set up notifications; ready for review

2021-11-23 14:44:44 -05:00 · 2021-11-23 14:44:44 -05:00 · d5c7cebc7d
parent 83037289ef
commit d5c7cebc7d
3 changed files with 30 additions and 13 deletions
--- a/build/Fuzz/notifications-ado.json
+++ b/build/Fuzz/notifications-ado.json
@ -5,21 +5,30 @@
    "project": "OpenConsole",
    "type": "Bug",
    "unique_fields": [
-      "System.Title",
-      "System.AreaPath"
+      "Microsoft.VSTS.Common.CustomString03"
    ],
-    "comment": "<br> This is my call stack: <ul> {% for item in report.call_stack %} <li> {{ item }} </li> {% endfor %} </ul>  Repro Command: <br> <pre> {{ repro_cmd }} </pre> <br> Scariness: <ul> <li> Score: {{scariness_score}} </li> <li> Description: {{scariness_description}} </li> </ul>",
+    "comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
    "ado_fields": {
+      "System.AssignedTo": "INSERT_ASSIGNED_HERE",
+      "System.Tags": "OneFuzz",
      "System.AreaPath": "OS\\WDX\\DXP\\WinDev\\Terminal",
-      "System.Title": "{{report.task_id}}"
+      "OSG.Watson.Telemetry14DaysInMarketHits": "1",
+      "System.IterationPath": "OS\\Future",
+      "Microsoft.VSTS.Common.CustomString01": "{{ job.project }}",
+      "Microsoft.VSTS.Common.CustomString02": "{{ job.name }}",
+      "Microsoft.VSTS.Common.CustomString03": "{{ report.minimized_stack_function_lines_sha256}}",
+      "System.Title": "[Fuzzing] - {{ report.crash_site }}",
+      "Microsoft.VSTS.CMMI.HowFound": "Security: Fuzzing",
+      "OSG.SecurityImpact": "Security Triage Requested",
+      "OSG.SDLSeverity": "Moderate",
+      "Microsoft.VSTS.TCM.ReproSteps": "The fuzzing target ({{ job.project }} {{ job.name }} {{ job.build }}) reported a crash. <br> {%if report.asan_log %} AddressSanitizer reported the following details: <br> <pre> {{ report.asan_log }} </pre> {% else %} Faulting call stack: <ul> {% for item in report.call_stack %} <li> {{ item }} </li> {% endfor %} </ul> <br> {% endif %} You can reproduce the issue remotely in OneFuzz by running the following command: <pre> {{ repro_cmd }} </pre>"
    },
    "on_duplicate": {
-      "increment": [],
-      "comment": "DUP {{report.input_sha256}} <br> Repro Command: <br> <pre> {{ repro_cmd }} </pre> ",
-      "set_state": {
-        "Resolved": "Active"
+      "set_state": {"Resolved": "Active", "Closed": "Active"},
+      "ado_fields": {
+        "System.IterationPath": "OS\\Future"
      },
-      "ado_fields": {}
+      "increment": ["OSG.Watson.Telemetry14DaysInMarketHits"]
    }
  }
 }
--- a/build/pipelines/fuzz.yml
+++ b/build/pipelines/fuzz.yml
@ -47,11 +47,14 @@ stages:
      - bash: |
          set -ex
          pip -q install onefuzz
-          onefuzz config --endpoint $(endpoint) --client_id $(client_id) --client_secret $(client_secret)
+          onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain)
          sed -i s/INSERT_PAT_HERE/${ado_pat}/ ../Fuzz/notifications-ado.json
+          sed -i s/INSERT_ASSIGNED_HERE/${ado_assigned_to}/ ../Fuzz/notifications-ado.json
        displayName: Configure OneFuzz
+      # replace the bash command below with this to run this with notifications
+      # onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $(target_exe_path) --notification_config ../Fuzz/notifications-ado.json OpenConsole $(test_name) $(Build.SourceVersion) windows
      - bash: |
-          onefuzz template libfuzzer basic OpenConsole $(test_name) $(Build.SourceVersion) windows --target_exe $(target_exe_path)
+          onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $(target_exe_path) OpenConsole $(test_name) $(Build.SourceVersion) windows
        displayName: Submit OneFuzz Job
        env:
          target_exe_path: $(Build.ArtifactStagingDirectory)/$(artifactName)/Fuzzing/x64/test/OpenConsoleFuzzer.exe
--- a/doc/fuzzing.md
+++ b/doc/fuzzing.md
@ -22,9 +22,11 @@ You can download the latest OneFuzz CLI on their [releases page](https://github.

 ### Configuring OneFuzz

-To run OneFuzz locally, you'll need to configure its endpoint, client ID, and client secret. MSR lets Microsoft employees use their endpoint at `https://onefuzz-playground.azurewebsites.net`. However, these configurations vary from project to project.
+To run OneFuzz locally, you'll need to configure its endpoint, client ID, and client secret. Windows has a preset configuration available; this can be found at [this tutorial](https://www.osgwiki.com/wiki/Fuzzing_Service_-_Azure_Edge_and_Platform#Configure_OneFuzz_CLI) on osgwiki. 

-`onefuzz config --endpoint $(endpoint) --client_id $(client_id) --client_secret $(client_secret)`
+
+
+`onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain)`

 **NOTE**: Our pipeline is already set up with these variables, so you don't need to worry about this when running this on Azure DevOps.

@ -48,6 +50,8 @@ This should also output more information (i.e. job ID) about the newly created j

 OneFuzz supports multiple notification systems at once including MS Teams and Azure DevOps. See the resources below to learn more about setting these up.

+Our pipeline has been set up to create Azure DevOps work items.
+
 ### Resources
 - [OneFuzz GitHub](https://github.com/microsoft/onefuzz)
    - [Getting started using OneFuzz](https://github.com/microsoft/onefuzz/blob/main/docs/getting-started.md)
@ -55,3 +59,4 @@ OneFuzz supports multiple notification systems at once including MS Teams and Az
 - [Notifications](https://github.com/microsoft/onefuzz/blob/main/docs/notifications.md)
    - [MS Teams](https://github.com/microsoft/onefuzz/blob/main/docs/notifications/teams.md)
    - [Azure DevOps](https://github.com/microsoft/onefuzz/blob/main/docs/notifications/ado.md)
+- [OSG Wiki - OneFuzz](https://www.osgwiki.com/wiki/Fuzzing_Service_-_Azure_Edge_and_Platform)