ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-24 15:25:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
parallelize-timer-work
onefuzz/.github/workflows/ci.yml
George Pollard 1cee562cf5 Support for retention policies on containers (#3501) 
- [x] ability to specify a retention period on a container, which applies to newly-created blobs
- [x] specify default retention periods in templates from CLI side 

There's a small breaking change to the Python JobHelper class.
2023-10-03 11:51:41 -07:00

698 lines
26 KiB
YAML
Raw Permalink Blame History

name: Build
on:
pull_request:
push:
branches:
- main
tags:
- "*"
workflow_dispatch:
# limit to one concurrent run per PR/branch,
# and cancel any previous runs still going
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
ACTIONS_CACHE_KEY_DATE: 2023-08-10
CI: true
jobs:
agent:
strategy:
matrix:
os:
- [
self-hosted,
"1ES.Pool=onefuzz-ci",
"1ES.ImageOverride=github-runner-image-windows-2019",
]
- [
self-hosted,
"1ES.Pool=onefuzz-ci",
"1ES.ImageOverride=github-runner-image-ubuntu-20.04",
]
- [
self-hosted,
"1ES.Pool=onefuzz-ci-arm64",
"1ES.ImageOverride=github-runner-image-ubuntu-20.04-arm64",
]
runs-on: "${{ matrix.os }}"
steps:
- uses: actions/checkout@v3
- name: Install specific Rust version
uses: dtolnay/rust-toolchain@55c7845fad90d0ae8b2e83715cb900e5e861e8cb # pinned latest master as of 2022-10-08
with:
toolchain: "1.71.1" # note: keep this in sync with .devcontainer/Dockerfile
components: clippy, rustfmt, llvm-tools-preview
- name: Setup Rust problem-matchers
uses: r7kamura/rust-problem-matchers@d58b70c4a13c4866d96436315da451d8106f8f08 # pinned to 1.3.0
- name: Get Rust version & build version
shell: bash
run: |
set -x
echo "RUST_VERSION=$(rustc --version)" >> $GITHUB_OUTPUT
VERSION=$(src/ci/get-version.sh)
# it's a release build if version doesn't have a plus in it
# NB: this should stay in sync with version generation in get-version.sh
IS_RELEASE_BUILD=$(if [[ "$VERSION" =~ '+' ]]; then echo 'false'; else echo 'true'; fi)
echo "RELEASE_BUILD=$IS_RELEASE_BUILD" >> $GITHUB_OUTPUT
id: rust-version
- name: Rust artifact cache
id: cache-agent-artifacts
# don't cache the rust agent for relase builds as the version number will be incorrect
# don't cache on builds on the main branch for deployment to canary/nightly
if: steps.rust-version.outputs.RELEASE_BUILD == 'false' && github.ref_name != 'main'
uses: actions/cache@v3
with:
# if nothing has changed inside src/agent, we can reuse the artifacts directory
path: artifacts
key: agent-artifacts|${{ join(matrix.os, ':') }}|${{steps.rust-version.outputs.RUST_VERSION}}|${{ env.ACTIONS_CACHE_KEY_DATE }}|${{ hashFiles('src/agent/**/*') }}|${{hashFiles('src/ci/agent.sh')}}
# note: also including the ACTIONS_CACHE_KEY_DATE to rebuild if the Prereq Cache is invalidated
- name: Rust build cache
id: rust-build-cache
uses: Swatinem/rust-cache@v2
if: steps.cache-agent-artifacts.outputs.cache-hit != 'true'
with:
key: ${{env.ACTIONS_CACHE_KEY_DATE}} # additional key for cache-busting
workspaces: src/agent
- name: Linux Prereqs
if: runner.os == 'Linux'
run: |
sudo apt-get -y update
sudo apt-get -y install libssl-dev libunwind-dev build-essential pkg-config clang
- name: Clone onefuzz-samples
run: git clone https://github.com/microsoft/onefuzz-samples
- name: Prepare for agent integration tests
shell: bash
working-directory: ./onefuzz-samples/examples/simple-libfuzzer
run: |
make
mkdir -p ../../../src/agent/onefuzz-task/tests/targets/simple
cp fuzz.exe ../../../src/agent/onefuzz-task/tests/targets/simple/fuzz.exe
cp *.pdb ../../../src/agent/onefuzz-task/tests/targets/simple/ 2>/dev/null || :
- name: Install Rust Prereqs
shell: bash
run: src/ci/rust-prereqs.sh
- run: src/ci/agent.sh
shell: bash
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
directory: artifacts
# aarch64 must be explicitly set; see: https://github.com/codecov/codecov-action/issues/650#issuecomment-1528860991
os: ${{ contains(join(matrix.os,':'), 'arm64') && 'aarch64' || '' }}
- uses: actions/upload-artifact@v3
with:
name: build-artifacts
path: artifacts
azcopy:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- run: src/ci/azcopy.sh
- uses: actions/upload-artifact@v3
with:
name: build-artifacts
path: artifacts
check-pr:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: lint
shell: bash
run: src/ci/check-check-pr.sh
cli:
needs:
- onefuzztypes
runs-on: windows-2019
steps:
- uses: actions/checkout@v3
- run: src/ci/set-versions.sh
shell: bash
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- uses: actions/download-artifact@v3
with:
name: artifact-onefuzztypes
path: artifacts
- name: Build
shell: bash
run: |
set -ex
ls artifacts
python -mvenv cli_venv
. cli_venv/Scripts/activate
cd src/cli
python -m pip install --upgrade pip
pip install -r requirements-dev.txt
pip-licenses -uf json > onefuzz/data/licenses.json
python setup.py sdist bdist_wheel
pip install -r ./requirements.txt ../../artifacts/sdk/*.whl
pip install six
pyinstaller onefuzz/__main__.py --onefile --name onefuzz --additional-hooks-dir extra/pyinstaller --hidden-import='pkg_resources.py2_warn' --hidden-import='opentelemetry.baggage' --hidden-import='opentelemetry.baggage.propagation' --hidden-import='opentelemetry.context.contextvars_context' --copy-metadata opentelemetry-sdk --copy-metadata opentelemetry-api --exclude-module tkinter --exclude-module PySide2 --exclude-module PIL.ImageDraw --exclude-module Pillow --clean --add-data "onefuzz/data/privacy.txt;onefuzz/data" --add-data "onefuzz/data/licenses.json;onefuzz/data"
./dist/onefuzz.exe --version
./dist/onefuzz.exe privacy_statement
mkdir -p ${GITHUB_WORKSPACE}/artifacts/windows-cli/
mkdir -p ${GITHUB_WORKSPACE}/artifacts/sdk/
cp dist/*.tar.gz dist/*.whl ${GITHUB_WORKSPACE}/artifacts/sdk/
cp dist/onefuzz.exe ${GITHUB_WORKSPACE}/artifacts/windows-cli/
- uses: actions/upload-artifact@v3
with:
name: artifact-cli
path: artifacts
- name: lint
shell: bash
run: |
set -ex
. cli_venv/Scripts/activate
cd src/cli
pip install -r requirements-lint.txt
flake8 .
bandit -r ./onefuzz/
black onefuzz examples tests --check
isort --profile black ./onefuzz ./examples/ ./tests/ --check
pytest -v tests
../ci/disable-py-cache.sh
mypy --ignore-missing-imports --implicit-reexport --namespace-packages ./onefuzz ./examples ./tests
# set a minimum confidence to ignore known false positives
vulture --min-confidence 61 onefuzz
contrib-webhook-teams-service:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: lint
shell: bash
run: |
set -ex
cd contrib/webhook-teams-service
python -m pip install --upgrade pip isort click==8.0.4 black mypy==0.910 flake8
pip install -r requirements.txt
mypy webhook
black webhook --check
isort --profile black webhook
flake8 webhook
python-safety:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: lint
shell: bash
run: |
set -ex
cd contrib/deploy-onefuzz-via-azure-devops
python -m pip install --upgrade pip
python -m pip install tox pipenv
tox
onefuzztypes:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- run: src/ci/set-versions.sh
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- run: src/ci/onefuzztypes.sh
- uses: actions/upload-artifact@v3
with:
name: artifact-onefuzztypes
path: artifacts
proxy:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Rust build cache
id: rust-build-cache
uses: Swatinem/rust-cache@v2
with:
key: ${{env.ACTIONS_CACHE_KEY_DATE}} # additional key for cache-busting
workspaces: src/proxy-manager
- name: Install Rust Prereqs
if: steps.rust-build-cache.outputs.cache-hit != 'true'
shell: bash
run: src/ci/rust-prereqs.sh
- run: src/ci/proxy.sh
- uses: actions/upload-artifact@v3
with:
name: artifact-proxy
path: artifacts
service:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- name: Setup .NET Core SDK
uses: actions/setup-dotnet@v3
with:
# use global.json to install the correct version
global-json-file: global.json
- name: Install dependencies
run: |
cd src/ApiService/
dotnet restore --locked-mode
dotnet tool restore
sudo npm install -g azurite
- name: Check Formatting
run: |
cd src/ApiService/
dotnet format --verify-no-changes --no-restore
# note that Test comes before Build:
# Test will build things in Debug mode, Build will build them in Release
# Build comes second in case Test would do something (unspecified) that
# would somehow alter the binaries that we want to package.
- name: Test & Collect coverage info
run: |
cd src/ApiService/
azurite --silent &
dotnet test --no-restore --collect:"XPlat Code Coverage" --filter 'Category!=Live'
kill %1
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
- name: Build Service
run: |
set -x
version=$(./src/ci/get-version.sh)
cd src/ApiService/
# Store GitHub RunID and SHA to be read by the 'info' function
echo ${GITHUB_RUN_ID} | tee ApiService/onefuzzlib/build.id
echo ${GITHUB_SHA} | tee ApiService/onefuzzlib/git.version
# stamp the build with version
# note that version might have a suffix of '+{sha}' from get-version.sh
# NB: ensure this stays in sync with get-version.sh
if [[ "$version" =~ '+' ]]; then
# if it has a suffix, split it into two parts
dotnet build -warnaserror --configuration Release /p:VersionPrefix=${version%+*} /p:SourceRevisionId=${version#*+}
else
dotnet build -warnaserror --configuration Release /p:VersionPrefix=${version}
fi
- name: copy artifacts
run: |
./src/ci/get-version.sh > src/deployment/VERSION
cd src/ApiService/ApiService/
mv az-local.settings.json bin/Release/net7.0/local.settings.json
cd bin/Release/net7.0/
zip -r api-service.zip .
mkdir -p ${GITHUB_WORKSPACE}/artifacts/service
cp api-service.zip ${GITHUB_WORKSPACE}/artifacts/service
- uses: actions/upload-artifact@v3
with:
name: build-artifacts
path: artifacts
afl:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/cache@v3
id: cache-build
with:
key: afl|${{runner.os}}-${{runner.arch}}|${{ hashFiles('src/ci/afl.sh') }}
path: artifacts
- run: src/ci/afl.sh
if: steps.cache-build.outputs.cache-hit != 'true'
- uses: actions/upload-artifact@v3
with:
name: artifact-afl
path: artifacts
aflpp:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/cache@v3
id: cache-build
with:
key: aflpp|${{runner.os}}-${{runner.arch}}|${{ hashFiles('src/ci/aflpp.sh') }}
path: artifacts
- run: src/ci/aflpp.sh
if: steps.cache-build.outputs.cache-hit != 'true'
- uses: actions/upload-artifact@v3
with:
name: artifact-aflpp
path: artifacts
bicep-check:
name: Check Bicep files
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: azure/CLI@v1
with:
inlineScript: |
az config set bicep.use_binary_from_path=false
az bicep install
az bicep build --file src/deployment/azuredeploy.bicep --stdout > /dev/null
dotnet-fuzzing-tools-linux:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Setup .NET Core SDK
uses: actions/setup-dotnet@v3
with:
# use global.json to install the correct version
global-json-file: global.json
- run: src/ci/dotnet-fuzzing-tools.sh
shell: bash
- uses: actions/upload-artifact@v3
with:
name: artifact-dotnet-fuzzing-tools-linux
path: artifacts
dotnet-fuzzing-tools-windows:
runs-on: windows-2022
steps:
- uses: actions/checkout@v3
- name: Setup .NET Core SDK
uses: actions/setup-dotnet@v3
with:
# use global.json to install the correct version
global-json-file: global.json
- name: install llVM
run: |
choco install llvm --version 16.0.6
shell: powershell
- run: src/ci/dotnet-fuzzing-tools.ps1
shell: pwsh
- uses: actions/upload-artifact@v3
with:
name: artifact-dotnet-fuzzing-tools-windows
path: artifacts
radamsa-linux:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/cache@v3
id: cache-radamsa-build-linux
with:
# key on the shell script only: this script fixes the
# version to a particular commit, so if it changes we need to rebuild
key: radamsa|${{runner.os}}-${{runner.arch}}|${{ hashFiles('src/ci/radamsa-linux.sh') }}
path: artifacts
- run: src/ci/radamsa-linux.sh
if: steps.cache-radamsa-build-linux.outputs.cache-hit != 'true'
- uses: actions/upload-artifact@v3
with:
name: artifact-radamsa-linux
path: artifacts
radamsa-win64:
runs-on: windows-2019
steps:
- uses: actions/checkout@v3
- uses: actions/cache@v3
id: cache-radamsa-build-windows
with:
# key on the shell script only: this script fixes the
# version to a particular commit, so if it changes we need to rebuild
key: radamsa|${{runner.os}}-${{runner.arch}}|${{ hashFiles('src/ci/radamsa-windows.sh') }}
path: artifacts
- run: c:\msys64\usr\bin\bash src/ci/radamsa-windows.sh
if: steps.cache-radamsa-build-windows.outputs.cache-hit != 'true'
- uses: actions/upload-artifact@v3
with:
name: artifact-radamsa-windows
path: artifacts
package:
needs:
- agent
- azcopy
- cli
- proxy
- service
- afl
- aflpp
- dotnet-fuzzing-tools-linux
- dotnet-fuzzing-tools-windows
- radamsa-linux
- radamsa-win64
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: build-artifacts
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-cli
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-proxy
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-radamsa-linux
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-radamsa-windows
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-afl
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-aflpp
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-dotnet-fuzzing-tools-linux
path: artifacts
- uses: actions/download-artifact@v3
with:
name: artifact-dotnet-fuzzing-tools-windows
path: artifacts
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Lint
shell: bash
run: |
set -ex
cd src/deployment
python -m pip install --upgrade pip
pip install mypy==0.910 isort click==8.0.4 black types-requests flake8
mypy .
isort --profile black . --check
black . --check
flake8 *.py
rm -r .mypy_cache
- name: Package Onefuzz
run: |
set -ex
find artifacts
mkdir release-artifacts
cp -r src/runtime-tools src/deployment/tools
if [ -f artifacts/azcopy/NOTICE.txt ]; then
cp artifacts/azcopy/azcopy artifacts/azcopy/NOTICE.txt src/deployment/tools/linux
cp artifacts/azcopy/azcopy.exe artifacts/azcopy/NOTICE.txt src/deployment/tools/win64
else
cp artifacts/azcopy/azcopy artifacts/azcopy/ThirdPartyNotice.txt src/deployment/tools/linux
cp artifacts/azcopy/azcopy.exe artifacts/azcopy/ThirdPartyNotice.txt src/deployment/tools/win64
fi
cp artifacts/agent-MINGW*/onefuzz-agent.exe src/deployment/tools/win64/
cp artifacts/agent-MINGW*/onefuzz-task.exe src/deployment/tools/win64/
cp artifacts/agent-MINGW*/onefuzz_agent.pdb src/deployment/tools/win64/
cp artifacts/agent-MINGW*/onefuzz_task.pdb src/deployment/tools/win64/
cp artifacts/agent-Linux-x86_64/onefuzz-agent src/deployment/tools/linux/
cp artifacts/agent-Linux-x86_64/onefuzz-task src/deployment/tools/linux/
# cp artifacts/agent-Linux-aarch64/onefuzz-agent src/deployment/tools/linux-aarch64/
# cp artifacts/agent-Linux-aarch64/onefuzz-task src/deployment/tools/linux-aarch64/
cp artifacts/proxy/onefuzz-proxy-manager src/deployment/tools/linux/
cp artifacts/service/api-service.zip src/deployment
cp -r artifacts/third-party src/deployment
echo $GITHUB_RUN_ID | tee src/deployment/.build.id
echo $GITHUB_SHA | tee src/deployment/.sha
./src/ci/get-version.sh > src/deployment/VERSION
(cd src/deployment ; zip -r onefuzz-deployment-$(cat VERSION).zip . )
cp src/deployment/onefuzz-deployment*zip release-artifacts
cp -r artifacts/sdk release-artifacts
cp -r artifacts/windows-cli/onefuzz.exe release-artifacts/onefuzz-cli-$(./src/ci/get-version.sh).exe
- uses: actions/upload-artifact@v3
with:
name: release-artifacts
path: release-artifacts
build-integration-tests-linux:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Cache integration tests
id: cache-integration-tests
uses: actions/cache@v3
with:
path: src/integration-tests/artifacts
key: integration-tests|linux|${{ env.ACTIONS_CACHE_KEY_DATE }}|${{ hashFiles('src/integration-tests/**/*') }}
- name: Build integration tests
if: steps.cache-integration-tests.outputs.cache-hit != 'true'
run: |
set -ex
cd src/integration-tests
mkdir -p artifacts
cp integration-test.py artifacts/
mkdir -p artifacts/linux-libfuzzer
mkdir -p artifacts/linux-libfuzzer-with-options
mkdir -p artifacts/mariner-libfuzzer
(cd libfuzzer ; make )
cp -r libfuzzer/fuzz.exe libfuzzer/seeds artifacts/linux-libfuzzer
cp -r libfuzzer/fuzz.exe libfuzzer/seeds artifacts/linux-libfuzzer-with-options
cp -r libfuzzer/fuzz.exe libfuzzer/seeds artifacts/mariner-libfuzzer
mkdir -p artifacts/linux-libfuzzer-regression
(cd libfuzzer-regression ; make )
cp -r libfuzzer-regression/broken.exe libfuzzer-regression/fixed.exe libfuzzer-regression/seeds artifacts/linux-libfuzzer-regression
mkdir -p artifacts/linux-trivial-crash
(cd trivial-crash ; make )
cp -r trivial-crash/fuzz.exe trivial-crash/seeds artifacts/linux-trivial-crash
mkdir -p artifacts/linux-libfuzzer-dlopen
(cd libfuzzer-dlopen; make)
cp -r libfuzzer-dlopen/{fuzz.exe,*.so,seeds} artifacts/linux-libfuzzer-dlopen/
mkdir -p artifacts/linux-libfuzzer-linked-library
(cd libfuzzer-linked-library; make)
cp -r libfuzzer-linked-library/{fuzz.exe,*.so,seeds} artifacts/linux-libfuzzer-linked-library/
mkdir -p artifacts/linux-trivial-crash-asan
(cd trivial-crash ; make clean; make CFLAGS='-fsanitize=address -fno-omit-frame-pointer')
cp -r trivial-crash/fuzz.exe trivial-crash/seeds artifacts/linux-trivial-crash-asan
mkdir -p artifacts/linux-libfuzzer-rust
(cd libfuzzer-rust ; make )
cp -r libfuzzer-rust/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_target_1 artifacts/linux-libfuzzer-rust
# AFL v2.75b
mkdir -p artifacts/linux-trivial-crash-afl
git clone https://github.com/google/AFL
(cd AFL; git checkout 82b5e359463238d790cadbe2dd494d6a4928bff3; make afl-gcc afl-fuzz afl-as)
export AFL_CC_PATH=$PWD/AFL/afl-clang
(cd trivial-crash ; make clean; make CC=$AFL_CC_PATH)
cp -r trivial-crash/fuzz.exe trivial-crash/seeds artifacts/linux-trivial-crash-afl
# libfuzzer cross-compiled to aarch64
mkdir -p artifacts/linux-libfuzzer-aarch64-crosscompile
(cd libfuzzer-aarch64-crosscompile; make)
cp -r libfuzzer-aarch64-crosscompile/fuzz.exe libfuzzer-aarch64-crosscompile/inputs artifacts/linux-libfuzzer-aarch64-crosscompile
# C# target.
sudo apt-get install -y dotnet-sdk-7.0
(cd GoodBad; dotnet publish -c Release -o out)
mv GoodBad/out artifacts/GoodBadDotnet
- uses: actions/upload-artifact@v3
with:
# NB: this name is used by check-pr.py
name: artifact-integration-tests-linux
path: src/integration-tests/artifacts
build-integration-tests-windows:
runs-on: windows-2022
steps:
- uses: actions/checkout@v3
- name: Cache integration tests
id: cache-integration-tests
uses: actions/cache@v3
with:
path: src/integration-tests/artifacts
key: integration-tests|windows|${{ env.ACTIONS_CACHE_KEY_DATE }}|${{ hashFiles('src/integration-tests/**/*') }}
- name: Setup C/C++ environment
uses: ilammy/msvc-dev-cmd@cec98b9d092141f74527d0afa6feb2af698cfe89 # pinned to v1.12.1
- name: Build integration tests
if: steps.cache-integration-tests.outputs.cache-hit != 'true'
run: |
Set-ExecutionPolicy Bypass -Scope Process -Force
$ProgressPreference = 'SilentlyContinue'
Invoke-Expression (Invoke-RestMethod 'https://chocolatey.org/install.ps1')
choco install llvm
choco install make
$env:Path += ";C:\Program Files\LLVM\bin;C:\ProgramData\chocolatey\bin"
cd src/integration-tests
mkdir artifacts/windows-libfuzzer
cd libfuzzer
make
cp fuzz.exe,fuzz.pdb,seeds ../artifacts/windows-libfuzzer -Recurse
cd ../
mkdir artifacts/windows-trivial-crash
cd trivial-crash
make
cp fuzz.exe,fuzz.pdb,seeds ../artifacts/windows-trivial-crash -Recurse
cd ../
mkdir artifacts/windows-libfuzzer-linked-library
cd libfuzzer-linked-library
make -f Makefile.windows
cp fuzz.exe,fuzz.pdb,bad1.dll,bad1.pdb,bad2.dll,bad2.pdb,seeds ../artifacts/windows-libfuzzer-linked-library -Recurse
cd ../
mkdir artifacts/windows-libfuzzer-load-library
cd libfuzzer-load-library
make
cp fuzz.exe,fuzz.pdb,bad.dll,bad.pdb,seeds ../artifacts/windows-libfuzzer-load-library -Recurse
cd ../
mkdir artifacts/windows-trivial-crash-asan
cd trivial-crash
make clean
make CFLAGS='-fsanitize=address -fno-omit-frame-pointer'
cp fuzz.exe,fuzz.pdb,seeds ../artifacts/windows-trivial-crash-asan -Recurse
shell: powershell
- uses: actions/upload-artifact@v3
with:
# NB: this name is used by check-pr.py
name: artifact-integration-tests-windows
path: src/integration-tests/artifacts
integration-tests-linux:
runs-on: ubuntu-20.04
needs:
- build-integration-tests-linux
- dotnet-fuzzing-tools-linux
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: artifact-dotnet-fuzzing-tools-linux
path: dotnet-fuzzing-tools-linux
- uses: actions/download-artifact@v3
with:
name: artifact-integration-tests-linux
path: integration-tests-linux
- name: test
shell: bash
run: |
set -ex -o pipefail
# Must be absolute paths.
export GOODBAD_DOTNET="${GITHUB_WORKSPACE}/integration-tests-linux/GoodBadDotnet"
export LIBFUZZER_DOTNET="${GITHUB_WORKSPACE}/dotnet-fuzzing-tools-linux/third-party/dotnet-fuzzing-linux/libfuzzer-dotnet/libfuzzer-dotnet"
chmod +x $LIBFUZZER_DOTNET
export LIBFUZZER_DOTNET_LOADER="${GITHUB_WORKSPACE}/dotnet-fuzzing-tools-linux/third-party/dotnet-fuzzing-linux/LibFuzzerDotnetLoader/LibFuzzerDotnetLoader"
chmod +x $LIBFUZZER_DOTNET_LOADER
export SHARPFUZZ="${GITHUB_WORKSPACE}/dotnet-fuzzing-tools-linux/third-party/dotnet-fuzzing-linux/sharpfuzz/SharpFuzz.CommandLine"
chmod +x $SHARPFUZZ
./src/ci/test-libfuzzer-dotnet.sh
Reference in New Issue View Git Blame Copy Permalink