.github/workflows/cifuzz.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

name: CIFuzz

on:
    pull_request: {paths: [src/**, .github/workflows/build.yml]}

permissions: {}
jobs:
    Fuzzing:
        runs-on: ubuntu-latest
        permissions:
            security-events: write
        steps:
        - name: Build Fuzzers
          id: build
          uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
          with:
            oss-fuzz-project-name: 'krb5'
            language: c
        - name: Run Fuzzers
          uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
          with:
            oss-fuzz-project-name: 'krb5'
            language: c
            fuzz-seconds: 300
            output-sarif: true
        - name: Upload Crash
          uses: actions/upload-artifact@v3
          if: failure() && steps.build.outcome == 'success'
          with:
            name: artifacts
            path: ./out/artifacts
        - name: Upload Sarif
          if: always() && steps.build.outcome == 'success'
          uses: github/codeql-action/upload-sarif@v2
          with:
            # Path to SARIF file relative to the root of the repository
            sarif_file: cifuzz-sarif/results.sarif
            checkout_path: cifuzz-sarif