Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Latest commit

 

History

History
23 lines (18 loc) · 1.9 KB

README.md

File metadata and controls

23 lines (18 loc) · 1.9 KB
Raw

Deploying OneFuzz jobs via GitHub Actions

This pipeline uses an AAD Service Principal to authenticate to Onefuzz.

To create work items upon finding crashes, this pipeline uses a GitHub Personal Access Token to report any crashes found during fuzzing as GitHub Issues.

Configuration

This example uses Encrypted Secrets to configure the workflow:

  • onefuzz_endpoint: The Onefuzz Instance. This should be the URL for the instance, such as https://onefuzz-playground.azurewebsites.net.
  • onefuzz_client_id: The Client ID for the service principal.
  • onefuzz_client_secret: The Client Secret for the service principal.
  • onefuzz_pat: The GitHub Personal Access Token.

This example uses environment variables to configure the workflow:

  • ONEFUZZ_PROJECT:The name of your project. As an example, "Browser".
  • ONEFUZZ_NAME: The name of your target application. As an example, "jpg-parser".
  • ONEFUZZ_POOL: The name of the fuzzing Pool to use. As an example, my-linux-pool.

GitHub Issues Configuration

In the notification configuration, there are a few items that are hard-coded that you should update for your instance:

  • Replace INSERT_YOUR_USERNAME_HERE with the name of your GitHub username used to file issues.
  • Replace organization with the name of your GitHub organization to file issues.
  • Replace repository with the name of your GitHub repository to file issues.