[infra] Publish build badges on status page #2513
Conversation
|
And then OSS-Fuzz participating projects could have a link on their GitHub page to those icons? I think that would be awesome, feels like someone even has asked for a similar feature in the past. |
Yup, see #738 |
|
I'm not so sure we want the badge to point at whether the build is succeeding since this isn't the point of OSS-Fuzz, maybe we should discuss this more. |
|
Good point, but what else can we indicate? A successful build means there is continuous fuzzing happening with ToT build, which is the point of OSS-Fuzz. Can change the text on the icon though. |
|
The basic idea is as Max said, I was using the build status as a closest approximation to whether ClusterFuzz has something new to run on. We could do it at the clusterfuzz level, if a project hasn't had any fuzzing executions in an hour or more the badge could be marked as failing. This would also let us put up a number like:
which might be cool. |
Some other ideas: bugs (which might turn people off), coverage. |
!!! Yes, please! Getting execution numbers would be harder (as we'd need a CF change for that). Coverage is easy (there are public JSON files, just read them and generate icons) and feels more informative than number of executions. |
|
Badges changed to:
|
|
@oliverchang Could you PTAL? This does need testing on the actual jenkins instance. |
|
Thank you! I'm wondering what these badges are supposed to point to. Normally badges lead to dashboards like https://semaphoreci.com/systemd/systemd, https://travis-ci.org/systemd/systemd, https://lgtm.com/projects/g/systemd/systemd/context:cpp and so on. I'm not sure where I should end up after clicking on |
|
Good idea. Both options should be ok, just depends on how we document this, we can have different template for fuzzing and coverage links. |
|
I think I'll just add a link to https://oss-fuzz.com, which seems to be as close to a dashboard where all the data including links to build logs and coverage reports are gathered as it's currently possible. Though given that access to it is limited It would be great if there was a landing page of some kind that would be at least partly public. |
What?
This implements a feature for the oss-fuzz build pipeline similar to how Travis, GCB, coverage tools offer the ability to have a little image badge representing whether builds are passing.
These will automatically get pushed out by the
build_status.pyscript on Jenkins and the images will be available onhttps://oss-fuzz-build-logs.storage.googleapis.com/badges/cpython3.pngfor example.Why?
A lot of high profile FOSS projects are using oss-fuzz but without visiting the projects subdirectory it's hard to gauge just how many projects that is. A lot of projects like tensorflow and python prominently display their badges in the README. Hopefully this should let people glance at the status of their oss-fuzz builds as well as direct some attention to oss-fuzz.
!! Needs Testing !!
I've done some best effort manual testing without involving the GCP components, if people are actually interested in this feature then more thorough testing is needed.