One of the current major issues with CFSSL development is the lack of automated API tests. The current set of tests will make sure that there are no functionality regressions inside the functions, but does not test whether or not the APIs that are exposed via serve are consistent.

This was attempted in the past (https://github.com/cloudflare/cfssl/pull/196/files), but some issues in the PR prevented it from being merged.

The basic regression tests for all the endpoints listed in https://github.com/cloudflare/cfssl/tree/master/doc/api should be covered with a strong preference for bundle and sign. The functionality of the APIs and JSON parsing should be tested. The inner logic of the packages should be tested with the package tests.