NHC Portals

Appearance

Smoke Test Checklist

Run this checklist immediately after every deployment — initial migration or subsequent release. Do not hand off to users until every item passes.

Items are ordered by failure impact: the ones at the top will block everything else if they fail.

1. Infrastructure

  • [ ] EC2 instance is reachable via SSH
  • [ ] docker compose ps shows all containers as running (django, celeryworker, celerybeat)
  • [ ] Django can reach RDS: docker compose exec django python manage.py dbshell opens a MySQL prompt
  • [ ] Django can reach Redis: docker compose exec django python -c "import redis; r=redis.from_url('$CELERY_BROKER_URL'); print(r.ping())"

2. API

  • [ ] https://api.your-domain.com/api/schema/ returns HTTP 200 and the OpenAPI JSON
  • [ ] https://api.your-domain.com/api/schema/swagger-ui/ loads Swagger UI in the browser
  • [ ] Health check endpoint responds: https://api.your-domain.com/ping/ (or equivalent)
  • [ ] HTTPS certificate is valid — no browser warning, cert issued by Let's Encrypt

3. Authentication

  • [ ] A superuser can log in via the Django admin (/ADMIN_URL/)
  • [ ] A superuser can log in via the portals frontend
  • [ ] A wrong-password login returns a 400/401 error (not a 500)
  • [ ] JWT token refresh works — log in, wait, confirm the session stays alive

4. Multi-tenancy

  • [ ] Log in via a Nova Health First org URL (/login/<nova-token>) — correct org branding appears
  • [ ] Log in via an Essential Home Health org URL — different org branding appears
  • [ ] A MASTER-role user can see all organisations
  • [ ] An ADMIN-role user can only see their own organisation's data

5. File storage (S3)

  • [ ] Run collectstatic and confirm static assets load in the browser (no 404s on CSS/JS)
  • [ ] Upload a file through the portals UI — confirm it lands in the private S3 bucket
  • [ ] Access a private file via the presigned URL it generates — confirm it opens and expires after the configured window
  • [ ] Public static files are served from the public S3 bucket (check the asset URL in browser devtools)

6. PDF pipeline ⚠️

This is the most common silent failure. The app starts and logs in fine without nova.p12 — the failure only appears when a document is signed.

  • [ ] Assign a form to a test user as an admin
  • [ ] Complete and submit the form as that user
  • [ ] Confirm a PDF is generated (appears in the user's documents section)
  • [ ] Open the PDF and confirm it has a digital signature applied
  • [ ] Check the Celery worker logs — no FileNotFoundError or PKCS12Error:
    bash
    docker compose logs celeryworker | grep -i "error\|nova.p12\|pkcs12"

If this step fails, the symptom is a document stuck in a pending/processing state indefinitely. Fix: verify secrets/nova.p12 is mounted at the correct path and PYHANKO_P12_PASSWORD is correct.

7. Email (SendGrid)

  • [ ] Trigger a password reset email — confirm it is received
  • [ ] Check the sender address is a Nova Home Care address (not medicalwebexperts.com)
  • [ ] Check SendGrid dashboard for delivery status — no bounces or blocks
  • [ ] Confirm SPF and DKIM are passing (visible in SendGrid's domain authentication page)

8. Celery

  • [ ] docker compose logs celeryworker shows workers started with no errors
  • [ ] docker compose logs celerybeat shows the beat scheduler started
  • [ ] In Django admin → Periodic Tasks — confirm scheduled tasks are listed
  • [ ] Trigger a manual task and confirm it completes:
    bash
    docker compose exec django python manage.py shell -c \
  "from celery import current_app; current_app.send_task('your.task.name')"

9. Portals frontend

  • [ ] Frontend loads at the production URL with no console errors
  • [ ] Organisation-specific login URL routes to the correct branded login page
  • [ ] After login, the correct role dashboard is shown (MASTER sees all orgs, ADMIN sees one)
  • [ ] API calls from the frontend reach the Django backend (check browser Network tab — no CORS errors)

10. Automated tests

Run the Cypress login suite against the production URL as a final gate:

bash
cd testing
DEV=https://your-domain.com/login/<nova-token> pnpm run:login

Expected: 18/21 passing (3 known failures due to brittle Chakra selector — see To Review).

If passing count drops below 18, investigate before handing off.

Sign-off

CheckPassed byDate
Infrastructure (1)
API (2)
Authentication (3)
Multi-tenancy (4)
File storage (5)
PDF pipeline (6)
Email (7)
Celery (8)
Frontend (9)
Automated tests (10)

Nova Home Care — Internal Developer Docs