Skip to content

Commit

Permalink
feat: working app token
Browse files Browse the repository at this point in the history
  • Loading branch information
@mchristopher @netrome
mchristopher authored and netrome committed Sep 25, 2024
1 parent 145b099 commit bb7ac76
Show file tree
Hide file tree
Showing 3 changed files with 72 additions and 58 deletions.
39 changes: 23 additions & 16 deletions .github/workflows/cflite_batch.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,19 +8,26 @@ jobs:
BatchFuzzing:
runs-on: ubuntu-latest
steps:
- name: Build Fuzzers (${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
- name: Run Fuzzers (${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 3600
mode: 'batch'
output-sarif: true
storage-repo: https://${{ secrets.FUZZ_STORAGE_PAT }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Get fuzzer auth token
uses: actions/create-github-app-token@v1
id: fuzzer-token
with:
owner: ${{ github.repository_owner }} # set this to get access to all allowed repos
app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }}
private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }}
- name: Build Fuzzers (${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
- name: Run Fuzzers (${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 3600
mode: 'batch'
output-sarif: true
storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
80 changes: 47 additions & 33 deletions .github/workflows/cflite_cron.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,39 +8,53 @@ jobs:
Pruning:
runs-on: ubuntu-latest
steps:
- name: Build Fuzzers
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
- name: Run Fuzzers
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 600 # Time after which minimization is aborted
mode: 'prune'
output-sarif: true
storage-repo: https://${{ secrets.FUZZ_STORAGE_PAT }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Get fuzzer auth token
uses: actions/create-github-app-token@v1
id: fuzzer-token
with:
owner: ${{ github.repository_owner }} # set this to get access to all allowed repos
app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }}
private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }}
- name: Build Fuzzers
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
- name: Run Fuzzers
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 600 # Time after which minimization is aborted
mode: 'prune'
output-sarif: true
storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
Coverage:
runs-on: ubuntu-latest
steps:
- name: Build Fuzzers
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
sanitizer: coverage
- name: Run Fuzzers
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 600
mode: 'coverage'
sanitizer: 'coverage'
storage-repo: https://${{ secrets.FUZZ_STORAGE_PAT }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Get fuzzer auth token
uses: actions/create-github-app-token@v1
id: fuzzer-token
with:
owner: ${{ github.repository_owner }} # set this to get access to all allowed repos
app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }}
private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }}
- name: Build Fuzzers
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
sanitizer: coverage
- name: Run Fuzzers
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 600
mode: 'coverage'
sanitizer: 'coverage'
storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
11 changes: 2 additions & 9 deletions .github/workflows/cflite_pr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,15 @@ jobs:
uses: actions/create-github-app-token@v1
id: fuzzer-token
with:
owner: FuelLabs
owner: ${{ github.repository_owner }} # set this to get access to all allowed repos
app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }}
private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }}
- name: Build Fuzzers
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: rust
github-token: ${{ steps.fuzzer-token.outputs.token }}
github-token: ${{ secrets.GITHUB_TOKEN }}
storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
Expand All @@ -36,10 +36,3 @@ jobs:
storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Token to env
if: ${{ failure() }}
run: |
echo "FUZZER_TOKEN=${{ steps.fuzzer-token.outputs.token }}" >> $GITHUB_ENV
- name: Debug with tmate on failure
if: ${{ failure() }}
uses: mxschmitt/action-tmate@v3

0 comments on commit bb7ac76

Please sign in to comment.