5 files changed, 128 insertions, 0 deletions

diff --git a/docker/build_all.sh b/docker/build_all.sh
new file mode 100755
index 00000000..21c7c8e2
--- /dev/null
+++ b/docker/build_all.sh
@@ -0,0 +1,19 @@
+# Copyright 2021 Code Intelligence GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -e
+
+this_dir=$(dirname "$(realpath "$0")")
+docker build --pull -t cifuzz/jazzer "$@" "$this_dir"/jazzer
+docker build -t cifuzz/jazzer-autofuzz "$@" "$this_dir"/jazzer-autofuzz
diff --git a/docker/jazzer-autofuzz/Dockerfile b/docker/jazzer-autofuzz/Dockerfile
new file mode 100644
index 00000000..5d57f2a8
--- /dev/null
+++ b/docker/jazzer-autofuzz/Dockerfile
@@ -0,0 +1,30 @@
+# Copyright 2021 Code Intelligence GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM cifuzz/jazzer as jazzer
+
+FROM ubuntu:20.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install -y curl openjdk-11-jdk-headless
+
+WORKDIR /app
+RUN curl -L 'https://github.com/coursier/coursier/releases/download/v2.0.16/coursier.jar' -o coursier.jar && \
+    chmod +x coursier.jar
+
+COPY entrypoint.sh /app/
+COPY --from=jazzer /app/jazzer_agent_deploy.jar /app/jazzer_driver /app/
+
+WORKDIR /fuzzing
+ENTRYPOINT ["/app/entrypoint.sh"]
diff --git a/docker/jazzer-autofuzz/entrypoint.sh b/docker/jazzer-autofuzz/entrypoint.sh
new file mode 100755
index 00000000..78c57f71
--- /dev/null
+++ b/docker/jazzer-autofuzz/entrypoint.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# Copyright 2021 Code Intelligence GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -e
+
+CP="$(/app/coursier.jar fetch --classpath "$1")"
+/app/jazzer_driver \
+  -artifact_prefix=/fuzzing/ \
+  --reproducer_path=/fuzzing \
+  --cp="$CP" \
+  --autofuzz="$2" \
+  "${@:3}"
diff --git a/docker/jazzer/Dockerfile b/docker/jazzer/Dockerfile
new file mode 100644
index 00000000..56787be7
--- /dev/null
+++ b/docker/jazzer/Dockerfile
@@ -0,0 +1,34 @@
+# Copyright 2021 Code Intelligence GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM ubuntu:20.04 AS builder
+
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install -y git python3 python-is-python3 openjdk-11-jdk-headless
+
+WORKDIR /root
+RUN git clone --depth=1 https://github.com/CodeIntelligenceTesting/jazzer.git && \
+    cd jazzer && \
+    # The LLVM toolchain requires ld and ld.gold to exist, but does not use them.
+    touch /usr/bin/ld && \
+    touch /usr/bin/ld.gold && \
+    BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 \
+    ./bazelisk-linux-amd64 build --config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux \
+      //agent:jazzer_agent_deploy.jar //driver:jazzer_driver
+
+FROM gcr.io/distroless/java
+
+COPY --from=builder /root/jazzer/bazel-bin/agent/jazzer_agent_deploy.jar /root/jazzer/bazel-bin/driver/jazzer_driver /app/
+WORKDIR /fuzzing
+ENTRYPOINT [ "/app/jazzer_driver", "-artifact_prefix=/fuzzing/", "--reproducer_path=/fuzzing" ]
diff --git a/docker/push_all.sh b/docker/push_all.sh
new file mode 100755
index 00000000..59d43718
--- /dev/null
+++ b/docker/push_all.sh
@@ -0,0 +1,21 @@
+# Copyright 2021 Code Intelligence GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -e
+
+this_dir=$(dirname "$(realpath "$0")")
+"$this_dir"/build_all.sh --no-cache
+
+docker push cifuzz/jazzer
+docker push cifuzz/jazzer-autofuzz