Add smoke test for appprotect csrf policy

[vepatel]

Proposed changes

• Add smoke test for AP CSRF policy,
• Remove hardcoded waits.

Checklist

Before creating a PR, run through this checklist and mark each as complete.

• I have read the CONTRIBUTING doc
• I have added tests that prove my fix is effective or that my feature works
• I have checked that all unit tests pass after adding my changes
• I have updated necessary documentation
• I have rebased my branch onto master
• I will ensure my PR is targeting the master branch and pulling from my branch from my own fork

suite/test_app_protect.py::TestAppProtect::test_responses_csrf[backend_setup0-crd_ingress_controller_with_ap0] PASSED [ 21%]

[pleshakov]

are cookies necessary? the policy doesn't configure any rules for cookies, right?

[vepatel]

@pleshakov cookies are necessary for CSRF protection to kick in

[pleshakov]

Woudl it make sense to put the status checks in a function and thus remove if...else completely? something like that

for _ in range(60):
            resp = requests.get(req_url, headers=headers, verify=False)
            if  checkRespStatus(check404):
                print(f"After {_} retries at 1 second interval, got {resp.status_code} response. Continue with tests...")
                return
            time.sleep(1)
        pytest.fail(f"Keep getting {resp.status_code} from {req_url} after 60 seconds. Exiting...")

[soneillf5]

I'd agree with the sentiment, the code in the loops are very similar.
They could be combined using with:

             if resp.status_code not in valid_codes:

and from there either use wrapping functions or params to setup valid_codes.

[soneillf5]

it's nice to see the wait removed :D