-
-
Notifications
You must be signed in to change notification settings - Fork 0
59 lines (51 loc) · 1.84 KB
/
cflite_batch.yml
File metadata and controls
59 lines (51 loc) · 1.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# SPDX-License-Identifier: MPL-2.0
# ClusterFuzzLite Batch Fuzzing - Layer 6
#
# Runs weekly for 30 minutes per target for deep fuzzing
# Complements PR fuzzing with longer campaigns
name: ClusterFuzzLite Batch Fuzzing
on:
schedule:
# Every Sunday at 02:00 UTC
- cron: '0 2 * * 0'
workflow_dispatch: # Manual trigger
permissions:
contents: read
jobs:
batch_fuzzing:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
sanitizer: [address, undefined, memory]
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
- name: Build fuzzers (${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1
with:
language: rust
sanitizer: ${{ matrix.sanitizer }}
- name: Run fuzzers (${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 1800 # 30 minutes per sanitizer
mode: 'batch'
sanitizer: ${{ matrix.sanitizer }}
output-sarif: true
- name: Upload SARIF (if crashes found)
if: always() && steps.run.outputs.sarif-output != ''
uses: github/codeql-action/upload-sarif@a4784f2dad6682d68cce8299ef20b1ca931bbdfb # v4
with:
sarif_file: ${{ steps.run.outputs.sarif-output }}
category: clusterfuzzlite-batch-${{ matrix.sanitizer }}
- name: Upload corpus
if: always()
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
with:
name: fuzz-corpus-${{ matrix.sanitizer }}
path: build/corpus
retention-days: 90