From 0e1767ba937e2ece749f0fd77fa1b12ad005563f Mon Sep 17 00:00:00 2001 From: Yevgeny Pats Date: Wed, 21 Aug 2019 11:43:53 +0300 Subject: [PATCH] Add Continuous Fuzzing via Fuzzit (#5890) * add fuzzit.dev continuous fuzzing integration Signed-off-by: Krzysztof Kowalczyk * Migration to Circle Signed-off-by: Yevgeny Pats --- .circleci/config.yml | 24 ++++++++++++++++++++++++ README.md | 1 + fuzzit.sh | 30 ++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) create mode 100755 fuzzit.sh diff --git a/.circleci/config.yml b/.circleci/config.yml index 0b24acb2c..b03389111 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,6 +11,10 @@ executors: docker: - image: circleci/golang:1.12 + fuzzit: + docker: + - image: fuzzitdev/golang:1.12.7-buster + jobs: test: executor: golang @@ -32,6 +36,20 @@ jobs: file: prometheus - prometheus/store_artifact: file: promtool + fuzzit_regression: + executor: fuzzit + working_directory: /go/src/github.com/prometheus/prometheus + steps: + - checkout + - setup_remote_docker + - run: ./fuzzit.sh local-regression + fuzzit_fuzzing: + executor: fuzzit + working_directory: /go/src/github.com/prometheus/prometheus + steps: + - checkout + - setup_remote_docker + - run: ./fuzzit.sh fuzzing makefile_sync: executor: golang @@ -47,6 +65,10 @@ workflows: filters: tags: only: /.*/ + - fuzzit_regression: + filters: + tags: + only: /.*/ - prometheus/build: name: build filters: @@ -81,3 +103,5 @@ workflows: jobs: - makefile_sync: context: org-context + - fuzzit_fuzzing: + context: org-context diff --git a/README.md b/README.md index 908a2cccf..f87408a6b 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/prom/prometheus.svg?maxAge=604800)][hub] [![Go Report Card](https://goreportcard.com/badge/github.com/prometheus/prometheus)](https://goreportcard.com/report/github.com/prometheus/prometheus) [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/486/badge)](https://bestpractices.coreinfrastructure.org/projects/486) +[![fuzzit](https://app.fuzzit.dev/badge?org_id=prometheus&branch=master)](https://fuzzit.dev) Visit [prometheus.io](https://prometheus.io) for the full documentation, examples and guides. diff --git a/fuzzit.sh b/fuzzit.sh new file mode 100755 index 000000000..7f2213219 --- /dev/null +++ b/fuzzit.sh @@ -0,0 +1,30 @@ +#!/bin/bash +set -xe + +# Go-fuzz doesn't support modules yet, so ensure we do everything in the old style GOPATH way +export GO111MODULE="off" + +# Install go-fuzz +go get -u github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build + +# Target names on fuzzit.dev +TARGETS=("promql-parse-metric" "promql-parse-open-metric" "promql-parse-metric-selector" "promql-parse-expr") + +# Prometheus fuzz functions +FUZZ_FUNCTIONS=("FuzzParseMetric" "FuzzParseOpenMetric" "FuzzParseMetricSelector" "FuzzParseExpr") + +# Compiling prometheus fuzz targets in fuzz.go with go-fuzz (https://github.com/dvyukov/go-fuzz) and libFuzzer support +for ((i=0;i<${#TARGETS[@]};++i)); +do + go-fuzz-build -libfuzzer -func ${FUZZ_FUNCTIONS[i]} -o ${TARGETS[i]}.a ./promql + clang-9 -fsanitize=fuzzer ${TARGETS[i]}.a -o ${TARGETS[i]} +done + +# Install fuzzit CLI +wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.29/fuzzit_Linux_x86_64 +chmod a+x fuzzit + +for TARGET in "${TARGETS[@]}" +do + ./fuzzit create job --type $1 prometheus/${TARGET} ${TARGET} +done