From 388dd275f66b949adea1a133541199cb7116a368 Mon Sep 17 00:00:00 2001
From: Dominik Loidolt <dominik.loidolt@univie.ac.at>
Date: Sat, 20 Apr 2024 00:25:54 +0200
Subject: [PATCH] Add github action for corpus pruning and coverage reports
Corpus pruning minimizes the corpus produced by batch fuzzing by removing redundant items while keeping the same code coverage.
---
.../{cflite_build.yml: => cflite_build.yml} | 0
.github/workflows/cflite_cron.yml | 45 +++++++++++++++++++
.github/workflows/cflite_pr.yml | 11 ++---
3 files changed, 48 insertions(+), 8 deletions(-)
rename .github/workflows/{cflite_build.yml: => cflite_build.yml} (100%)
create mode 100644 .github/workflows/cflite_cron.yml
diff --git a/.github/workflows/cflite_build.yml: b/.github/workflows/cflite_build.yml
similarity index 100%
rename from .github/workflows/cflite_build.yml:
rename to .github/workflows/cflite_build.yml
diff --git a/.github/workflows/cflite_cron.yml b/.github/workflows/cflite_cron.yml
new file mode 100644
index 0000000..9cbf6f0
--- /dev/null
+++ b/.github/workflows/cflite_cron.yml
@@ -0,0 +1,45 @@
+name: ClusterFuzzLite cron tasks
+on:
+ schedule:
+ - cron: '0 0 * * *' # Once a day at midnight.
+permissions: read-all
+jobs:
+ Pruning:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Build Fuzzers
+ id: build
+ uses: google/clusterfuzzlite/actions/build_fuzzers@v1
+ with:
+ language: c
+ - name: Run Fuzzers
+ id: run
+ uses: google/clusterfuzzlite/actions/run_fuzzers@v1
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ fuzz-seconds: 600
+ mode: 'prune'
+ output-sarif: true
+ storage-repo: https://gh-action:${{ secrets.ACCESS_TOKEN_GITLAB_UNI }}@gitlab.phaidra.org/loidoltd15/cmp_tool_storage.git
+ storage-repo-branch: main
+ storage-repo-branch-coverage: gh-pages
+ Coverage:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Build Fuzzers
+ id: build
+ uses: google/clusterfuzzlite/actions/build_fuzzers@v1
+ with:
+ language: c
+ sanitizer: coverage
+ - name: Run Fuzzers
+ id: run
+ uses: google/clusterfuzzlite/actions/run_fuzzers@v1
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ fuzz-seconds: 600
+ mode: 'coverage'
+ sanitizer: 'coverage'
+ storage-repo: https://gh-action:${{ secrets.ACCESS_TOKEN_GITLAB_UNI }}@gitlab.phaidra.org/loidoltd15/cmp_tool_storage.git
+ storage-repo-branch: main
+ storage-repo-branch-coverage: gh-pages
diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml
index 9cc74ea..a82e85f 100644
--- a/.github/workflows/cflite_pr.yml
+++ b/.github/workflows/cflite_pr.yml
@@ -26,7 +26,6 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}
sanitizer: ${{ matrix.sanitizer }}
storage-repo: https://gh-action:${{ secrets.ACCESS_TOKEN_GITLAB_UNI }}@gitlab.phaidra.org/loidoltd15/cmp_tool_storage.git
-storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Run Fuzzers (${{ matrix.sanitizer }})
@@ -38,10 +37,6 @@ storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STOR
mode: 'code-change'
sanitizer: ${{ matrix.sanitizer }}
output-sarif: true
- # Optional but recommended: used to download the corpus produced by
- # batch fuzzing.
- # See later section on "Git repo for storage".
- # storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git
- # storage-repo-branch: main # Optional. Defaults to "main"
- # storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages".
-
+ storage-repo: https://gh-action:${{ secrets.ACCESS_TOKEN_GITLAB_UNI }}@gitlab.phaidra.org/loidoltd15/cmp_tool_storage.git
+ storage-repo-branch: main
+ storage-repo-branch-coverage: gh-pages
--
GitLab