-
Notifications
You must be signed in to change notification settings - Fork 180
261 lines (236 loc) · 10.6 KB
/
rest-api-fuzzer.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
name: REST API Fuzz Test
on:
workflow_dispatch:
# schedule:
# - cron: "15 4 3 * *" # Run at 4:15am on the 3rd of every month
pull_request:
paths:
- '.github/workflows/rest-api-fuzzer.yml'
- 'setup/fuzzer/**/*'
env:
BUILD_CONFIGURATION: Release
BUILD_PLATFORM: 'Any CPU'
RESTLER_VERSION: '9.2.4'
PYTHON_VERSION: '3.8'
DOTNET_VERSION: '6.0.x'
jobs:
build-restler-fuzzer:
name: Fuzz test speckle-server REST API
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
name: Checkout RESTler Fuzzer
with:
repository: microsoft/restler-fuzzer
ref: v${{ env.RESTLER_VERSION }}
path: 'restler-fuzzer' # The path to clone the repository within the {{ github.workspace }} directory
- name: Setup .NET ${{ env.DOTNET_VERSION }}
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
cache: true
cache-dependency-path: ${{ github.workspace }}/restler-fuzzer/src/Restler.sln
- name: Restore NuGet packages
run: dotnet restore ${{ github.workspace }}/restler-fuzzer/src/Restler.sln
- name: Set up Python ${{ env.PYTHON_VERSION }}
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
cache: 'pip'
cache-dependency-path: ${{ github.workspace }}/restler-fuzzer/restler/requirements.txt
- name: Install engine (Python) dependencies
run: |
pip install -r ${{ github.workspace }}/restler-fuzzer/restler/requirements.txt
- name: Build RESTler
run: |
python ${{ github.workspace }}/restler-fuzzer/build-restler.py --dest_dir ${{ github.workspace }}/bin
- name: Debug the built output
run: |
ls -la ${{ github.workspace }}/bin/restler
ls -la ${{ github.workspace }}/bin/restler/Restler
- uses: actions/checkout@v4
name: Checkout speckle-server
with:
path: 'speckle-server'
- name: Restore cached Restler configuration
id: cache-config-restore
uses: actions/cache/restore@v4
with:
path: |
${{ github.workspace }}/restlerConfig
key: restler-config-${{ hashFiles('speckle-server/setup/fuzzer/speckle-server.openapi.json') }}
- name: Generate RESTler config from OpenAPI specification
if: steps.cache-config-restore.outputs.cache-hit != 'true'
run: |
${{ github.workspace }}/bin/restler/Restler generate_config --specs ${{ github.workspace }}/speckle-server/setup/fuzzer/speckle-server.openapi.json
- name: Print the Restler configuration
run: |
ls -la ${{ github.workspace }}
ls -la ${{ github.workspace }}/restlerConfig
echo ""
echo "############################################"
echo "# Engine settings #"
echo "# To customize, copy and save this file to #"
echo "# setup/fuzzer/settings.restler.json #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/restlerConfig/engine_settings.json
echo ""
echo "############################################"
echo "# Config #"
echo "# To customize, copy and save this file to #"
echo "# setup/fuzzer/config.restler.json #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/restlerConfig/config.json
echo ""
echo "############################################"
echo "# Dictionary #"
echo "# To customize, copy and save this file to #"
echo "# setup/fuzzer/dictionary.restler.json #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/restlerConfig/dict.json
echo ""
echo "############################################"
echo "# Annotations #"
echo "# To customize, copy and save this file to #"
echo "# setup/fuzzer/annotations.restler.json #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/restlerConfig/annotations.json
- name: Save Restler Config
id: cache-config-save
uses: actions/cache/save@v4
with:
path: |
${{ github.workspace }}/restlerConfig
key: ${{ steps.cache-config-restore.outputs.cache-primary-key }}
- name: Restore cached Restler grammar
id: cache-grammar-restore
uses: actions/cache/restore@v4
with:
path: |
${{ github.workspace }}/Compile
key: restler-grammar-${{ hashFiles('speckle-server/setup/fuzzer/*.json') }}
- name: Generate RESTler grammar from Restler config
if: steps.cache-grammar-restore.outputs.cache-hit != 'true'
run: |
${{ github.workspace }}/bin/restler/Restler compile ${{ github.workspace }}/speckle-server/setup/fuzzer/config.restler.json
- name: Print the contents of the Restler compile directory
run: |
ls -la ${{ github.workspace }}
ls -la ${{ github.workspace }}/Compile
- name: Save Grammar
id: cache-grammar-save
uses: actions/cache/save@v4
with:
path: |
${{ github.workspace }}/Compile
key: ${{ steps.cache-grammar-restore.outputs.cache-primary-key }}
- name: Docker Compose up
run: |
docker compose --file ${{ github.workspace }}/speckle-server/docker-compose-deps.yml up --detach
- name: Seed the database
run: |
sudo apt-get update
sudo apt-get install --yes --no-install-recommends postgresql-client
PGPASSWORD=speckle psql -h 127.0.0.1 -U speckle -d speckle -p 5432 -w -f ${{ github.workspace }}/speckle-server/setup/fuzzer/speckle.backup.sql
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: 22
cache: 'yarn'
cache-dependency-path: ${{ github.workspace }}/speckle-server/yarn.lock
- name: Install dependencies
working-directory: ${{ github.workspace }}/speckle-server/packages/server
run: yarn install
- name: Build public packages
working-directory: ${{ github.workspace }}/speckle-server/packages/server
run: yarn build:public
- name: Build speckle-server
working-directory: ${{ github.workspace }}/speckle-server/packages/server
run: yarn build
- name: Configure speckle-server
working-directory: ${{ github.workspace }}/speckle-server/packages/server
run: |
cp ${{ github.workspace }}/speckle-server/setup/fuzzer/.env.fuzz-test-example .env
- name: Run speckle-server
working-directory: ${{ github.workspace }}/speckle-server/packages/server
timeout-minutes: 1
run: |
yarn start &
until curl --output /dev/null --silent --head --fail http://127.0.0.1:3000/readiness; do
echo "Waiting a further 3 seconds for speckle-server to start..."
sleep 3
done
- name: Run RESTler coverage test
run: |
curl --head --fail http://127.0.0.1:3000/readiness
${{ github.workspace }}/bin/restler/Restler test \
--grammar_file "${{ github.workspace }}/Compile/grammar.py" \
--dictionary_file "${{ github.workspace }}/speckle-server/setup/fuzzer/dictionary.restler.json" \
--settings "${{ github.workspace }}/speckle-server/setup/fuzzer/settings.restler.json" \
--no_ssl \
--target_ip "127.0.0.1" \
--target_port "3000"
- name: Print the results
if: always()
run: |
ls -la ${{ github.workspace }}/Test
ls -la ${{ github.workspace }}/Test/RestlerResults || true
ls -la ${{ github.workspace }}/Test/ResponseBuckets || true
echo ""
echo "############################################"
echo "# Engine stderr #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/Test/EngineStdErr.txt || true
echo ""
echo "############################################"
echo "# Engine stdout #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/Test/EngineStdOut.txt || true
echo ""
echo "############################################"
echo "# Results analyzer stderr #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/Test/ResultsAnalyzerStdErr.txt || true
echo ""
echo "############################################"
echo "# Results analyzer stdout #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/Test/ResultsAnalyzerStdOut.txt || true
echo ""
echo "############################################"
echo "# Coverage failures to investigate #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/Test/coverage_failures_to_investigate.txt || true
echo ""
echo "############################################"
echo "# Restler logs #"
echo "############################################"
echo ""
cat ${{ github.workspace }}/Test/restler-*.log || true
echo ""
echo "############################################"
echo "# Coverage report #"
echo "############################################"
echo ""
cat "$(find ${{ github.workspace }}/Test -type f -name "speccov.json")" || true
echo ""
echo "############################################"
echo "# Network testing logs #"
echo "############################################"
echo ""
cat "$(find ${{ github.workspace }}/Test -type f -name "network.testing.*.txt")" || true
- name: Print Docker Compose logs
if: always()
run: |
docker compose --file ${{ github.workspace }}/speckle-server/docker-compose-deps.yml logs