From c666879e3f98217c08aff6a84961f20e3d1b5159 Mon Sep 17 00:00:00 2001
From: Julien Pivotto <roidelapluie@inuits.eu>
Date: Wed, 9 Dec 2020 21:10:31 +0100
Subject: [PATCH 1/3] Remove fuzzit

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
---
 .circleci/config.yml | 26 --------------------------
 README.md            |  1 -
 fuzzit.sh            | 30 ------------------------------
 3 files changed, 57 deletions(-)
 delete mode 100755 fuzzit.sh

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 6471f2a3c..bf54ec5ba 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -13,10 +13,6 @@ executors:
     docker:
     - image: circleci/golang:1.15-node
 
-  fuzzit:
-    docker:
-      - image: fuzzitdev/golang:1.12.7-buster
-
 jobs:
   test:
     executor: golang
@@ -95,22 +91,6 @@ jobs:
         command: git diff --exit-code
         working_directory: ~/project/documentation/prometheus-mixin
 
-  fuzzit_regression:
-    executor: fuzzit
-    working_directory: /go/src/github.com/prometheus/prometheus
-    steps:
-      - checkout
-      - setup_remote_docker
-      - run: ./fuzzit.sh local-regression
-
-  fuzzit_fuzzing:
-    executor: fuzzit
-    working_directory: /go/src/github.com/prometheus/prometheus
-    steps:
-      - checkout
-      - setup_remote_docker
-      - run: ./fuzzit.sh fuzzing
-
   repo_sync:
     executor: golang
     steps:
@@ -133,10 +113,6 @@ workflows:
         filters:
           tags:
             only: /.*/
-    - fuzzit_regression:
-        filters:
-          tags:
-            only: /.*/
     - prometheus/build:
         name: build
         filters:
@@ -173,5 +149,3 @@ workflows:
     jobs:
     - repo_sync:
         context: org-context
-    - fuzzit_fuzzing:
-        context: org-context
diff --git a/README.md b/README.md
index 3125a11f6..ec170fec3 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,6 @@
 [![Docker Pulls](https://img.shields.io/docker/pulls/prom/prometheus.svg?maxAge=604800)][hub]
 [![Go Report Card](https://goreportcard.com/badge/github.com/prometheus/prometheus)](https://goreportcard.com/report/github.com/prometheus/prometheus)
 [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/486/badge)](https://bestpractices.coreinfrastructure.org/projects/486)
-[![fuzzit](https://app.fuzzit.dev/badge?org_id=prometheus&branch=master)](https://fuzzit.dev)
 [![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/prometheus/prometheus)
 
 Visit [prometheus.io](https://prometheus.io) for the full documentation,
diff --git a/fuzzit.sh b/fuzzit.sh
deleted file mode 100755
index 002e1cb66..000000000
--- a/fuzzit.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-set -xe
-
-# Go-fuzz doesn't support modules yet, so ensure we do everything in the old style GOPATH way
-export GO111MODULE="off"
-
-# Install go-fuzz
-go get -u github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build
-
-# Target names on fuzzit.dev
-TARGETS=("promql-parse-metric" "promql-parse-open-metric" "promql-parse-metric-selector" "promql-parse-expr")
-
-# Prometheus fuzz functions
-FUZZ_FUNCTIONS=("FuzzParseMetric" "FuzzParseOpenMetric" "FuzzParseMetricSelector" "FuzzParseExpr")
-
-# Compiling prometheus fuzz targets in fuzz.go with go-fuzz (https://github.com/dvyukov/go-fuzz) and libFuzzer support
-for ((i=0;i<${#TARGETS[@]};++i));
-do
-    go-fuzz-build -libfuzzer -func ${FUZZ_FUNCTIONS[i]} -o ${TARGETS[i]}.a ./promql
-    clang-9 -fsanitize=fuzzer ${TARGETS[i]}.a -o ${TARGETS[i]}
-done
-
-# Install fuzzit CLI
-wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.45/fuzzit_Linux_x86_64
-chmod a+x fuzzit
-
-for TARGET in "${TARGETS[@]}"
-do
-    ./fuzzit create job --type $1 prometheus/${TARGET} ${TARGET}
-done

From 4a4ea309b6ec096c9d534ae2873f9f61eb0f9934 Mon Sep 17 00:00:00 2001
From: Julien Pivotto <roidelapluie@inuits.eu>
Date: Wed, 9 Dec 2020 21:13:18 +0100
Subject: [PATCH 2/3] Add oss-fuzz on PR's

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
---
 .github/workflows/fuzzing.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/fuzzing.yml

diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml
new file mode 100644
index 000000000..e79b78967
--- /dev/null
+++ b/.github/workflows/fuzzing.yml
@@ -0,0 +1,24 @@
+name: CIFuzz
+on: [pull_request]
+jobs:
+ Fuzzing:
+   runs-on: ubuntu-latest
+   steps:
+   - name: Build Fuzzers
+     id: build
+     uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+     with:
+       oss-fuzz-project-name: 'prometheus'
+       dry-run: false
+   - name: Run Fuzzers
+     uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+     with:
+       oss-fuzz-project-name: 'prometheus'
+       fuzz-seconds: 600
+       dry-run: false
+   - name: Upload Crash
+     uses: actions/upload-artifact@v1
+     if: failure() && steps.build.outcome == 'success'
+     with:
+       name: artifacts
+       path: ./out/artifacts

From 7bc48123e53a315b4ecd0bc3c848a6f1a0ef505f Mon Sep 17 00:00:00 2001
From: Julien Pivotto <roidelapluie@inuits.eu>
Date: Wed, 9 Dec 2020 21:37:14 +0100
Subject: [PATCH 3/3] Restrict fuzzing on go paths

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
---
 .github/workflows/fuzzing.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml
index e79b78967..bed4d7699 100644
--- a/.github/workflows/fuzzing.yml
+++ b/.github/workflows/fuzzing.yml
@@ -1,5 +1,10 @@
 name: CIFuzz
-on: [pull_request]
+on:
+  pull_request:
+    paths:
+      - 'go.sum'
+      - 'go.mod'
+      - '**.go'
 jobs:
  Fuzzing:
    runs-on: ubuntu-latest