fluxcd: Fix go.sum issues and improve CI support (#9217)

Main changes: - Fixes issues caused by go-118-fuzz-build's dependencies causing `go.sum` to become out of sync, which results in broken build. - Auto detects when a single project is being targeted (e.g. CI). - Remove libgit2 dependencies that are no longer needed. Signed-off-by: Paulo Gomes <pjbgf@linux.com>
2022-12-15 15:40:15 +00:00 · 2022-12-15 15:40:15 +00:00 · 998e83199d
parent 4d8b1e6a87
commit 998e83199d
2 changed files with 26 additions and 12 deletions
--- a/projects/fluxcd/Dockerfile
+++ b/projects/fluxcd/Dockerfile
@ -16,11 +16,6 @@

 FROM gcr.io/oss-fuzz-base/base-builder-go

-# cmake and pkg-config are only needed whilst libgit2 is in use.
-# The project aims to deprecate libgit2 at some point in Q1 2023,
-# by which point this can be removed.
-RUN apt-get update && apt-get install -y cmake pkg-config
-
 ENV GOPATH="${GOPATH:-/root/go}"
 ENV ORG_ROOT="${ORG_ROOT:-${GOPATH}/src/github.com/fluxcd}"

--- a/projects/fluxcd/build.sh
+++ b/projects/fluxcd/build.sh
@ -24,7 +24,6 @@ GOPATH="${GOPATH:-/root/go}"
 ORG_ROOT="${ORG_ROOT:-${GOPATH}/src/github.com/fluxcd}"
 PREBUILD_SCRIPT_PATH="${PREBUILD_SCRIPT_PATH:-tests/fuzz/oss_fuzz_prebuild.sh}"
 POSTBUILD_SCRIPT_PATH="${POSTBUILD_SCRIPT_PATH:-tests/fuzz/oss_fuzz_postbuild.sh}"
-FLUX_CI="${FLUX_CI:-false}"

 # source_prebuild_script sources the prebuild script, which executes project-specific
 # code and exposes environment variables that are needed during the generic build process.
@ -70,7 +69,25 @@ function go_native_build_all_fuzzers(){
 		fi

 		# go-118-fuzz-build is required for each module.
-		go get github.com/AdamKorcz/go-118-fuzz-build/testing
+		go get -u github.com/AdamKorcz/go-118-fuzz-build/testing
+
+		# The go get command above can affect transient dependencies, may lead
+		# to the go.sym to become out of sync, which would cause build to break.
+		# go mod tidy will only work if the current module has a reference
+		# to the above dependency, so we create one.
+		local pkgName
+		pkgName="$(grep -h '^package ' -- *.go | head -n 1)"
+		if [ -z "${test_files}" ]; then
+			pkgName="package fuzz"
+		fi
+		
+		cat <<EOF > dep-placeholder.go
+${pkgName}
+
+import _ "github.com/AdamKorcz/go-118-fuzz-build/testing"
+EOF
+		# With the reference above, this updates go.sum.
+		go mod tidy

 		# Iterate through all Go Fuzz targets, compiling each into a fuzzer.
 		for file in ${test_files}; do
@ -113,13 +130,15 @@ function loop_through_org_repositories(){
 }

 function main(){
-	if [[ "${FLUX_CI}" == "true" ]]; then
-		echo "Building Go Native fuzzers for Flux CI"
+	# If SRC is set to a Flux project, only its fuzzers will be built.
+	if grep -h '^module github.com/fluxcd/' "${SRC}/go.mod"; then
+		echo "Building Go Native fuzzers for ${SRC}"
 		go_native_build_all_fuzzers "${SRC}"
-	else
-		echo "Going through all repositories in ${ORG_ROOT}"
-		loop_through_org_repositories 
+		exit $?
 	fi
+	
+	echo "Going through all repositories in ${ORG_ROOT}"
+	loop_through_org_repositories 
 }

 main