From a5822c7c2fc34e52defe630b418db7f856bc4f89 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Tue, 21 Jun 2022 18:52:43 +0200 Subject: various changes --- .github/workflows/build-push-test-container.yaml | 50 ++++++++++++++++++++++++ .github/workflows/build_aflplusplus_docker.yaml | 49 ----------------------- .github/workflows/ci.yml | 5 ++- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/rust_custom_mutator.yml | 4 +- 5 files changed, 56 insertions(+), 54 deletions(-) create mode 100644 .github/workflows/build-push-test-container.yaml delete mode 100644 .github/workflows/build_aflplusplus_docker.yaml (limited to '.github') diff --git a/.github/workflows/build-push-test-container.yaml b/.github/workflows/build-push-test-container.yaml new file mode 100644 index 00000000..8a6d77d1 --- /dev/null +++ b/.github/workflows/build-push-test-container.yaml @@ -0,0 +1,50 @@ +name: Build, test and push container image + +on: + push: + branches: + - stable + - dev + tags: + - '*' + +jobs: + build: + name: Build, test and push container image + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build image + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 + load: true + tags: aflplusplus/aflplusplus:test + - name: Test linux/amd64 image + run: docker run --rm --platform linux/amd64 aflplusplus/aflplusplus:test make tests + - name: Test linux/arm64 image + run: docker run --rm --platform linux/arm64 aflplusplus/aflplusplus:test make tests + - name: Login to Dockerhub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Publish ${{ github.ref_name }} to docker.io registry + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: aflplusplus/aflplusplus:${{ github.ref_name }} + if: ${{ github.ref_name != 'stable' }} + - name: Publish stable and latest to docker.io registry + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest + if: ${{ github.ref_name == 'stable' }} diff --git a/.github/workflows/build_aflplusplus_docker.yaml b/.github/workflows/build_aflplusplus_docker.yaml deleted file mode 100644 index 7245a84e..00000000 --- a/.github/workflows/build_aflplusplus_docker.yaml +++ /dev/null @@ -1,49 +0,0 @@ -name: Publish Docker Images - -on: - push: - branches: - - stable - - dev - tags: - - '*' - -jobs: - push_to_registry: - name: Push Docker images to Dockerhub - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to Dockerhub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Publish dev as dev to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }} - if: ${{ github.ref_name == 'dev' }} - - name: Publish stable as stable and latest to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest - if: ${{ github.ref_name == 'stable' }} - - name: Publish tagged release to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }} - if: ${{ github.ref_type == 'tag' }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 799b72e7..9f0cacca 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: AFL_SKIP_CPUFREQ: 1 AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES: 1 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: debug run: apt-cache search plugin-dev | grep gcc-; echo; apt-cache search clang-format- | grep clang-format- - name: update @@ -38,7 +38,7 @@ jobs: AFL_SKIP_CPUFREQ: 1 AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES: 1 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: install run: brew install make gcc - name: fix install @@ -51,3 +51,4 @@ jobs: run: sudo -E ./afl-system-config; export CC=/usr/local/Cellar/llvm/*/bin/clang; export CXX="$CC"++; export PATH=/usr/local/Cellar/llvm/*/":/usr/local/bin:$PATH"; export LLVM_CONFIG=/usr/local/Cellar/llvm/*/bin/llvm-config; gmake tests - name: force frida test for MacOS run: export AFL_PATH=`pwd`; /usr/local/bin/gcc -o test-instr test-instr.c; mkdir in; echo > in/in; AFL_NO_UI=1 ./afl-fuzz -O -i in -o out -V 5 -- ./test-instr + \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index eda8dfd0..d5dce05f 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Initialize CodeQL uses: github/codeql-action/init@v1 diff --git a/.github/workflows/rust_custom_mutator.yml b/.github/workflows/rust_custom_mutator.yml index c279439e..eb3e2581 100644 --- a/.github/workflows/rust_custom_mutator.yml +++ b/.github/workflows/rust_custom_mutator.yml @@ -17,7 +17,7 @@ jobs: matrix: os: [ubuntu-22.04, ubuntu-20.04] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Install Rust Toolchain uses: actions-rs/toolchain@v1 with: @@ -27,4 +27,4 @@ jobs: - name: Run General Tests run: cargo test - name: Run Tests for afl_internals feature flag - run: cd custom_mutator && cargo test --features=afl_internals \ No newline at end of file + run: cd custom_mutator && cargo test --features=afl_internals -- cgit v1.2.3 From fc98d53e27861aace92b360cb51dd320d0a65867 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Tue, 21 Jun 2022 18:54:54 +0200 Subject: separate platforms --- .github/workflows/build-push-test-container.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to '.github') diff --git a/.github/workflows/build-push-test-container.yaml b/.github/workflows/build-push-test-container.yaml index 8a6d77d1..6f58d78c 100644 --- a/.github/workflows/build-push-test-container.yaml +++ b/.github/workflows/build-push-test-container.yaml @@ -16,11 +16,18 @@ jobs: - uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Build image + - name: Build amd64 image uses: docker/build-push-action@v3 with: context: . - platforms: linux/amd64,linux/arm64 + platforms: linux/amd64 + load: true + tags: aflplusplus/aflplusplus:test + - name: Build arm64 image + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/arm64 load: true tags: aflplusplus/aflplusplus:test - name: Test linux/amd64 image -- cgit v1.2.3 From 6e960f78d69d1ac8325b93849bd2e04ae502bddb Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Tue, 21 Jun 2022 22:01:30 +0200 Subject: arm needs qemu indeed --- .github/workflows/build-push-test-container.yaml | 4 ++++ 1 file changed, 4 insertions(+) (limited to '.github') diff --git a/.github/workflows/build-push-test-container.yaml b/.github/workflows/build-push-test-container.yaml index 6f58d78c..e2b828ac 100644 --- a/.github/workflows/build-push-test-container.yaml +++ b/.github/workflows/build-push-test-container.yaml @@ -14,6 +14,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build amd64 image -- cgit v1.2.3 From 0da7ddb738df60b3650d36832c9ede040a7ba6b9 Mon Sep 17 00:00:00 2001 From: rhtenhove Date: Wed, 22 Jun 2022 06:36:35 -0400 Subject: concurrency and caching (#1) * use concurrency * run here too * allow test failure * only push on push * fix coresight mode build * support but disable coresight * woops * no unicorn for arm * update codeql and fix makefile * forgot those * disable forward cache * fix needing buildx Co-authored-by: Ruben ten Hove --- .github/workflows/build-push-test-container.yaml | 61 --------------- .github/workflows/build-test-push-container.yaml | 96 ++++++++++++++++++++++++ .github/workflows/codeql-analysis.yml | 6 +- 3 files changed, 99 insertions(+), 64 deletions(-) delete mode 100644 .github/workflows/build-push-test-container.yaml create mode 100644 .github/workflows/build-test-push-container.yaml (limited to '.github') diff --git a/.github/workflows/build-push-test-container.yaml b/.github/workflows/build-push-test-container.yaml deleted file mode 100644 index e2b828ac..00000000 --- a/.github/workflows/build-push-test-container.yaml +++ /dev/null @@ -1,61 +0,0 @@ -name: Build, test and push container image - -on: - push: - branches: - - stable - - dev - tags: - - '*' - -jobs: - build: - name: Build, test and push container image - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - platforms: arm64 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build amd64 image - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64 - load: true - tags: aflplusplus/aflplusplus:test - - name: Build arm64 image - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/arm64 - load: true - tags: aflplusplus/aflplusplus:test - - name: Test linux/amd64 image - run: docker run --rm --platform linux/amd64 aflplusplus/aflplusplus:test make tests - - name: Test linux/arm64 image - run: docker run --rm --platform linux/arm64 aflplusplus/aflplusplus:test make tests - - name: Login to Dockerhub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Publish ${{ github.ref_name }} to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }} - if: ${{ github.ref_name != 'stable' }} - - name: Publish stable and latest to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest - if: ${{ github.ref_name == 'stable' }} diff --git a/.github/workflows/build-test-push-container.yaml b/.github/workflows/build-test-push-container.yaml new file mode 100644 index 00000000..5d9e69e4 --- /dev/null +++ b/.github/workflows/build-test-push-container.yaml @@ -0,0 +1,96 @@ +name: Build and test container image +on: + push: + branches: + - stable + - dev + tags: + - '*' + pull_request: + branch: + - stable + - dev + +jobs: + build-amd64: + name: Build and test amd64 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build amd64 + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64 + load: true + tags: aflplusplus/aflplusplus:test + # cache-from: type=gha # Ensure we always build a fresh image. We just use the cache for the subsequent push job. + cache-to: type=gha,mode=max + - name: Test linux/amd64 image + run: docker run --rm --platform linux/amd64 aflplusplus/aflplusplus:test make tests + continue-on-error: true + build-arm64: + name: Build and test arm64 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build arm64 + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/arm64 + load: true + tags: aflplusplus/aflplusplus:test + # cache-from: type=gha # Ensure we always build a fresh image. We just use the cache for the subsequent push job. + cache-to: type=gha,mode=max + - name: Test linux/arm64 image + run: docker run --rm --platform linux/arm64 aflplusplus/aflplusplus:test make tests + continue-on-error: true + push: + needs: + - build-amd64 + - build-arm64 + if: ${{ github.event_name == 'push' }} + name: Push image + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to Dockerhub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Publish ${{ github.ref_name }} for amd64 and arm64 to docker.io registry + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: aflplusplus/aflplusplus:${{ github.ref_name }} + cache-from: type=gha + # cache-to: type=gha,mode=max # No need to add to cache as we'll never use this + if: ${{ github.ref_name != 'stable' }} + - name: Publish stable and latest to docker.io registry + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest + cache-from: type=gha + # cache-to: type=gha,mode=max # No need to add to cache as we'll never use this + if: ${{ github.ref_name == 'stable' }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d5dce05f..55d477fc 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -21,12 +21,12 @@ jobs: uses: actions/checkout@v3 - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@v2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 -- cgit v1.2.3 From 1dac69b1eb16dff00d7a625138da5555c3acccb8 Mon Sep 17 00:00:00 2001 From: rhtenhove Date: Fri, 24 Jun 2022 09:26:09 -0400 Subject: use container; more is built + tested; use make -i (#2) --- .github/workflows/build-test-push-container.yaml | 96 ---------------- .github/workflows/codeql-analysis.yml | 32 ------ .github/workflows/container.yaml | 136 +++++++++++++++++++++++ 3 files changed, 136 insertions(+), 128 deletions(-) delete mode 100644 .github/workflows/build-test-push-container.yaml delete mode 100644 .github/workflows/codeql-analysis.yml create mode 100644 .github/workflows/container.yaml (limited to '.github') diff --git a/.github/workflows/build-test-push-container.yaml b/.github/workflows/build-test-push-container.yaml deleted file mode 100644 index 5d9e69e4..00000000 --- a/.github/workflows/build-test-push-container.yaml +++ /dev/null @@ -1,96 +0,0 @@ -name: Build and test container image -on: - push: - branches: - - stable - - dev - tags: - - '*' - pull_request: - branch: - - stable - - dev - -jobs: - build-amd64: - name: Build and test amd64 - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build amd64 - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64 - load: true - tags: aflplusplus/aflplusplus:test - # cache-from: type=gha # Ensure we always build a fresh image. We just use the cache for the subsequent push job. - cache-to: type=gha,mode=max - - name: Test linux/amd64 image - run: docker run --rm --platform linux/amd64 aflplusplus/aflplusplus:test make tests - continue-on-error: true - build-arm64: - name: Build and test arm64 - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - platforms: arm64 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build arm64 - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/arm64 - load: true - tags: aflplusplus/aflplusplus:test - # cache-from: type=gha # Ensure we always build a fresh image. We just use the cache for the subsequent push job. - cache-to: type=gha,mode=max - - name: Test linux/arm64 image - run: docker run --rm --platform linux/arm64 aflplusplus/aflplusplus:test make tests - continue-on-error: true - push: - needs: - - build-amd64 - - build-arm64 - if: ${{ github.event_name == 'push' }} - name: Push image - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - platforms: arm64 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to Dockerhub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Publish ${{ github.ref_name }} for amd64 and arm64 to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }} - cache-from: type=gha - # cache-to: type=gha,mode=max # No need to add to cache as we'll never use this - if: ${{ github.ref_name != 'stable' }} - - name: Publish stable and latest to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest - cache-from: type=gha - # cache-to: type=gha,mode=max # No need to add to cache as we'll never use this - if: ${{ github.ref_name == 'stable' }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 55d477fc..00000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [ stable, dev ] - pull_request: - branches: [ stable, dev ] - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - language: [ 'cpp' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml new file mode 100644 index 00000000..504eadfa --- /dev/null +++ b/.github/workflows/container.yaml @@ -0,0 +1,136 @@ +name: Build, test, CodeQL and push container image +on: + push: + branches: + - stable + - dev + tags: + - "*" + pull_request: + branches: + - dev # No need for stable-pull-request, as that equals dev-push + +jobs: + build-amd64: + name: Build amd64 image + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to GitHub Container Registry # Container cache registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build amd64 + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64 + tags: ghcr.io/${{ github.actor }}/aflplusplus:amd64 + push: true + cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:amd64 + + build-arm64: + name: Build arm64 image + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to GitHub Container Registry # Container cache registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - name: Build arm64 + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/arm64 + tags: ghcr.io/${{ github.actor }}/aflplusplus:arm64 + push: true + cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:arm64 + + test-amd64: + name: Test amd64 image + runs-on: ubuntu-latest + needs: build-amd64 + steps: + - name: Test amd64 + run: docker run --rm ghcr.io/${{ github.actor }}/aflplusplus:amd64 make tests + continue-on-error: true + + codeql-amd64: + name: CodeQL Analyze amd64 compiled code + runs-on: ubuntu-latest + needs: + - build-amd64 + container: + image: ghcr.io/${{ github.actor }}/aflplusplus:amd64 + steps: + - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 + run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus + - name: Checkout + uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: cpp + - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process + env: + CC: gcc # These are symlinked to the version used in the container build + CXX: g++ + run: make -i distrib # Best effort using -i + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + + push: + name: Push amd64 and arm64 image + runs-on: ubuntu-latest + needs: + - test-amd64 + - build-arm64 + if: ${{ github.event_name == 'push' }} + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to docker.io + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Set tags to push + id: push-tags + run: | + PUSH_TAGS=docker.io/aflplusplus/aflplusplus:${GITHUB_REF_NAME} + if [ "${GITHUB_REF_NAME}" = "stable" ]; then + PUSH_TAGS=${PUSH_TAGS},docker.io/aflplusplus/aflplusplus:latest + fi + export PUSH_TAGS + echo "::set-output name=PUSH_TAGS::${PUSH_TAGS}" + - name: Push to docker.io registry + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 # TODO: Fix: arm64 image doesn't use cached layer from COPY line + push: true + tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} + cache-from: | + type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:amd64 + type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:arm64 -- cgit v1.2.3 From 22c3b519fa92e02add77a0cf30600b5034d179d9 Mon Sep 17 00:00:00 2001 From: rhtenhove Date: Mon, 27 Jun 2022 11:05:17 -0400 Subject: reverts, fixes and even smaller image (#3) --- .github/workflows/container.yaml | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) (limited to '.github') diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index 504eadfa..534e737a 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -19,20 +19,21 @@ jobs: uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Login to GitHub Container Registry # Container cache registry + - name: Login to GitHub Container Registry # Container cache registry uses: docker/login-action@v2 with: registry: ghcr.io - username: ${{ github.actor }} + username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build amd64 uses: docker/build-push-action@v3 with: context: . platforms: linux/amd64 - tags: ghcr.io/${{ github.actor }}/aflplusplus:amd64 + tags: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64 push: true - cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:amd64 + cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64,mode=max + cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64 build-arm64: name: Build arm64 image @@ -46,7 +47,7 @@ jobs: uses: docker/login-action@v2 with: registry: ghcr.io - username: ${{ github.actor }} + username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU uses: docker/setup-qemu-action@v2 @@ -57,18 +58,24 @@ jobs: with: context: . platforms: linux/arm64 - tags: ghcr.io/${{ github.actor }}/aflplusplus:arm64 + tags: ghcr.io/${{ github.repository_owner }}/aflplusplus:arm64 push: true - cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:arm64 + cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64,mode=max + cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64 test-amd64: name: Test amd64 image runs-on: ubuntu-latest needs: build-amd64 + container: + image: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64 steps: - name: Test amd64 - run: docker run --rm ghcr.io/${{ github.actor }}/aflplusplus:amd64 make tests - continue-on-error: true + working-directory: /AFLplusplus + run: | + apt-get update + apt-get install -y libcmocka-dev + make -i tests codeql-amd64: name: CodeQL Analyze amd64 compiled code @@ -76,7 +83,7 @@ jobs: needs: - build-amd64 container: - image: ghcr.io/${{ github.actor }}/aflplusplus:amd64 + image: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64 steps: - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus @@ -100,7 +107,7 @@ jobs: needs: - test-amd64 - build-arm64 - if: ${{ github.event_name == 'push' }} + if: ${{ github.event_name == 'push' && github.repository == 'AFLplusplus/AFLplusplus' }} steps: - name: Checkout uses: actions/checkout@v3 @@ -128,9 +135,9 @@ jobs: uses: docker/build-push-action@v3 with: context: . - platforms: linux/amd64,linux/arm64 # TODO: Fix: arm64 image doesn't use cached layer from COPY line + platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} - cache-from: | - type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:amd64 - type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:arm64 + cache-from: | # TODO: From COPY line on is not cached + type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64 + type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64 -- cgit v1.2.3 From 73db4fe9939482f4c2f38c24d903869bb0d4a7eb Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Mon, 27 Jun 2022 15:13:16 +0000 Subject: use actor --- .github/workflows/container.yaml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to '.github') diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index 534e737a..a6d31668 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -23,17 +23,17 @@ jobs: uses: docker/login-action@v2 with: registry: ghcr.io - username: ${{ github.repository_owner }} + username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build amd64 uses: docker/build-push-action@v3 with: context: . platforms: linux/amd64 - tags: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64 + tags: ghcr.io/${{ github.actor }}/aflplusplus:amd64 push: true - cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64,mode=max - cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64 + cache-to: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64,mode=max + cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64 build-arm64: name: Build arm64 image @@ -47,7 +47,7 @@ jobs: uses: docker/login-action@v2 with: registry: ghcr.io - username: ${{ github.repository_owner }} + username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU uses: docker/setup-qemu-action@v2 @@ -58,17 +58,17 @@ jobs: with: context: . platforms: linux/arm64 - tags: ghcr.io/${{ github.repository_owner }}/aflplusplus:arm64 + tags: ghcr.io/${{ github.actor }}/aflplusplus:arm64 push: true - cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64,mode=max - cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64 + cache-to: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64,mode=max + cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64 test-amd64: name: Test amd64 image runs-on: ubuntu-latest needs: build-amd64 container: - image: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64 + image: ghcr.io/${{ github.actor }}/aflplusplus:amd64 steps: - name: Test amd64 working-directory: /AFLplusplus @@ -83,7 +83,7 @@ jobs: needs: - build-amd64 container: - image: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64 + image: ghcr.io/${{ github.actor }}/aflplusplus:amd64 steps: - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus @@ -139,5 +139,5 @@ jobs: push: true tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} cache-from: | # TODO: From COPY line on is not cached - type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64 - type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64 + type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64 + type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64 -- cgit v1.2.3 From e969972c9799788df0f4af07b9112bb198024f21 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Mon, 27 Jun 2022 15:35:41 +0000 Subject: gcta --- .github/workflows/ci.yml | 7 +++---- .github/workflows/container.yaml | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9f0cacca..906267a0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,13 +2,13 @@ name: CI on: push: - branches: [ stable, dev ] + branches: [stable, dev] pull_request: - branches: [ stable, dev ] + branches: [stable, dev] jobs: linux: - runs-on: '${{ matrix.os }}' + runs-on: "${{ matrix.os }}" strategy: matrix: os: [ubuntu-22.04, ubuntu-20.04, ubuntu-18.04] @@ -51,4 +51,3 @@ jobs: run: sudo -E ./afl-system-config; export CC=/usr/local/Cellar/llvm/*/bin/clang; export CXX="$CC"++; export PATH=/usr/local/Cellar/llvm/*/":/usr/local/bin:$PATH"; export LLVM_CONFIG=/usr/local/Cellar/llvm/*/bin/llvm-config; gmake tests - name: force frida test for MacOS run: export AFL_PATH=`pwd`; /usr/local/bin/gcc -o test-instr test-instr.c; mkdir in; echo > in/in; AFL_NO_UI=1 ./afl-fuzz -O -i in -o out -V 5 -- ./test-instr - \ No newline at end of file diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index a6d31668..d4731775 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -19,7 +19,7 @@ jobs: uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Login to GitHub Container Registry # Container cache registry + - name: Login to GitHub Container Registry # Container cache registry uses: docker/login-action@v2 with: registry: ghcr.io @@ -138,6 +138,6 @@ jobs: platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} - cache-from: | # TODO: From COPY line on is not cached + cache-from: | # TODO: From COPY line on is not cached type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64 type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64 -- cgit v1.2.3 From a1889db9bf1e83054e7978d22715c3e197882428 Mon Sep 17 00:00:00 2001 From: rhtenhove Date: Mon, 27 Jun 2022 16:17:02 -0400 Subject: simpler jobs --- .github/workflows/codeql.yaml | 30 +++++++++++++ .github/workflows/container.yaml | 95 +++++----------------------------------- 2 files changed, 40 insertions(+), 85 deletions(-) create mode 100644 .github/workflows/codeql.yaml (limited to '.github') diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml new file mode 100644 index 00000000..9398df75 --- /dev/null +++ b/.github/workflows/codeql.yaml @@ -0,0 +1,30 @@ +name: "CodeQL" + +on: + push: + branches: [stable, dev] + pull_request: + branches: [stable, dev] + +jobs: + codeql: + name: Analyze + runs-on: ubuntu-latest + container: # We use a previous image as it's expected to have all the dependencies + image: docker.io/aflplusplus/aflplusplus:dev + steps: + - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 + run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus + - name: Checkout + uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: cpp + - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process + env: + CC: gcc # These are symlinked to the version used in the container build + CXX: g++ + run: make -i distrib # Best effort using -i + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index d4731775..0fd20dd7 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -1,4 +1,4 @@ -name: Build, test, CodeQL and push container image +name: Container on: push: branches: @@ -11,102 +11,29 @@ on: - dev # No need for stable-pull-request, as that equals dev-push jobs: - build-amd64: - name: Build amd64 image + build-and-test-amd64: + name: Build and test amd64 image runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Login to GitHub Container Registry # Container cache registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - name: Build amd64 uses: docker/build-push-action@v3 with: context: . - platforms: linux/amd64 - tags: ghcr.io/${{ github.actor }}/aflplusplus:amd64 - push: true - cache-to: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64,mode=max - cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64 - - build-arm64: - name: Build arm64 image - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to GitHub Container Registry # Container cache registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - platforms: arm64 - - name: Build arm64 - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/arm64 - tags: ghcr.io/${{ github.actor }}/aflplusplus:arm64 - push: true - cache-to: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64,mode=max - cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64 - - test-amd64: - name: Test amd64 image - runs-on: ubuntu-latest - needs: build-amd64 - container: - image: ghcr.io/${{ github.actor }}/aflplusplus:amd64 - steps: + tags: aflplusplus:amd64 + load: true + cache-to: type=gha,mode=max - name: Test amd64 - working-directory: /AFLplusplus - run: | - apt-get update - apt-get install -y libcmocka-dev - make -i tests - - codeql-amd64: - name: CodeQL Analyze amd64 compiled code - runs-on: ubuntu-latest - needs: - - build-amd64 - container: - image: ghcr.io/${{ github.actor }}/aflplusplus:amd64 - steps: - - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 - run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus - - name: Checkout - uses: actions/checkout@v3 - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: cpp - - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process - env: - CC: gcc # These are symlinked to the version used in the container build - CXX: g++ - run: make -i distrib # Best effort using -i - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + run: docker run --rm aflplusplus:amd64 bash -c "apt-get update && apt-get install -y libcmocka-dev && make -i tests" push: - name: Push amd64 and arm64 image + name: Build and push amd64 and arm64 image runs-on: ubuntu-latest needs: - - test-amd64 - - build-arm64 + - build-and-test-amd64 if: ${{ github.event_name == 'push' && github.repository == 'AFLplusplus/AFLplusplus' }} steps: - name: Checkout @@ -138,6 +65,4 @@ jobs: platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} - cache-from: | # TODO: From COPY line on is not cached - type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64 - type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64 + cache-from: type=gha -- cgit v1.2.3 From b3edb657c2221f7d292931c8df04388c552737dd Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Tue, 28 Jun 2022 01:50:39 +0000 Subject: check python too --- .github/workflows/codeql-analysis.yaml | 30 ++++++++++++++++++++++++++++++ .github/workflows/codeql.yaml | 30 ------------------------------ .github/workflows/container.yaml | 4 ++-- 3 files changed, 32 insertions(+), 32 deletions(-) create mode 100644 .github/workflows/codeql-analysis.yaml delete mode 100644 .github/workflows/codeql.yaml (limited to '.github') diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml new file mode 100644 index 00000000..c9efb296 --- /dev/null +++ b/.github/workflows/codeql-analysis.yaml @@ -0,0 +1,30 @@ +name: "CodeQL" + +on: + push: + branches: [stable, dev] + pull_request: + branches: [stable, dev] + +jobs: + codeql: + name: Analyze + runs-on: ubuntu-latest + container: # We use a previous image as it's expected to have all the dependencies + image: docker.io/aflplusplus/aflplusplus:dev + steps: + - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 + run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus + - name: Checkout + uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: cpp, python + - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process + env: + CC: gcc # These are symlinked to the version used in the container build + CXX: g++ + run: make -i distrib # Best effort using -i + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml deleted file mode 100644 index 9398df75..00000000 --- a/.github/workflows/codeql.yaml +++ /dev/null @@ -1,30 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [stable, dev] - pull_request: - branches: [stable, dev] - -jobs: - codeql: - name: Analyze - runs-on: ubuntu-latest - container: # We use a previous image as it's expected to have all the dependencies - image: docker.io/aflplusplus/aflplusplus:dev - steps: - - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 - run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus - - name: Checkout - uses: actions/checkout@v3 - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: cpp - - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process - env: - CC: gcc # These are symlinked to the version used in the container build - CXX: g++ - run: make -i distrib # Best effort using -i - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index 0fd20dd7..81e2a3f8 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -12,7 +12,7 @@ on: jobs: build-and-test-amd64: - name: Build and test amd64 image + name: Test amd64 image runs-on: ubuntu-latest steps: - name: Checkout @@ -30,7 +30,7 @@ jobs: run: docker run --rm aflplusplus:amd64 bash -c "apt-get update && apt-get install -y libcmocka-dev && make -i tests" push: - name: Build and push amd64 and arm64 image + name: Push amd64 and arm64 images runs-on: ubuntu-latest needs: - build-and-test-amd64 -- cgit v1.2.3 From 3e65e1a029c44b33a77ca04724335ee3ecd30e67 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Tue, 28 Jun 2022 15:59:56 +0000 Subject: fix test using test specific build --- .github/workflows/codeql-analysis.yaml | 30 -------------- .github/workflows/codeql-analysis.yml | 30 ++++++++++++++ .github/workflows/container.yaml | 68 ------------------------------ .github/workflows/container.yml | 75 ++++++++++++++++++++++++++++++++++ 4 files changed, 105 insertions(+), 98 deletions(-) delete mode 100644 .github/workflows/codeql-analysis.yaml create mode 100644 .github/workflows/codeql-analysis.yml delete mode 100644 .github/workflows/container.yaml create mode 100644 .github/workflows/container.yml (limited to '.github') diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml deleted file mode 100644 index c9efb296..00000000 --- a/.github/workflows/codeql-analysis.yaml +++ /dev/null @@ -1,30 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [stable, dev] - pull_request: - branches: [stable, dev] - -jobs: - codeql: - name: Analyze - runs-on: ubuntu-latest - container: # We use a previous image as it's expected to have all the dependencies - image: docker.io/aflplusplus/aflplusplus:dev - steps: - - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 - run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus - - name: Checkout - uses: actions/checkout@v3 - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: cpp, python - - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process - env: - CC: gcc # These are symlinked to the version used in the container build - CXX: g++ - run: make -i distrib # Best effort using -i - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000..ba6792b1 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,30 @@ +name: "CodeQL" + +on: + push: + branches: [stable, dev] + pull_request: + branches: [stable, dev] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + container: # We use a previous image as it's expected to have all the dependencies + image: docker.io/aflplusplus/aflplusplus:dev + steps: + - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760 + run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus + - name: Checkout + uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: cpp, python + - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process + env: + CC: gcc # These are symlinked to the version used in the container build + CXX: g++ + run: make -i distrib # Best effort using -i + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml deleted file mode 100644 index 81e2a3f8..00000000 --- a/.github/workflows/container.yaml +++ /dev/null @@ -1,68 +0,0 @@ -name: Container -on: - push: - branches: - - stable - - dev - tags: - - "*" - pull_request: - branches: - - dev # No need for stable-pull-request, as that equals dev-push - -jobs: - build-and-test-amd64: - name: Test amd64 image - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Build amd64 - uses: docker/build-push-action@v3 - with: - context: . - tags: aflplusplus:amd64 - load: true - cache-to: type=gha,mode=max - - name: Test amd64 - run: docker run --rm aflplusplus:amd64 bash -c "apt-get update && apt-get install -y libcmocka-dev && make -i tests" - - push: - name: Push amd64 and arm64 images - runs-on: ubuntu-latest - needs: - - build-and-test-amd64 - if: ${{ github.event_name == 'push' && github.repository == 'AFLplusplus/AFLplusplus' }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - platforms: arm64 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to docker.io - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Set tags to push - id: push-tags - run: | - PUSH_TAGS=docker.io/aflplusplus/aflplusplus:${GITHUB_REF_NAME} - if [ "${GITHUB_REF_NAME}" = "stable" ]; then - PUSH_TAGS=${PUSH_TAGS},docker.io/aflplusplus/aflplusplus:latest - fi - export PUSH_TAGS - echo "::set-output name=PUSH_TAGS::${PUSH_TAGS}" - - name: Push to docker.io registry - uses: docker/build-push-action@v3 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} - cache-from: type=gha diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml new file mode 100644 index 00000000..8836997d --- /dev/null +++ b/.github/workflows/container.yml @@ -0,0 +1,75 @@ +name: Container +on: + push: + branches: + - stable + - dev + tags: + - "*" + pull_request: + branches: + - dev # No need for stable-pull-request, as that equals dev-push + +jobs: + build-and-test-amd64: + name: Test amd64 image + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build amd64 + uses: docker/build-push-action@v3 + with: + context: . + tags: aflplusplus:test-amd64 + load: true + cache-to: type=gha,mode=max + build-args: | + TEST_BUILD=1 + - name: Test amd64 + run: > + docker run --rm aflplusplus:test-amd64 bash -c " + apt-get update && + apt-get install -y libcmocka-dev && + make -i tests + " + + push: + name: Push amd64 and arm64 images + runs-on: ubuntu-latest + needs: + - build-and-test-amd64 + if: ${{ github.event_name == 'push' && github.repository == 'AFLplusplus/AFLplusplus' }} + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to docker.io + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Set tags to push + id: push-tags + run: | + PUSH_TAGS=docker.io/aflplusplus/aflplusplus:${GITHUB_REF_NAME} + if [ "${GITHUB_REF_NAME}" = "stable" ]; then + PUSH_TAGS=${PUSH_TAGS},docker.io/aflplusplus/aflplusplus:latest + fi + export PUSH_TAGS + echo "::set-output name=PUSH_TAGS::${PUSH_TAGS}" + - name: Push to docker.io registry + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.push-tags.outputs.PUSH_TAGS }} + cache-from: type=gha -- cgit v1.2.3 From 6c9c8fdc651e3c3376f3ba6590c49424be1844d7 Mon Sep 17 00:00:00 2001 From: rhtenhove Date: Mon, 4 Jul 2022 14:32:48 -0400 Subject: check code formatting (#5) --- .github/workflows/ci.yml | 7 ++++-- .github/workflows/code-format.yml | 36 +++++++++++++++++++++++++++++++ .github/workflows/codeql-analysis.yml | 7 ++++-- .github/workflows/rust_custom_mutator.yml | 7 ++++-- 4 files changed, 51 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/code-format.yml (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 906267a0..4ca76f2d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,9 +2,12 @@ name: CI on: push: - branches: [stable, dev] + branches: + - stable + - dev pull_request: - branches: [stable, dev] + branches: + - dev # No need for stable-pull-request, as that equals dev-push jobs: linux: diff --git a/.github/workflows/code-format.yml b/.github/workflows/code-format.yml new file mode 100644 index 00000000..f24e652b --- /dev/null +++ b/.github/workflows/code-format.yml @@ -0,0 +1,36 @@ +name: Formatting + +on: + push: + branches: + - stable + - dev + pull_request: + branches: + - dev # No need for stable-pull-request, as that equals dev-push + +jobs: + code-format-check: + name: Check code format + runs-on: ubuntu-22.04 + container: + image: docker.io/aflplusplus/aflplusplus:dev + env: + LLVM_VERSION: 14 # Remove _after_ this branch's image is built and pushed. The new image will have this var in ENV. + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Format + run: | + git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus + apt-get update + apt-get install -y clang-format-${LLVM_VERSION} + update-alternatives --install /usr/bin/clang-format clang-format /usr/bin/clang-format-${LLVM_VERSION} 0 + make code-format + - name: Check if code needed formatting + run: | + git --no-pager -c color.ui=always diff HEAD + if ! git diff HEAD --quiet; then + echo "[!] Please run 'make code-format' and push its changes." + exit 1 + fi diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ba6792b1..54934395 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -2,9 +2,12 @@ name: "CodeQL" on: push: - branches: [stable, dev] + branches: + - stable + - dev pull_request: - branches: [stable, dev] + branches: + - dev # No need for stable-pull-request, as that equals dev-push jobs: analyze: diff --git a/.github/workflows/rust_custom_mutator.yml b/.github/workflows/rust_custom_mutator.yml index eb3e2581..7c2f0c12 100644 --- a/.github/workflows/rust_custom_mutator.yml +++ b/.github/workflows/rust_custom_mutator.yml @@ -2,9 +2,12 @@ name: Rust Custom Mutators on: push: - branches: [ stable, dev ] + branches: + - stable + - dev pull_request: - branches: [ stable, dev ] + branches: + - dev # No need for stable-pull-request, as that equals dev-push jobs: test: -- cgit v1.2.3 From c90dd00fc977170048271ca8f4f614b8b625e67a Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Mon, 4 Jul 2022 22:38:28 +0000 Subject: no longer need this line --- .github/workflows/code-format.yml | 1 - 1 file changed, 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/code-format.yml b/.github/workflows/code-format.yml index f24e652b..088793e7 100644 --- a/.github/workflows/code-format.yml +++ b/.github/workflows/code-format.yml @@ -25,7 +25,6 @@ jobs: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus apt-get update apt-get install -y clang-format-${LLVM_VERSION} - update-alternatives --install /usr/bin/clang-format clang-format /usr/bin/clang-format-${LLVM_VERSION} 0 make code-format - name: Check if code needed formatting run: | -- cgit v1.2.3 From c7c74764531beb280c4baf0f51499f494fbaf990 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Thu, 7 Jul 2022 17:10:42 +0000 Subject: disable formatter --- .github/workflows/code-format.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to '.github') diff --git a/.github/workflows/code-format.yml b/.github/workflows/code-format.yml index 088793e7..314137ff 100644 --- a/.github/workflows/code-format.yml +++ b/.github/workflows/code-format.yml @@ -12,11 +12,9 @@ on: jobs: code-format-check: name: Check code format + if: ${{ 'false' == 'true' }} # Disable the job runs-on: ubuntu-22.04 - container: - image: docker.io/aflplusplus/aflplusplus:dev - env: - LLVM_VERSION: 14 # Remove _after_ this branch's image is built and pushed. The new image will have this var in ENV. + container: docker.io/aflplusplus/aflplusplus:dev steps: - name: Checkout uses: actions/checkout@v3 -- cgit v1.2.3 From 1f17aa082d4ee75c5a034a1ec32025fb828357d2 Mon Sep 17 00:00:00 2001 From: rhtenhove Date: Fri, 8 Jul 2022 08:32:17 -0400 Subject: Dont codeql submodules --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 54934395..75935123 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -28,6 +28,6 @@ jobs: env: CC: gcc # These are symlinked to the version used in the container build CXX: g++ - run: make -i distrib # Best effort using -i + run: make -i all # Best effort using -i - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 -- cgit v1.2.3