalancing moves.
|
|
53
|
+
|
|
54
|
+
## 8. Tooling summary
|
|
55
|
+
Per layer: chosen runners, mocking, contract tooling, CI reporting.
|
|
56
|
+
|
|
57
|
+
## 9. Build order (Now / Next / Later)
|
|
58
|
+
Concrete first tests to add, then build-out, then hardening — with owners.
|