diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index b7ad2f868..000000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,70 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ master ]
-  schedule:
-    - cron: '18 19 * * 1'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript', 'python' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://git.io/codeql-language-support
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 87af76111..d5f6da0a6 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -42,7 +42,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -53,7 +53,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -67,4 +67,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
\ No newline at end of file
diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml
index 4cfa76d5b..726eb0c3f 100644
--- a/.github/workflows/ossar.yml
+++ b/.github/workflows/ossar.yml
@@ -22,6 +22,8 @@ jobs:
     # OSSAR runs on windows-latest.
     # ubuntu-latest and macos-latest support coming soon
     runs-on: windows-latest
+    permissions:
+      security-events: write
 
     steps:
     - name: Checkout repository
@@ -44,6 +46,6 @@ jobs:
 
       # Upload results to the Security tab
     - name: Upload OSSAR results
-      uses: github/codeql-action/upload-sarif@v1
+      uses: github/codeql-action/upload-sarif@v2
       with:
-        sarif_file: ${{ steps.ossar.outputs.sarifFile }}
+        sarif_file: ${{ steps.ossar.outputs.sarifFile }}
\ No newline at end of file
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 000000000..b4eacda94
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,14 @@
+name: "run_tests.py"
+
+on: [push, pull_request]
+
+jobs:
+  analyze:
+    runs-on: ubuntu-20.04
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+    - name: run_tests.py
+      run: |
+        ./run_tests.py
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 691c16797..ac99b2d20 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,6 +2,7 @@ version: '2.3'
 
 services:
   files:
+    container_name: "rDrama"
     build:
       context: .
     volumes:
diff --git a/files/templates/comments.html b/files/templates/comments.html
index 8264ed8cd..14806f8c1 100644
--- a/files/templates/comments.html
+++ b/files/templates/comments.html
@@ -846,7 +846,7 @@
 
 	{% if v %}
 		<script src="/assets/js/marked.js?v=253"></script>
-		<script src="/assets/js/comments_v.js?v=266"></script>
+		<script src="/assets/js/comments_v.js?v=267"></script>
 	{% endif %}
 
 	<script src="/assets/js/clipboard.js?v=250"></script>
diff --git a/files/tests/test_e2e.py b/files/tests/test_e2e.py
new file mode 100644
index 000000000..865184d00
--- /dev/null
+++ b/files/tests/test_e2e.py
@@ -0,0 +1,37 @@
+from bs4 import BeautifulSoup
+from time import time, sleep
+from files.__main__ import app
+
+# these tests require `docker-compose up` first
+
+def test_rules():
+	response = app.test_client().get("/logged_out/rules")
+	assert response.status_code == 200
+	assert response.text.startswith("<!DOCTYPE html>")
+
+
+def test_signup():
+	client = app.test_client()
+	with client: # this keeps the session between requests, which we need
+		signup_get_response = client.get("/signup")
+		assert signup_get_response.status_code == 200
+		soup = BeautifulSoup(signup_get_response.text, 'html.parser')
+		# these hidden input values seem to be used for anti-bot purposes and need to be submitted
+		formkey = next(tag for tag in soup.find_all("input") if tag.get("name") == "formkey").get("value")
+		form_timestamp = next(tag for tag in soup.find_all("input") if tag.get("name") == "now").get("value")
+
+		sleep(5) # too-fast submissions are rejected (bot check?)
+		username = "testuser" + str(round(time()))
+		signup_post_response = client.post("/signup", data={
+			"username": username,
+			"password": "password",
+			"password_confirm": "password",
+			"email": "",
+			"formkey": formkey,
+			"now": form_timestamp
+		})
+		print(f"Signing up as {username}")
+		assert signup_post_response.status_code == 302
+		assert "error" not in signup_post_response.location
+
+		# we should now be logged in and able to post
\ No newline at end of file
diff --git a/push.sh b/push.sh
deleted file mode 100644
index edce13413..000000000
--- a/push.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-git pull
-git add .
-git commit -m "sneed"
-git push
\ No newline at end of file
diff --git a/pushforce.sh b/pushforce.sh
deleted file mode 100644
index 26412e5da..000000000
--- a/pushforce.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-git add .
-git commit -m "force push"
-git push --force
\ No newline at end of file
diff --git a/readme.md b/readme.md
index 1317d2f04..cb0e18f53 100644
--- a/readme.md
+++ b/readme.md
@@ -1,3 +1,6 @@
+[![Build status](https://img.shields.io/github/workflow/status/TheMotte/rDrama/run_tests.py/frost)](https://github.com/Aevann1/rDrama/actions?query=workflow%3Arun_tests.py+branch%3Afrost)
+
+
 This code runs https://rdrama.net and https://pcmemes.net
 
 # Installation (Windows/Linux/MacOS)
diff --git a/requirements.txt b/requirements.txt
index 9d27fd158..2c8c517f6 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -24,6 +24,7 @@ tldextract
 psycopg2-binary
 pusher_push_notifications
 pyenchant
+pytest
 youtube-dl
 yattag
 webptools
\ No newline at end of file
diff --git a/run_tests.py b/run_tests.py
new file mode 100644
index 000000000..80e6114a3
--- /dev/null
+++ b/run_tests.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python3
+
+import subprocess
+import sys
+
+# we want to leave the container in whatever state it currently is, so check to see if it's running
+docker_inspect = subprocess.run([
+            "docker",
+            "container",
+            "inspect",
+            "-f", "{{.State.Status}}",
+            "rDrama",
+        ],
+        capture_output = True,
+    ).stdout.decode("utf-8").strip()
+
+was_running = docker_inspect == "running"
+
+# update containers, just in case they're out of date
+if was_running:
+    print("Updating containers . . .")
+else:
+    print("Starting containers . . .")
+subprocess.run([
+            "docker-compose",
+            "up",
+            "--build",
+            "-d",
+        ],
+        check = True,
+    )
+
+# run the test
+print("Running test . . .")
+result = subprocess.run([
+        "docker",
+        "exec",
+        "rDrama",
+        "bash", "-c", "cd service && python3 -m pytest -s"
+    ])
+
+if not was_running:
+    # shut down, if we weren't running in the first place
+    print("Shutting down containers . . .")
+    subprocess.run([
+            "docker-compose",
+            "stop",
+        ],
+        check = True,
+    )
+
+sys.exit(result.returncode)
\ No newline at end of file