fuzzing all swagger files

Signed-off-by: Valina Li <[email protected]>

Dockerfile.fuzz

@@ -1,6 +1,6 @@
 FROM mcr.microsoft.com/dotnet/sdk:6.0-alpine as builder
 
-RUN apk add --no-cache python3 py3-pip bash
+RUN apk add --no-cache python3 py3-pip bash coreutils
 
 RUN wget https://github.com/microsoft/restler-fuzzer/archive/refs/tags/v9.2.2.tar.gz
 RUN tar -xvf v9.2.2.tar.gz && mv restler-fuzzer-9.2.2 restler-fuzzer
@@ -9,7 +9,9 @@ RUN cd restler-fuzzer; mkdir -p restler_bin
 WORKDIR /restler-fuzzer
 RUN python3 ./build-restler.py --dest_dir ./restler_bin/
 COPY fuzzing_docker.sh /restler-fuzzer/fuzzing.sh
-COPY /openapi/v3/core-data.yaml /restler-fuzzer/
+COPY /openapi/v3/* /restler-fuzzer/openapi/
 
 ENTRYPOINT ["/restler-fuzzer/fuzzing.sh"]
-CMD ["core-data", "/restler-fuzzer", "core-data.yaml"]
+CMD ["all"]
+# comment above CMD of "all" and uncomment below CMD to fuzz individual swagger file
+# CMD ["core-data", "/restler-fuzzer/openapi/core-data.yaml"]

fuzzing_docker.sh

@@ -2,21 +2,42 @@
 
 EDGEX_PROJECT_NAME=${1}
 echo $EDGEX_PROJECT_NAME
-SWAGGER_FILE_PATH=${2}
-echo $SWAGGER_FILE_PATH
-SWAGGER_FILE_NAME=${3}
-echo $SWAGGER_FILE_NAME
+SWAGGER_FILE_NAME_PATH=${2}
+echo $SWAGGER_FILE_NAME_PATH
 
-echo "--compile from swagger file"
-./restler_bin/restler/Restler compile --api_spec /"$SWAGGER_FILE_PATH"/"$SWAGGER_FILE_NAME"
+SWAGGER_FILE_PATH="/restler-fuzzer/openapi"
+runFuzzLeanPerSwagger() {
+    echo "--compile from swagger file: $2"
+    ./restler_bin/restler/Restler compile --api_spec "$2"
 
-echo "--test the grammar"
-./restler_bin/restler/Restler test --grammar_file ./Compile/grammar.py --dictionary_file ./Compile/dict.json --settings ./Compile/engine_settings.json --no_ssl
+    echo "--test the grammar"
+    ./restler_bin/restler/Restler test --grammar_file ./Compile/grammar.py --dictionary_file ./Compile/dict.json --settings ./Compile/engine_settings.json --no_ssl
 
-# assuming edgex service is already running on host
-echo "--run fuzz-lean"
-./restler_bin/restler/Restler fuzz-lean --grammar_file ./Compile/grammar.py --dictionary_file ./Compile/dict.json --settings ./Compile/engine_settings.json --no_ssl
+    # assuming edgex service is already running on host
+    echo "--run fuzz-lean"
+    ./restler_bin/restler/Restler fuzz-lean --grammar_file ./Compile/grammar.py --dictionary_file ./Compile/dict.json --settings ./Compile/engine_settings.json --no_ssl
+
+    echo "--copy result logs into $1"
+    mkdir -p /fuzz_results/"$1"
+    cp -r ./Test/ /fuzz_results/"$1"/
+}
+
+if [ "$EDGEX_PROJECT_NAME" == "all" ]
+then
+    echo "fuzz-lean for all swagger files"
+
+    for swagger in "$SWAGGER_FILE_PATH"/*
+    do
+        projectname=$(basename "$swagger" .yaml)
+        echo "$projectname"
+        echo "$swagger"
+        if [[ "$projectname" != *"."* ]]
+        then
+            runFuzzLeanPerSwagger $projectname $swagger
+        fi
+    done
+else
+    echo "fuzz-lean a specific swagger file only"
+    runFuzzLeanPerSwagger $EDGEX_PROJECT_NAME $SWAGGER_FILE_NAME_PATH
+fi
 
-echo "--copy result logs into $EDGEX_PROJECT_NAME"
-mkdir -p /fuzz_results/"$EDGEX_PROJECT_NAME"
-cp -r ./Test/ /fuzz_results/"$EDGEX_PROJECT_NAME"/