Making sure tests don't reach the outside world

Yesterday, I shared why we use phpunit.xml to configure our test environment.

Today, I want to continue with that topic, but talk about one specific type of configuration we always have in our test environment.

For every environment setting that allows us to interact with a third-party external system (think an API key or secret), we add that key to our phpunit.xml with a clearly fake value like do-not-use-this.

We already use Laravel's built-in method Http::preventStrayRequests, but not every external service call is made with Laravel's Http facade. This additional safeguard makes absolutely sure that nothing in our normal test suite can make a successful request to an external service.

We do write tests for external services, but those go in a separate test suite with its own version of phpunit.xml that has appropriate API keys in place for testing.

Here to help,

Joel

P.S. Testing is a topic that comes up a lot in the Mastering Laravel community. Join in the discussion!