.github/workflows/cifuzz.yml - external/github.com/unicode-org/icu - Git at Google

 name: CIFuzz
 on:
   pull_request:
     branches: '**'
     paths:
       - '**.c'
       - '**.cc'
       - '**.cpp'
       - '**.cxx'
       - '**.h'
       - 'testdata/**'
       - '.github/workflows/**'
   push:
     branches:
       - main
       - 'maint/maint*'
     paths:
       - '**.c'
       - '**.cc'
       - '**.cpp'
       - '**.cxx'
       - '**.h'
       - 'testdata/**'
       - '.github/workflows/**'
   workflow_dispatch:
 permissions: {}
 jobs:
   Fuzzing:
     runs-on: ubuntu-22.04  # Updated in BRS
     permissions:
       security-events: write
     strategy:
       fail-fast: false
       matrix:
         sanitizer: [address, undefined]
     steps:
     - name: Build Fuzzers
       id: build
       uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
       with:
         oss-fuzz-project-name: 'icu'
         sanitizer: ${{ matrix.sanitizer }}
     - name: Run Fuzzers
       uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
       with:
         oss-fuzz-project-name: 'icu'
         fuzz-seconds: 600
         output-sarif: true
         sanitizer: ${{ matrix.sanitizer }}
     - name: Upload Crash
       uses: actions/upload-artifact@v4
       if: failure() && steps.build.outcome == 'success'
       with:
         name: ${{ matrix.sanitizer }}-artifacts
         path: ./out/artifacts
     - name: Upload Sarif
       if: always() && steps.build.outcome == 'success'
       uses: github/codeql-action/upload-sarif@v3.30.0
       with:
         # Path to SARIF file relative to the root of the repository
         sarif_file: cifuzz-sarif/results.sarif
         checkout_path: cifuzz-sarif
	name: CIFuzz
	on:
	pull_request:
	branches: '**'
	paths:
	- '**.c'
	- '**.cc'
	- '**.cpp'
	- '**.cxx'
	- '**.h'
	- 'testdata/**'
	- '.github/workflows/**'
	push:
	branches:
	- main
	- 'maint/maint*'
	paths:
	- '**.c'
	- '**.cc'
	- '**.cpp'
	- '**.cxx'
	- '**.h'
	- 'testdata/**'
	- '.github/workflows/**'
	workflow_dispatch:
	permissions: {}
	jobs:
	Fuzzing:
	runs-on: ubuntu-22.04 # Updated in BRS
	permissions:
	security-events: write
	strategy:
	fail-fast: false
	matrix:
	sanitizer: [address, undefined]
	steps:
	- name: Build Fuzzers
	id: build
	uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
	with:
	oss-fuzz-project-name: 'icu'
	sanitizer: ${{ matrix.sanitizer }}
	- name: Run Fuzzers
	uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
	with:
	oss-fuzz-project-name: 'icu'
	fuzz-seconds: 600
	output-sarif: true
	sanitizer: ${{ matrix.sanitizer }}
	- name: Upload Crash
	uses: actions/upload-artifact@v4
	if: failure() && steps.build.outcome == 'success'
	with:
	name: ${{ matrix.sanitizer }}-artifacts
	path: ./out/artifacts
	- name: Upload Sarif
	if: always() && steps.build.outcome == 'success'
	uses: github/codeql-action/upload-sarif@v3.30.0
	with:
	# Path to SARIF file relative to the root of the repository
	sarif_file: cifuzz-sarif/results.sarif
	checkout_path: cifuzz-sarif