From ca0fe09cbb3de1aabf81704f073c2df774c77235 Mon Sep 17 00:00:00 2001
From: Sahan Serasinghe <sahan.serasinghe@gmail.com>
Date: Wed, 8 Dec 2021 00:08:14 +1030
Subject: [PATCH 1/3] Add Jazzer configuration to run in an Action

Signed-off-by: Sahan Serasinghe <sahan.serasinghe@gmail.com>
---
 .github/workflows/jazzer.sh  | 76 ++++++++++++++++++++++++++++++++++++
 .github/workflows/jazzer.yml | 49 +++++++++++++++++++++++
 2 files changed, 125 insertions(+)
 create mode 100644 .github/workflows/jazzer.sh
 create mode 100644 .github/workflows/jazzer.yml

diff --git a/.github/workflows/jazzer.sh b/.github/workflows/jazzer.sh
new file mode 100644
index 0000000000..ab100e9d6b
--- /dev/null
+++ b/.github/workflows/jazzer.sh
@@ -0,0 +1,76 @@
+#!/bin/bash
+
+# Usage:
+# ./entrypoint.sh \
+#     --version 1.3.0 --package io.dapr.client --class DaprClientBuilder \
+#     --methods "withObjectSerializer withStateSerializer builder" \
+#     --keep-going=1
+
+set -u
+
+# Set default values
+Version="1.3.1"
+Package=""
+Class=""
+Methods=""
+KeepGoingCount="1"
+
+POSITIONAL=()
+while [[ $# -gt 0 ]]; do
+  key="$1"
+  case $key in
+    -v|--version)
+      Version="$2"
+      shift # past argument
+      shift # past value
+      ;;
+    -p|--package)
+      Package="$2"
+      shift # past argument
+      shift # past value
+      ;;
+    -c|--class)
+      Class="$2"
+      shift # past argument
+      shift # past value
+      ;;
+    -m|--methods)
+      Methods="$2"
+      shift # past argument
+      shift # past value
+      ;;
+    -kc|--keep-going)
+      KeepGoingCount="$2"
+      shift # past argument
+      ;;
+    *)    # unknown option
+      POSITIONAL+=("$1") # save it in an array for later
+      shift # past argument
+      ;;
+  esac
+done
+
+set -- "${POSITIONAL[@]}" # restore positional parameters
+
+echo "Version   = ${Version}" 
+echo "Package   = ${Package}" 
+echo "Class     = ${Class}"
+
+for Method in ${Methods}; do
+  echo "Fuzzing Method = ${Method}"
+  docker run --rm -v /"$(pwd)/fuzzing/$Version/$Package/$Class/$Method":/fuzzing cifuzz/jazzer-autofuzz \
+   io.dapr:dapr-sdk:${Version} \
+   ${Package}.${Class}::${Method} --keep_going=${KeepGoingCount}
+done
+
+# store exit status of grep
+# if code 77 or 0 fuzzer ran successfully
+# if not, something went wrong
+status=$?
+echo $status
+if [ $status -eq 77 ] || [ $status -eq 0 ]
+then
+	echo "Jazzer completed successfully. Artifacts will be available as part of the workflow pipeline"
+else
+	echo "Something went wrong"
+fi
\ No newline at end of file
diff --git a/.github/workflows/jazzer.yml b/.github/workflows/jazzer.yml
new file mode 100644
index 0000000000..fb8f93e7fe
--- /dev/null
+++ b/.github/workflows/jazzer.yml
@@ -0,0 +1,49 @@
+name: Run Jazzer against Dapr SDK
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - class: DaprClientBuilder
+            package: io.dapr.client
+            methods: 'withObjectSerializer withStateSerializer'
+            version: 1.3.1
+          - class: DaprClientGrpc
+            package: io.dapr.client
+            methods: 'waitForSidecar publishEvent invokeMethod'
+            version: 1.3.1
+          - class: DaprClientHttp
+            package: io.dapr.client
+            methods: 'waitForSidecar publishEvent invokeMethod'
+            version: 1.3.1
+          - class: DaprHttp
+            package: io.dapr.client
+            methods: 'invokeApi publishEvent invokeMethod'
+            version: 1.3.1
+          - class: ObjectSerializer
+            package: io.dapr.client
+            methods: 'serialize deserialize'
+            version: 1.3.1
+        
+    steps:
+    - uses: actions/checkout@v2
+    - name: git-bash
+      run: |
+         chmod +x ./jazzer.sh
+         ./jazzer.sh --version ${{matrix.version}} --package ${{matrix.package}} --class ${{matrix.class}} --methods ${{matrix.methods}} --keep-going=1
+      shell: bash
+
+    - name: Upload Crash
+      uses: actions/upload-artifact@v1
+      if: always()
+      with:
+        name: artifacts
+        path: ./fuzzing

From bf962f91eac55cb2cf1d0ecbc6ac090035e16c22 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 7 Dec 2021 14:22:09 -0800
Subject: [PATCH 2/3] Bump actions/setup-java from 2.3.1 to 2.4.0 (#663)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v2.3.1...v2.4.0)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Sahan Serasinghe <sahan.serasinghe@gmail.com>
---
 .github/workflows/build.yml    | 4 ++--
 .github/workflows/validate.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 1e34bf819c..826c21ddbf 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -33,7 +33,7 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Set up OpenJDK ${{ env.JDK_VER }}
-      uses: actions/setup-java@v2.3.1
+      uses: actions/setup-java@v2.4.0
       with:
         distribution: 'adopt'
         java-version: ${{ env.JDK_VER }}
@@ -125,7 +125,7 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: Set up OpenJDK ${{ env.JDK_VER }}
-        uses: actions/setup-java@v2.3.1
+        uses: actions/setup-java@v2.4.0
         with:
           distribution: 'adopt'
           java-version: ${{ env.JDK_VER }}
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
index 293f7e28a6..2de9fe01c4 100644
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -38,7 +38,7 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: Set up OpenJDK ${{ env.JDK_VER }}
-        uses: actions/setup-java@v2.3.1
+        uses: actions/setup-java@v2.4.0
         with:
           distribution: 'adopt'
           java-version: ${{ env.JDK_VER }}

From 3a7dab24d7175da77d3c5f653c0c3ef7100bbf9c Mon Sep 17 00:00:00 2001
From: Sahan Serasinghe <sahan.serasinghe@gmail.com>
Date: Wed, 8 Dec 2021 23:22:36 +1030
Subject: [PATCH 3/3] Add the working directory

Signed-off-by: Sahan Serasinghe <sahan.serasinghe@gmail.com>
---
 .github/workflows/jazzer.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/jazzer.yml b/.github/workflows/jazzer.yml
index fb8f93e7fe..eaa5394c57 100644
--- a/.github/workflows/jazzer.yml
+++ b/.github/workflows/jazzer.yml
@@ -40,6 +40,7 @@ jobs:
          chmod +x ./jazzer.sh
          ./jazzer.sh --version ${{matrix.version}} --package ${{matrix.package}} --class ${{matrix.class}} --methods ${{matrix.methods}} --keep-going=1
       shell: bash
+      working-directory: .github/workflows
 
     - name: Upload Crash
       uses: actions/upload-artifact@v1