diff options
author | 2020-02-03 15:35:04 -0800 | |
---|---|---|
committer | 2020-02-03 15:35:04 -0800 | |
commit | 83d951bd1d3e08bb4920bc581682e04109bc57d4 (patch) | |
tree | ee8d8503374cf9a6cb8191580d0a46bdc742a9d8 /infra/cifuzz/actions | |
parent | fa0ec600ff510f348fa836a8678fd7d7af6ab911 (diff) |
[CIFuzz] Prevent action from failing option (#3315)
* Adding opt to workflow to prevent failures
* fclose bug
* Undoing double negitive
* Undoing double negitive
* Undoing double negitive
* Syntax and formatting
* Olivers comments
* Presubmit fix
* Trying boolean argument
* cleaning
* cleaning fuzz disassembles
* Maxs comments pt.2
* Updating dry_run parse
* Comments added
* Formatting
* Olivers comments
Diffstat (limited to 'infra/cifuzz/actions')
-rw-r--r-- | infra/cifuzz/actions/action.yml | 4 | ||||
-rw-r--r-- | infra/cifuzz/actions/entrypoint.py | 36 |
2 files changed, 32 insertions, 8 deletions
diff --git a/infra/cifuzz/actions/action.yml b/infra/cifuzz/actions/action.yml index 7af4bd49..72df36d5 100644 --- a/infra/cifuzz/actions/action.yml +++ b/infra/cifuzz/actions/action.yml @@ -9,9 +9,13 @@ inputs: description: 'The total time allotted for fuzzing in seconds.' required: true default: 360 + dry-run: + description: 'If set, run the action without actually reporting a failure.' + default: false runs: using: 'docker' image: 'Dockerfile' env: PROJECT_NAME: ${{ inputs.project-name }} FUZZ_SECONDS: ${{ inputs.fuzz-seconds }} + DRY_RUN: ${{ inputs.dry-run}} diff --git a/infra/cifuzz/actions/entrypoint.py b/infra/cifuzz/actions/entrypoint.py index e6802074..7d924acf 100644 --- a/infra/cifuzz/actions/entrypoint.py +++ b/infra/cifuzz/actions/entrypoint.py @@ -17,6 +17,7 @@ import os import sys # pylint: disable=wrong-import-position +# pylint: disable=import-error sys.path.append(os.path.join(os.environ['OSS_FUZZ_ROOT'], 'infra', 'cifuzz')) import cifuzz @@ -49,24 +50,42 @@ def main(): pr_ref = os.environ.get('GITHUB_REF') commit_sha = os.environ.get('GITHUB_SHA') event = os.environ.get('GITHUB_EVENT_NAME') - - # Get the shared volume directory and create required directorys. workspace = os.environ.get('GITHUB_WORKSPACE') + + # Check if failures should not be reported. + dry_run = (os.environ.get('DRY_RUN').lower() == 'true') + + # The default return code when an error occurs. + error_code = 1 + if dry_run: + # A testcase file is required in order for CIFuzz to surface bugs. + # If the file does not exist, the action will crash attempting to upload it. + # The dry run needs this file because it is set to upload a test case both + # on successful runs and on failures. + out_dir = os.path.join(workspace, 'out') + os.makedirs(out_dir, exist_ok=True) + file_handle = open(os.path.join(out_dir, 'testcase'), 'w') + file_handle.write('No bugs detected.') + file_handle.close() + + # Sets the default return code on error to success. + error_code = 0 + if not workspace: logging.error('This script needs to be run in the Github action context.') - return 1 + return error_code if event == 'push' and not cifuzz.build_fuzzers( oss_fuzz_project_name, github_repo_name, workspace, commit_sha=commit_sha): logging.error('Error building fuzzers for project %s with commit %s.', oss_fuzz_project_name, commit_sha) - return 1 + return error_code if event == 'pull_request' and not cifuzz.build_fuzzers( oss_fuzz_project_name, github_repo_name, workspace, pr_ref=pr_ref): logging.error('Error building fuzzers for project %s with pull request %s.', oss_fuzz_project_name, pr_ref) - return 1 + return error_code # Run the specified project's fuzzers from the build. run_status, bug_found = cifuzz.run_fuzzers(oss_fuzz_project_name, @@ -74,11 +93,12 @@ def main(): if not run_status: logging.error('Error occured while running fuzzers for project %s.', oss_fuzz_project_name) - return 1 + return error_code if bug_found: logging.info('Bug found.') - # Return 2 when a bug was found by a fuzzer causing the CI to fail. - return 2 + if not dry_run: + # Return 2 when a bug was found by a fuzzer causing the CI to fail. + return 2 return 0 |