105 lines
2.8 KiB
YAML
105 lines
2.8 KiB
YAML
name: ABE Exploratory Testing
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
workflow_dispatch:
|
|
inputs:
|
|
target-url:
|
|
description: Target URL to explore
|
|
required: false
|
|
default: 'http://localhost:3000'
|
|
max-states:
|
|
description: Maximum states to explore
|
|
required: false
|
|
default: '30'
|
|
|
|
jobs:
|
|
explore:
|
|
name: Autonomous Bug Exploration
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Install Playwright browsers
|
|
run: npx playwright install chromium --with-deps
|
|
|
|
- name: Start target application
|
|
run: docker compose up -d app
|
|
# Replace 'app' with your application's docker-compose service name.
|
|
# Or start your app however it's normally run in CI.
|
|
continue-on-error: true
|
|
|
|
- name: Wait for application to be ready
|
|
run: |
|
|
npx wait-on \
|
|
http://localhost:3000 \
|
|
--timeout 30000 \
|
|
--interval 2000
|
|
continue-on-error: true
|
|
|
|
- name: Run ABE exploration
|
|
id: abe
|
|
run: |
|
|
npm run abe -- explore \
|
|
--url "${{ github.event.inputs.target-url || 'http://localhost:3000' }}" \
|
|
--max-states "${{ github.event.inputs.max-states || '30' }}" \
|
|
--seed 42 \
|
|
--output junit \
|
|
--fail-on-severity high \
|
|
--reports-dir ./abe-reports
|
|
continue-on-error: true
|
|
|
|
- name: Publish JUnit test results
|
|
if: always()
|
|
uses: EnricoMi/publish-unit-test-result-action@v2
|
|
with:
|
|
files: abe-results.xml
|
|
check_name: ABE Findings
|
|
comment_title: ABE Exploration Results
|
|
|
|
- name: Upload ABE reports
|
|
if: always()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: abe-reports
|
|
path: |
|
|
abe-reports/
|
|
abe-results.xml
|
|
retention-days: 30
|
|
|
|
- name: Fail if high/critical findings found
|
|
if: steps.abe.outcome == 'failure'
|
|
run: |
|
|
echo "ABE found high or critical severity bugs. See artifacts for details."
|
|
exit 1
|
|
|
|
# Optional: Use the composite action instead
|
|
explore-with-action:
|
|
name: ABE via Composite Action
|
|
runs-on: ubuntu-latest
|
|
if: false # Set to true to enable this alternative job
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Run ABE
|
|
uses: ./.github/actions/abe-explore
|
|
with:
|
|
url: http://localhost:3000
|
|
max-states: '30'
|
|
fail-on-severity: high
|
|
output: junit
|