From dc9a568eef8d12bf5beae4692c9fa750280bbd6f Mon Sep 17 00:00:00 2001 From: Dominic Evans Date: Wed, 22 Sep 2021 15:13:46 +0100 Subject: [PATCH 1/2] feat: add a fuzzing workflow to github actions Currently this won't actually run anything, because we haven't written any fuzz tests, but it sets up the framework for running the built-in Go fuzzer against any tests that do get added --- .github/workflows/ci.yml | 15 ++++++++++++-- .github/workflows/fuzz.yml | 42 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/fuzz.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a7491a85a..51a17c7c0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,3 +1,4 @@ +--- name: CI on: [push, pull_request] @@ -15,6 +16,7 @@ jobs: env: DEBUG: true + GOFLAGS: -trimpath KAFKA_VERSION: ${{ matrix.kafka-version }} steps: @@ -25,9 +27,18 @@ jobs: with: go-version: ${{ matrix.go-version }} - - uses: actions/cache@v2 + - name: Get Go environment + id: go-env + run: | + echo "::set-output name=cache::$(go env GOCACHE)" + echo "::set-output name=modcache::$(go env GOMODCACHE)" + + - name: Set up cache + uses: actions/cache@v2 with: - path: ~/go/pkg/mod + path: | + ${{ steps.go-env.outputs.cache }} + ${{ steps.go-env.outputs.modcache }} key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml new file mode 100644 index 000000000..1e4314ef4 --- /dev/null +++ b/.github/workflows/fuzz.yml @@ -0,0 +1,42 @@ +--- +name: Fuzzing + +on: [push, pull_request] + +jobs: + test: + name: Fuzz + runs-on: ubuntu-latest + + env: + GOFLAGS: -trimpath + + steps: + - uses: actions/checkout@v2 + + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: 1.17.x + + - name: Get Go environment + id: go-env + run: | + echo "::set-output name=cache::$(go env GOCACHE)" + echo "::set-output name=modcache::$(go env GOMODCACHE)" + + - name: Set up cache + uses: actions/cache@v2 + with: + path: | + ${{ steps.go-env.outputs.cache }} + ${{ steps.go-env.outputs.modcache }} + key: fuzz-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + fuzz-go- + + - name: Build Go tip + run: go install golang.org/dl/gotip@latest && gotip download + + - name: Run any fuzzing tests + run: gotip test -v -run=^Fuzz -test.fuzztime=5m ./... From 2524b44bbc74bb4c76ead4183e3cc821a2fc5b07 Mon Sep 17 00:00:00 2001 From: Dominic Evans Date: Wed, 22 Sep 2021 15:38:09 +0100 Subject: [PATCH 2/2] fix(ci): local branches dont need pull_request Currently each job is run twice if a PR is opened from a local branch, but in that case we can actually skip the pull_request ones because the push ones can suffice. --- .github/workflows/ci.yml | 3 +++ .github/workflows/fuzz.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 51a17c7c0..7ead1eba8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,6 +7,9 @@ jobs: test: name: Go ${{ matrix.go-version }} with Kafka ${{ matrix.kafka-version }} on Ubuntu runs-on: ubuntu-latest + # We want to run on external PRs, but not on our own internal PRs as they'll be run + # by the push to the branch. + if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository strategy: fail-fast: false matrix: diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 1e4314ef4..a9197fc23 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -7,6 +7,9 @@ jobs: test: name: Fuzz runs-on: ubuntu-latest + # We want to run on external PRs, but not on our own internal PRs as they'll be run + # by the push to the branch. + if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository env: GOFLAGS: -trimpath