openapi to locust load test generator recipe

[Better-Boy]

Fixes #4725

[github-actions]

❌ Recipe Validation Failed

Please fix the validation errors and push your changes:

✅ openapi-to-locust.yaml: VALID\n❌ analyze-openapi.yaml: INVALID\n\nError: ✗ recipe file is invalid: Missing definitions for parameters in the recipe file: output_dir.\n\n❌ generate-locustfile.yaml: INVALID\n\nError: ✗ recipe file is invalid: Unnecessary parameter definitions: api_analysis, taskset_files.\n\n❌ generate-support-files.yaml: INVALID\n\nError: ✗ recipe file is invalid: Unnecessary parameter definitions: api_analysis.\n\n❌ generate-task-sets.yaml: INVALID\n\nError: ✗ recipe file is invalid: Unnecessary parameter definitions: api_analysis, openapi_spec_path.\n\n

📚 Check our Recipe Guide for help with the correct format.

[taniandjerry]

Thank you for the new PR, @Better-Boy ! And for addressing feedback. Pasting over my feedback from your previous PR to have as reference here

[taniandjerry]

The following needs to be addressed before this recipe can be merged:

• The DCO check is failing, which is required on all external contributions! You can follow instructions by clicking to see more details on the check. Let me know if you have questions on it!
• The recipe validation is failing. I believe this is because you are referencing activities that I don't believe are supported. sub_recipes is supported if that is what you were trying to do.

goose gave me the below examples:

Where you are using

activities:
  - name: validate-openapi-spec
    recipe: ./sub-recipes/validate-openapi-spec.yaml
    inputs:
      spec_path: "{{ openapi_spec_path }}"
    outputs:
      - spec_format

it could be something like

sub_recipes:
  - name: test_sub_recipe
    path: test_sub_recipe.yaml
    values:
      param1: value1

[github-actions]

🔍 Recipe Security Scan Results

✅ Status: APPROVED - All recipes passed security scan

📊 Scan Summary:

• Total recipes scanned: 5

📋 Individual Recipe Results:
✅ Recipe 1: APPROVED (LOW risk)
✅ Recipe 2: APPROVED (LOW risk)
✅ Recipe 3: APPROVED (LOW risk)
✅ Recipe 4: APPROVED (LOW risk)
✅ Recipe 5: APPROVED (LOW risk)

🔗 View detailed scan results in the workflow artifacts.

[Better-Boy]

Thank you for the new PR, @Better-Boy ! And for addressing feedback. Pasting over my feedback from your previous PR to have as reference here:

The following needs to be addressed before this recipe can be merged:

• The DCO check is failing, which is required on all external contributions! You can follow instructions by clicking to see more details on the check. Let me know if you have questions on it!
• The recipe validation is failing. I believe this is because you are referencing activities that I don't believe are supported. sub_recipes is supported if that is what you were trying to do.

goose gave me the below examples:

Where you are using

activities:
  - name: validate-openapi-spec
    recipe: ./sub-recipes/validate-openapi-spec.yaml
    inputs:
      spec_path: "{{ openapi_spec_path }}"
    outputs:
      - spec_format

it could be something like

sub_recipes:
  - name: test_sub_recipe
    path: test_sub_recipe.yaml
    values:
      param1: value1

@taniandjerry

• DCO check done
• the entire recipe is rewritten following the documentation
• will fix the recipe validation issues

[github-actions]

✅ Recipe Validation Passed

Your recipe(s) are valid and ready for review!

🔍 Next Steps:

1. Our team will review your recipe
2. If approved, we'll run a security scan
3. Once merged, you'll receive $10 in OpenRouter credits (if email provided)

Thanks for contributing to the goose Recipe Cookbook! 🎉

[github-actions]

🔍 Recipe Security Scan Results

❌ Status: BLOCKED - One or more recipes have MEDIUM risk or higher

⚠️ Merge Protection: This PR cannot be merged until security concerns are addressed.
Repository maintainers can override this decision if needed.

📊 Scan Summary:

• Total recipes scanned: 5
• Blocked recipes: 2

📋 Individual Recipe Results:
✅ Recipe 1: APPROVED (LOW risk)
✅ Recipe 2: APPROVED (LOW risk)
✅ Recipe 3: APPROVED (LOW risk)
✅ Recipe 4: APPROVED (LOW risk)
❌ Recipe 5: BLOCKED (CRITICAL risk)

🔗 View detailed scan results in the workflow artifacts.

[taniandjerry]

There are security issues with your recent changes, tagging teammates to also help review further @blackgirlbytes @EbonyLouis @dianed-square

[github-actions]

✅ Recipe Validation Passed

Your recipe(s) are valid and ready for review!

🔍 Next Steps:

1. Our team will review your recipe
2. If approved, we'll run a security scan
3. Once merged, you'll receive $10 in OpenRouter credits (if email provided)

Thanks for contributing to the goose Recipe Cookbook! 🎉

[github-actions]

🔍 Recipe Security Scan Results

✅ Status: APPROVED - All recipes passed security scan

📊 Scan Summary:

• Total recipes scanned: 5

📋 Individual Recipe Results:
✅ Recipe 1: APPROVED (LOW risk)
✅ Recipe 2: APPROVED (LOW risk)
✅ Recipe 3: APPROVED (LOW risk)
✅ Recipe 4: APPROVED (LOW risk)
✅ Recipe 5: APPROVED (LOW risk)

🔗 View detailed scan results in the workflow artifacts.

[Better-Boy]

There are security issues with your recent changes, tagging teammates to also help review further @blackgirlbytes @EbonyLouis @dianed-square

Looks like no security issue in the last run - #5447 (comment)

[taniandjerry]

Thank you for addressing the fixes! This looks good now. I see that the hardcoded credentials likely caused the security flag to pop up!

You fixed the recipe structure (activities → sub_recipes), the pathing, got that DCO check signed, and all the validation is passing! Thank you so much for your work and for contributing ❤️ ✅