template.yaml

AWSTemplateFormatVersion: 2010-09-09
Description: >-
  postman-api-testing-sam

Transform:
- AWS::Serverless-2016-10-31

Parameters:
  TestName:
    Type: String
    Default: MyService
  SecretId:
    Type: String
    Default: /secret/api-tests/MyService
  ReportsFolder:
    Type: String
    Default: reports
  Timeout:
    Type: Number
    Default: 60
  MemorySize:
    Type: Number
    Default: 1024
    MinValue: 128
    MaxValue: 10240
  TestSchedule:
    Type: String
    Default: rate(1 minute)
  MetricName:
    Type: String
    Default: MyServiceTestFailureCount
  Namespace:
    Type: String
    Default: ApiTests
  SecretKeys:
    Type: String
    Default: ''


Globals:
  Function:
    Layers:
      - !Ref RuntimeDependenciesLayer
    Runtime: nodejs18.x

Resources:  
  RuntimeDependenciesLayer:
    Type: AWS::Serverless::LayerVersion
    Metadata:
      BuildMethod: makefile
    Properties:
      Description: Runtime dependencies for Lambdas
      ContentUri: ./
      CompatibleRuntimes:
        - nodejs18.x

  ScheduledApiTestingHandler:
    Type: AWS::Serverless::Function
    Metadata:
      BuildMethod: makefile
    Properties:
      Description: A Lambda function that runs API tests based on postman collections.
      Runtime: nodejs18.x
      Architectures:
        - x86_64
      Handler: dist/handlers/api-testing-handler.handler
      Environment:
        Variables:
          S3_BUCKET_NAME: !Ref Bucket
          S3_DESTINATION_PREFIX: !Ref TestName
          ENVIRONMENT_FILENAME: postman_environment.json
          GLOBALS_FILENAME: postman_globals.json
          COLLECTION_FILENAME: postman_collection.json
          SECRET_ID: !Ref SecretId
          REPORTS_FOLDER: !Ref ReportsFolder
          METRIC_NAME: !Ref MetricName
          METRIC_NAMESPACE: !Ref Namespace
          SECRET_KEYS: !Ref SecretKeys
      Events:
        CloudWatchEvent:
          Type: Schedule
          Properties:
            Schedule: !Ref TestSchedule
      MemorySize: !Ref MemorySize
      Timeout: !Ref Timeout
      Policies:
        - S3CrudPolicy:
            BucketName: 
              !Ref Bucket
        - CloudWatchPutMetricPolicy: {}
        - AWSSecretsManagerGetSecretValuePolicy:
            SecretArn: !Ref Secrets

  Bucket:
    Type: AWS::S3::Bucket

  ApiTestFailureAlarm:
    Type: AWS::CloudWatch::Alarm
    Properties:
      AlarmDescription: API test failure alarm
      AlarmName: !Join 
        - ''
        - - !Ref TestName 
          - 'Failed'
      ComparisonOperator: GreaterThanOrEqualToThreshold
      DatapointsToAlarm: 1
      EvaluationPeriods: 1
      Threshold: 1
      Period: 60
      TreatMissingData: breaching
      Statistic: Sum
      Unit: Count
      Namespace: !Ref Namespace
      MetricName: !Ref MetricName

  Secrets:
    Type: AWS::SecretsManager::Secret
    Properties:
      Name: !Ref SecretId
      Description: "Your test secrets."
      SecretString: '{}'

Outputs:
  S3Bucket:
    Description: "Store your test assets at this bucket folder."
    Value: !Join
      - ''
      - - !Ref Bucket
        - '/'
        - !Ref TestName