File tree Expand file tree Collapse file tree 7 files changed +678
-1
lines changed Expand file tree Collapse file tree 7 files changed +678
-1
lines changed Original file line number Diff line number Diff line change 1+ name : CIFuzz
2+ on :
3+ pull_request :
4+ branches :
5+ - main
6+
7+ permissions :
8+ contents : read
9+
10+ jobs :
11+ Fuzzing :
12+ runs-on : ubuntu-latest
13+ steps :
14+ - name : Checkout
15+ uses : actions/checkout@v2
16+ - name : Restore Go cache
17+ uses : actions/cache@v1
18+ with :
19+ path : /home/runner/work/_temp/_github_home/go/pkg/mod
20+ key : ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
21+ restore-keys : |
22+ ${{ runner.os }}-go-
23+ name : Smoke test Fuzzers
24+ run : make fuzz-smoketest
Original file line number Diff line number Diff line change @@ -178,7 +178,7 @@ install-envtest: setup-envtest ## Download envtest binaries locally.
178178 mkdir -p ${ENVTEST_ASSETS_DIR}
179179 $(ENVTEST ) use $(ENVTEST_KUBERNETES_VERSION ) --arch=$(ENVTEST_ARCH ) --bin-dir=$(ENVTEST_ASSETS_DIR )
180180# setup-envtest sets anything below k8s to 0555
181- chmod -R u+w $(BUILD_DIR)
181+ chmod -R u+w $(BUILD_DIR)/testbin
182182
183183libgit2 : $(LIBGIT2 ) # # Detect or download libgit2 library
184184
@@ -221,3 +221,24 @@ go install $(2) ;\
221221rm -rf $$TMP_DIR ;\
222222}
223223endef
224+
225+ # Build fuzzers
226+ fuzz-build : $(LIBGIT2 )
227+ rm -rf $(shell pwd) /build/fuzz/
228+ mkdir -p $(shell pwd) /build/fuzz/out/
229+
230+ # TODO: remove mapping of current libgit2 dir and pull binaries from release or build dependency chain on demand.
231+ docker build . --tag local-fuzzing:latest -f tests/fuzz/Dockerfile.builder
232+ docker run --rm \
233+ -e FUZZING_LANGUAGE=go -e SANITIZER=address \
234+ -e CIFUZZ_DEBUG='True' -e OSS_FUZZ_PROJECT_NAME=fluxcd \
235+ -v "$(shell pwd)/build/fuzz/out":/out \
236+ -v "$(shell pwd)/build/libgit2":"/root/go/src/github.com/fluxcd/source-controller/build/libgit2" \
237+ local-fuzzing:latest
238+
239+ fuzz-smoketest : fuzz-build
240+ docker run --rm \
241+ -v " $( shell pwd) " \
242+ -v " $( shell pwd) " \
243+ local-fuzzing:latest \
244+ bash -c " /runner.sh"
Original file line number Diff line number Diff line change 1+ FROM gcr . io /oss -fuzz -base /base -builder -go
2+
3+ COPY . / $GOPATH/src /github . com /fluxcd /source -controller /
4+ COPY . /tests /fuzz /oss_fuzz_build . sh $SRC/build . sh
5+
6+ WORKDIR $SRC
You can’t perform that action at this time.
0 commit comments