Understand the ephemeral VM runners, secrets handling, and environment-specific security for the TestDriver Action.
The TestDriver Action is open source, and its source code is available for review. You can find the repository here:
TestDriver tests are executed on private virtual machines (VMs) managed by Amazon EC2. These VMs are ephemeral, meaning they only exist for the duration of the test execution. Once the test is complete:
To securely manage private information, we recommend storing sensitive data as secrets in your GitHub repository. Learn more about storing secrets in GitHub.
A common workflow involves using prerun scripts to securely access a private staging website via basic authentication. This allows you to log into staging environments without persisting sensitive data on TestDriver servers.
Testing production environments is the simplest and most secure starting point.
Testing staging environments may require secure information, such as credentials or tokens.
TestDriver can clone feature branches and build code on its virtual machines using workflows similar to GitHub Actions.
To test development branches of private codebases, you must supply a GitHub personal access token within the GitHub Action. This token is used to:
Example configuration:
Understand the ephemeral VM runners, secrets handling, and environment-specific security for the TestDriver Action.
The TestDriver Action is open source, and its source code is available for review. You can find the repository here:
TestDriver tests are executed on private virtual machines (VMs) managed by Amazon EC2. These VMs are ephemeral, meaning they only exist for the duration of the test execution. Once the test is complete:
To securely manage private information, we recommend storing sensitive data as secrets in your GitHub repository. Learn more about storing secrets in GitHub.
A common workflow involves using prerun scripts to securely access a private staging website via basic authentication. This allows you to log into staging environments without persisting sensitive data on TestDriver servers.
Testing production environments is the simplest and most secure starting point.
Testing staging environments may require secure information, such as credentials or tokens.
TestDriver can clone feature branches and build code on its virtual machines using workflows similar to GitHub Actions.
To test development branches of private codebases, you must supply a GitHub personal access token within the GitHub Action. This token is used to:
Example configuration: