feat: Add smoke tests for copi.owasp.org and cornucopia.owasp.org (fi…

[immortal71]

fixes #1265)

[Copilot]

Pull request overview

This PR adds smoke tests for the copi.owasp.org and cornucopia.owasp.org applications to verify basic functionality and availability of deployed services, addressing issue #1265.

Changes:

• Added smoke_tests.py with test classes for both applications to verify route accessibility and JavaScript functionality
• Added comprehensive README documentation for running and understanding the smoke tests
• Created dedicated smoke-tests.yaml workflow for scheduled and on-demand testing
• Integrated smoke tests into the existing run-tests.yaml workflow

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.

File	Description
tests/scripts/smoke_tests.py	Implements smoke test classes for copi.owasp.org, cornucopia.owasp.org, and integration tests between both applications
tests/scripts/README.md	Provides documentation on what the smoke tests check, how to run them, and their CI/CD integration
.github/workflows/smoke-tests.yaml	Creates a dedicated workflow for running smoke tests on a schedule, manual trigger, or when application code changes
.github/workflows/run-tests.yaml	Integrates smoke tests into the main test suite that runs on pull requests

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[sydseter]

Sorry I havent' been able to get back to you sooner. Thank you for your effort.
The smoke test need to run against a container in the pipeline (localhost), not production or stage. This means that the copi.owasp.org pipeline should provision two or possible one docker container with the database and the application, run smoke tests against it, if successful, the smoke test will abort the build.
We do not need smoke tests for cornucopia.owasp.org. The reason for that is that vite comes with built in smoke tests that fires up the server and check that all internal links on the website goes to live pages.

[immortal71]

@sydseter Thanks for the feedback. I’ll update this PR so the smoke tests run only against the Dockerized copi app and database in the CI pipeline (localhost) and not production or stage, and I’ll remove the cornucopia.owasp.org smoke tests because Vite’s checks already validate those routes

[sydseter]

Have a look at my comments.

[immortal71]

@sydseter done, can you check it ?

[immortal71]

@sydseter Is this good to go ??
-I have updated the run tests it should pass now , Can you check does it need some other changes ?

[immortal71]

@sydseter Is this good to go ??

[sydseter]

You still have commits that aren't verified.

[sydseter]

@immortal71

Your commits are still unsigned.
First, make sure you can get your commits with a verified signature by trying that out on a test branch.
E.g:

git checkout -b test
cat "test" > test.txt
git add test.txt
git commit -m "test"
git push origin test

You commit should have a verified label like this:

I am thinking that the reason you don't have a verified signature is because you are switching back and forth between your github accounts. Why are you doing that?

First make sure that the email associated with your private signing key is verified with your github account:

## In the case of ssh key
# change the path to correspond to the public key of the private key you are using. What is the email address?:
ssh-keygen -l -f ~/.ssh/id_rsa.pub
# or
cat ~/.ssh/id_rsa.pub

## In the case of GPG key
gpg --list-secret-keys --keyid-format=long

Go to https://github.com/settings/emails and make sure your email is listed there and verified. If not, make sure it is verified. If if you get an error saying that it is associated with another account, you will have two choices.

1. Switch to using your other github account where you have this email listed.
2. Create a new signing key and use it for the github account you are using now and make sure you switch keys depending on which github user account you are using.

For more info on git commit signing see: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits

You need to reset all the 21 commits you made like this:

1. Create a backup branch just in case

   git checkout feat/smoke-tests-1265
   git checkout -b feat/smoke-tests-1265-backup
   git checkout feat/smoke-tests-1265

2. reset the commits

   git reset --soft HEAD~21

3. add your changes

   git add .github/workflows/smoke-tests.yaml‎
   git add tests/scripts/smoke_tests.py
   git commit -m "New smoke tests for copi"
   git push -f origin feat/smoke-tests-1265-backup

4. Remove all the other files that got soft reset

   git checkout .
   git clean -fd

[immortal71]

@sydseter done !! thankyou for helping me out !!, I am not switching between accounts but I do had another account which i havnt used or login for more than 2 - 3 years ,maybe that was the reason

[sydseter]

Yes, that quickly happens. It's a hazzle.

[immortal71]

@sydseter Is this under review ?, does it need any changes ?

[sydseter]

@immortal71 Thank you so much for you time!