Skip to content

Cherry-pick

Cherry-pick #72

Workflow file for this run

# Copyright (c) the JPEG XL Project Authors. All rights reserved.
#
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# CI on pull-requests to run the fuzzer from oss-fuzz. See:
#
# https://google.github.io/oss-fuzz/getting-started/continuous-integration/
name: CIFuzz
on:
merge_group:
pull_request:
types: [opened, reopened, labeled, unlabeled, synchronize]
paths:
- '**.c'
- '**.cc'
- '**.cmake'
- '**.h'
- '**CMakeLists.txt'
- .github/workflows/fuzz.yml
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
fuzzing:
# TODO(szabadka) Enable by default after there is a separate jpegli project
# on oss-fuzz.
if: ${{ contains(github.event.pull_request.labels.*.name, 'CI:fuzz') }}
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Checkout source
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
id: checkout
with:
# The build_fuzzers action checks out the code to the storage/libjxl
# directory already, but doesn't check out the submodules. This step
# is a workaround for checking out the submodules.
path: storage/libjxl
submodules: true
- name: Build Fuzzers
id: build
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@71ecd5d4e4bf9a6edc19c9fa6d2422fb528bca4f # master
with:
oss-fuzz-project-name: 'libjxl'
language: c++
- name: Run Fuzzers
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@71ecd5d4e4bf9a6edc19c9fa6d2422fb528bca4f # master
with:
oss-fuzz-project-name: 'libjxl'
language: c++
fuzz-seconds: 600
- name: Upload Crash
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: failure() && steps.build.outcome == 'success'
with:
name: artifacts
path: ./out/artifacts