fuzz.yml (2042B)
1 # Copyright (c) the JPEG XL Project Authors. All rights reserved. 2 # 3 # Use of this source code is governed by a BSD-style 4 # license that can be found in the LICENSE file. 5 6 # CI on pull-requests to run the fuzzer from oss-fuzz. See: 7 # 8 # https://google.github.io/oss-fuzz/getting-started/continuous-integration/ 9 10 name: CIFuzz 11 on: 12 merge_group: 13 pull_request: 14 types: [opened, reopened, synchronize] 15 paths: 16 - '**.c' 17 - '**.cc' 18 - '**.cmake' 19 - '**.h' 20 - '**CMakeLists.txt' 21 - .github/workflows/fuzz.yml 22 23 permissions: 24 contents: read 25 26 concurrency: 27 group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }} 28 cancel-in-progress: ${{ github.event_name == 'pull_request' }} 29 30 jobs: 31 fuzzing: 32 runs-on: ubuntu-latest 33 steps: 34 - name: Harden Runner 35 uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 36 with: 37 egress-policy: audit 38 39 - name: Checkout source 40 uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 41 id: checkout 42 with: 43 # The build_fuzzers action checks out the code to the storage/libjxl 44 # directory already, but doesn't check out the submodules. This step 45 # is a workaround for checking out the submodules. 46 path: storage/libjxl 47 submodules: true 48 - name: Build Fuzzers 49 id: build 50 uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@71ecd5d4e4bf9a6edc19c9fa6d2422fb528bca4f # master 51 with: 52 oss-fuzz-project-name: 'libjxl' 53 language: c++ 54 - name: Run Fuzzers 55 uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@71ecd5d4e4bf9a6edc19c9fa6d2422fb528bca4f # master 56 with: 57 oss-fuzz-project-name: 'libjxl' 58 language: c++ 59 fuzz-seconds: 600 60 - name: Upload Crash 61 uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 62 if: failure() && steps.build.outcome == 'success' 63 with: 64 name: artifacts 65 path: ./out/artifacts