2017-03-10 19:54:37 +00:00
|
|
|
#!/usr/bin/python2
|
|
|
|
|
|
|
|
"""Starts project build on Google Cloud Builder.
|
|
|
|
|
|
|
|
Usage: build.py <project_dir>
|
|
|
|
"""
|
|
|
|
|
2017-03-11 06:23:44 +00:00
|
|
|
import base64
|
2017-03-10 19:54:37 +00:00
|
|
|
import datetime
|
|
|
|
import os
|
2017-03-11 06:23:44 +00:00
|
|
|
import subprocess
|
2017-03-10 19:54:37 +00:00
|
|
|
import sys
|
2017-03-11 06:23:44 +00:00
|
|
|
import time
|
|
|
|
import urllib
|
2017-03-10 19:54:37 +00:00
|
|
|
import yaml
|
|
|
|
|
|
|
|
from oauth2client.client import GoogleCredentials
|
2017-03-11 06:23:44 +00:00
|
|
|
from oauth2client.service_account import ServiceAccountCredentials
|
2017-03-10 19:54:37 +00:00
|
|
|
from googleapiclient.discovery import build
|
|
|
|
|
|
|
|
|
|
|
|
CONFIGURATIONS = {
|
|
|
|
'sanitizer-address' : [ 'SANITIZER=address' ],
|
|
|
|
'sanitizer-memory' : [ 'SANITIZER=memory' ],
|
|
|
|
'sanitizer-undefined' : [ 'SANITIZER=undefined' ],
|
|
|
|
}
|
|
|
|
|
2017-03-10 22:48:46 +00:00
|
|
|
DEFAULT_SANITIZERS = ['address', 'undefined']
|
2017-03-11 06:23:44 +00:00
|
|
|
UPLOAD_BUCKET = 'clusterfuzz-builds-test'
|
2017-03-10 22:48:46 +00:00
|
|
|
|
2017-03-10 19:54:37 +00:00
|
|
|
|
|
|
|
def usage():
|
|
|
|
sys.stderr.write(
|
|
|
|
"Usage: " + sys.argv[0] + " <project_dir>\n")
|
|
|
|
exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
def load_project_yaml(project_dir):
|
|
|
|
project_name = os.path.basename(project_dir)
|
|
|
|
project_yaml_path = os.path.join(project_dir, 'project.yaml')
|
|
|
|
with open(project_yaml_path) as f:
|
|
|
|
project_yaml = yaml.safe_load(f)
|
|
|
|
project_yaml.setdefault('name', project_name)
|
2017-03-11 06:23:44 +00:00
|
|
|
project_yaml.setdefault('image',
|
2017-03-10 19:54:37 +00:00
|
|
|
'gcr.io/clusterfuzz-external/oss-fuzz/' + project_name)
|
2017-03-10 23:26:21 +00:00
|
|
|
project_yaml.setdefault('sanitizers', DEFAULT_SANITIZERS)
|
2017-03-10 19:54:37 +00:00
|
|
|
return project_yaml
|
|
|
|
|
|
|
|
|
2017-03-11 06:23:44 +00:00
|
|
|
def get_signed_url(path):
|
|
|
|
timestamp = int(time.time() + 60 * 60 * 5)
|
|
|
|
blob = 'PUT\n\n\n{0}\n{1}'.format(
|
|
|
|
timestamp, path)
|
|
|
|
|
|
|
|
creds = ServiceAccountCredentials.from_json_keyfile_name(
|
|
|
|
os.environ['GOOGLE_APPLICATION_CREDENTIALS'])
|
|
|
|
client_id = creds.service_account_email
|
|
|
|
signature = base64.b64encode(creds.sign_blob(blob)[1])
|
|
|
|
values = {
|
|
|
|
'GoogleAccessId': client_id,
|
|
|
|
'Expires': timestamp,
|
|
|
|
'Signature': signature,
|
|
|
|
}
|
|
|
|
|
|
|
|
return ('https://storage.googleapis.com{0}?'.format(path) +
|
|
|
|
urllib.urlencode(values))
|
|
|
|
|
|
|
|
|
2017-03-10 19:54:37 +00:00
|
|
|
def get_build_steps(project_yaml):
|
|
|
|
name = project_yaml['name']
|
|
|
|
image = project_yaml['image']
|
|
|
|
|
|
|
|
ts = datetime.datetime.now().strftime('%Y%m%d%H%M')
|
|
|
|
|
|
|
|
build_steps = [
|
|
|
|
{
|
|
|
|
'name': 'gcr.io/cloud-builders/docker',
|
|
|
|
'args': [
|
|
|
|
'build',
|
|
|
|
'-t',
|
|
|
|
image,
|
|
|
|
'.',
|
|
|
|
],
|
|
|
|
'dir': 'projects/' + name,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
'name': image,
|
2017-03-11 06:23:44 +00:00
|
|
|
'args': [
|
2017-03-11 00:11:20 +00:00
|
|
|
'bash',
|
|
|
|
'-c',
|
2017-03-11 06:23:44 +00:00
|
|
|
'srcmap > /workspace/srcmap.json && cat /workspace/srcmap.json'
|
2017-03-11 00:11:20 +00:00
|
|
|
],
|
2017-03-10 19:54:37 +00:00
|
|
|
'env': [ 'OSSFUZZ_REVISION=$REVISION_ID' ],
|
|
|
|
},
|
|
|
|
]
|
|
|
|
|
2017-03-10 23:26:21 +00:00
|
|
|
for sanitizer in project_yaml['sanitizers']:
|
2017-03-10 19:54:37 +00:00
|
|
|
env = CONFIGURATIONS["sanitizer-" + sanitizer]
|
|
|
|
out = '/workspace/out/' + sanitizer
|
2017-03-11 06:23:44 +00:00
|
|
|
stamped_name = name + '-' + sanitizer + '-' + ts
|
|
|
|
zip_file = stamped_name + '.zip'
|
|
|
|
stamped_srcmap_file = stamped_name + '.srcmap.json'
|
|
|
|
upload_url = get_signed_url('/{0}/{1}/{2}'.format(
|
|
|
|
UPLOAD_BUCKET, name, zip_file))
|
|
|
|
srcmap_url = get_signed_url('/{0}/{1}/{2}'.format(
|
|
|
|
UPLOAD_BUCKET, name, stamped_srcmap_file))
|
2017-03-10 19:54:37 +00:00
|
|
|
|
|
|
|
build_steps.extend([
|
2017-03-13 22:59:19 +00:00
|
|
|
# compile
|
2017-03-10 19:54:37 +00:00
|
|
|
{'name': image,
|
|
|
|
'env' : env,
|
|
|
|
'args': [
|
|
|
|
'bash',
|
|
|
|
'-c',
|
|
|
|
'cd /src/{1} && compile && mkdir -p {0} && cp -Rv /out/* {0}/'.format(out, name),
|
|
|
|
],
|
|
|
|
},
|
2017-03-13 22:59:19 +00:00
|
|
|
# zip binaries
|
2017-03-10 19:54:37 +00:00
|
|
|
{'name': image,
|
|
|
|
'args': [
|
|
|
|
'bash',
|
|
|
|
'-c',
|
|
|
|
'cd {0} && zip -r {1} *'.format(out, zip_file)
|
|
|
|
],
|
2017-03-11 06:23:44 +00:00
|
|
|
},
|
2017-03-13 22:59:19 +00:00
|
|
|
# upload binaries
|
2017-03-11 06:23:44 +00:00
|
|
|
{'name': 'gcr.io/clusterfuzz-external/uploader',
|
|
|
|
'args': [
|
|
|
|
os.path.join(out, zip_file),
|
|
|
|
upload_url,
|
|
|
|
],
|
|
|
|
},
|
2017-03-13 22:59:19 +00:00
|
|
|
# upload srcmap
|
2017-03-11 06:23:44 +00:00
|
|
|
{'name': 'gcr.io/clusterfuzz-external/uploader',
|
|
|
|
'args': [
|
|
|
|
'/workspace/srcmap.json',
|
|
|
|
srcmap_url,
|
|
|
|
],
|
|
|
|
},
|
2017-03-13 22:59:19 +00:00
|
|
|
# cleanup
|
2017-03-11 06:23:44 +00:00
|
|
|
{'name': image,
|
|
|
|
'args': [
|
|
|
|
'bash',
|
|
|
|
'-c',
|
|
|
|
'rm -r ' + out,
|
|
|
|
],
|
|
|
|
},
|
|
|
|
])
|
2017-03-10 19:54:37 +00:00
|
|
|
|
|
|
|
return build_steps
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
if len(sys.argv) != 2:
|
|
|
|
usage()
|
|
|
|
|
|
|
|
project_dir = sys.argv[1]
|
|
|
|
project_yaml = load_project_yaml(project_dir)
|
|
|
|
|
|
|
|
options = {}
|
|
|
|
if "GCB_OPTIONS" in os.environ:
|
|
|
|
options = yaml.safe_load(os.environ["GCB_OPTIONS"])
|
|
|
|
|
|
|
|
build_body = {
|
|
|
|
'source': {
|
|
|
|
'repoSource': {
|
|
|
|
'branchName': 'master',
|
|
|
|
'projectId': 'clusterfuzz-external',
|
|
|
|
'repoName': 'oss-fuzz',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'steps': get_build_steps(project_yaml),
|
|
|
|
'timeout': str(4 * 3600) + 's',
|
|
|
|
'options': options,
|
2017-03-14 00:06:39 +00:00
|
|
|
'logsBucket': 'oss-fuzz-gcb-logs',
|
2017-03-10 19:54:37 +00:00
|
|
|
'images': [ project_yaml['image'] ],
|
|
|
|
}
|
|
|
|
|
|
|
|
credentials = GoogleCredentials.get_application_default()
|
|
|
|
cloudbuild = build('cloudbuild', 'v1', credentials=credentials)
|
2017-03-11 01:37:19 +00:00
|
|
|
build_info = cloudbuild.projects().builds().create(projectId='clusterfuzz-external', body=build_body).execute()
|
|
|
|
build_id = build_info['metadata']['build']['id']
|
|
|
|
|
|
|
|
print build_id
|
|
|
|
|
2017-03-10 19:54:37 +00:00
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
main()
|