diff options
Diffstat (limited to '.gitlab/ci/cifuzz.yml')
| -rw-r--r-- | .gitlab/ci/cifuzz.yml | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/.gitlab/ci/cifuzz.yml b/.gitlab/ci/cifuzz.yml new file mode 100644 index 0000000..063b912 --- /dev/null +++ b/.gitlab/ci/cifuzz.yml @@ -0,0 +1,46 @@ +cifuzz: + variables: + OSS_FUZZ_PROJECT_NAME: cryptsetup + CFL_PLATFORM: gitlab + CIFUZZ_DEBUG: "True" + FUZZ_SECONDS: 300 # 5 minutes per fuzzer + ARCHITECTURE: "x86_64" + DRY_RUN: "False" + LOW_DISK_SPACE: "True" + BAD_BUILD_CHECK: "True" + LANGUAGE: "c" + DOCKER_HOST: "tcp://docker:2375" + DOCKER_IN_DOCKER: "true" + DOCKER_DRIVER: overlay2 + DOCKER_TLS_CERTDIR: "" + image: + name: gcr.io/oss-fuzz-base/cifuzz-base + entrypoint: [""] + services: + - docker:dind + + stage: test + parallel: + matrix: + - SANITIZER: [address, undefined, memory] + rules: + # Default code change. + # - if: $CI_PIPELINE_SOURCE == "merge_request_event" + # variables: + # MODE: "code-change" + - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" + when: never + - if: $BUILD_AND_RUN_FUZZERS != null + before_script: + # Get gitlab's container id. + - export CFL_CONTAINER_ID=`cut -c9- < /proc/1/cpuset` + script: + # Will build and run the fuzzers. + # We use a hack to override CI_JOB_ID, because otherwise a bad path is used + # in GitLab CI environment + - CI_JOB_ID="$CI_PROJECT_NAMESPACE/$CI_PROJECT_TITLE" python3 "/opt/oss-fuzz/infra/cifuzz/cifuzz_combined_entrypoint.py" + artifacts: + # Upload artifacts when a crash makes the job fail. + when: always + paths: + - artifacts/ |