From 9e28f60aab31c9ae674bd55ba3975bc6b1c2514c Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Wed, 4 Nov 2020 19:32:07 +0300 Subject: [PATCH] ci: remove the continuous fuzzing job (#3845) Between Github Actions deprecting a command we use[0] and Fuzzit planning to deprecate their standalone service after being acquired by Gitlab[1][2], there are no reasons to keep this job. [0] https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ [1] https://about.gitlab.com/press/releases/2020-06-11-gitlab-acquires-peach-tech-and-fuzzit-to-expand-devsecops-offering.html [2] https://fuzzit.dev/2020/06/11/news-fuzzit-is-acquired-by-gitlab/ --- .github/workflows/fuzzing.yml | 73 ----------------------------------- 1 file changed, 73 deletions(-) delete mode 100644 .github/workflows/fuzzing.yml diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml deleted file mode 100644 index 05f4629c..00000000 --- a/.github/workflows/fuzzing.yml +++ /dev/null @@ -1,73 +0,0 @@ -name: Fuzzing - -on: - # Daily midnight fuzzing - schedule: - - cron: '0 0 * * *' - -jobs: - fuzzing: - name: Fuzzing - - strategy: - matrix: - os: [ ubuntu-latest ] - go: [ '1.14' ] - runs-on: ${{ matrix.os }} - - steps: - - name: Install Go - uses: actions/setup-go@v2 - with: - go-version: ${{ matrix.go }} - - - name: Checkout code - uses: actions/checkout@v2 - - - name: Download go-fuzz tools and the Fuzzit CLI, move Fuzzit CLI to GOBIN - # If we decide we need to prevent this from running on forks, we can use this line: - # if: github.repository == 'caddyserver/caddy' - run: | - - go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build - wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.77/fuzzit_Linux_x86_64 - chmod a+x fuzzit - mv fuzzit $(go env GOPATH)/bin - echo "::add-path::$(go env GOPATH)/bin" - - - name: Generate fuzzers & submit them to Fuzzit - continue-on-error: true - env: - FUZZIT_API_KEY: ${{ secrets.FUZZIT_API_KEY }} - SYSTEM_PULLREQUEST_SOURCEBRANCH: ${{ github.ref }} - BUILD_SOURCEVERSION: ${{ github.sha }} - run: | - # debug - echo "PR Source Branch: $SYSTEM_PULLREQUEST_SOURCEBRANCH" - echo "Source version: $BUILD_SOURCEVERSION" - - declare -A fuzzers_funcs=(\ - ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="FuzzParseAddress" \ - ["./listeners_fuzz.go"]="FuzzParseNetworkAddress" \ - ["./replacer_fuzz.go"]="FuzzReplacer" \ - ) - - declare -A fuzzers_targets=(\ - ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="parse-address" \ - ["./listeners_fuzz.go"]="parse-network-address" \ - ["./replacer_fuzz.go"]="replacer" \ - ) - - fuzz_type="fuzzing" - - for f in $(find . -name \*_fuzz.go); do - FUZZER_DIRECTORY=$(dirname "$f") - - echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f" - - go-fuzz-build -func "${fuzzers_funcs[$f]}" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.zip" "$FUZZER_DIRECTORY" - - fuzzit create job --engine go-fuzz caddyserver/"${fuzzers_targets[$f]}" "$FUZZER_DIRECTORY"/"${fuzzers_targets[$f]}.zip" --api-key "${FUZZIT_API_KEY}" --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" - - echo "Completed $f" - done