Pact Testing Guide: Consumer-Driven Contract Testing Explained
Microservice architectures break monoliths into independently deployable services. The benefit is autonomy — teams deploy their services without coordinating with every other team. The risk is integration failures — service A upgrades its API and breaks service B, which nobody discovered until production.
Contract testing with Pact solves this problem. This guide explains how Pact works, when to use it, and how to integrate it into your development workflow.
What Is Contract Testing?
A contract is an agreed-upon specification of how a consumer (the caller) expects to interact with a provider (the service). Contract testing verifies that both sides honor this agreement independently, without needing them to run simultaneously.
Consumer-driven means the consumer defines the contract based on what it actually needs — not what the provider exposes. This prevents providers from having to support every field they've ever added for every consumer that might theoretically use it.
Traditional integration testing runs both services simultaneously and tests real HTTP calls. This is slow, fragile (both services must be available), and doesn't tell you which consumer would break when a provider changes.
Contract testing replaces this with:
- Consumer generates a contract (pact file) from its tests
- Provider verifies the pact file against its actual implementation
- No live inter-service calls required
How Pact Works
Step 1 — Consumer writes tests:
The consumer (e.g., an order service calling a user service) writes tests that define the expected interaction. Pact runs a mock provider during these tests and records the interactions as a pact file:
consumer: "order-service"
provider: "user-service"
interactions:
- description: "get user by ID"
request:
method: GET
path: /users/123
response:
status: 200
body:
id: 123
name: "Alice"
email: "alice@example.com"Step 2 — Pact file is published:
The consumer publishes the pact file to a Pact Broker (a central repository of contracts).
Step 3 — Provider verifies:
The provider pulls pact files for all consumers from the Broker and verifies its actual implementation satisfies each interaction. It starts a real instance of the provider service, replays each request from the pact file, and checks the response matches.
If the provider changes its response format in a way that breaks the contract, the verification fails before any deployment happens.
When to Use Contract Testing
Contract testing is valuable when:
- Multiple consumers use the same provider. If only one consumer calls an API, integration tests or E2E tests may be sufficient.
- Teams deploy independently. If consumer and provider teams release together, the coordination problem is less severe.
- Services evolve frequently. Stable, infrequently-changed APIs don't need the overhead.
- Bi-directional communication. Both sides need confidence about the other's behavior.
Contract testing is not a replacement for:
- Unit tests (internal logic)
- E2E tests (full user flows across multiple services)
- Load tests (performance characteristics)
It specifically addresses the "will my service break when a dependency changes?" question.
Pact vs. Schema Validation
A common alternative is schema validation — define an OpenAPI/JSON Schema spec, validate consumer calls against it, validate provider responses against it.
Schema validation catches malformed requests and responses. It doesn't catch semantic issues: a provider could change the meaning of a field (e.g., status: "active" starts meaning something different), or remove a field that wasn't in the schema because it was "optional."
Consumer-driven contracts are tighter — they capture exactly what each consumer actually uses, not what the provider thinks it provides.
The Pact Broker
The Pact Broker is a central service that stores pact files, tracks verification results, and manages deployability:
- Consumers publish pacts after successful consumer tests
- Providers fetch pacts to verify
- Verification results are published back
- The
can-i-deploytool checks whether it's safe to deploy a version based on verification status
Self-host Pact Broker (open source) or use PactFlow (managed SaaS with additional features like bidirectional contracts and webhooks).
Pact in Practice: The Deploy Safety Check
# After consumer publishes a pact file, can the current version deploy?
pact-broker can-i-deploy \
--pacticipant order-service \
--version <span class="hljs-variable">$GIT_SHA \
--to-environment production
<span class="hljs-comment"># After provider verifies, same question for the provider
pact-broker can-i-deploy \
--pacticipant user-service \
--version <span class="hljs-variable">$GIT_SHA \
--to-environment productioncan-i-deploy checks that all consumers of this provider version have had their pacts verified. If not, it exits non-zero and blocks the deployment.
Consumer-Driven vs. Provider-Driven Contracts
Consumer-driven: Consumer writes the contract. Provider verifies. Ensures provider doesn't break consumers without knowing it. (Pact's approach)
Provider-driven: Provider publishes an OpenAPI spec. Consumer validates its usage against the spec. PactFlow's bidirectional contracts support this model.
Consumer-driven is better for teams where the provider can't anticipate all consumer needs. Provider-driven is better when the provider is an external API (e.g., a third-party payment gateway) that you don't control.
Practical Limitations
Test maintenance: Every consumer-provider interaction that matters needs a pact test. Large microservice graphs produce many pact files.
Not a silver bullet: Contract testing doesn't verify that the business logic is correct — it verifies that the API shapes match. A provider could return the right fields with wrong values.
Learning curve: Pact's model (mock provider, pact file, broker, verification) takes a week to understand thoroughly.
Stateful APIs: APIs that depend on prior state (e.g., "get order that was just created") are harder to contract test than stateless APIs.
Next Steps
The next posts in this series cover:
- Writing Pact tests in Node.js (consumer and provider side)
- Spring Cloud Contract for Java microservices
- Contract testing vs. integration testing: when each is right
- Consumer-driven contract testing patterns and best practices
HelpMeTest complements contract testing by verifying your deployed services through real user flows — catching integration issues that contract tests don't cover (race conditions, deployment ordering, infrastructure configuration differences).
Summary
Contract testing with Pact:
- Consumers define contracts based on what they actually use — not what they might use
- Pact files capture interactions (request + expected response)
- Providers verify pact files against their real implementation
- Pact Broker stores and manages contracts;
can-i-deployblocks unsafe deployments - No inter-service calls in contract tests — both sides test independently
Contract testing solves the specific problem of "will my change break a consumer?" It belongs alongside unit tests, integration tests, and E2E tests — not as a replacement for any of them.
