osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
wireshark/.gitlab-ci.yml

524 lines
22 KiB
YAML
Raw Blame History

# In the interest of reliability and performance, please avoid installing
# external dependencies here, e.g. via tools/*-setup.sh, apt, dnf, or yum.
# Do so in the appropriate Dockerfile at
# https://gitlab.com/wireshark/wireshark-containers/ instead.
# The resulting images can be found at
# https://hub.docker.com/r/wireshark/wireshark-centos-7-dev
# https://hub.docker.com/r/wireshark/wireshark-debian-stable-dev
# https://hub.docker.com/r/wireshark/wireshark-fedora-dev
# https://hub.docker.com/r/wireshark/wireshark-opensuse-15.1-dev
# https://hub.docker.com/r/wireshark/wireshark-ubuntu-dev
stages:
- build
- test
- fuzz-asan
- fuzz-randpkt
- fuzz-valgrind
variables:
# Ensure that checkouts are a) fast and b) have a reachable tag. In a
# brighter, more glorious future we might be able to use --shallow-since:
# https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3460
# In the mean time, fetching the last 2000 commits does the job.
GIT_DEPTH: "1"
GIT_FETCH_EXTRA_FLAGS: "--depth=2000"
CCACHE_DIR: "${CI_PROJECT_DIR}/ccache"
CLANG_VERSION: 10
# Common rule stanzas
# These must currently be including using "!reference tags". "extends:" and
# YAML anchors won't work:
# https://gitlab.com/gitlab-org/gitlab/-/issues/322992
#
# Commits that have been approved and merged. Run automatically in the main
# repo and allow manual runs in the web UI and in forks.
.if-merged:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/'
when: always
- if: '$CI_PIPELINE_SOURCE == "web"'
when: always
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL !~ /.*gitlab.com\/wireshark\/wireshark/'
when: manual
# Incoming merge requests.
.if-merge-request:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
when: always
# Incoming non-detached merge requests. Must be used for runners which are only
# available in wireshark/wireshark, e.g. wireshark-windows-*
.if-attached-merge-request:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/'
when: always
# Fuzz jobs. Care should be taken when changing this since the scheduler
# often doesn't report errors.
.if-fuzz-schedule:
- if: '$CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "fuzz"'
when: always
.build:
stage: build
after_script:
- for builddir in build/packaging/rpm/BUILD/wireshark-*/build build/packaging/rpm/BUILD/wireshark-* build obj-*; do [ ! -d "$builddir/run" ] || break; done
- if [[ "$CI_JOB_NAME" == "build:rpm-opensuse-"* ]]; then export LD_LIBRARY_PATH=$builddir/run; fi
- if [ -f $builddir/run/tshark ]; then $builddir/run/tshark --version; fi
.build-ubuntu:
extends: .build
image: wireshark/wireshark-ubuntu-dev
retry: 1
# https://gould.cx/ted/blog/2017/06/10/ccache-for-Gitlab-CI/
cache:
# XXX Use ${CI_JOB_NAME}-${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} instead?
key: ${CI_JOB_NAME}-release-3.4
paths:
- ccache/
before_script:
- useradd user
- locale-gen en_US.UTF-8
- export LANG=en_US.UTF-8
- export PYTEST_ADDOPTS=--skip-missing-programs=dumpcap,rawshark
- mkdir -p ccache
- export CCACHE_BASEDIR=${PWD}
- ccache --show-stats
- export DEB_BUILD_OPTIONS=nocheck
- export DH_QUIET=1
- export MAKEFLAGS=--silent
- mkdir build
- cd build
script:
# setcap restricts our library paths
- CFLAGS=-Wl,-rpath=$(pwd)/run CXXFLAGS=-Wl,-rpath=$(pwd)/run cmake -GNinja -DENABLE_CCACHE=ON ..
- ninja
- ninja test-programs
- chown -R user .
- if [ -f run/dumpcap ]; then setcap cap_net_raw,cap_net_admin+eip run/dumpcap; fi
- if [ -f run/dumpcap ]; then su user -c "run/dumpcap -D" ; fi
- su user -c pytest-3
.build-rpm:
extends: .build
rules: !reference [.if-merged]
artifacts:
paths:
- build/packaging/rpm/RPMS
expire_in: 3 days
.test-rpm:
rules: !reference [.if-merged]
stage: test
variables:
GIT_STRATEGY: none
# Rely on fedora:latest and debian-stable jobs for testing a recent GCC version.
Clang 10:
extends: .build-ubuntu
rules: !reference [.if-merged]
variables:
CC: "clang-$CLANG_VERSION"
CXX: "clang++-$CLANG_VERSION"
Source Package:
extends: .build-ubuntu
rules: !reference [.if-merged]
script:
- perl ../tools/make-version.pl --set-release || ../perl make-version.pl --set-release
- cmake -G Ninja $CMAKE_ARGS -DENABLE_CCACHE=ON ..
- cd $CI_PROJECT_DIR
- build/packaging/source/git-export-release.sh -d .
after_script:
# - ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' )
- for digest in sha256 rmd160 sha1 ; do openssl $digest wireshark-*.tar.* ; done
# This will break if we produce multiple tarballs, which is arguably a good thing.
- if [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ] && [ -n "$S3_DESTINATION_DIST" ] ; then aws s3 cp wireshark-*.tar.* "$S3_DESTINATION_DIST/" ; fi
artifacts:
paths:
- wireshark-*.tar.*
CentOS 7 RPM Package:
extends: .build-rpm
image: wireshark/wireshark-centos-7-dev
script:
- mkdir build
- cd build
- cmake3 -GNinja ..
- ninja-build rpm-package
CentOS 7 RPM Test:
extends: .test-rpm
image: wireshark/wireshark-centos-7-dev
script:
- yum --nogpgcheck localinstall -y build/packaging/rpm/RPMS/x86_64/*.rpm
- tshark --version
dependencies: [ 'CentOS 7 RPM Package' ]
openSUSE 15.1 RPM Package:
extends: .build-rpm
image: wireshark/wireshark-opensuse-15.1-dev
script:
- mkdir build
- cd build
- cmake -GNinja ..
- ninja rpm-package
openSUSE 15.1 RPM Test:
extends: .test-rpm
image: wireshark/wireshark-opensuse-15.1-dev
script:
- zypper --no-gpg-checks install -y build/packaging/rpm/RPMS/x86_64/*.rpm
- tshark --version
dependencies: [ 'openSUSE 15.1 RPM Package' ]
# Disabled for now due to issues with Fedora 33.
.Fedora RPM Package:
extends: .build-rpm
image: wireshark/wireshark-fedora-dev
script:
- mkdir build
- cd build
- cmake3 -GNinja ..
- ninja-build rpm-package
# .Fedora RPM Test:
# extends: .test-rpm
# image: fedora
# script:
# - dnf install -y build/packaging/rpm/RPMS/x86_64/*.rpm
# - tshark --version
# dependencies: [ 'Fedora RPM Package' ]
# Job to generate packages for Debian stable
Debian Stable APT Package:
extends: .build
rules: !reference [.if-merged]
image: wireshark/wireshark-debian-stable-dev
script:
# Shared GitLab runners limit the log size to 4M, so reduce verbosity. See
# https://gitlab.com/gitlab-com/support-forum/issues/2790
- export DH_QUIET=1
- export MAKEFLAGS=--silent
- dpkg-buildpackage -b --no-sign -jauto
- mkdir debian-packages
- mv ../*.deb debian-packages/
artifacts:
paths:
- debian-packages/*.deb
expire_in: 3 days
Debian Stable APT Test:
rules: !reference [.if-merged]
image: wireshark/wireshark-debian-stable-dev
stage: test
script:
- DEBIAN_FRONTEND=noninteractive apt-get install ./debian-packages/*.deb -y
- tshark --version
after_script:
# Used for https://www.wireshark.org/docs/dfref/
- TSHARK_VERSION=$( tshark --version | head -n 1 | sed -e 's/.*(v//' -e 's/)$//' )
- tshark -G fields > dfilter-list-${TSHARK_VERSION}.txt
artifacts:
paths:
- dfilter-list-*.txt
variables:
GIT_STRATEGY: none
dependencies: [ 'Debian Stable APT Package' ]
Win64 Package:
stage: build
rules: !reference [.if-merged]
tags:
- wireshark-win64-package
before_script:
- $env:WIRESHARK_BASE_DIR = "C:\Development"
- $env:Configuration = "RelWithDebInfo"
- $env:Path += ";C:\Program Files\CMake\bin"
- $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin"
- $env:Path += ";C:\qt\5.15.2\msvc2019_64\bin"
- $env:Path += ";C:\Program Files (x86)\NSIS"
- $env:Path += ";C:\Program Files (x86)\WiX Toolset v3.11\bin"
- $env:Path += ";C:\Program Files\Amazon\AWSCLIV2"
# https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell
- cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Auxiliary\Build\vcvars64.bat`" && set > %temp%\vcvars.txt"
- Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } }
- mkdir build
- cd build
script:
- perl ../tools/make-version.pl --set-release
- cmake -G "Visual Studio 16 2019" -A x64 -DDISABLE_WERROR=OFF -DTEST_EXTRA_ARGS=--enable-release -DENABLE_LTO=off ..
- msbuild /verbosity:minimal "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount Wireshark.sln
- msbuild /verbosity:minimal /maxcpucount test-programs.vcxproj
- msbuild /verbosity:minimal /maxcpucount nsis_package_prep.vcxproj
- msbuild /verbosity:minimal /maxcpucount wix_package_prep.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Recurse -Path run\RelWithDebInfo
- msbuild /verbosity:minimal nsis_package.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\nsis
- msbuild /verbosity:minimal wix_package.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\wix
- $plugins = Get-ChildItem run\RelWithDebInfo\plugins\*\*.dll ; signtool verify /v /pa /all run\RelWithDebInfo\*.exe run\RelWithDebInfo\extcap\*.exe $plugins run\RelWithDebInfo\libwireshark.dll run\RelWithDebInfo\libwiretap.dll run\RelWithDebInfo\libwsutil.dll packaging\nsis\Wireshark-win??-*.exe packaging\wix\Wireshark-win??-*.msi
- msbuild /verbosity:minimal pdb_zip_package.vcxproj
- C:\gitlab-builds\bin\mse-scan.ps1
- $packages = Get-ChildItem "packaging\nsis\Wireshark-win??-*.exe", "packaging\wix\Wireshark-win??-*.msi"
- foreach ($package in $packages) { certutil -hashfile $package SHA256 }
- |
if ((Test-Path env:AWS_ACCESS_KEY_ID) -and (Test-Path env:AWS_SECRET_ACCESS_KEY) -and (Test-Path env:S3_DESTINATION_WIN64)) {
foreach ($package in $packages) {
aws s3 cp "$package" "$env:S3_DESTINATION_WIN64/"
}
}
- ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --verbose
Win32 Package:
stage: build
rules: !reference [.if-merged]
tags:
- wireshark-win32-package
before_script:
- $env:WIRESHARK_BASE_DIR = "C:\Development"
- $env:Configuration = "RelWithDebInfo"
- $env:Path += ";C:\Program Files\CMake\bin"
- $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin"
- $env:Path += ";C:\qt\5.15.2\msvc2019\bin"
- $env:Path += ";C:\Program Files (x86)\NSIS"
- $env:Path += ";C:\Program Files (x86)\WiX Toolset v3.11\bin"
- $env:Path += ";C:\Program Files\Amazon\AWSCLIV2"
# https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell
- cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Professional\VC\Auxiliary\Build\vcvarsamd64_x86.bat`" && set > %temp%\vcvars.txt"
- Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } }
- $env:Platform = "Win32"
- mkdir build
- cd build
script:
- perl ../tools/make-version.pl --set-release
- cmake -G "Visual Studio 16 2019" -A Win32 -DDISABLE_WERROR=OFF -DTEST_EXTRA_ARGS=--enable-release -DENABLE_LTO=off ..
- msbuild /verbosity:minimal "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount Wireshark.sln
- msbuild /verbosity:minimal /maxcpucount test-programs.vcxproj
- msbuild /verbosity:minimal /maxcpucount nsis_package_prep.vcxproj
- msbuild /verbosity:minimal /maxcpucount wix_package_prep.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Recurse -Path run\RelWithDebInfo
- msbuild /verbosity:minimal nsis_package.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\nsis
- msbuild /verbosity:minimal wix_package.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\wix
- msbuild /verbosity:minimal portableapps_package.vcxproj
- C:\gitlab-builds\bin\sign-files.ps1 -Path packaging\portableapps
- $plugins = Get-ChildItem run\RelWithDebInfo\plugins\*\*.dll ; signtool verify /v /pa /all run\RelWithDebInfo\*.exe run\RelWithDebInfo\extcap\*.exe $plugins run\RelWithDebInfo\libwireshark.dll run\RelWithDebInfo\libwiretap.dll run\RelWithDebInfo\libwsutil.dll packaging\nsis\Wireshark-win??-*.exe packaging\wix\Wireshark-win??-*.msi packaging\portableapps\WiresharkPortable_*.paf.exe
- msbuild /verbosity:minimal pdb_zip_package.vcxproj
- C:\gitlab-builds\bin\mse-scan.ps1
- $packages = Get-ChildItem "packaging\nsis\Wireshark-win??-*.exe", "packaging\wix\Wireshark-win??-*.msi", "packaging\portableapps\WiresharkPortable_*.paf.exe"
- foreach ($package in $packages) { certutil -hashfile $package SHA256 }
- |
if ((Test-Path env:AWS_ACCESS_KEY_ID) -and (Test-Path env:AWS_SECRET_ACCESS_KEY) -and (Test-Path env:S3_DESTINATION_WIN32)) {
foreach ($package in $packages) {
aws s3 cp "$package" "$env:S3_DESTINATION_WIN32/"
}
}
- ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --verbose
# Build Wireshark manuals
# Note: Need ubuntu:focal with `ruby-coderay` and `ruby-asciidoctor-pdf` packages to build PDF docs
Documentation:
stage: build
image: wireshark/wireshark-ubuntu-dev
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/'
changes:
- "docbook/**"
- "epan/wslua/**"
when: always
script:
# XXX We might want to move this to wireshark-ubuntu-dev or debian-setup.sh.
- DEBIAN_FRONTEND=noninteractive apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get --yes install ruby-coderay ruby-asciidoctor-pdf
- mkdir build
- cd build
- cmake -GNinja ..
- ninja all_guides
after_script:
- mv build/docbook/wsug_html/ .
- mv build/docbook/wsug_html_chunked/ .
- mv build/docbook/wsdg_html/ .
- mv build/docbook/wsdg_html_chunked/ .
artifacts:
paths:
- wsug_html/
- wsug_html_chunked/
- wsdg_html/
- wsdg_html_chunked/
# https://docs.gitlab.com/ee/user/gitlab_com/index.html#linux-shared-runners
Commit Checks:
extends: .build-ubuntu
rules: !reference [.if-merge-request]
tags:
- docker
script:
# build-ubuntu puts us in `build`.
- cd ..
- bash ./tools/pre-commit 'HEAD^1'
- tools/validate-commit.py
Ubuntu .dpkg:
extends: .build-ubuntu
rules: !reference [.if-merge-request]
tags:
- docker
script:
# build-ubuntu puts us in `build`.
- cd ..
- CC=/usr/lib/ccache/gcc CXX=/usr/lib/ccache/g++ dpkg-buildpackage -us -uc -rfakeroot -jauto -Zgzip -zfast
- lintian --suppress-tags library-not-linked-against-libc,copyright-excludes-files-in-native-package --display-experimental --display-info --pedantic --profile debian
GCC Warnings:
extends: .build-ubuntu
rules: !reference [.if-merge-request]
tags:
- docker
script:
# build-ubuntu puts us in `build`.
- perl ../tools/make-version.pl --set-release || ../perl make-version.pl --set-release
- CC=gcc CXX=g++ cmake -DENABLE_EXTRA_COMPILER_WARNINGS=on -DCMAKE_EXPORT_COMPILE_COMMANDS=on -DENABLE_CCACHE=ON -G Ninja ..
- ninja
- ninja test-programs
- chown -R user .
- su user -c "ctest --parallel 3 --force-new-ctest-process --verbose"
Code Checks + Clang Warnings:
extends: .build-ubuntu
rules: !reference [.if-merge-request]
tags:
- docker
variables:
CC: clang-$CLANG_VERSION
CXX: clang++-$CLANG_VERSION
script:
# build-ubuntu puts us in `build`.
- cd ..
- python3 tools/checklicenses.py
- ./tools/cppcheck/cppcheck.sh -l 1 -x | tee cppcheck_report.xml
- if [[ -s "cppcheck_report.xml" ]]; then cppcheck-htmlreport --file cppcheck_report.xml --report-dir . ; fi
- cd build
- cmake -DENABLE_EXTRA_COMPILER_WARNINGS=on -DENABLE_CHECKHF_CONFLICT=on -DCMAKE_EXPORT_COMPILE_COMMANDS=on -DENABLE_CCACHE=ON -G Ninja ..
- ninja
- ./run/tshark -v
- sh -c '[ ! -e ../tools/validate-clang-check.sh ] || ../tools/validate-clang-check.sh'
- ninja checkAPI
artifacts:
paths:
- cppcheck_report.xml
- cppcheck_report.html
# XXX This is still beta:
# https://docs.gitlab.com/ee/user/gitlab_com/index.html#windows-shared-runners-beta
# Dockerfile at https://github.com/wireshark/wireshark-windows-dev-docker.
# XXX We currently depend on Qt being installed in C:\Qt on the host. We should
# find a more independent way of installing Qt, e.g. via a download+cache.
Windows Build:
rules: !reference [.if-attached-merge-request]
tags:
- wireshark-windows-merge-req
stage: build
before_script:
# XXX Find a better location.
- mkdir c:\Development
- $env:WIRESHARK_BASE_DIR = "C:\Development"
- $env:Configuration = "RelWithDebInfo"
- $env:Path += ";C:\Program Files\CMake\bin"
- $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin"
- $env:Path += ";C:\qt\5.15.2\msvc2019_64\bin"
# https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell
- cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat`" && set > %temp%\vcvars.txt"
- Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } }
# Testing / debugging only.
#- dir c:\
#- dir c:\qt
#- $env:path.split(";")
#- cmd.exe /c "set"
#- Get-Location
script:
- perl tools/make-version.pl --set-release
- mkdir build
- cd build
- cmake -G "Visual Studio 16 2019" -A x64 ..
- msbuild "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount Wireshark.sln
- msbuild "/consoleloggerparameters:PerformanceSummary;NoSummary" test-programs.vcxproj
- ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --verbose
# Fuzz TShark using ASAN and valgrind.
.fuzz-ubuntu:
extends: .build-ubuntu
rules: !reference [.if-fuzz-schedule]
tags:
- wireshark-ubuntu-fuzz
resource_group: fuzz-release-3.4
variables:
CC: "clang-$CLANG_VERSION"
CXX: "clang++-$CLANG_VERSION"
INSTALL_PREFIX: "$CI_PROJECT_DIR/_install"
MIN_PLUGINS: 10
MAX_PASSES: 15
before_script:
- mkdir -p ccache
# Signal after_script, which runs in its own shell.
- echo "export FUZZ_PASSED=true" > /tmp/fuzz_result.sh
- mkdir /tmp/fuzz
- mkdir build
- cd build
after_script:
- . /tmp/fuzz_result.sh
- if $FUZZ_PASSED ; then exit 0 ; fi
- echo Fuzzing failed. Generating report.
- FUZZ_CAPTURE=$( ls /tmp/fuzz/fuzz-*.pcap | head -n 1 )
- FUZZ_ERRORS="/tmp/fuzz/$( basename "$FUZZ_CAPTURE" .pcap ).err"
- printf "\nfuzz-test.sh stderr:\n" >> "$FUZZ_ERRORS"
- cat fuzz-test.err >> "$FUZZ_ERRORS"
- |
if [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ] && [ -n "$S3_DESTINATION_FUZZ" ] ; then
aws s3 cp "$FUZZ_CAPTURE" "$S3_DESTINATION_FUZZ/"
aws s3 cp "$FUZZ_ERRORS" "$S3_DESTINATION_FUZZ/"
fi
# The cache should be large enough to be useful but it shouldn't take
# too long to restore+save each run.
- ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' )
ASan Menagerie Fuzz:
extends: .fuzz-ubuntu
stage: fuzz-asan
script:
- MAX_SECONDS=$(( 4 * 60 * 60 ))
- printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)"
- cmake -G Ninja -DBUILD_wireshark=OFF -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=ON -DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX -DENABLE_CCACHE=ON ..
- printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)"
- ninja
- ninja install
- cd ..
# /var/menagerie contains captures harvested from wireshark.org's mailing list, wiki, issues, etc.
# We have more captures than we can fuzz in $MAX_SECONDS, so we shuffle them each run.
- ./tools/fuzz-test.sh -a -2 -P $MIN_PLUGINS -b $INSTALL_PREFIX/bin -d /tmp/fuzz -t $MAX_SECONDS $( shuf -e /var/menagerie/*/* ) 2> fuzz-test.err || echo "export FUZZ_PASSED=false" > /tmp/fuzz_result.sh
ASan randpkt Fuzz:
extends: .fuzz-ubuntu
stage: fuzz-randpkt
script:
# XXX Reuse fuzz-asan?
- printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)"
- cmake -G Ninja -DBUILD_wireshark=OFF -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=ON -DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX -DENABLE_CCACHE=ON ..
- printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)"
- ninja
- ninja install
- cd ..
- ./tools/randpkt-test.sh -a -b $INSTALL_PREFIX/bin -d /tmp/fuzz -p $MAX_PASSES 2> fuzz-test.err || echo "export FUZZ_PASSED=false" > /tmp/fuzz_result.sh
needs: [ 'ASan Menagerie Fuzz' ]
Valgrind Menagerie Fuzz:
extends: .fuzz-ubuntu
stage: fuzz-valgrind
script:
- DEBIAN_FRONTEND=noninteractive apt-get update
- DEBIAN_FRONTEND=noninteractive apt-get --yes install valgrind
- MAX_SECONDS=$(( 3 * 60 * 60 ))
- printf "\e[0Ksection_start:%s:cmake_section[collapsed=true]\r\e[0KRunning CMake" "$( date +%s)"
- cmake -G Ninja -DBUILD_wireshark=OFF -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=OFF -DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX -DENABLE_CCACHE=ON ..
- printf "\e[0Ksection_end:%s:cmake_section\r\e[0K" "$( date +%s)"
- ninja
- ninja install
- cd ..
- ./tools/fuzz-test.sh -g -P $MIN_PLUGINS -b $INSTALL_PREFIX/bin -d /tmp/fuzz -t $MAX_SECONDS $( shuf -e /var/menagerie/*/* ) 2> fuzz-test.err || echo "export FUZZ_PASSED=false" > /tmp/fuzz_result.sh
needs: [ 'ASan randpkt Fuzz' ]
View Git Blame Copy Permalink