Smoke Testing

Smoke Testing After Deploy: The Essential Checklist

HelpMeTest

HelpMeTest

3 min read
Smoke Testing After Deploy: The Essential Checklist

A "smoke test" is a quick verification that the most critical functions of a system work after a change. The name comes from hardware testing: you power on a new circuit board and check if smoke comes out. If it doesn't, you proceed with more thorough testing.

In software, a post-deploy smoke test answers the question: "Did this deploy break anything critical?" It's not comprehensive — it doesn't cover edge cases or every feature. It covers the things that, if broken, would cause immediate user impact or revenue loss.

Every deployment should be followed by a smoke test. Here's what that looks like.

The Post-Deploy Smoke Test Checklist

🔴 Tier 1: Do These First (Within 5 Minutes of Deploy)

Authentication

  • Login with valid credentials succeeds
  • Login with invalid credentials shows an error (doesn't crash)
  • Password reset flow sends email

Core Application

  • Main application loads without JavaScript errors
  • Core feature works end-to-end (whatever your product does)
  • Navigation between main sections works

API Health

  • Primary API endpoints return 200 OK
  • Health check endpoint (/health or /ping) responds
  • No spike in 5xx error rates (check monitoring dashboard)

If anything in Tier 1 fails, consider rolling back. Don't wait to "investigate while it's live."

🟠 Tier 2: Run Within 15 Minutes of Deploy

Critical User Flows

  • New user registration works
  • Payment / checkout flow completes
  • Key data creation action (create a post, submit a form, etc.)
  • Key data retrieval action (view a list, see a dashboard)

Infrastructure

  • Database connections are healthy
  • Third-party service integrations respond (payment processor, email, auth)
  • CDN is serving assets (no 404s on static resources)
  • SSL certificate is valid

🟡 Tier 3: Run Within 1 Hour of Deploy

Secondary Flows

  • Settings and account management work
  • Notification/email sending works
  • Search functions (if applicable)
  • Admin panel loads (if applicable)

Performance

  • Page load time is within normal range
  • No new slow queries (check database monitoring)
  • Memory and CPU utilization are normal

How to Automate Your Smoke Tests

Running through this checklist manually after every deploy takes 15-30 minutes. If you're deploying multiple times per day, that's not sustainable.

The solution: automate the Tier 1 and Tier 2 checks with HelpMeTest. Write the tests once in plain English, then trigger them automatically after every deploy.

Example automated smoke test for authentication:

Open https://myapp.com/login
Enter "smoke-test@mycompany.com" in the email field
Enter "SmokeTestPass123" in the password field
Click "Sign In"
Wait for the dashboard to load
Verify the user's name or avatar is visible
Verify no error messages are shown

Example automated smoke test for core feature:

Open https://myapp.com
Log in as smoke-test@mycompany.com
Navigate to the main feature
Create a new [item/project/report/etc.]
Verify it appears in the list
Verify it can be opened

CI/CD Integration

Add HelpMeTest smoke tests to your deployment pipeline:

  1. Deploy to production
  2. Trigger HelpMeTest test suite via API or CLI
  3. Wait for results (5-10 minutes)
  4. Pipeline passes or fails based on results
  5. If failed: alert on-call, consider rollback

This turns post-deploy smoke testing from a manual process into an automated gate.

Always-On Monitoring

Beyond post-deploy checks, schedule your smoke tests to run continuously — every 5 minutes. This catches issues that aren't related to a deploy: third-party service outages, database issues, infrastructure problems, or bugs that only appear under certain conditions.

HelpMeTest runs your tests on schedule automatically and sends email alerts on failures. Setup takes minutes; coverage runs 24/7.

What to Do When Smoke Tests Fail

Tier 1 failure (authentication or core feature): High likelihood this is a deploy regression. Investigate immediately. If the deploy introduced the failure, rollback.

Tier 2 failure (secondary flows): Investigate before deciding whether to rollback. Check if the failure is related to the recent deploy or a pre-existing issue.

Tier 3 failure (peripheral flows): Investigate and fix, but typically not a rollback trigger. Create a priority bug ticket.

Performance degradation: Check for N+1 queries, missing indexes, or resource leaks introduced by the deploy. This is often harder to rollback and may require a hotfix.

Smoke Tests vs. Full Regression

Smoke tests and regression tests serve different purposes:

Smoke Test Regression Test
Purpose Verify critical paths work after deploy Verify no existing functionality broke
Coverage 10-15 critical checks Comprehensive coverage
Speed 5-10 minutes 20-60 minutes
When After every deploy On schedule, in CI
Action on failure Consider rollback Create bug ticket

Both are necessary. Smoke tests are your immediate "is it broken" check. Regression tests are your longer-running "is everything still working" check.

Building the Habit

The best smoke testing practice is one that actually happens. If your post-deploy checklist is a 30-step document that requires 30 minutes to run manually, it won't be run consistently.

Automate the Tier 1 checks. They should run in under 5 minutes with no manual intervention. The habit only sticks when it's automatic.

Set up automated post-deploy smoke tests with HelpMeTest → — free for up to 10 tests, integrates with any CI/CD pipeline.

Read more