Jenkins

Prerequisites

The following packages are required on the Jenkins machine:

Install dependencies
   apt install cmake clang llvm lcov`.

Additionally, you can install rclone for corpus synchronization:

Install rclone
   apt install rclone

Add the CIFUZZ_DOWNLOAD_TOKEN from downloads.code-intelligence.com in the project's "Build environment" to access it in the scripts.

For more details on what you can do with CI Fuzz and its outputs in your pipeline, check the general CI/CD-Setup page.

Example workflow

The following Jenkins shell script shows an example of how you can run CI Fuzz in Jenkins.

# Install CI Fuzz. CI Fuzz needs to be installed on the host system or install it during the CI/CD run
sh -c "$(curl -fsSL http://downloads.code-intelligence.com/assets/install-cifuzz.sh)" ${CIFUZZ_DOWNLOAD_TOKEN} 3.15.0
cifuzz --version

# rclone needs to be installed on the host system or install it during the CI/CD run
rclone --version

# Copy corpus from cloud storage
mkdir -p .cifuzz-corpus
rclone copy -v cloud-storage:corpora/PROJECT_NAME .cifuzz-corpus

# Run Fuzz Test(s)
cifuzz run -v --interactive=false || true

# Copy corpus to cloud storage
rclone copy -v .cifuzz-corpus cloud-storage:corpora/PROJECT_NAME

# Calculate coverage
cifuzz coverage --format=html --output coverage_report --plain
cifuzz coverage --format=lcov --output lcov.info --plain

# Findings overview
cifuzz findings --plain > findings.txt

# Fail pipeline if findings are present
cifuzz findings --fail

Jenkins

Prerequisites​

Example workflow​

Prerequisites

Example workflow