Ready, Test, Go

Paul Villavicencio

March 12th, 2019

In application development changes are made constantly. To make sure new features don’t break existing functionalities, running automated tests regularly helps catch any issues early on.

At Flo Apps Ltd we run weekly tests on our systems. We check out the latest changes from version control, run end-to-end and integration tests (to ensure the application is performing as designed from start to finish), and verify that all URL paths in the application have correct access restrictions. As our test tools, we use a combination of Behat, Selenium and Selenoid.

Behat is a framework for PHP that uses a human-readable format for writing tests. Tests are defined by describing steps of a web application scenario that will be performed in the browser. For example, logging into the application would require the steps of filling in the user field, then filling in the password and finally clicking the “Log in” button. The test would pass or fail, depending on if the resulting page is what was expected.

Selenium is a great tool for end-to-end tests; it automates tasks on browsers. Selenium runs as a service on the local machine and coordinates the calls from the tests to the configured browsers. While Selenium is great when creating the tests, running a whole suit of test scenarios with it is not adequate since it opens a new browser window or tab on every test, consuming resources of the machine it runs on.

Here is where Selenoid comes in. Selenoid is a replacement to Selenium which runs browsers in Docker containers. The Selenoid service itself runs in a Docker container and provides a view of the tests currently running through a web interface. This allows us to have a better view of how tests are running without interruptions or having to worry about the tests using up resources.

Organizing End-to-End and Integration tests

Behat helps us separate and organize the tests according to feature sets. For example, application features, API tests, integrations with external services, and testing of different application configurations should be separated. We can have a Behat configuration file for each of these feature sets.

.
├── behat
│   ├── bootstrap
│   ├── behat-app.yml
│   ├── behat-api.yml
│   ├── behat-app-configurations.yml
│   ├── behat-integration.yml
│   └── features
│       ├── API
│       ├── App
│       ├── AppConfiguration1
│       ├── AppConfiguration2
│       ├── Integration
…

Know thy URL paths

As applications grow, keeping track of the URL paths’ access rules is important, especially from a security perspective. Access to each URL path should be reviewed.

Most application frameworks have a specific way of defining URL paths in the source code via using Controllers and Actions to define a URL path. We can extract all the exposed URL paths by crawling the source code looking for all the Controller actions. This way we know exactly which URL paths our application is serving and we can then verify that access rules to each route are applied correctly.

Tests allow us to expand our application while keeping the functionalities secure. Tests also help avoid problems when introducing new features. Behat, Selenium and Selenoid are great tools that help us to run tests and keep them organized.

Tags: FloMembers, Testing