This pipeline uses an AAD Service Principal to authenticate to Onefuzz.
To create work items upon finding crashes, this pipeline uses a GitHub Personal Access Token to report any crashes found during fuzzing as GitHub Issues.
This example uses Encrypted Secrets to configure the workflow:
onefuzz_endpoint: The Onefuzz Instance. This should be the URL for the instance, such ashttps://onefuzz-playground.azurewebsites.net.onefuzz_client_id: The Client ID for the service principal.onefuzz_client_secret: The Client Secret for the service principal.onefuzz_pat: The GitHub Personal Access Token.
This example uses environment variables to configure the workflow:
ONEFUZZ_PROJECT:The name of your project. As an example, "Browser".ONEFUZZ_NAME: The name of your target application. As an example, "jpg-parser".ONEFUZZ_POOL: The name of the fuzzing Pool to use. As an example,my-linux-pool.
In the notification configuration, there are a few items that are hard-coded that you should update for your instance:
- Replace
INSERT_YOUR_USERNAME_HEREwith the name of your GitHub username used to file issues. - Replace
organizationwith the name of your GitHub organization to file issues. - Replace
repositorywith the name of your GitHub repository to file issues.