Add automated security smoke tests for Genesis Conductor#4
Add automated security smoke tests for Genesis Conductor#4Igor Holt (igor-holt) wants to merge 2 commits into
Conversation
This script provides automated verification of the Fail-Closed security model: - Verifies protected routes reject unauthenticated access (307/401/403) - Confirms login page remains public and accessible - Validates internal service health and isolation - Checks system availability and reachability The smoke test can be run after deployment with: ./scripts/smoke.sh
Deploying with
|
| Status | Name | Latest Commit | Updated (UTC) |
|---|---|---|---|
| ❌ Deployment failed View logs |
q-mcp | 4d6b691 | Mar 14 2026, 11:33 AM |
There was a problem hiding this comment.
Pull request overview
This PR adds an automated security smoke test script for the Genesis Conductor application to verify the fail-closed security model after deployment. The script tests that protected routes properly reject unauthenticated access, the login page remains publicly accessible, and internal services are properly isolated.
Changes:
- Adds a new bash smoke test script (
scripts/smoke.sh) that validates authentication requirements, route protection, and service isolation - Tests for proper HTTP status codes (307/401/403) on protected routes when accessed without authentication
- Verifies internal service (Yennefer Agent on port 5000) is running locally
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Verifies Fail-Closed Logic & Route Protection | ||
|
|
||
| BASE_URL="http://localhost:3000" | ||
| INTERNAL_YENNEFER="http://localhost:5000" |
There was a problem hiding this comment.
The variable INTERNAL_YENNEFER is declared but never used in the script. Either remove this unused variable or implement the intended functionality that should use it.
| # It checks if the internal port is listening but clarifies it should NOT be exposed publicly. | ||
| echo "4. Internal Service Health (Localhost Check)..." | ||
| # We assert that the internal service is running, but rely on firewall rules for external blocking. | ||
| if lsof -i:5000 > /dev/null; then |
There was a problem hiding this comment.
The lsof command may not be available on all systems and will fail silently if missing. Add a check for lsof availability or use a more portable alternative like ss -ltn | grep :5000 or netstat -ltn | grep :5000 to improve cross-platform compatibility.
| if lsof -i:5000 > /dev/null; then | |
| PORT_5000_ACTIVE=false | |
| if command -v ss >/dev/null 2>&1; then | |
| if ss -ltn | grep -q ':5000'; then | |
| PORT_5000_ACTIVE=true | |
| fi | |
| elif command -v netstat >/dev/null 2>&1; then | |
| if netstat -ltn 2>/dev/null | grep -q ':5000'; then | |
| PORT_5000_ACTIVE=true | |
| fi | |
| elif command -v lsof >/dev/null 2>&1; then | |
| if lsof -i:5000 >/dev/null 2>&1; then | |
| PORT_5000_ACTIVE=true | |
| fi | |
| else | |
| echo -e "${COLOR_RED}[WARN] Cannot verify Yennefer Agent on port 5000: no suitable network tools (ss/netstat/lsof) found.${NC}" | |
| fi | |
| if [ "$PORT_5000_ACTIVE" = true ]; then |
| # It checks if the internal port is listening but clarifies it should NOT be exposed publicly. | ||
| echo "4. Internal Service Health (Localhost Check)..." | ||
| # We assert that the internal service is running, but rely on firewall rules for external blocking. | ||
| if lsof -i:5000 > /dev/null; then |
There was a problem hiding this comment.
The hardcoded port number 5000 is duplicated from line 7. Consider using the INTERNAL_YENNEFER variable or extracting the port to a separate variable (e.g., INTERNAL_PORT=5000) to avoid duplication and improve maintainability.
|
|
||
| # 1. Check if App is Running | ||
| echo "1. Checking System Availability..." | ||
| HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" "$BASE_URL") |
There was a problem hiding this comment.
The script does not check if curl is installed before using it. Add a dependency check at the beginning of the script to verify that curl is available, or the script will fail with unclear error messages.
| for route in "${PROTECTED_ROUTES[@]}"; do | ||
| # We expect a redirect (307) to login or a 401/403 depending on your middleware config | ||
| # For this specific stack, Middleware redirects to /login on page loads | ||
| CODE=$(curl -s -o /dev/null -w "%{http_code}" "$BASE_URL$route") |
There was a problem hiding this comment.
The script does not check if curl is installed before using it. Add a dependency check at the beginning of the script to verify that curl is available, or the script will fail with unclear error messages.
|
|
||
| # 3. Verify Login Page is Public | ||
| echo "3. Verifying Login Page Accessibility..." | ||
| CODE=$(curl -s -o /dev/null -w "%{http_code}" "$BASE_URL/login") |
There was a problem hiding this comment.
The script does not check if curl is installed before using it. Add a dependency check at the beginning of the script to verify that curl is available, or the script will fail with unclear error messages.
| # It checks if the internal port is listening but clarifies it should NOT be exposed publicly. | ||
| echo "4. Internal Service Health (Localhost Check)..." | ||
| # We assert that the internal service is running, but rely on firewall rules for external blocking. | ||
| if lsof -i:5000 > /dev/null; then |
There was a problem hiding this comment.
The warning message uses [WARN] but the test section is numbered as test 4 in the echo on line 63. The warning message should clarify whether this is a critical failure or just informational, as it doesn't call fail() but uses red color styling typically reserved for failures.
|
|
||
| # 1. Check if App is Running | ||
| echo "1. Checking System Availability..." | ||
| HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" "$BASE_URL") |
There was a problem hiding this comment.
The curl commands don't specify a timeout, which could cause the script to hang indefinitely if the service is unresponsive. Add a timeout using --max-time or --connect-timeout flags (e.g., curl -s --max-time 10 -o /dev/null -w '%{http_code}' ...) to ensure the script completes in a reasonable time.
| for route in "${PROTECTED_ROUTES[@]}"; do | ||
| # We expect a redirect (307) to login or a 401/403 depending on your middleware config | ||
| # For this specific stack, Middleware redirects to /login on page loads | ||
| CODE=$(curl -s -o /dev/null -w "%{http_code}" "$BASE_URL$route") |
There was a problem hiding this comment.
The curl commands don't specify a timeout, which could cause the script to hang indefinitely if the service is unresponsive. Add a timeout using --max-time or --connect-timeout flags (e.g., curl -s --max-time 10 -o /dev/null -w '%{http_code}' ...) to ensure the script completes in a reasonable time.
|
|
||
| # 3. Verify Login Page is Public | ||
| echo "3. Verifying Login Page Accessibility..." | ||
| CODE=$(curl -s -o /dev/null -w "%{http_code}" "$BASE_URL/login") |
There was a problem hiding this comment.
The curl commands don't specify a timeout, which could cause the script to hang indefinitely if the service is unresponsive. Add a timeout using --max-time or --connect-timeout flags (e.g., curl -s --max-time 10 -o /dev/null -w '%{http_code}' ...) to ensure the script completes in a reasonable time.
This script provides automated verification of the Fail-Closed security model:
The smoke test can be run after deployment with: ./scripts/smoke.sh