-
Notifications
You must be signed in to change notification settings - Fork 0
70 lines (67 loc) · 2.59 KB
/
maven.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: CI Fuzz
# Set an action secret called "CI_FUZZ_API_TOKEN" with an API token
# generated in CI Fuzz web interface.
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
env:
# The fuzzing server gRPC URL.
FUZZING_SERVER_ADDRESS: grpc.code-intelligence.com:443
# The fuzzing server HTTP URL.
WEB_APP_ADDRESS: https://app.code-intelligence.com
# Directory in which the repository will be cloned.
CHECKOUT_DIR: checkout-dir/
jobs:
fuzz_tests:
runs-on: ubuntu-latest
# Configure your build environment here
# container: example/docker_image
steps:
- id: checkout
name: Checkout Repository
uses: actions/checkout@v2
with:
path: ${{ env.CHECKOUT_DIR }}
- id: install-build-tools
name: Install Fuzzer Build Tools
uses: CodeIntelligenceTesting/github-actions/install-fuzzer-builder@v4
- id: build-fuzzers
name: Build Fuzzers
run: ci-fuzz/bin/ci-build fuzzers --directory $GITHUB_WORKSPACE/$CHECKOUT_DIR/ --git_commit_sha $GITHUB_SHA --git_branch $GITHUB_REF_NAME
shell: "bash"
- id: start-fuzzing
name: Start Fuzzing
uses: CodeIntelligenceTesting/github-actions/start-fuzzing@v4
with:
ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }}
fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }}
fuzzing_artifact: ${{ env.CHECKOUT_DIR }}/fuzzing-artifacts.tar.gz
checkout_directory: ${{ env.CHECKOUT_DIR }}
- id: monitor-fuzzing
name: Fuzzing
uses: CodeIntelligenceTesting/github-actions/monitor-fuzzing@v4
with:
ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }}
test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run }}
fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }}
dashboard_address: ${{ env.WEB_APP_ADDRESS }}
- id: save-results
name: Save Fuzz Test Results
uses: CodeIntelligenceTesting/github-actions/save-results@v4
if: ${{ success() || failure() }}
with:
ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }}
test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run }}
fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }}
dashboard_address: ${{ env.WEB_APP_ADDRESS }}
- id: upload-artifact
uses: actions/upload-artifact@v2
if: ${{ (success() || failure()) }}
with:
name: ci_fuzz_results
path: |
findings.json
coverage.json
web_app_address.txt