Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

ci: move fuzz corpus to S3 #4665

Merged
merged 2 commits into from
Jul 30, 2024
Merged

ci: move fuzz corpus to S3 #4665

merged 2 commits into from
Jul 30, 2024

Conversation

jouho
Copy link
Contributor

@jouho jouho commented Jul 24, 2024
edited
Loading

Resolved issues:

Part of #1447

Description of changes:

  • This change enables the upload of corpus files generated from fuzz tests to an S3 bucket and allows downloading them to start a new fuzz test using the accumulated corpus files.

  • A new environment variable, CORPUS_UPLOAD_LOC, has been introduced. When this variable is specified, the fuzz test will download corpus files from the specified S3 bucket for a new fuzz test. After the test, any newly generated corpus files are uploaded to the corresponding S3 location, allowing continuous improvement of the corpus.

  • Not a change in this PR, but new policy s2n-tls-fuzz-corpus-s3-access is attached to corresponding CodeBuild project to grant access to S3 bucket storing corpus files.

Call-outs:

This feature can be turned on or off by specifying CORPUS_UPLOAD_LOC in the CodeBuild configuration by overriding the environment variable. I suggest first turning it on for s2nFuzzScheduled (a daily job that runs a single fuzz test for ~8 hours) to ensure long-term viability. Afterward, we can enable it for s2nFuzzBatch, which runs against each PR.

There are also some other tasks left to do after this change:

  • Currently, the daily task is only running 6 fuzz tests out of ~30 different tests. We should look to activate the inactive ones.
  • Artifacts are currently stored and overwritten in one S3 location. We should store them in separate locations with timestamp on it for potential debugging.
  • After enabling this feature for s2nFuzzBatch, we should probably remove all the cluttering corpus files stored in the s2n-tls repo.

Testing:

I have some test runs for both s2nFuzzBatch and s2nFuzzScheduled using this PR as source. You can see their build log:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Jul 24, 2024
@jouho jouho changed the title store corpus in S3 CI: move fuzz corpus to S3 Jul 24, 2024
@dougch dougch self-requested a review July 26, 2024 15:55
@jouho jouho marked this pull request as ready for review July 26, 2024 19:10
@jouho jouho requested a review from camshaft July 26, 2024 19:11
dougch
dougch approved these changes Jul 29, 2024
View reviewed changes
Copy link
Contributor

@dougch dougch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for getting this done

tests/fuzz/runFuzzTest.sh Show resolved Hide resolved
@jouho jouho changed the title CI: move fuzz corpus to S3 ci: move fuzz corpus to S3 Jul 29, 2024
@jouho jouho mentioned this pull request Jul 29, 2024
Merged
@jouho jouho enabled auto-merge (squash) July 30, 2024 17:17
@jouho jouho merged commit dec975b into main Jul 30, 2024
37 checks passed
@jouho jouho deleted the move-corpus-to-s3 branch July 30, 2024 19:29
@jouho jouho mentioned this pull request Aug 8, 2024
Closed
@goatgoose goatgoose mentioned this pull request Aug 15, 2024
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@dougch dougch dougch approved these changes

@camshaft camshaft camshaft approved these changes

Assignees
No one assigned
Labels
s2n-core team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jouho @camshaft @dougch