-
Notifications
You must be signed in to change notification settings - Fork 182
110 lines (94 loc) · 3.45 KB
/
rest-api-fuzzer.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: REST API Fuzz Test
on:
workflow_dispatch:
pull_request: # Pushing a new commit to the HEAD ref of a pull request will trigger the “synchronize” event
paths:
- .yarnrc.yml .
- .yarn
- package.json
- '.github/workflows/rest-api-fuzzer.yml'
- 'packages/server/**/*'
- 'packages/shared/**/*'
env:
BUILD_CONFIGURATION: Release
BUILD_PLATFORM: 'Any CPU'
RESTLER_VERSION: '9.2.4'
PYTHON_VERSION: '3.8'
DOTNET_VERSION: '6.0.x'
jobs:
build-restler-fuzzer:
name: Fuzz test speckle-server REST API
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
name: Checkout RESTler Fuzzer
with:
repository: microsoft/restler-fuzzer
ref: v${{ env.RESTLER_VERSION }}
path: 'restler-fuzzer' # The path to clone the repository under {{ github.workspace }}
- name: Setup .NET ${{ env.DOTNET_VERSION }}
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
- name: Restore NuGet packages
run: dotnet restore ${{ github.workspace }}/restler-fuzzer/src/Restler.sln
- name: Set up Python ${{ env.PYTHON_VERSION }}
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install engine (Python) dependencies
run: |
pip install -r ${{ github.workspace }}/restler-fuzzer/restler/requirements.txt
- name: Build RESTler
run: |
python ${{ github.workspace }}/restler-fuzzer/build-restler.py --dest_dir ${{ github.workspace }}/bin
- name: Debug the built output
run: |
ls -la ${{ github.workspace }}/bin/restler
ls -la ${{ github.workspace }}/bin/restler/Restler
- uses: actions/checkout@v4
name: Checkout speckle-server
with:
path: 'speckle-server'
- name: Compile RESTler grammar from OpenAPI specification
run: |
${{ github.workspace }}/bin/restler/Restler compile --api_spec ${{ github.workspace }}/speckle-server/utils/specifications/speckle-server.openapi.json
- name: Print the results
run: ls -lat ${{ github.workspace }}/restlerConfig
# fuzz-rest-api-lite:
# runs-on: ubuntu-latest
# needs:
# - compile-fuzzer-syntax
# timeout-minutes: 15
# services:
# postgres:
# # Docker Hub image
# image: postgres:16.4-bookworm@sha256:91f464e7ba0ad91a106c94cff079fb4384139291b8c0502fd36989cf2c788bbb
# env:
# POSTGRES_DB: fuzz_test
# POSTGRES_PASSWORD: fuzz_test
# POSTGRES_USER: fuzz_test
# # Set health checks to wait until postgres has started
# options: >-
# --health-cmd pg_isready
# --health-interval 10s
# --health-timeout 5s
# --health-retries 5
# ports:
# - 5432:5432
# # 4. Run the fuzzer in lite mode
# steps:
# - name: Compile from OpenAPI
# run: docker run ${{ needs.build-restler-fuzzer.outputs.tags }} compile --api_spec <full path to API specification>
# # 5. Print the results
# fuzz-rest-api-full:
# runs-on: ubuntu-latest
# needs:
# - compile-fuzzer-syntax
# timeout-minutes: 45
# steps:
# - name: Run RESTler Fuzzer
# run: docker run /RESTler/restler/restler.exe fuzz --api_spec <full path to API specification> --fuzz_mode full
# # 7. Print the results