summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorMohammed Al Sahaf <[email protected]>2019-10-28 20:45:55 +0300
committerGitHub <[email protected]>2019-10-28 20:45:55 +0300
commit6c533558a3db4b30a6b7a81d19ac180fe2000ca2 (patch)
treea74814c0725e4657e167f9df7817389ca24ac42d
parent2fbe2ff40be616712cf4edaac286629add268e0a (diff)
downloadcaddy-6c533558a3db4b30a6b7a81d19ac180fe2000ca2.tar.gz
caddy-6c533558a3db4b30a6b7a81d19ac180fe2000ca2.zip
fuzz-ci: fix & enhance fuzzing process (#2835)
* fuzz-ci: fix the authentication call for fuzzit by using the --api-key flag rather than the `auth` command * Allow fuzzing on schedules as well as non-fork PRs Closes #2710
-rw-r--r--azure-pipelines.yml30
1 files changed, 15 insertions, 15 deletions
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index 58ce4f0d1..de81333c6 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -157,9 +157,9 @@ jobs:
displayName: Coerce correct build result
- job: fuzzing
- displayName: 'Scheduled Fuzzing'
- # Only run this job on schedules, not PRs.
- condition: eq(variables['Build.Reason'], 'Schedule')
+ displayName: 'Fuzzing'
+ # Only run this job on schedules or PRs for non-forks.
+ condition: or(eq(variables['System.PullRequest.IsFork'], 'False'), eq(variables['Build.Reason'], 'Schedule') )
strategy:
matrix:
linux:
@@ -192,10 +192,10 @@ jobs:
displayName: Install Go on Linux
- bash: |
- # Install Clang
- sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main"
+ # Install Clang-7.0 because other versions seem to be missing the file libclang_rt.fuzzer-x86_64.a
+ sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-7 main"
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
- sudo apt update && sudo apt install -y clang lldb lld
+ sudo apt update && sudo apt install -y clang-7 lldb-7 lld-7
go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build
wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.74/fuzzit_Linux_x86_64
@@ -204,12 +204,6 @@ jobs:
displayName: Download go-fuzz tools and the Fuzzit CLI, and move Fuzzit CLI to GOBIN
condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' ))
- - script: fuzzit auth ${FUZZIT_API_KEY}
- condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' ))
- displayName: Authenticate with Fuzzit
- env:
- FUZZIT_API_KEY: $(FUZZIT_API_KEY)
-
- bash: |
declare -A fuzzers_funcs=(\
["./admin_fuzz.go"]="FuzzAdmin" \
@@ -228,16 +222,22 @@ jobs:
["./listeners_fuzz.go"]="parse-listen-addr" \
["./replacer_fuzz.go"]="replacer" \
)
- fuzz_type="fuzzing"
+
+ fuzz_type="regression"
+ if [[ $(Build.Reason) == "Schedule" ]]; then
+ fuzz_type="fuzzing"
+ fi
for f in $(find . -name \*_fuzz.go); do
FUZZER_DIRECTORY=$(dirname $f)
echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f"
go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY
echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f"
- clang -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.fuzzer"
- fuzzit create job --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]}.fuzzer
+ clang-7 -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}"
+ fuzzit create job caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]} --api-key ${FUZZIT_API_KEY} --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}"
echo "Completed $f"
done
+ env:
+ FUZZIT_API_KEY: $(FUZZIT_API_KEY)
workingDirectory: '$(modulePath)'
displayName: Generate fuzzers & submit them to Fuzzit