Commit ae0b2eaa authored by Yevgeny Pats's avatar Yevgeny Pats
Browse files

Update documentation for continuous async fuzzing

parent b7262c9b
Pipeline #202845068 passed with stage
in 43 seconds
# Continuous Fuzzing for Golang Example
This is an example of how to integrate your [go-fuzz]( targets into GitLab Ci/CD
The example on this branch will show how to run you fuzz targets in async way using [parent-child pipelines]( without blocking your main pipeline.
This example works with [go-fuzz]( but the same can be applied to all other [supported languages](
This example will show the following steps:
* [Building and running a simple go-fuzz target locally](#building-go-fuzz-target)
......@@ -133,21 +135,26 @@ The best way to integrate go-fuzz fuzzing with Gitlab CI/CD is by adding additio
- template: Coverage-Fuzzing.gitlab-ci.yml
extends: .fuzz_base
- go-fuzz-build -libfuzzer -o parse-complex.a .
- clang -fsanitize=fuzzer parse-complex.a -o parse-complex
- ./gl-fuzz run --regression=$REGRESSION -- ./parse-complex
COVFUZZ_ADDITIONAL_ARGS: '-max_total_time=300'
include: .covfuzz-ci.yml
strategy: depend
- if: $CI_COMMIT_BRANCH != 'continuous_fuzzing' && $CI_PIPELINE_SOURCE != 'merge_request_event'
COVFUZZ_ADDITIONAL_ARGS: '-max_total_time=3600'
include: .covfuzz-ci.yml
- if: $CI_COMMIT_BRANCH == 'continuous_fuzzing' && $CI_PIPELINE_SOURCE != 'merge_request_event'
For each fuzz target you will will have to create a step which extends `.fuzz_base` that runs the following:
* Builds the fuzz target
* Runs the fuzz target via `gl-fuzz` CLI.
* For `$CI_DEFAULT_BRANCH` (can be override by `$COV_FUZZING_BRANCH`) will run fully fledged fuzzing sessions.
For everything else including MRs will run fuzzing regression with the accumlated corpus and fixed crashes.
This essentially creates two steps:
* `sync_fuzzing`: This will run all your fuzz targets for a short period of time in a blocking configuration. This will give you the ability to be confident of your MRs making sure that no low-hanging fruit bugs were introduces or old one re-introduced again.
* `async_fuzzing`: This will run on your main branch and will help you find deep bugs in your code without blocking your developments cycle and MRs.
The `covfuzz-ci.yml` is the same as in [original synchronous example](
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment