diff --git a/.github/workflows/cifuzz.yaml b/.github/workflows/cifuzz.yaml index ea71ebc90..202ce966d 100644 --- a/.github/workflows/cifuzz.yaml +++ b/.github/workflows/cifuzz.yaml @@ -7,21 +7,14 @@ jobs: Fuzzing: runs-on: ubuntu-latest steps: - - name: Build Fuzzers - id: build - uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master + - name: Checkout + uses: actions/checkout@v2 + - name: Restore Go cache + uses: actions/cache@v1 with: - oss-fuzz-project-name: 'fluxcd' - language: go - - name: Run Fuzzers - uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master - with: - oss-fuzz-project-name: 'fluxcd' - language: go - fuzz-seconds: 60 - - name: Upload Crash - uses: actions/upload-artifact@v1 - if: failure() && steps.build.outcome == 'success' - with: - name: artifacts - path: ./out/artifacts + path: /home/runner/work/_temp/_github_home/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- + - name: Smoke test Fuzzers + run: make fuzz-smoketest diff --git a/Makefile b/Makefile index 63d65673a..e1b0b2587 100644 --- a/Makefile +++ b/Makefile @@ -79,17 +79,16 @@ fuzz-build: mkdir -p $(shell pwd)/build/fuzz/out/ docker build . --tag local-fuzzing:latest -f tests/fuzz/Dockerfile.builder - docker run --rm -it \ - -e FUZZING_LANGUAGE=go -e FUZZ_SECONDS=600 -e MODE=batch \ + docker run --rm \ + -e FUZZING_LANGUAGE=go -e SANITIZER=address \ -e CIFUZZ_DEBUG='True' -e OSS_FUZZ_PROJECT_NAME=fluxcd \ - -e SANITIZER=address \ -v "$(shell pwd)/build/fuzz/out":/out \ local-fuzzing:latest fuzz-smoketest: fuzz-build - docker run --rm -ti \ + docker run --rm \ -v "$(shell pwd)/build/fuzz/out":/out \ -v "$(shell pwd)/tests/fuzz/oss_fuzz_run.sh":/runner.sh \ -e ENVTEST_BIN_VERSION=$(ENVTEST_KUBERNETES_VERSION) \ - gcr.io/oss-fuzz/fluxcd \ + local-fuzzing:latest \ bash -c "/runner.sh" diff --git a/tests/fuzz/events_fuzzer.go b/tests/fuzz/events_fuzzer.go index 4ee293e9f..8336c688f 100644 --- a/tests/fuzz/events_fuzzer.go +++ b/tests/fuzz/events_fuzzer.go @@ -37,10 +37,10 @@ import ( ) var ( - doOnce sync.Once - env *testenv.Environment - ts *httptest.Server - ctx = ctrl.SetupSignalHandler() + doOnce sync.Once + fuzzEnv *testenv.Environment + fuzzTs *httptest.Server + fuzzCtx = ctrl.SetupSignalHandler() ) const defaultBinVersion = "1.23" @@ -82,7 +82,7 @@ func FuzzEventf(data []byte) int { } }) - ts = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fuzzTs = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { b, err := io.ReadAll(r.Body) if err != nil { return @@ -94,24 +94,24 @@ func FuzzEventf(data []byte) int { return } })) - defer ts.Close() + defer fuzzTs.Close() scheme := runtime.NewScheme() utilruntime.Must(corev1.AddToScheme(scheme)) - env = testenv.New( + fuzzEnv = testenv.New( testenv.WithScheme(scheme), ) go func() { fmt.Println("Starting the test environment") - if err := env.Start(ctx); err != nil { + if err := fuzzEnv.Start(fuzzCtx); err != nil { panic(fmt.Sprintf("Failed to start the test environment manager: %v", err)) } }() - <-env.Manager.Elected() + <-fuzzEnv.Manager.Elected() - eventRecorder, err := NewRecorder(env, ctrl.Log, ts.URL, "test-controller") + eventRecorder, err := NewRecorder(fuzzEnv, ctrl.Log, fuzzTs.URL, "test-controller") if err != nil { return 0 } @@ -136,7 +136,7 @@ func FuzzEventf(data []byte) int { } eventRecorder.Eventf(&obj, eventtype, reason, obj.Name) - if err = env.Stop(); err != nil { + if err = fuzzEnv.Stop(); err != nil { return 0 } diff --git a/tests/fuzz/oss_fuzz_run.sh b/tests/fuzz/oss_fuzz_run.sh index b812467fe..4c87f489b 100755 --- a/tests/fuzz/oss_fuzz_run.sh +++ b/tests/fuzz/oss_fuzz_run.sh @@ -17,4 +17,4 @@ set -euxo pipefail # run each fuzzer once to ensure they are working properly -find /out -type f -name "fuzz*" -exec '{}' {} \; +find /out -type f -name "fuzz*" -exec echo {} -runs=1 \; | bash -e