-
Notifications
You must be signed in to change notification settings - Fork 0
47 lines (44 loc) · 1.61 KB
/
Copy pathfuzz.yml
File metadata and controls
47 lines (44 loc) · 1.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
name: Fuzz campaign
# ci.yml only *compiles* the fuzz targets (`cargo fuzz check`); this workflow
# actually RUNS them on a schedule (roadmap §5), each for a bounded time, and
# uploads the evolved corpus and any crash artifact for inspection.
on:
schedule:
- cron: "0 3 * * 1" # weekly, Monday 03:00 UTC
workflow_dispatch:
inputs:
minutes:
description: Minutes to fuzz each target
default: "10"
permissions:
contents: read
jobs:
fuzz:
name: Fuzz ${{ matrix.target }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
target: [database_open, carve, audit, render]
env:
# cargo-fuzz builds with the host nightly; its own deps' warnings must not
# fail the run (mirrors ci.yml's fuzz-check job).
RUSTFLAGS: ""
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dtolnay/rust-toolchain@nightly
- uses: Swatinem/rust-cache@9bdad043e88c75890e36ad3bbc8d27f0090dd609 # v2.7.8
- run: cargo install cargo-fuzz
- name: Fuzz ${{ matrix.target }}
run: |
minutes="${{ github.event.inputs.minutes || '10' }}"
cargo +nightly fuzz run "${{ matrix.target }}" -- -max_total_time="$((minutes * 60))"
- name: Upload corpus and any crash artifacts
if: always()
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: fuzz-${{ matrix.target }}
path: |
fuzz/corpus/${{ matrix.target }}
fuzz/artifacts/${{ matrix.target }}
if-no-files-found: ignore