-
Notifications
You must be signed in to change notification settings - Fork 151
Add automatic issue creation for scheduled fuzzing job failures with area/fuzzing label filtering #823
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Add automatic issue creation for scheduled fuzzing job failures with area/fuzzing label filtering #823
Changes from all commits
Commits
Show all changes
8 commits
Select commit
Hold shift + click to select a range
367979c
Initial plan
Copilot e3ca87e
Add fuzzing failure notification system
Copilot 4f8ddb4
Move fuzzing failure notification from reusable workflow to scheduled…
Copilot ebb4acb
Add --repo parameter to gh commands for testing support
Copilot 9f73599
Rebase and revert the code change from copilot
jsturtevant 588cff2
Add kind/fuzzing label for better issue filtering and management
Copilot 6e3b129
Update fuzzing label from kind/fuzzing to area/fuzzing
Copilot 1583008
Rename variable names for clarity: testing_label and fuzzing_label
Copilot File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,153 @@ | ||
| #!/bin/bash | ||
| set -e | ||
| set -u | ||
| set -o pipefail | ||
|
|
||
| ## DESCRIPTION: | ||
| ## | ||
| ## This script creates or updates GitHub issues when fuzzing jobs fail. | ||
| ## It checks for existing open fuzzing failure issues and either creates | ||
| ## a new one or adds a comment to an existing one. | ||
| ## | ||
| ## PRE-REQS: | ||
| ## | ||
| ## This script assumes that the gh cli is installed and in the PATH | ||
| ## and that there is a GitHub PAT in the GITHUB_TOKEN env var | ||
| ## with the following permissions: | ||
| ## - issues (read/write) | ||
| ## or that the user is logged into the gh cli with an account with those permissions | ||
| ## | ||
| ## Run this script locally like: | ||
| ## GITHUB_REPOSITORY="fork/hyperlight" GITHUB_RUN_ID=1 ./dev/notify-fuzzing-failure.sh "fuzz_host_print,fuzz_guest_call,fuzz_host_call" | ||
|
|
||
| REPO="${GITHUB_REPOSITORY:-hyperlight-dev/hyperlight}" | ||
| WORKFLOW_RUN_URL="${GITHUB_SERVER_URL:-https://github.com}/${REPO}/actions/runs/${GITHUB_RUN_ID:-unknown}" | ||
| FUZZING_TARGETS="${1:-unknown}" | ||
|
|
||
| # Check if running in test mode (handle both first and second arguments) | ||
| if [ "${1:-}" = "--test" ] || [ "${2:-}" = "--test" ]; then | ||
| echo "✅ Running in test mode - script structure is valid" | ||
| echo "Would check for fuzzing failure issues in $REPO" | ||
| echo "Would create issue or comment for fuzzing targets: ${1:-unknown}" | ||
| echo "Workflow URL would be: $WORKFLOW_RUN_URL" | ||
| exit 0 | ||
| fi | ||
|
|
||
| echo "Checking for existing fuzzing failure issues in $REPO..." | ||
|
|
||
| # Extract owner and repo name from the repository | ||
| OWNER=$(echo "$REPO" | cut -d'/' -f1) | ||
| REPO_NAME=$(echo "$REPO" | cut -d'/' -f2) | ||
|
|
||
| # Define the issue title and labels | ||
| ISSUE_TITLE="Fuzzing Job Failure - $(date '+%Y-%m-%d')" | ||
| TESTING_LABEL="area/testing" | ||
| FAILURE_LABEL="kind/bug" | ||
| FUZZING_LABEL="area/fuzzing" | ||
| LIFECYCLE_LABEL="lifecycle/needs-review" | ||
|
|
||
| # Search for existing open fuzzing failure issues | ||
| echo "Searching for existing open fuzzing failure issues..." | ||
| EXISTING_ISSUES=$(gh api graphql -f query=' | ||
| query($owner: String!, $repo: String!) { | ||
| repository(owner: $owner, name: $repo) { | ||
| issues(first: 10, states: OPEN, labels: ["area/fuzzing"]) { | ||
| totalCount | ||
| nodes { | ||
| number | ||
| title | ||
| url | ||
| labels(first: 20) { | ||
| nodes { | ||
| name | ||
| } | ||
| } | ||
| } | ||
| } | ||
| } | ||
| }' -f owner="$OWNER" -f repo="$REPO_NAME" --jq '.data.repository.issues') | ||
|
|
||
| # Filter for fuzzing-related issues (now all results should be fuzzing issues due to label filter) | ||
| FUZZING_ISSUES=$(echo "$EXISTING_ISSUES" | jq '.nodes[]' 2>/dev/null || echo "") | ||
| FUZZING_ISSUE_COUNT=0 | ||
| if [ -n "$FUZZING_ISSUES" ]; then | ||
| FUZZING_ISSUE_COUNT=$(echo "$FUZZING_ISSUES" | jq -s 'length' 2>/dev/null || echo "0") | ||
| fi | ||
|
|
||
| echo "Found $FUZZING_ISSUE_COUNT existing fuzzing failure issue(s)" | ||
|
|
||
| if [ "$FUZZING_ISSUE_COUNT" -gt 0 ]; then | ||
| # Get the most recent fuzzing failure issue | ||
| ISSUE_NUMBER=$(echo "$FUZZING_ISSUES" | jq -r '.number' | head -1) | ||
| ISSUE_URL=$(echo "$FUZZING_ISSUES" | jq -r '.url' | head -1) | ||
|
|
||
| if [ "$ISSUE_NUMBER" = "null" ] || [ -z "$ISSUE_NUMBER" ]; then | ||
| echo "⚠️ Could not parse issue number from fuzzing issues, creating new issue instead" | ||
| FUZZING_ISSUE_COUNT=0 | ||
| else | ||
| echo "Adding comment to existing issue #$ISSUE_NUMBER" | ||
|
|
||
| # Create comment body | ||
| COMMENT_BODY="## Fuzzing Job Failed Again | ||
|
|
||
| **Date:** $(date '+%Y-%m-%d %H:%M:%S UTC') | ||
| **Workflow Run:** [$WORKFLOW_RUN_URL]($WORKFLOW_RUN_URL) | ||
| **Fuzzing Targets:** $FUZZING_TARGETS | ||
|
|
||
| The scheduled fuzzing job has failed again. Please check the workflow logs and artifacts for details." | ||
|
|
||
| # Add comment to the existing issue | ||
| if gh issue comment "$ISSUE_NUMBER" --body "$COMMENT_BODY" --repo "$REPO"; then | ||
| echo "✅ Added comment to existing issue #$ISSUE_NUMBER: $ISSUE_URL" | ||
| else | ||
| echo "❌ Failed to add comment to existing issue. Creating new issue instead." | ||
| FUZZING_ISSUE_COUNT=0 | ||
| fi | ||
| fi | ||
| fi | ||
|
|
||
| if [ "$FUZZING_ISSUE_COUNT" -eq 0 ]; then | ||
| echo "No existing fuzzing failure issues found. Creating new issue..." | ||
|
|
||
| # Create issue body | ||
| ISSUE_BODY="## Fuzzing Job Failure Report | ||
|
|
||
| **Date:** $(date '+%Y-%m-%d %H:%M:%S UTC') | ||
| **Workflow Run:** [$WORKFLOW_RUN_URL]($WORKFLOW_RUN_URL) | ||
| **Fuzzing Targets:** $FUZZING_TARGETS | ||
|
|
||
| The scheduled fuzzing job has failed. This issue was automatically created to track the failure. | ||
|
|
||
| ### Details | ||
| The fuzzing workflow failed during execution. Please check the workflow logs and any uploaded artifacts for more details. | ||
|
|
||
| ### Next Steps | ||
| - [ ] Review the workflow logs for error details | ||
| - [ ] Download and analyze any crash artifacts if available | ||
| - [ ] Determine the root cause of the failure | ||
| - [ ] Fix the underlying issue | ||
|
|
||
| ### Related Documentation | ||
| - [Fuzzing README](https://github.com/$REPO/blob/main/fuzz/README.md) | ||
| - [Security Guidance](https://github.com/$REPO/blob/main/docs/security-guidance-for-developers.md) | ||
|
|
||
| --- | ||
| *This issue was automatically created by the fuzzing failure notification system.*" | ||
|
|
||
| # Create the new issue | ||
| if ISSUE_URL=$(gh issue create \ | ||
| --title "$ISSUE_TITLE" \ | ||
| --body "$ISSUE_BODY" \ | ||
| --label "$TESTING_LABEL" \ | ||
| --label "$FAILURE_LABEL" \ | ||
| --label "$FUZZING_LABEL" \ | ||
| --label "$LIFECYCLE_LABEL" \ | ||
| --repo "$REPO"); then | ||
| echo "✅ Created new fuzzing failure issue: $ISSUE_URL" | ||
| else | ||
| echo "❌ Failed to create new fuzzing failure issue" | ||
| exit 1 | ||
| fi | ||
| fi | ||
|
|
||
| echo "Fuzzing failure notification completed successfully" | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.