From e390a006415001e9094ed7ff329a9a973c987b99 Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:17:36 +1000 Subject: [PATCH 1/7] Add cloudbuild for building chronos images for all C++. --- infra/experimental/chronos/Dockerfile | 3 ++ infra/experimental/chronos/build_all.sh | 27 +++++++++++++++ infra/experimental/chronos/cloudbuild.yaml | 5 ++- .../experimental/chronos/cloudbuild_all.yaml | 34 +++++++++++++++++++ 4 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 infra/experimental/chronos/Dockerfile create mode 100755 infra/experimental/chronos/build_all.sh create mode 100644 infra/experimental/chronos/cloudbuild_all.yaml diff --git a/infra/experimental/chronos/Dockerfile b/infra/experimental/chronos/Dockerfile new file mode 100644 index 000000000000..60330dbac44c --- /dev/null +++ b/infra/experimental/chronos/Dockerfile @@ -0,0 +1,3 @@ +FROM gcr.io/cloud-builders/gcloud + +RUN apt-get update && apt-get install -y jq \ No newline at end of file diff --git a/infra/experimental/chronos/build_all.sh b/infra/experimental/chronos/build_all.sh new file mode 100755 index 000000000000..64216a9d9936 --- /dev/null +++ b/infra/experimental/chronos/build_all.sh @@ -0,0 +1,27 @@ +#!/bin/bash +# Copyright 2024 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +# Build all C/C++ projects. +c_project_yaml=$(find projects/ -name project.yaml -exec grep -l 'language: c' {} \;) +projs=$(echo $c_project_yaml | xargs dirname | xargs basename -a | sort) + +for proj in $projs; do + fuzz_target=$(curl -s "https://introspector.oss-fuzz.com/api/harness-source-and-executable?project=$proj" | jq --raw-output '.pairs[0].executable') + if [ "$fuzz_target" != null ]; then + echo ./build_on_cloudbuild.sh $proj $fuzz_target c + fi +done \ No newline at end of file diff --git a/infra/experimental/chronos/cloudbuild.yaml b/infra/experimental/chronos/cloudbuild.yaml index cd9041d2b8f3..8167c1f5d9e3 100644 --- a/infra/experimental/chronos/cloudbuild.yaml +++ b/infra/experimental/chronos/cloudbuild.yaml @@ -62,4 +62,7 @@ images: timeout: 1800s serviceAccount: 'projects/oss-fuzz/serviceAccounts/builder@oss-fuzz.iam.gserviceaccount.com' options: - logging: CLOUD_LOGGING_ONLY \ No newline at end of file + logging: CLOUD_LOGGING_ONLY +tags: +- ${_PROJECT} +- chronos \ No newline at end of file diff --git a/infra/experimental/chronos/cloudbuild_all.yaml b/infra/experimental/chronos/cloudbuild_all.yaml new file mode 100644 index 000000000000..6bc9d34318ee --- /dev/null +++ b/infra/experimental/chronos/cloudbuild_all.yaml @@ -0,0 +1,34 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ +# CloudBuild for generating Chronos-cached images. +steps: +- name: 'gcr.io/cloud-builders/docker' + args: + - build + - -t + - gcloud + - . + dir: infra/experimental/chronos +- name: 'gcloud' + args: + - infra/experimental/chronos/build_all.sh + entrypoint: /bin/bash +timeout: 1800s +serviceAccount: 'projects/oss-fuzz/serviceAccounts/builder@oss-fuzz.iam.gserviceaccount.com' +options: + logging: CLOUD_LOGGING_ONLY +tags: +- chronos-all \ No newline at end of file From 33a37775346e61ea3cf9f6eb63d4ccdf51bc4c9d Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:20:57 +1000 Subject: [PATCH 2/7] Add missing headers --- infra/experimental/chronos/Dockerfile | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/infra/experimental/chronos/Dockerfile b/infra/experimental/chronos/Dockerfile index 60330dbac44c..579a46da68b2 100644 --- a/infra/experimental/chronos/Dockerfile +++ b/infra/experimental/chronos/Dockerfile @@ -1,3 +1,18 @@ +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ FROM gcr.io/cloud-builders/gcloud RUN apt-get update && apt-get install -y jq \ No newline at end of file From 7e508b17c3787950405886d4ac20e32f3f8e7052 Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:23:36 +1000 Subject: [PATCH 3/7] fixes --- infra/experimental/chronos/build_all.sh | 3 +++ infra/experimental/chronos/cloudbuild_all.yaml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/infra/experimental/chronos/build_all.sh b/infra/experimental/chronos/build_all.sh index 64216a9d9936..61950627dcc2 100755 --- a/infra/experimental/chronos/build_all.sh +++ b/infra/experimental/chronos/build_all.sh @@ -19,9 +19,12 @@ c_project_yaml=$(find projects/ -name project.yaml -exec grep -l 'language: c' {} \;) projs=$(echo $c_project_yaml | xargs dirname | xargs basename -a | sort) +cd infra/experimental/chronos + for proj in $projs; do fuzz_target=$(curl -s "https://introspector.oss-fuzz.com/api/harness-source-and-executable?project=$proj" | jq --raw-output '.pairs[0].executable') if [ "$fuzz_target" != null ]; then echo ./build_on_cloudbuild.sh $proj $fuzz_target c + ./build_on_cloudbuild.sh $proj $fuzz_target c fi done \ No newline at end of file diff --git a/infra/experimental/chronos/cloudbuild_all.yaml b/infra/experimental/chronos/cloudbuild_all.yaml index 6bc9d34318ee..f2d2fff839de 100644 --- a/infra/experimental/chronos/cloudbuild_all.yaml +++ b/infra/experimental/chronos/cloudbuild_all.yaml @@ -1,4 +1,4 @@ -# Copyright 2025 Google LLC +# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. From 5c22bd3bd4adb638028a95b13a70368c9f74e262 Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:26:13 +1000 Subject: [PATCH 4/7] more fixes --- infra/experimental/chronos/cloudbuild_all.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/experimental/chronos/cloudbuild_all.yaml b/infra/experimental/chronos/cloudbuild_all.yaml index f2d2fff839de..e336525bedaf 100644 --- a/infra/experimental/chronos/cloudbuild_all.yaml +++ b/infra/experimental/chronos/cloudbuild_all.yaml @@ -27,7 +27,7 @@ steps: - infra/experimental/chronos/build_all.sh entrypoint: /bin/bash timeout: 1800s -serviceAccount: 'projects/oss-fuzz/serviceAccounts/builder@oss-fuzz.iam.gserviceaccount.com' +serviceAccount: 'projects/oss-fuzz/serviceAccounts/llm-eval@oss-fuzz.iam.gserviceaccount.com' options: logging: CLOUD_LOGGING_ONLY tags: From d865c6d3fac6beaa204156bd50e8da7639d94553 Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:28:11 +1000 Subject: [PATCH 5/7] async --- infra/experimental/chronos/build_on_cloudbuild.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/experimental/chronos/build_on_cloudbuild.sh b/infra/experimental/chronos/build_on_cloudbuild.sh index 807ac1abc18e..dd75d870819f 100755 --- a/infra/experimental/chronos/build_on_cloudbuild.sh +++ b/infra/experimental/chronos/build_on_cloudbuild.sh @@ -19,6 +19,7 @@ FUZZ_TARGET=$2 FUZZING_LANGUAGE=$3 gcloud builds submit "https://github.com/google/oss-fuzz" \ + --async \ --git-source-revision=master \ --config=cloudbuild.yaml \ --substitutions=_PROJECT=$PROJECT,_FUZZ_TARGET=$FUZZ_TARGET,_FUZZING_LANGUAGE=$FUZZING_LANGUAGE \ From 381102ac4610efb1b3088f1dd7456b1a36f5432f Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:29:26 +1000 Subject: [PATCH 6/7] logs bucket --- infra/experimental/chronos/cloudbuild.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra/experimental/chronos/cloudbuild.yaml b/infra/experimental/chronos/cloudbuild.yaml index 8167c1f5d9e3..4c93bd99925e 100644 --- a/infra/experimental/chronos/cloudbuild.yaml +++ b/infra/experimental/chronos/cloudbuild.yaml @@ -61,8 +61,9 @@ images: - us-central1-docker.pkg.dev/oss-fuzz/oss-fuzz-gen/${_PROJECT}-ofg-cached-cov timeout: 1800s serviceAccount: 'projects/oss-fuzz/serviceAccounts/builder@oss-fuzz.iam.gserviceaccount.com' +logsBucket: oss-fuzz-gcb-logs options: - logging: CLOUD_LOGGING_ONLY + logging: GCS_ONLY tags: - ${_PROJECT} - chronos \ No newline at end of file From 6fd9faf1e2105ce607c0ccbe08566f3f36b80bae Mon Sep 17 00:00:00 2001 From: Oliver Chang Date: Tue, 1 Oct 2024 16:32:00 +1000 Subject: [PATCH 7/7] fix license --- infra/experimental/chronos/build_all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/experimental/chronos/build_all.sh b/infra/experimental/chronos/build_all.sh index 61950627dcc2..59efe9147fa9 100755 --- a/infra/experimental/chronos/build_all.sh +++ b/infra/experimental/chronos/build_all.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright 2024 Google Inc. +# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License.