oss-fuzz/infra/build/functions/base_images.py

# Copyright 2020 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
"""Cloud function to build base images on Google Cloud Builder."""
import logging

import google.auth

import build_lib

BASE_IMAGES = [
    'base-image',
    'base-clang',
    'base-builder',
    'base-builder-go',
    'base-builder-go-codeintelligencetesting',
    'base-builder-jvm',
    'base-builder-python',
    'base-builder-rust',
    'base-builder-swift',
    'base-runner',
    'base-runner-debug',
]
INTROSPECTOR_BASE_IMAGES = ['base-clang', 'base-builder']
BASE_PROJECT = 'oss-fuzz-base'
TAG_PREFIX = f'gcr.io/{BASE_PROJECT}/'
MAJOR_TAG = 'v1'
INTROSPECTOR_TAG = 'introspector'
TIMEOUT = str(6 * 60 * 60)


def get_base_image_steps(images, tag_prefix=TAG_PREFIX):
  """Returns build steps for given images."""
  steps = [build_lib.get_git_clone_step()]

  for base_image in images:
    image = tag_prefix + base_image
    tagged_image = image + ':' + MAJOR_TAG
    steps.append(
        build_lib.get_docker_build_step([image, tagged_image],
                                        'infra/base-images/' + base_image))
  return steps


def _get_introspector_base_images_steps(images, tag_prefix=TAG_PREFIX):
  """Returns build steps for given images version of introspector"""
  steps = [{
      'args': [
          'clone',
          'https://github.com/google/oss-fuzz.git',
      ],
      'name': 'gcr.io/cloud-builders/git',
  }, {
      'name': 'gcr.io/cloud-builders/docker',
      'args': ['pull', 'gcr.io/oss-fuzz-base/base-clang:introspector'],
  }, {
      'name':
          'gcr.io/cloud-builders/docker',
      'args': [
          'tag', 'gcr.io/oss-fuzz-base/base-clang:introspector',
          'gcr.io/oss-fuzz-base/base-clang:latest'
      ],
  }]

  for base_image in images:
    image = tag_prefix + base_image
    args_list = ['build']

    if base_image == 'base-clang':
      args_list.extend(['--build-arg', 'introspector=1'])

    args_list.extend([
        '-t',
        f'{image}:{INTROSPECTOR_TAG}',
        '.',
    ])
    steps.append({
        'args': args_list,
        'dir': 'oss-fuzz/infra/base-images/' + base_image,
        'name': 'gcr.io/cloud-builders/docker',
    })

  return steps


# pylint: disable=no-member
def run_build(steps, images, tags=None, build_version=MAJOR_TAG):
  """Execute the retrieved build steps in gcb."""
  credentials, _ = google.auth.default()
  body_overrides = {
      'images': images + [f'{image}:{build_version}' for image in images]
  }
  return build_lib.run_build(steps, credentials, BASE_PROJECT, body_overrides,
                             tags)


def base_builder(event, context):
  """Cloud function to build base images."""
  del event, context
  logging.basicConfig(level=logging.INFO)

  steps = get_base_image_steps(BASE_IMAGES)
  images = [TAG_PREFIX + base_image for base_image in BASE_IMAGES]
  run_build(steps, images)

  introspector_steps = _get_introspector_base_images_steps(
      INTROSPECTOR_BASE_IMAGES)
  introspector_images = [
      TAG_PREFIX + base_image for base_image in INTROSPECTOR_BASE_IMAGES
  ]

  run_build(introspector_steps, introspector_images, INTROSPECTOR_TAG)
Base image builder (#4080) * Base image builder * Forgot to run formatter * Fixing lint issues and removing unused imports * Adding missing newline * Refactoring code * Fixing linting errors and changing name of cloud function entry * Adding license header to build_base_images * Changed logging and print_function Co-authored-by: Kabeer Seth <kabeerseth@google.com> 2020-07-08 04:16:01 +00:00			`# Copyright 2020 Google Inc.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
			`#`
			`################################################################################`
			`"""Cloud function to build base images on Google Cloud Builder."""`
			`import logging`

			`import google.auth`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00
			`import build_lib`
Base image builder (#4080) * Base image builder * Forgot to run formatter * Fixing lint issues and removing unused imports * Adding missing newline * Refactoring code * Fixing linting errors and changing name of cloud function entry * Adding license header to build_base_images * Changed logging and print_function Co-authored-by: Kabeer Seth <kabeerseth@google.com> 2020-07-08 04:16:01 +00:00
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00			`BASE_IMAGES = [`
			`'base-image',`
			`'base-clang',`
			`'base-builder',`
[go][infra] Create base-builder-go and use it to build go projects. (#6335) Also, update base-builder-new to copy everything base-builder does 2021-08-30 13:57:23 +00:00			`'base-builder-go',`
Integrating CodeIntelligenceTesting Go (#7191) Integrating CodeIntelligenceTesting `Go` to support more informative instrumentation (for [this issue](https://github.com/google/oss-fuzz/issues/7164)): 1. A script to install the new `Go` * Bootstrap from the existing `Go` * Install `Go` from [CodeIntelligenceTesting](https://github.com/CodeIntelligenceTesting/go/tree/dev.libfuzzer.18) * Skip the built-in test case in CodeIntelligenceTesting because they take too long and one of them erroneously fails. 2. Create a new directory & `Dockerfile` dedicated to the new Go 3. Add the new base directory name to [base_images.py](https://github.com/google/oss-fuzz/blob/master/infra/build/functions/base_images.py) 2022-01-31 00:47:36 +00:00			`'base-builder-go-codeintelligencetesting',`
[infra][jvm] Split out JVM projects to their own builder. (#6336) 2021-08-30 13:51:24 +00:00			`'base-builder-jvm',`
[infra][rust] Split out rust projects to their own builder image (#6352) 2021-08-30 18:47:04 +00:00			`'base-builder-python',`
			`'base-builder-rust',`
New base builder without lang specific installation + swift base (#5986) Removes unnecessary stuff in base-builder image to create a base-builder-new, and then adds a base-builder-swift on top of this that swift projects can use (without JVM/Go/etc fuzzing). 2021-08-19 23:52:44 +00:00			`'base-builder-swift',`
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00			`'base-runner',`
			`'base-runner-debug',`
			`]`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`INTROSPECTOR_BASE_IMAGES = ['base-clang', 'base-builder']`
Many build infra fixes. (#4209) - Remove base image project argument from deploy.sh. Deploy all functions to the main oss-fuzz image. - Reduce max instances of functions to 1 to avoid rate limiting issues. - Fix missing ndb context initialization in request_build.py - Fix incorrect tags in BuildHistory entities. "-" was doubled. - Fix base build deployment with incorrect schedule variable. - Add scripts for requesting builds locally. 2020-07-29 02:39:49 +00:00			`BASE_PROJECT = 'oss-fuzz-base'`
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00			`TAG_PREFIX = f'gcr.io/{BASE_PROJECT}/'`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`MAJOR_TAG = 'v1'`
			`INTROSPECTOR_TAG = 'introspector'`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`TIMEOUT = str(6 * 60 * 60)`
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00

Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`def get_base_image_steps(images, tag_prefix=TAG_PREFIX):`
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00			`"""Returns build steps for given images."""`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`steps = [build_lib.get_git_clone_step()]`
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00
			`for base_image in images:`
Tag all base images with :v1. (#6436) To guard against major/breaking image migrations in the future. Part of #6324. 2021-09-16 01:12:25 +00:00			`image = tag_prefix + base_image`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`tagged_image = image + ':' + MAJOR_TAG`
			`steps.append(`
			`build_lib.get_docker_build_step([image, tagged_image],`
			`'infra/base-images/' + base_image))`
More build infra cleanup. (#4252) - Deleted unused code. - Consolidate some modules. 2020-08-05 23:36:47 +00:00			`return steps`


Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`def _get_introspector_base_images_steps(images, tag_prefix=TAG_PREFIX):`
			`"""Returns build steps for given images version of introspector"""`
			`steps = [{`
Fix the separate build for introspector images (#7169) 2022-01-21 01:12:16 +00:00			`'args': [`
			`'clone',`
			`'https://github.com/google/oss-fuzz.git',`
			`],`
			`'name': 'gcr.io/cloud-builders/git',`
Replace use of sed with docker tag (#7423) * Replace use of sed with docker tag * fix some nits 2022-03-23 05:12:19 +00:00			`}, {`
			`'name': 'gcr.io/cloud-builders/docker',`
			`'args': ['pull', 'gcr.io/oss-fuzz-base/base-clang:introspector'],`
			`}, {`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`'name':`
Replace use of sed with docker tag (#7423) * Replace use of sed with docker tag * fix some nits 2022-03-23 05:12:19 +00:00			`'gcr.io/cloud-builders/docker',`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`'args': [`
Replace use of sed with docker tag (#7423) * Replace use of sed with docker tag * fix some nits 2022-03-23 05:12:19 +00:00			`'tag', 'gcr.io/oss-fuzz-base/base-clang:introspector',`
			`'gcr.io/oss-fuzz-base/base-clang:latest'`
			`],`
			`}]`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00
			`for base_image in images:`
			`image = tag_prefix + base_image`
			`args_list = ['build']`

			`if base_image == 'base-clang':`
			`args_list.extend(['--build-arg', 'introspector=1'])`

			`args_list.extend([`
			`'-t',`
			`f'{image}:{INTROSPECTOR_TAG}',`
			`'.',`
			`])`
			`steps.append({`
			`'args': args_list,`
			`'dir': 'oss-fuzz/infra/base-images/' + base_image,`
			`'name': 'gcr.io/cloud-builders/docker',`
			`})`

			`return steps`


Base image builder (#4080) * Base image builder * Forgot to run formatter * Fixing lint issues and removing unused imports * Adding missing newline * Refactoring code * Fixing linting errors and changing name of cloud function entry * Adding license header to build_base_images * Changed logging and print_function Co-authored-by: Kabeer Seth <kabeerseth@google.com> 2020-07-08 04:16:01 +00:00			`# pylint: disable=no-member`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`def run_build(steps, images, tags=None, build_version=MAJOR_TAG):`
			`"""Execute the retrieved build steps in gcb."""`
Many build infra fixes. (#4209) - Remove base image project argument from deploy.sh. Deploy all functions to the main oss-fuzz image. - Reduce max instances of functions to 1 to avoid rate limiting issues. - Fix missing ndb context initialization in request_build.py - Fix incorrect tags in BuildHistory entities. "-" was doubled. - Fix base build deployment with incorrect schedule variable. - Add scripts for requesting builds locally. 2020-07-29 02:39:49 +00:00			`credentials, _ = google.auth.default()`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`body_overrides = {`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`'images': images + [f'{image}:{build_version}' for image in images]`
Base image builder (#4080) * Base image builder * Forgot to run formatter * Fixing lint issues and removing unused imports * Adding missing newline * Refactoring code * Fixing linting errors and changing name of cloud function entry * Adding license header to build_base_images * Changed logging and print_function Co-authored-by: Kabeer Seth <kabeerseth@google.com> 2020-07-08 04:16:01 +00:00			`}`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`return build_lib.run_build(steps, credentials, BASE_PROJECT, body_overrides,`
			`tags)`
Adding msan builder to gcp (#4234) * Adding msan builder to gcp * Formatting changes * Refactoring and reducing redundancy * Moving msan builder entry point into base_images 2020-07-31 04:42:09 +00:00

			`def base_builder(event, context):`
			`"""Cloud function to build base images."""`
			`del event, context`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`logging.basicConfig(level=logging.INFO)`
Adding msan builder to gcp (#4234) * Adding msan builder to gcp * Formatting changes * Refactoring and reducing redundancy * Moving msan builder entry point into base_images 2020-07-31 04:42:09 +00:00
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`steps = get_base_image_steps(BASE_IMAGES)`
			`images = [TAG_PREFIX + base_image for base_image in BASE_IMAGES]`
Adding msan builder to gcp (#4234) * Adding msan builder to gcp * Formatting changes * Refactoring and reducing redundancy * Moving msan builder entry point into base_images 2020-07-31 04:42:09 +00:00			`run_build(steps, images)`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00
			`introspector_steps = _get_introspector_base_images_steps(`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`INTROSPECTOR_BASE_IMAGES)`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`introspector_images = [`
Setup trial builds in CI. (#7415) This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change. 2022-04-04 21:47:21 +00:00			`TAG_PREFIX + base_image for base_image in INTROSPECTOR_BASE_IMAGES`
Add build steps for introspector images (#7059) 2022-01-20 01:22:50 +00:00			`]`

			`run_build(introspector_steps, introspector_images, INTROSPECTOR_TAG)`