diff options
Diffstat (limited to 'infra/cifuzz/run_cifuzz.py')
-rw-r--r-- | infra/cifuzz/run_cifuzz.py | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/infra/cifuzz/run_cifuzz.py b/infra/cifuzz/run_cifuzz.py new file mode 100644 index 000000000..0382d78a8 --- /dev/null +++ b/infra/cifuzz/run_cifuzz.py @@ -0,0 +1,88 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Script for running CIFuzz end-to-end. This is meant to work outside any +docker image. This cannot depend on any CIFuzz code or third party packages.""" +import os +import subprocess +import sys +import tempfile +import logging + +INFRA_DIR = os.path.dirname(os.path.dirname(__file__)) +DEFAULT_ENVS = [('DRY_RUN', '0'), ('SANITIZER', 'address')] +BASE_CIFUZZ_DOCKER_TAG = 'gcr.io/oss-fuzz-base' + + +def set_default_env_var_if_unset(env_var, default_value): + """Sets the value of |env_var| in the environment to |default_value| if it was + not already set.""" + if env_var not in os.environ: + os.environ[env_var] = default_value + + +def docker_run(name, workspace, project_src_path): + """Runs a CIFuzz docker container with |name|.""" + command = [ + 'docker', 'run', '--name', name, '--rm', '-e', 'PROJECT_SRC_PATH', '-e', + 'OSS_FUZZ_PROJECT_NAME', '-e', 'WORKSPACE', '-e', 'REPOSITORY', '-e', + 'DRY_RUN', '-e', 'CI', '-e', 'SANITIZER', '-e', 'GIT_SHA' + ] + if project_src_path: + command += ['-v', f'{project_src_path}:{project_src_path}'] + command += [ + '-v', '/var/run/docker.sock:/var/run/docker.sock', '-v', + f'{workspace}:{workspace}', f'{BASE_CIFUZZ_DOCKER_TAG}/{name}' + ] + print('Running docker command:', command) + subprocess.run(command, check=True) + + +def docker_build(image): + """Builds the CIFuzz |image|. Only suitable for building CIFuzz images.""" + command = [ + 'docker', 'build', '-t', f'{BASE_CIFUZZ_DOCKER_TAG}/{image}', '--file', + f'{image}.Dockerfile', '.' + ] + subprocess.run(command, check=True, cwd=INFRA_DIR) + + +def main(): + """Builds and runs fuzzers using CIFuzz.""" + for env_var, default_value in DEFAULT_ENVS: + set_default_env_var_if_unset(env_var, default_value) + + repository = os.getenv('REPOSITORY') + assert repository + + project_src_path = os.getenv('PROJECT_SRC_PATH') + + with tempfile.TemporaryDirectory() as temp_dir: + if 'WORKSPACE' not in os.environ: + os.environ['WORKSPACE'] = temp_dir + + workspace = os.environ['WORKSPACE'] + + docker_build('build_fuzzers') + docker_run('build_fuzzers', workspace, project_src_path) + docker_build('run_fuzzers') + try: + docker_run('run_fuzzers', workspace, project_src_path) + except subprocess.CalledProcessError: + logging.error('run_fuzzers failed.') + return 1 + return 0 + + +if __name__ == '__main__': + sys.exit(main()) |