aasimsyed · aasimsyed · Apr 13, 2024 · Apr 13, 2024 · Apr 13, 2024 · Apr 14, 2024
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,22 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - feature/implement-owasp-zap-baseline-scan-github-actions
+
+jobs:
+  zap_scan:
+    permissions: write-all
+    runs-on: ubuntu-latest
+    name: OWASP ZAP Baseline Scan of OWASP Juice Shop
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Run OWASP ZAP Baseline Scan
+        uses: zaproxy/[email protected]
+        with:
+          target: "https://juice-shop.herokuapp.com/#"
+          artifact_name: "zap_report.html"
+
diff --git a/README.md b/README.md
@@ -1 +1,9 @@
-# coding-temple-cypress-playground
+# Integrating GitHub Actions into an Existing GitHub Repo
+
+## Overview
+
+The objective of this project is to integrate GitHub Actions into your existing GitHub project.
+
+## GitHub Actions Run
+
+- [GitHub Actions Run](https://github.com/aasimsyed/coding-temple-cypress-playground/actions/runs/8761555437)
diff --git a/cypress.config.js b/cypress.config.js
@@ -2,8 +2,17 @@ const { defineConfig } = require("cypress");
 
 module.exports = defineConfig({
   e2e: {
+    env: {
+      restfulBookerUrl: 'https://restful-booker.herokuapp.com'
+    },
+    chromeWebSecurity: false,
+    supportFile: 'cypress/support/commands.js',
+    specPattern: [
+      'cypress/integration/e2e/**/*.spec.js',
+      'cypress/integration/api/**/*.spec.js'
+    ],
     setupNodeEvents(on, config) {
       // implement node event listeners here
-    },
-  },
+    }
+  }
 });
diff --git a/cypress/fixtures/adBlockerUrls.json b/cypress/fixtures/adBlockerUrls.json
@@ -0,0 +1,12 @@
+{
+  "blockAds": "https://pagead2.googlesyndication.com/**",
+  "blockGpt": "https://www.googletagservices.com/tag/js/gpt.js",
+  "blockGtm": "https://www.googletagmanager.com/gtm.js?id=GTM-MX8DD4S",
+  "blockAdPlus": "https://cdn.ad.plus/player/adplus.js",
+  "blockBacktrace": "https://events.backtrace.io/**",
+  "blockGif": "**/*.gif",
+  "blockUserMatch": "**/usermatch.gif**",
+  "blockMerge": "**/merge**",
+  "blockScripts": "**/*.js"
+}
+
diff --git a/cypress/fixtures/bookingDetails.json b/cypress/fixtures/bookingDetails.json
@@ -0,0 +1,11 @@
+{
+  "firstname": "Jim",
+  "lastname": "Brown",
+  "totalprice": 111,
+  "depositpaid": true,
+  "bookingdates": {
+    "checkin": "2021-01-01",
+    "checkout": "2021-01-02"
+  },
+  "additionalneeds": "Breakfast"
+}
diff --git a/cypress/fixtures/credentials.json b/cypress/fixtures/credentials.json
@@ -0,0 +1,36 @@
+{
+  "users": {
+    "standardUser": {
+      "username": "standard_user",
+      "password": "secret_sauce"
+    },
+    "lockedOutUser": {
+      "username": "locked_out_user",
+      "password": "secret_sauce"
+    },
+    "problemUser": {
+      "username": "problem_user",
+      "password": "secret_sauce"
+    },
+    "performanceGlitchUser": {
+      "username": "performance_glitch_user",
+      "password": "secret_sauce"
+    },
+    "invalidUser": {
+      "username": "invalid_user",
+      "password": "secret_sauce"
+    },
+    "noPassword": {
+      "username": "standard_user",
+      "password": ""
+    },
+    "invalidPassword": {
+      "username": "standard_user",
+      "password": "invalid_password"
+    },
+    "noUsername": {
+      "username": "",
+      "password": "secret_sauce"
+    }
+  }
+}
diff --git a/cypress/fixtures/example.json b/cypress/fixtures/example.json
diff --git a/cypress/fixtures/updateBookingDetails.json b/cypress/fixtures/updateBookingDetails.json
@@ -0,0 +1,11 @@
+{
+  "firstname": "UpdatedFirstName",
+  "lastname": "UpdatedLastName",
+  "totalprice": 200,
+  "depositpaid": false,
+  "bookingdates": {
+    "checkin": "2023-01-10",
+    "checkout": "2023-01-15"
+  },
+  "additionalneeds": "Late checkout"
+}
diff --git a/cypress/integration/api/createBooking.spec.js b/cypress/integration/api/createBooking.spec.js
@@ -0,0 +1,61 @@
+import { getNewToken } from '../../support/utils';
+import { compileSchema } from '../../support/ajv-utils';
+
+describe('CreateBooking API Test', () => {
+  before(() => {
+    // Load and compile schemas
+    cy.readFile('cypress/schemas/createBookingRequest.json')
+      .then(compileSchema).as('validateRequest');
+    cy.readFile('cypress/schemas/createBookingResponse.json')
+      .then(compileSchema).as('validateResponse');
+    cy.log('Schemas compiled successfully.');
+
+    // Load booking details
+    cy.fixture('bookingDetails.json').as('bookingData');
+
+    // Retrieve a new token and store as alias
+    getNewToken().then(cy.wrap).as('token');
+  });
+
+  after(() => {
+    // Clean up: delete the booking created in the before hook
+    cy.get('@token').then(token => {
+      cy.get('@bookingId').then(bookingId => {
+        if (bookingId && token) {
+          cy.log('Cleaning up: deleting the booking created in the before hook');
+          cy.deleteBooking(bookingId, token).then(response => {
+            expect(response.status).to.eq(201);
+            cy.log(`Booking with ID: ${bookingId} deleted successfully.`);
+          });
+        } else {
+          cy.log('No booking ID or token available for cleanup.');
+        }
+      });
+    });
+  });
+
+  it('should create a new booking and validate the response matches the request', function () {
+    // Use aliases to ensure data is loaded before executing the test
+    cy.get('@token').then(token => {
+      cy.get('@bookingData').then(bookingData => {
+        cy.log('Creating a new booking with the provided details');
+        cy.createBooking(bookingData, token).then(response => {
+          expect(response.status).to.eq(200);
+          cy.log('Booking created with status:', response.status);
+
+          // Validate response schema
+          cy.get('@validateResponse').then(validateResponse => {
+            if (!validateResponse(response.body)) {
+              const errors = validateResponse.errors.map(err => `${err.instancePath} ${err.message}`).join(', ');
+              throw new Error(`Response validation failed: ${errors}`);
+            }
+            cy.log('Response schema validation passed.');
+
+            // Store the bookingId for cleanup
+            cy.wrap(response.body.bookingid).as('bookingId');
+          });
+        });
+      });
+    });
+  });
+});
diff --git a/cypress/integration/api/createToken.spec.js b/cypress/integration/api/createToken.spec.js
@@ -0,0 +1,31 @@
+import { compileSchema } from '../../support/ajv-utils';
+
+describe('CreateToken API Test', () => {
+  before(() => {
+    // Load and compile the schema, then store it as an alias for use in the tests
+    cy.readFile('cypress/schemas/createTokenResponse.json')
+      .then(compileSchema)
+      .as('validateTokenSchema'); // Storing the compiled schema as an alias
+    cy.log('Token schema compiled and stored as an alias.');
+  });
+
+  it('should create a new auth token', () => {
+    cy.apiRequest('POST', '/auth', null, {
+      username: 'admin',
+      password: 'password123',
+    }).then((response) => {
+      expect(response.status).to.eq(200);
+      cy.log('Auth token created, validating response...');
+
+      // Use the alias for the schema to validate the response
+      cy.get('@validateTokenSchema').then((validate) => {
+        const validationResult = validate(response.body);
+        if (!validationResult) {
+          const errors = validate.errors.map(err => `${err.instancePath} ${err.message}`).join(', ');
+          throw new Error(`Validation error: ${errors}`);
+        }
+        cy.log('Response validated successfully against the schema.');
+      });
+    });
+  });
+});
diff --git a/cypress/integration/api/deleteBooking.spec.js b/cypress/integration/api/deleteBooking.spec.js
@@ -0,0 +1,47 @@
+import { getNewToken } from '../../support/utils';
+import { compileSchema } from '../../support/ajv-utils';
+
+describe('Delete Booking by ID API Tests', () => {
+  let validateResponse, bookingId, token;
+
+  before(() => {
+    // Compile the response schema
+    cy.readFile('cypress/schemas/deleteBookingResponse.json')
+      .then(compileSchema)
+      .then((compiledSchema) => {
+        validateResponse = compiledSchema;
+        cy.log('Response schema compiled successfully.');
+      });
+
+    // Retrieve authentication token
+    getNewToken().then((receivedToken) => {
+      cy.wrap(receivedToken).as('token');
+      cy.log('Authentication token retrieved:', token);
+
+      // Load booking details from a fixture and create a booking
+      cy.fixture('bookingDetails.json').then((bookingDetails) => {
+        cy.createBooking(bookingDetails, token).then((response) => {
+          expect(response.status).to.eq(200);
+          bookingId = response.body.bookingid;
+          cy.wrap(bookingId).as('bookingId');
+          cy.log(`New booking created with ID: ${bookingId}`);
+        });
+      });
+    });
+  });
+
+  it('should delete a booking by ID', () => {
+    cy.get('@token').then((token) => {
+      cy.get('@bookingId').then((bookingId) => {
+        if (bookingId && token) {
+          cy.deleteBooking(bookingId, token).then(response => {
+            expect(response.status).to.eq(201);
+            cy.log(`Booking with ID: ${bookingId} deleted successfully.`);
+          });
+        } else {
+          cy.log('No booking ID or token available for cleanup.');
+        }
+      });
+    });
+  });
+});
diff --git a/cypress/integration/api/getBooking.spec.js b/cypress/integration/api/getBooking.spec.js
@@ -0,0 +1,65 @@
+import { getNewToken } from '../../support/utils';
+import { compileSchema } from '../../support/ajv-utils';
+
+describe('Get Booking by ID API Tests', () => {
+  let validateResponse, bookingId, token;
+
+  before(() => {
+    // Compile the response schema
+    cy.readFile('cypress/schemas/getBookingByIdResponse.json')
+      .then(compileSchema)
+      .then((compiledSchema) => {
+        validateResponse = compiledSchema;
+        cy.log('Response schema compiled successfully.');
+      });
+
+    // Retrieve authentication token
+    getNewToken().then((receivedToken) => {
+      cy.wrap(receivedToken).as('token');
+      cy.log('Authentication token retrieved:', token);
+
+      // Load booking details from a fixture and create a booking
+      cy.fixture('bookingDetails.json').then((bookingDetails) => {
+        cy.createBooking(bookingDetails, token).then((response) => {
+          expect(response.status).to.eq(200);
+          bookingId = response.body.bookingid;
+          cy.wrap(bookingId).as('bookingId');
+          cy.log(`New booking created with ID: ${bookingId}`);
+        });
+      });
+    });
+  });
+
+  after(() => {
+    // Retrieve 'token' and 'bookingId' from aliases
+    cy.get('@token').then((token) => {
+      cy.get('@bookingId').then((bookingId) => {
+        if (bookingId && token) {
+          cy.log('Cleaning up: deleting the booking created in the before hook');
+          // Clean up: delete the booking created in the before hook
+          cy.deleteBooking(bookingId, token).then(response => {
+            expect(response.status).to.eq(201);
+            cy.log(`Booking with ID: ${bookingId} deleted successfully.`);
+          });
+        } else {
+          cy.log('No booking ID or token available for cleanup.');
+        }
+      });
+    });
+  });  
+
+  it('should retrieve a booking by ID', () => {
+    cy.apiRequest('GET', `/booking/${bookingId}`, token).then((response) => {
+      expect(response.status).to.eq(200);
+      cy.log(`Booking retrieved for ID ${bookingId}:`, JSON.stringify(response.body));
+
+      // Validate the response against the compiled schema
+      const validationResult = validateResponse(response.body);
+      if (!validationResult) {
+        const errors = validateResponse.errors.map(err => `${err.instancePath} ${err.message}`).join(', ');
+        throw new Error(`Response validation failed: ${errors}`);
+      }
+      cy.log('Response schema validation passed.');
+    });
+  });
+});
diff --git a/cypress/integration/api/getBookingIds.spec.js b/cypress/integration/api/getBookingIds.spec.js
@@ -0,0 +1,38 @@
+import { compileSchema } from '../../support/ajv-utils';
+
+describe('Get Booking IDs API Tests', () => {
+  let validateResponse;
+
+  before(() => {
+    // Load and compile the schema for response validation
+    cy.readFile('cypress/schemas/getBookingIdsResponse.json')
+      .then(compileSchema)
+      .then((compiledSchema) => {
+        validateResponse = compiledSchema;
+        cy.log('Response schema compiled successfully.');
+      });
+
+    cy.log('Starting tests for the GetBookingIds endpoint');
+  });
+
+  // Helper function to perform API request and validate the response
+  const testBookingRetrieval = (description, queryParams = {}) => {
+    it(`should retrieve bookings ${description}`, () => {
+      cy.apiRequest('GET', '/booking', null, null, queryParams).then((response) => {
+        expect(response.status).to.eq(200);
+        if (!validateResponse(response.body)) {
+          const errors = validateResponse.errors.map(err => `${err.instancePath} ${err.message}`).join(', ');
+          throw new Error(`Response validation failed: ${errors}`);
+        }
+        cy.log(`Bookings ${description}:`, JSON.stringify(response.body));
+      });
+    });
+  };
+
+  // Test cases using the helper function
+  testBookingRetrieval('for all booking IDs');
+  testBookingRetrieval('by first name', { firstname: 'Jim' });
+  testBookingRetrieval('by last name', { lastname: 'Brown' });
+  testBookingRetrieval('by check-in date', { checkin: '2021-01-01' });
+  testBookingRetrieval('by check-out date', { checkout: '2021-01-02' });
+});
diff --git a/cypress/integration/api/healthCheck.spec.js b/cypress/integration/api/healthCheck.spec.js
@@ -0,0 +1,8 @@
+describe('Health Check API Test', () => {
+  it('Ping the API for a health check', () => {
+    cy.apiRequest('GET', '/ping').then((response) => {
+      expect(response.status).to.eq(201);  // Expecting a 201 status as per your API docs
+      cy.log('API health check response status:', response.status);
+    });
+  });
+});