Add Continuous Fuzzing Integration to Fuzzit (#3093)

This feature introduce continuous fuzzing with the following
features:

* Ruzzing: fuzz-targets are run continuously on master
( the fuzzers are updated every time new code is pushed to master)
* Regresion: In addition to unit-tests travis runs all fuzz
targets through the generated corpus to catch bugs early  on
in the CI process before merge.

4 files changed, 46 insertions, 5 deletions

diff --git a/.travis.yml b/.travis.yml
index 66b321739..e29b074b3 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,6 @@
 dist: xenial
-
+services:
+  - docker
 language: go
 go:
   - "1.12.x"
@@ -18,10 +19,16 @@ branches:
   - master
 
 env:
-  - TEST_TYPE=coverage
-  - TEST_TYPE=integration
-  - TEST_TYPE=core
-  - TEST_TYPE=plugin
+  global:
+    # This is FUZZIT_API_KEY
+    - secure: "IGpZAyt1e5BZ1C4LeJG+GrgFZzaBQkJ3BX/+MwWN85aJSDk5gwThS53OCr/7RFgBKBgP9xBv9i9hAv0PxVaRE0ETIzjc0rQzceJIWiYKfFYQyscFahKfSiGsWP32rMlU3K67tA7yITS+Z8mMyVH9Ndr1Fg9AmLL+WfATdrd6dP8hzsUpaghKlnJee9TycrfamDpISzecdOY9xzxcwRyphZxuCc/n236Nt7f7Ccz0zx/Qa5igX6mjKZpUyBpS2u02GmNJTfc3W5SbTRP5bSJ+ozSkZZyG3tTpYmeN87AQJ/oG7rUEzqGLt78i7jSYAXghJZT06H/fHFsOKssCj1m0hYiarnGoGzXScLDqp2fpkyzilsUT+W0VgXTy2Nq+88Sideiy6UwDwpqHr5ktyoYFeSVB/aCTJl5oxDxBqs9dfeJSEAy7/AYy8kJoIE/yPYsBnGw10CAED4Rf5mfDgstkZRBdAO0xLBihkPsgza2975DVf27YSjJZ4eKrnR+G/aNCKycLQvWD/5c2bcLCJqyz0uMLQC/4LspS9b5bAKurzqFRdrD5q78NDcbodHelc7zBlFrRwGFCUjXTbQoU6r+1FA8y2Z+n1bd7mIF1JBVHurYAygyYXOcry870hyucGojonvdgBvHp6txeYyPU14VvTNwkF2mddpBCvoSTSPZ5X64="
+  matrix:
+    - TEST_TYPE=coverage
+    - TEST_TYPE=integration
+    - TEST_TYPE=core
+    - TEST_TYPE=plugin
+    - TEST_TYPE=fuzzit FUZZIT_TYPE=local-regression
+    - TEST_TYPE=fuzzit FUZZIT_TYPE=fuzzing
 
 # In the Travis VM-based build environment, IPv6 networking is not
 # enabled by default. The sysctl operations below enable IPv6.
diff --git a/Makefile b/Makefile
index 135fe3f9e..619a431e5 100644
--- a/Makefile
+++ b/Makefile
@@ -44,6 +44,26 @@ ifeq ($(TEST_TYPE),coverage)
 		fi; \
 	done
 endif
+ifeq ($(TEST_TYPE),fuzzit)
+	# skip fuzzing for PR
+	if [ "$(TRAVIS_PULL_REQUEST)" = "false" ] || [ "$(FUZZIT_TYPE)" = "local-regression" ] ; then \
+        export GO111MODULE=off; \
+        go get -u github.com/dvyukov/go-fuzz/go-fuzz-build; \
+        go get -u -v .; \
+        cd ../../go-acme/lego; \
+        git checkout v2.5.0; \
+        cd ../../coredns/coredns; \
+        LIBFUZZER=YES make -f Makefile.fuzz cache chaos file rewrite whoami corefile; \
+        wget -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.27/fuzzit_Linux_x86_64; \
+        chmod a+x fuzzit; \
+        ./fuzzit create job --type $(FUZZIT_TYPE) coredns/cache ./cache; \
+        ./fuzzit create job --type $(FUZZIT_TYPE) coredns/chaos ./chaos; \
+        ./fuzzit create job --type $(FUZZIT_TYPE) coredns/file ./file; \
+        ./fuzzit create job --type $(FUZZIT_TYPE) coredns/rewrite ./rewrite; \
+        ./fuzzit create job --type $(FUZZIT_TYPE) coredns/whoami ./whoami; \
+        ./fuzzit create job --type $(FUZZIT_TYPE) coredns/corefile ./corefile; \
+    fi;
+endif
 
 core/plugin/zplugin.go core/dnsserver/zdirectives.go: plugin.cfg
 	GO111MODULE=on go generate coredns.go
diff --git a/Makefile.fuzz b/Makefile.fuzz
index 666f4c93d..b2340c420 100644
--- a/Makefile.fuzz
+++ b/Makefile.fuzz
@@ -14,6 +14,7 @@
 #$ go get github.com/dvyukov/go-fuzz/go-fuzz-build
 
 REPO:="github.com/coredns/coredns"
+# set LIBFUZZER=YES to build libfuzzer compatible targets
 
 FUZZ:=$(dir $(wildcard plugin/*/fuzz.go)) # plugin/cache/
 PLUGINS:=$(foreach f,$(FUZZ),$(subst plugin, ,$(f:/=))) # > /cache
@@ -25,13 +26,25 @@ echo:
 
 .PHONY: $(PLUGINS)
 $(PLUGINS): echo
+ifeq ($(LIBFUZZER), YES)
+	go-fuzz-build -tags fuzz -libfuzzer -o $(@).a ./plugin/$(@)
+	clang -fsanitize=fuzzer $(@).a -o $(@)
+else
 	go-fuzz-build -tags fuzz $(REPO)/plugin/$(@)
 	go-fuzz -bin=./$(@)-fuzz.zip -workdir=fuzz/$(@)
+endif
+
 
 .PHONY: corefile
 corefile:
+ifeq ($(LIBFUZZER), YES)
+	go-fuzz-build -tags fuzz -libfuzzer -o $(@).a ./test
+	clang -fsanitize=fuzzer $(@).a -o $(@)
+else
 	go-fuzz-build -tags fuzz $(REPO)/test
 	go-fuzz -bin=./test-fuzz.zip -workdir=fuzz/$(@)
+endif
+
 
 
 .PHONY: clean
diff --git a/README.md b/README.md
index 22208502f..b587b2e02 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,7 @@
 
 [![Documentation](https://img.shields.io/badge/godoc-reference-blue.svg)](https://godoc.org/github.com/coredns/coredns)
 [![Build Status](https://img.shields.io/travis/coredns/coredns/master.svg?label=build)](https://travis-ci.org/coredns/coredns)
+[![fuzzit](https://app.fuzzit.dev/badge?org_id=coredns&branch=master)](https://fuzzit.dev)
 [![Code Coverage](https://img.shields.io/codecov/c/github/coredns/coredns/master.svg)](https://codecov.io/github/coredns/coredns?branch=master)
 [![Docker Pulls](https://img.shields.io/docker/pulls/coredns/coredns.svg)](https://hub.docker.com/r/coredns/coredns)
 [![Go Report Card](https://goreportcard.com/badge/github.com/coredns/coredns)](https://goreportcard.com/report/coredns/coredns)