set up notifications; ready for review
This commit is contained in:
parent
83037289ef
commit
d5c7cebc7d
|
@ -5,21 +5,30 @@
|
|||
"project": "OpenConsole",
|
||||
"type": "Bug",
|
||||
"unique_fields": [
|
||||
"System.Title",
|
||||
"System.AreaPath"
|
||||
"Microsoft.VSTS.Common.CustomString03"
|
||||
],
|
||||
"comment": "<br> This is my call stack: <ul> {% for item in report.call_stack %} <li> {{ item }} </li> {% endfor %} </ul> Repro Command: <br> <pre> {{ repro_cmd }} </pre> <br> Scariness: <ul> <li> Score: {{scariness_score}} </li> <li> Description: {{scariness_description}} </li> </ul>",
|
||||
"comment": "<a href='{{ input_url }}'>This input</a> caused the <a href='{{ target_url }}'>fuzz target</a> {{ report.executable }} to crash. The faulting input SHA256 hash is {{ report.input_sha256 }} <br>",
|
||||
"ado_fields": {
|
||||
"System.AssignedTo": "INSERT_ASSIGNED_HERE",
|
||||
"System.Tags": "OneFuzz",
|
||||
"System.AreaPath": "OS\\WDX\\DXP\\WinDev\\Terminal",
|
||||
"System.Title": "{{report.task_id}}"
|
||||
"OSG.Watson.Telemetry14DaysInMarketHits": "1",
|
||||
"System.IterationPath": "OS\\Future",
|
||||
"Microsoft.VSTS.Common.CustomString01": "{{ job.project }}",
|
||||
"Microsoft.VSTS.Common.CustomString02": "{{ job.name }}",
|
||||
"Microsoft.VSTS.Common.CustomString03": "{{ report.minimized_stack_function_lines_sha256}}",
|
||||
"System.Title": "[Fuzzing] - {{ report.crash_site }}",
|
||||
"Microsoft.VSTS.CMMI.HowFound": "Security: Fuzzing",
|
||||
"OSG.SecurityImpact": "Security Triage Requested",
|
||||
"OSG.SDLSeverity": "Moderate",
|
||||
"Microsoft.VSTS.TCM.ReproSteps": "The fuzzing target ({{ job.project }} {{ job.name }} {{ job.build }}) reported a crash. <br> {%if report.asan_log %} AddressSanitizer reported the following details: <br> <pre> {{ report.asan_log }} </pre> {% else %} Faulting call stack: <ul> {% for item in report.call_stack %} <li> {{ item }} </li> {% endfor %} </ul> <br> {% endif %} You can reproduce the issue remotely in OneFuzz by running the following command: <pre> {{ repro_cmd }} </pre>"
|
||||
},
|
||||
"on_duplicate": {
|
||||
"increment": [],
|
||||
"comment": "DUP {{report.input_sha256}} <br> Repro Command: <br> <pre> {{ repro_cmd }} </pre> ",
|
||||
"set_state": {
|
||||
"Resolved": "Active"
|
||||
"set_state": {"Resolved": "Active", "Closed": "Active"},
|
||||
"ado_fields": {
|
||||
"System.IterationPath": "OS\\Future"
|
||||
},
|
||||
"ado_fields": {}
|
||||
"increment": ["OSG.Watson.Telemetry14DaysInMarketHits"]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -47,11 +47,14 @@ stages:
|
|||
- bash: |
|
||||
set -ex
|
||||
pip -q install onefuzz
|
||||
onefuzz config --endpoint $(endpoint) --client_id $(client_id) --client_secret $(client_secret)
|
||||
onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain)
|
||||
sed -i s/INSERT_PAT_HERE/${ado_pat}/ ../Fuzz/notifications-ado.json
|
||||
sed -i s/INSERT_ASSIGNED_HERE/${ado_assigned_to}/ ../Fuzz/notifications-ado.json
|
||||
displayName: Configure OneFuzz
|
||||
# replace the bash command below with this to run this with notifications
|
||||
# onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $(target_exe_path) --notification_config ../Fuzz/notifications-ado.json OpenConsole $(test_name) $(Build.SourceVersion) windows
|
||||
- bash: |
|
||||
onefuzz template libfuzzer basic OpenConsole $(test_name) $(Build.SourceVersion) windows --target_exe $(target_exe_path)
|
||||
onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $(target_exe_path) OpenConsole $(test_name) $(Build.SourceVersion) windows
|
||||
displayName: Submit OneFuzz Job
|
||||
env:
|
||||
target_exe_path: $(Build.ArtifactStagingDirectory)/$(artifactName)/Fuzzing/x64/test/OpenConsoleFuzzer.exe
|
||||
|
|
|
@ -22,9 +22,11 @@ You can download the latest OneFuzz CLI on their [releases page](https://github.
|
|||
|
||||
### Configuring OneFuzz
|
||||
|
||||
To run OneFuzz locally, you'll need to configure its endpoint, client ID, and client secret. MSR lets Microsoft employees use their endpoint at `https://onefuzz-playground.azurewebsites.net`. However, these configurations vary from project to project.
|
||||
To run OneFuzz locally, you'll need to configure its endpoint, client ID, and client secret. Windows has a preset configuration available; this can be found at [this tutorial](https://www.osgwiki.com/wiki/Fuzzing_Service_-_Azure_Edge_and_Platform#Configure_OneFuzz_CLI) on osgwiki.
|
||||
|
||||
`onefuzz config --endpoint $(endpoint) --client_id $(client_id) --client_secret $(client_secret)`
|
||||
|
||||
|
||||
`onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain)`
|
||||
|
||||
**NOTE**: Our pipeline is already set up with these variables, so you don't need to worry about this when running this on Azure DevOps.
|
||||
|
||||
|
@ -48,6 +50,8 @@ This should also output more information (i.e. job ID) about the newly created j
|
|||
|
||||
OneFuzz supports multiple notification systems at once including MS Teams and Azure DevOps. See the resources below to learn more about setting these up.
|
||||
|
||||
Our pipeline has been set up to create Azure DevOps work items.
|
||||
|
||||
### Resources
|
||||
- [OneFuzz GitHub](https://github.com/microsoft/onefuzz)
|
||||
- [Getting started using OneFuzz](https://github.com/microsoft/onefuzz/blob/main/docs/getting-started.md)
|
||||
|
@ -55,3 +59,4 @@ OneFuzz supports multiple notification systems at once including MS Teams and Az
|
|||
- [Notifications](https://github.com/microsoft/onefuzz/blob/main/docs/notifications.md)
|
||||
- [MS Teams](https://github.com/microsoft/onefuzz/blob/main/docs/notifications/teams.md)
|
||||
- [Azure DevOps](https://github.com/microsoft/onefuzz/blob/main/docs/notifications/ado.md)
|
||||
- [OSG Wiki - OneFuzz](https://www.osgwiki.com/wiki/Fuzzing_Service_-_Azure_Edge_and_Platform)
|
Loading…
Reference in a new issue