Integration Test Setup for VulnerableApp

[preetkaran20]

Is your feature request related to a problem? Please describe. Currently, we are not having a way to know if there is any breaking change between various releases. Like say, if there is a modification in framework or vulnerability which breaks the vulnerable app or few parts of it, there is only one way to know about it is by manually exploring all the levels in the VulnerableApp, which is not feasible.

Describe the solution you'd like So we are looking for an integration framework set up such that we can write integration tests and they will be executed as part of Github actions and in case of any failure, it will fail the GitHub action and we can proactively know about failures/issues.

There are few famous integration testing frameworks like Karate which we can use. What all are included in this task/Definition of done

1. Analyse the framework for VulnerableApp based on various factors like learning curve, ease of writing, capability, and community support
2. Local IDE setup for Integration tests
3. Write a GitHub action to run the integration tests
4. Write integration tests for any of the existing vulnerabilities such that we can use them as a reference for other implementations

Why this is needed?

1. Ease of regression testing
2. Finding bugs proactively
3. Ease of populating the SAST expected issues.csv

[Vedant755]

Can I work on this issue? I have worked with CSV files with CRUD operations!

[preetkaran20]

Ok great!!!