LogoLogo
  • Overview
    • Quickstart
    • FAQ
    • Overview
    • Pricing
    • Comparison
    • Discord
  • Pro Setup
    • Book a Demo
    • 30x30 Promotion
  • Guides
    • Generate a Test Suite
    • Local Agent Setup
    • Prompting
    • Getting an API Key
    • GitHub Actions
      • GitHub Action Setup
      • Prerun Scripts
      • Environment Config
      • Parallel Testing
      • Storing Secrets
      • Optimizing Performance
      • Action Output
      • Examples
        • Test Generation
        • Parallel Testing
        • Importing Tests
        • Desktop Apps
        • Secure Log In
    • Debugging Test Runs
    • Monitoring Performance
  • Reference
    • Test Steps
      • assert
      • exec
      • focus-application
      • hover-image
      • match-image
      • hover-text
      • if
      • press-keys
      • remember
      • run
      • scroll
      • scroll-until-image
      • scroll-until-text
      • type
      • wait
      • wait-for-image
      • wait-for-text
    • Interactive Commands
      • /assert
      • /undo
      • /save
      • /run
      • /generate
    • CLI
      • testdriverai init
      • testdriverai [file]
      • testdriverai run [file]
  • Security & Privacy
    • Agent
    • Action
    • Dashboard
  • FAQ
    • Screen Recording Permissions (Mac Only)
    • Status Page
Powered by GitBook
On this page
  • Ephemeral Virtual Machine Runners
  • Secrets
  • Production
  • Staging
  • Development

Was this helpful?

Export as PDF
  1. Security & Privacy

Action

PreviousAgentNextDashboard

Last updated 8 months ago

Was this helpful?

The TestDriver action is open source. You can find the source below.

Ephemeral Virtual Machine Runners

TestDriver tests are executed on private virtual machines managed by Amazon EC2. These VMs are ephemeral meaning they only exist for the lifetime of the test execution. After the test completes, the VM is destroyed and the hard disk is wiped.

Secrets

Any secrets supplied within Prerun Scripts or prompts will be transmitted over SSL to our API. Secrets supplied to agent prompts will be persisted (see Agent), but prerun scripts are not persisted.

If your workflow is blocked by secret sharing, please contact us.

A common workflow is to use Prerun Scripts to access a private staging website via basic auth. This will allow you to securely log into staging without persisting sensitive data on our servers.

Production

Testing production is the best starting point!

Testing production resources does not require any private information from your team. Simply provide the tests to TestDriver and point toward your publicly available endpoints. TestDriver does not need access to any private information.

Staging

Depending on your implementation, TestDriver may need secure information to test staging environments. See Secretsabove for more information on securely implementing tests on staging.

Development

TestDriver can clone feature branches and build code on it's virtual machines using a similar workflow to GitHub runners.

In order for TestDriver to test development branches of private codebases, it's necessary to supply a GitHub Token within the GitHub action. This personal access token is used to clone the codebase on the VM.

env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

We recommend storing any private information as a secret in your GitHub repository. .

This token is transmitted over SSL and is not persisted.

Learn more about storing secrets here
Learn more about managing the privacy of GitHub access tokens here.
LogoGitHub - testdriverai/actionGitHub