Skip to content

Add live API monitoring to detect schema drift #87

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mattpodwysocki wants to merge 4 commits into from
Closed

Add live API monitoring to detect schema drift #87

mattpodwysocki wants to merge 4 commits into from

Conversation

@mattpodwysocki
Copy link
Contributor

@mattpodwysocki mattpodwysocki commented Jan 5, 2026
edited
Loading

Summary

Implements daily scheduled integration tests that make real API calls to detect schema drift and breaking changes from upstream Mapbox APIs.

This addresses the issue where Mapbox APIs don't follow strict semantic versioning - responses can change without notice, breaking our output schemas.

What This Adds

Monitoring System

  • Daily scheduled tests via GitHub Actions (midnight UTC)
  • Real API calls to SearchAndGeocode, CategorySearch, and ReverseGeocode APIs
  • Schema validation against our Zod output schemas
  • Automatic issue creation when failures are detected
  • Failure artifacts uploaded for investigation

Test Coverage

  • SearchAndGeocodeTool: 6 representative queries (Starbucks, Tokyo, addresses, generic terms)
  • CategorySearchTool: 5 common categories (restaurant, coffee, hotel, gas_station, parking)
  • ReverseGeocodeTool: 4 major cities (San Francisco, Tokyo, London, Paris)

Files

  • test/integration/live-api-monitoring.test.ts: Integration test suite
  • .github/workflows/api-monitoring.yml: Daily scheduled workflow
  • test/integration/README.md: Complete documentation
  • .gitignore: Excludes test/failures/ directory

How It Works

  1. Tests are skipped by default (set RUN_API_MONITORING=true to run)
  2. GitHub Actions runs them daily with proper credentials
  3. On validation failure:
    • Response saved to test/failures/ with timestamp
    • Artifacts uploaded (30-day retention)
    • GitHub issue created with labels: api-monitoring, schema-validation, needs-triage
  4. Maintainers download artifacts, review responses, update schemas

Security

Secret Protection (Public Repo)

The workflow uses MAPBOX_ACCESS_TOKEN secret safely through multiple protection layers:

GitHub's Built-in Protection (Primary):

  • ✅ Automatically redacts all registered secrets from logs with ***
  • ✅ Works even when tokens appear in URLs or error messages
  • ✅ Secrets never exposed to fork PRs or untrusted workflows
  • ✅ Encrypted at rest, secure transmission to runners

Defense in Depth Measures:

  • ✅ Explicit permissions block (least privilege: contents: read, issues: write, actions: read)
  • ✅ Non-verbose test output to minimize logged details
  • ✅ No logging to files that could leak sensitive data
  • ✅ Tests skipped by default (only run when explicitly enabled)

Note: Mapbox APIs require tokens as query parameters (not headers), so tokens appear in URLs. GitHub's automatic redaction masks these in all workflow logs before display.

Running Locally

# Run API monitoring tests
RUN_API_MONITORING=true npm test -- test/integration/live-api-monitoring.test.ts

# Check for failures
ls test/failures/

Relationship to PR #73

This complements PR #73's non-fatal validation approach:

Together they provide:

  • ✅ Resilient production behavior (users get data even with schema mismatches)
  • ✅ Early warning system (maintainers notified of drift)
  • ✅ Clear evidence for schema updates (failure artifacts show exact API responses)

Testing

All existing tests pass. The 3 new monitoring tests are properly skipped by default:

Test Files  33 passed | 1 skipped (34)
      Tests  392 passed | 3 skipped (395)

🤖 Generated with Claude Code

@mattpodwysocki @claude
Add live API monitoring to detect schema drift
bc70ac9 
Implements daily scheduled tests that make real API calls to detect
schema drift and breaking changes from upstream Mapbox APIs.

**Why this exists:**
Mapbox APIs don't follow strict semantic versioning - responses can
change without notice. This monitoring system provides early warning
when schemas drift, preventing production failures.

**How it works:**
- GitHub Actions runs daily at midnight UTC
- Tests call Mapbox APIs with representative queries
- Responses are validated against our Zod output schemas
- Failures are saved to test/failures/ for analysis
- GitHub issues are created automatically with failure details
- Test artifacts are uploaded for investigation

**Monitored tools:**
- SearchAndGeocodeTool (6 test queries)
- CategorySearchTool (5 test categories)
- ReverseGeocodeTool (4 test coordinates)

**Running locally:**
\`\`\`bash
RUN_API_MONITORING=true npm test -- test/integration/live-api-monitoring.test.ts
\`\`\`

**Files:**
- test/integration/live-api-monitoring.test.ts: Integration tests
- .github/workflows/api-monitoring.yml: Daily scheduled workflow
- test/integration/README.md: Complete documentation
- .gitignore: Exclude test/failures/ directory

This complements PR #73's non-fatal validation approach:
- PR #73 makes validation failures non-fatal (resilience)
- This PR detects schema drift early (observability)

Together they provide resilient production behavior and early warning
when schemas change.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
@mattpodwysocki mattpodwysocki requested a review from a team as a code owner January 5, 2026 15:51
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 5, 2026
View reviewed changes
mattpodwysocki and others added 3 commits January 5, 2026 11:08
@mattpodwysocki @claude
Add explicit permissions to workflow for security
f8b7230 
Addresses GitHub Advanced Security suggestion to follow principle
of least privilege by limiting GITHUB_TOKEN permissions.

Permissions added:
- contents: read - for checking out code
- issues: write - for creating/updating monitoring issues
- actions: read - for accessing workflow run information

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
@mattpodwysocki @claude
Remove verbose logging to reduce secret exposure risk
bc6cd38 
Removed:
- --reporter=verbose flag to minimize detailed output
- tee test-output.log to avoid writing sensitive data to disk

GitHub's automatic secret redaction will still protect the token,
but this reduces the attack surface by minimizing logged details.

Security improvements:
- Less verbose output = less potential for token leakage
- No file writing = no temporary sensitive data on disk
- Standard test reporter provides sufficient monitoring output

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
@mattpodwysocki
Merge branch 'main' into add-live-api-monitoring
4a9969d
@mattpodwysocki
Copy link
Contributor Author

mattpodwysocki commented Jan 5, 2026

Closing this PR - moving API monitoring to private repo (mapbox/mcp-server-private#105) where we can use verbose logging and store detailed failure artifacts without security concerns.

@mattpodwysocki mattpodwysocki deleted the add-live-api-monitoring branch January 5, 2026 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mattpodwysocki