-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathgithub-pipeline.yml
50 lines (46 loc) · 1.83 KB
/
github-pipeline.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# Example Github Actions pipeline
#
# This uses an AAD Service Principal to authenticate to Onefuzz.
# See https://docs.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals
#
# This uses a Microsoft Teams Incoming Webhook to create Teams messages upon finding crashes.
# See https://github.com/microsoft/onefuzz/blob/main/docs/notifications/teams.md
#
# This uses the following variables, defined in the variable group 'onefuzz-config':
# * endpoint: The Onefuzz Instance
# * client_id: The Client ID for the service principal
#
# This uses the following secret variables, defined in the variable group 'onefuzz-config':
# * client_secret: The Client Secret for the service principal
# * teams_url: The Incoming Webhook for Teams
name: Onefuzz Sample Pipeline
on:
push:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: build
run: |
set -ex
cd examples/simple-libfuzzer
make
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: 3.7
- name: submit onefuzz job
env:
ONEFUZZ_ENDPOINT: ${{ secrets.onefuzz_endpoint }}
ONEFUZZ_CLIENT_ID: ${{ secrets.onefuzz_client_id }}
ONEFUZZ_CLIENT_SECRET: ${{ secrets.onefuzz_client_secret }}
ONEFUZZ_TEAMS_URL: ${{ secrets.teams_url }}
run: |
set -ex
pip install onefuzz
onefuzz config --endpoint $ONEFUZZ_ENDPOINT --client_id $ONEFUZZ_CLIENT_ID
sed -i s/INSERT_TEAMS_WEBHOOK_URL_HERE/${ONEFUZZ_TEAMS_URL}/ notifications/teams-message.json
cd examples/simple-libfuzzer
onefuzz template libfuzzer basic samples sample-1 $GITHUB_SHA --target_exe fuzz.exe --notification_config @../../notifications/teams-message.json