azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-04-22 22:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
34eba48b4577b06bb295b1e7b979f05746bf62b7
admin/_docs/02_tasks/done/AZ-195_resilience_perf_tests.md
T
Oleksandr Bezdieniezhnykh d320d6dd59 [AZ-189] [AZ-190] [AZ-191] [AZ-192] [AZ-193] [AZ-194] [AZ-195] Add e2e blackbox test suite 
Made-with: Cursor
2026-04-16 06:25:36 +03:00

3.0 KiB
Raw Blame History

Resilience & Performance Tests

Task: AZ-195_resilience_perf_tests Name: Resilience & Performance Tests Description: Implement resilience tests (DB recovery, malformed JWT, concurrency) and performance/resource limit tests Complexity: 5 points Dependencies: AZ-189_test_infrastructure, AZ-190_auth_tests Component: Blackbox Tests Tracker: AZ-195 Epic: AZ-188

Problem

The system's behavior under failure conditions, load, and resource limits is untested.

Outcome

  • API survives database outage and recovers (NFT-RES-01)
  • Malformed JWT tokens don't crash the system (NFT-RES-02)
  • Concurrent hardware binding doesn't corrupt data (NFT-RES-03)
  • Login latency stays under threshold (NFT-PERF-01)
  • Resource download latency acceptable (NFT-PERF-02, NFT-PERF-03)
  • Max file size boundary enforced (NFT-RES-LIM-01, NFT-RES-LIM-02)
  • Memory stays bounded during encryption (NFT-RES-LIM-03)

Scope

Included

  • Database loss/recovery resilience test
  • Malformed JWT handling
  • Concurrent hardware binding race condition
  • Login endpoint performance under load
  • Resource download performance (small + large files)
  • Upload file size boundary (200 MB / 201 MB)
  • Memory usage during large file encryption

Excluded

  • User list performance under high user count (NFT-PERF-04 — deferred, requires bulk seed data)

Acceptance Criteria

AC-1: DB recovery Given the API is running When the database container is stopped and restarted Then the API returns errors during outage but recovers within 10s of DB restoration

AC-2: Malformed JWT Given various invalid Authorization headers When protected endpoints are called Then all return HTTP 401, system remains operational

AC-3: Concurrent hardware Given a user with no hardware When two concurrent hardware check requests arrive Then no data corruption; subsequent requests behave consistently

AC-4: Login latency Given 10 concurrent login requests When 100 total requests complete Then p95 latency < 500ms

AC-5: Max upload accepted Given a 200 MB file When POST /resources/testfolder Then HTTP 200

AC-6: Over-max upload rejected Given a 201 MB file When POST /resources/testfolder Then HTTP 413

Blackbox Tests

AC Ref Initial Data/Conditions What to Test Expected Behavior NFR References
AC-1 Running system Stop/restart DB Error then recovery
AC-2 Various bad tokens Protected endpoints HTTP 401, no crash
AC-3 Unbound user Concurrent /resources/check Consistent state
AC-4 10 concurrent users 100 login requests p95 < 500ms
AC-5 200 MB file Upload HTTP 200
AC-6 201 MB file Upload HTTP 413

Risks & Mitigation

Risk 1: Docker container manipulation in tests

  • Risk: Tests need to stop/start the DB container programmatically
  • Mitigation: Use Docker SDK or shell commands from test fixture to control containers
Reference in New Issue View Git Blame Copy Permalink