ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-09 08:41:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
onefuzz/contrib/onefuzz-job-github-actions/github-pipeline.yml
Noah McGregor Harper ca7e07f027
Reverting client_id Name Change (#2889)
2023-02-27 16:01:57 -08:00

53 lines
2.2 KiB
YAML
Raw Permalink Blame History

name: Onefuzz Sample Pipeline
on:
push:
branches: [ main ]
jobs:
build:
# The OS that a OneFuzz job is _scheduled_ to is determined by the pool. The pool is
# a OneFuzz resource that the user manages outside of CI. The pool for a given job is
# specified when submitting the job (in the `runs` script below).
#
# The `runs-on` key here specifies the GitHub Actions environment used to _submit_ the job.
# This can differ from the job's execution environment.
#
# To deploy a job from e.g. `windows-latest`, the script in the "submit onefuzz job" task
# would just need to be ported to run on Windows.
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: build
run: |
set -ex
make
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: 3.7
- name: submit onefuzz job
env:
ONEFUZZ_ENDPOINT: ${{ secrets.onefuzz_endpoint }}
ONEFUZZ_CLIENT_ID: ${{ secrets.onefuzz_client_id }}
ONEFUZZ_CLIENT_SECRET: ${{ secrets.onefuzz_client_secret }}
ONEFUZZ_PAT: ${{ secrets.onefuzz_pat }}
ONEFUZZ_PROJECT: sample
ONEFUZZ_NAME: sample
# Assumes the existence of a pool named `my-linux-pool`, with an OS type of `linux`.
# Not created in this script; this would be a long-lived resource managed outside of CI.
# See `README.md`.
ONEFUZZ_POOL: my-linux-pool
run: |
# Set `bash` error and logging behavior.
set -ex
pip install onefuzz
# On Windows, this text replacement could instead be implemented via PowerShell.
sed -i s/INSERT_YOUR_PERSONAL_ACCESS_TOKEN_HERE/${ONEFUZZ_PAT}/ github-issues.json
onefuzz config --endpoint $ONEFUZZ_ENDPOINT --client_id $ONEFUZZ_CLIENT_ID
onefuzz --client_secret $ONEFUZZ_CLIENT_SECRET template libfuzzer basic $ONEFUZZ_PROJECT $ONEFUZZ_NAME $GITHUB_SHA $ONEFUZZ_POOL --target_exe fuzz.exe --colocate_all_tasks --duration 1 --vm_count 1 --notification_config @./github-issues.json
# Default for Linux. Would only need to be specified if `runs-on` == `windows-latest`.
shell: bash
Reference in New Issue View Git Blame Copy Permalink