Create Google cloud storage bucket for release artifacts from fuzzing tool

This is a request from the Fuzz Testing group.

We need a new google-cloud-storage bucket called gitlab-cov-fuzz that will host releases of this CLI (closed source available at https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-cov-fuzz-src).

This CLI tool is an official GitLab binary.

The cloud storage bucket is the most effective way to host this binary. We evaluated the following options and found they did not meet our needs.

Hosting a file with GitLab Upload API

The reason we don't want to use the gitlab upload api is because it doesn't support custom paths which in turn doesn't allow us to implement semantic versioning. We can not overwrite urls so /path/to/v1 could not always point to the latest v1 binary.

Saving artifacts in a repo

We can implement semantic version by saving the artefacts in the repo but this will have performance impact as this will have to go through all the git/GitLab backend and controllers which is unnecessary overhead and not fined-tuned for standard files.

Using permanent links in Releases

This system does not work because permanent links can not be changed to point to a new underlying location, so it does not solve the semantic version problem. For example a permanent link of /path/to/v1 to hash/v1 can not be updated to hash2/v1.

Summary

Essentially we want to use the same technique gitlab-runner team has and use their own gitlab-runner-downloads bucket for their releases.