forked from acouzens/open5gs
Add CIFuzz workflow
Add CIFuzz workflow action to have fuzzers build and run on each PR. This service is offered by OSS-Fuzz where open5gs already runs. CIFuzz can help catch regressions and fuzzing build issues early, and has a variety of features (see the URL above). In the current PR the fuzzers gets build on a pull request and will run for 300 seconds. Signed-off-by: David Korczynski <david@adalogics.com>
This commit is contained in:
parent
715038b6d9
commit
f36fede0c8
|
@ -0,0 +1,34 @@
|
||||||
|
name: CIFuzz
|
||||||
|
on: [pull_request]
|
||||||
|
permissions: {}
|
||||||
|
jobs:
|
||||||
|
Fuzzing:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
permissions:
|
||||||
|
security-events: write
|
||||||
|
steps:
|
||||||
|
- name: Build Fuzzers
|
||||||
|
id: build
|
||||||
|
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
|
||||||
|
with:
|
||||||
|
oss-fuzz-project-name: 'open5gs'
|
||||||
|
- name: Run Fuzzers
|
||||||
|
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
|
||||||
|
with:
|
||||||
|
oss-fuzz-project-name: 'open5gs'
|
||||||
|
fuzz-seconds: 300
|
||||||
|
output-sarif: true
|
||||||
|
- name: Upload Crash
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
if: failure() && steps.build.outcome == 'success'
|
||||||
|
with:
|
||||||
|
name: artifacts
|
||||||
|
path: ./out/artifacts
|
||||||
|
- name: Upload Sarif
|
||||||
|
if: always() && steps.build.outcome == 'success'
|
||||||
|
uses: github/codeql-action/upload-sarif@v2
|
||||||
|
with:
|
||||||
|
# Path to SARIF file relative to the root of the repository
|
||||||
|
sarif_file: cifuzz-sarif/results.sarif
|
||||||
|
checkout_path: cifuzz-sarif
|
||||||
|
category: CIFuzz
|
Loading…
Reference in New Issue