Workflow/wuppiefuzz target fuzzing singlerunner #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WuppieFuzz CI Pipeline | |
| # This workflow automates fuzz testing using WuppieFuzz on an OpenAPI target. | |
| # It builds and runs Docker services, installs necessary dependencies, and performs fuzz testing. | |
| # The workflow is triggered on pushes and pull requests to the `main` branch. | |
| name: WuppieFuzz fuzz target single runner Pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| build_and_fuzz: | |
| runs-on: self-hosted # Use 'ubuntu-latest' if you don't have a self-hosted runner | |
| steps: | |
| # Step 1: Checkout the repository | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # Step 2: Install Docker Compose (remove this step if already installed on your self-hosted for improved security) | |
| - name: Install Docker Compose | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y docker-compose | |
| docker-compose --version | |
| # Step 3: Set up Docker Buildx | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Step 4: Build and run services with Docker Compose | |
| - name: Build and run services with Docker Compose | |
| run: | | |
| docker-compose up -d --build | |
| # Step 5: Wait for services to start | |
| - name: Wait for services to start | |
| run: sleep 15 | |
| # Step 6: Test API Connectivity | |
| - name: Test API Connectivity | |
| run: | | |
| curl -I http://localhost:3001 | |
| # Step 7: Install Rust toolchain | |
| - name: Install Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| # Step 8: Install dependencies for WuppieFuzz (remove this step if already installed on your self-hosted for improved security) | |
| - name: Install dependencies for WuppieFuzz | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y pkg-config libssl-dev | |
| # Step 9: Clone WuppieFuzz repository | |
| - name: Clone WuppieFuzz repository | |
| run: git clone https://github.com/TNO-S3/WuppieFuzz.git | |
| # Step 10: Build WuppieFuzz | |
| - name: Build WuppieFuzz | |
| run: | | |
| cd WuppieFuzz | |
| cargo build --release | |
| cd .. | |
| # Step 11: Add WuppieFuzz to PATH | |
| - name: Add WuppieFuzz to PATH | |
| run: | | |
| echo "${{ github.workspace }}/WuppieFuzz/target/release" >> $GITHUB_PATH | |
| # Step 12: Generate initial corpus | |
| - name: Generate initial corpus | |
| run: wuppiefuzz output-corpus --openapi-spec openapi.yaml corpus_directory | |
| # Step 13: Run WuppieFuzz fuzzing | |
| - name: Run WuppieFuzz | |
| env: | |
| RUST_BACKTRACE: 1 | |
| run: | | |
| wuppiefuzz fuzz --report --log-level info --initial-corpus corpus_directory \ | |
| --timeout 700 openapi.yaml | |
| # Step 14: Upload WuppieFuzz report | |
| - name: Upload WuppieFuzz report | |
| uses: actions/upload-artifact@v4 # Updated to v4 | |
| with: | |
| name: wuppiefuzz-report | |
| path: reports/ | |
| # Step 15: Stop and remove Docker containers | |
| - name: Stop and remove Docker containers | |
| if: always() | |
| run: docker-compose down |