diff options
-rw-r--r-- | .github/workflows/infra_tests.yml | 26 | ||||
-rw-r--r-- | .github/workflows/presubmit.yml | 23 | ||||
-rw-r--r-- | .github/workflows/project_tests.yml | 62 | ||||
-rw-r--r-- | .travis.yml | 64 | ||||
-rwxr-xr-x | infra/ci/build.py (renamed from infra/travis/travis_build.py) | 23 | ||||
-rw-r--r-- | infra/ci/requirements.txt (renamed from infra/travis/requirements.txt) | 0 | ||||
-rw-r--r-- | projects/ffmpeg/project.yaml | 2 |
7 files changed, 122 insertions, 78 deletions
diff --git a/.github/workflows/infra_tests.yml b/.github/workflows/infra_tests.yml new file mode 100644 index 000000000..4feba17fb --- /dev/null +++ b/.github/workflows/infra_tests.yml @@ -0,0 +1,26 @@ +name: Infra tests +on: + pull_request: + paths: + - 'infra/**' + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - run: | # Needed for git diff to work. + git fetch origin master --depth 1 + git symbolic-ref refs/remotes/origin/HEAD refs/remotes/origin/master + + - name: Setup python environment + uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Install dependencies + run: pip install -r infra/ci/requirements.txt + + - name: Run infra tests + run: python infra/presubmit.py infra-tests diff --git a/.github/workflows/presubmit.yml b/.github/workflows/presubmit.yml new file mode 100644 index 000000000..a2e85ce70 --- /dev/null +++ b/.github/workflows/presubmit.yml @@ -0,0 +1,23 @@ +name: Presubmit checks +on: [pull_request] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - run: | # Needed for git diff to work. + git fetch origin master --depth 1 + git symbolic-ref refs/remotes/origin/HEAD refs/remotes/origin/master + + - name: Setup python environment + uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Install dependencies + run: pip install -r infra/ci/requirements.txt + + - name: Run presubmit checks + run: python infra/presubmit.py diff --git a/.github/workflows/project_tests.yml b/.github/workflows/project_tests.yml new file mode 100644 index 000000000..942e13669 --- /dev/null +++ b/.github/workflows/project_tests.yml @@ -0,0 +1,62 @@ +name: Project tests +on: [pull_request] + +jobs: + build: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + engine: + - libfuzzer + sanitizer: + - address + - memory + - undefined + architecture: + - x86_64 + include: + - engine: afl + sanitizer: address + architecture: x86_64 + - engine: honggfuzz + sanitizer: address + architecture: x86_64 + - engine: libfuzzer + sanitizer: address + architecture: i386 + - engine: none + sanitizer: address + architecture: x86_64 + - engine: dataflow + sanitizer: dataflow + architecture: x86_64 + env: + ENGINE: ${{ matrix.engine }} + SANITIZER: ${{ matrix.sanitizer }} + ARCHITECTURE: ${{ matrix.architecture }} + + steps: + - uses: actions/checkout@v2 + - run: | # Needed for git diff to work. + git fetch origin master --depth 1 + git symbolic-ref refs/remotes/origin/HEAD refs/remotes/origin/master + + - name: Clear unnecessary files + run: | + sudo swapoff -a + sudo rm -f /swapfile + sudo apt clean + docker rmi $(docker images -a -q) + df -h + + - name: Setup python environment + uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Install dependencies + run: pip install -r infra/ci/requirements.txt + + - name: Run project tests + run: python infra/ci/build.py diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 3cf7704a0..000000000 --- a/.travis.yml +++ /dev/null @@ -1,64 +0,0 @@ -language: python -dist: xenial - -services: - - docker - -before_install: - - git fetch origin +refs/heads/$TRAVIS_BRANCH - -install: - - pip install -r infra/travis/requirements.txt - - -matrix: - include: - - name: "presubmit" - script: ./infra/presubmit.py - - name: "libfuzzer address x86_64" - env: - - TRAVIS_ENGINE=libfuzzer - - TRAVIS_SANITIZER=address - - TRAVIS_ARCHITECTURE=x86_64 - - name: "libfuzzer memory x86_64" - env: - - TRAVIS_ENGINE=libfuzzer - - TRAVIS_SANITIZER=memory - - TRAVIS_ARCHITECTURE=x86_64 - - name: "libfuzzer undefined x86_64" - env: - - TRAVIS_SANITIZER=undefined - - TRAVIS_ENGINE=libfuzzer - - TRAVIS_ARCHITECTURE=x86_64 - - name: "afl address x86_64" - env: - - TRAVIS_ENGINE=afl - - TRAVIS_SANITIZER=address - - TRAVIS_ARCHITECTURE=x86_64 - - name: "honggfuzz address x86_64" - env: - - TRAVIS_ENGINE=honggfuzz - - TRAVIS_SANITIZER=address - - TRAVIS_ARCHITECTURE=x86_64 - - name: "none address x86_64" - env: - - TRAVIS_ENGINE=none - - TRAVIS_SANITIZER=address - - TRAVIS_ARCHITECTURE=x86_64 - - name: "libfuzzer address i386" - env: - - TRAVIS_ENGINE=libfuzzer - - TRAVIS_SANITIZER=address - - TRAVIS_ARCHITECTURE=i386 - - name: "dataflow dataflow x86_64" - env: - - TRAVIS_ENGINE=dataflow - - TRAVIS_SANITIZER=dataflow - - TRAVIS_ARCHITECTURE=x86_64 - - name: "infra-tests" - script: sudo /bin/bash -c 'source $HOME/virtualenv/python3.6/bin/activate && ./infra/presubmit.py infra-tests' - -script: ./infra/travis/travis_build.py - -notifications: - webhooks: https://www.travisbuddy.com/ diff --git a/infra/travis/travis_build.py b/infra/ci/build.py index f62b12772..f93c18a09 100755 --- a/infra/travis/travis_build.py +++ b/infra/ci/build.py @@ -32,10 +32,8 @@ DEFAULT_SANITIZERS = ['address', 'undefined'] def get_modified_buildable_projects(): """Returns a list of all the projects modified in this commit that have a build.sh file.""" - master_head_sha = subprocess.check_output( - ['git', 'merge-base', 'HEAD', 'FETCH_HEAD']).decode().strip() - output = subprocess.check_output( - ['git', 'diff', '--name-only', 'HEAD', master_head_sha]).decode() + output = subprocess.check_output(['git', 'diff', '--name-only', + 'FETCH_HEAD']).decode() projects_regex = '.*projects/(?P<name>.*)/.*\n' modified_projects = set(re.findall(projects_regex, output)) projects_dir = os.path.join(get_oss_fuzz_root(), 'projects') @@ -94,15 +92,14 @@ def should_build(project_yaml): section)? Uses |defaults| if |yaml_name| section is unspecified.""" return os.getenv(env_var) in project_yaml.get(yaml_name, defaults) - return (is_enabled('TRAVIS_ENGINE', 'fuzzing_engines', DEFAULT_ENGINES) and - is_enabled('TRAVIS_SANITIZER', 'sanitizers', DEFAULT_SANITIZERS) and - is_enabled('TRAVIS_ARCHITECTURE', 'architectures', - DEFAULT_ARCHITECTURES)) + return (is_enabled('ENGINE', 'fuzzing_engines', DEFAULT_ENGINES) and + is_enabled('SANITIZER', 'sanitizers', DEFAULT_SANITIZERS) and + is_enabled('ARCHITECTURE', 'architectures', DEFAULT_ARCHITECTURES)) def build_project(project): - """Do the build of |project| that is specified by the TRAVIS_* environment - variables (TRAVIS_SANITIZER, TRAVIS_ENGINE, and TRAVIS_ARCHITECTURE).""" + """Do the build of |project| that is specified by the environment variables - + SANITIZER, ENGINE, and ARCHITECTURE.""" root = get_oss_fuzz_root() project_yaml_path = os.path.join(root, 'projects', project, 'project.yaml') with open(project_yaml_path) as file_handle: @@ -112,9 +109,9 @@ def build_project(project): print('Project {0} is disabled, skipping build.'.format(project)) return - engine = os.getenv('TRAVIS_ENGINE') - sanitizer = os.getenv('TRAVIS_SANITIZER') - architecture = os.getenv('TRAVIS_ARCHITECTURE') + engine = os.getenv('ENGINE') + sanitizer = os.getenv('SANITIZER') + architecture = os.getenv('ARCHITECTURE') if not should_build(project_yaml): print(('Specified build: engine: {0}, sanitizer: {1}, architecture: {2} ' diff --git a/infra/travis/requirements.txt b/infra/ci/requirements.txt index 2ddcb47d4..2ddcb47d4 100644 --- a/infra/travis/requirements.txt +++ b/infra/ci/requirements.txt diff --git a/projects/ffmpeg/project.yaml b/projects/ffmpeg/project.yaml index 5ecf6187e..a17ee7ef3 100644 --- a/projects/ffmpeg/project.yaml +++ b/projects/ffmpeg/project.yaml @@ -1,4 +1,4 @@ -homepage: "https://www.ffmpeg.org/" +homepage: "https://www.ffmpeg.org" language: c++ primary_contact: "ffmpeg-security@ffmpeg.org" auto_ccs: |