[Feature] Add Dockerfile

[weldpua2008]

Type	New Feature
Issue	Support build Docker Image
Change	Add Dockerfile

Example

$ docker build -t local/atheris .
$ docker run -ti --rm local/atheris 
Python 3.8.6 (default, Nov 18 2020, 13:49:49) 
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import atheris
>>> import sys
>>> from hypothesis import given, strategies as st
>>> 
>>> @given(st.from_regex(r"\w+!?", fullmatch=True))
... def test(string):
...   assert string != "bad"
... 
>>> atheris.Setup(sys.argv, test.hypothesis.fuzz_one_input)
INFO: Configured for Python tracing with opcodes.
['']
>>> atheris.Fuzz()
WARNING: Failed to find function "__sanitizer_acquire_crash_state".
WARNING: Failed to find function "__sanitizer_print_stack_trace".
WARNING: Failed to find function "__sanitizer_set_death_callback".
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 713180454
INFO: Loaded 2 modules   (1024 inline 8-bit counters): 512 [0x55ca41b83ff0, 0x55ca41b841f0), 512 [0x55ca41b84a10, 0x55ca41b84c10), 
INFO: Loaded 2 PC tables (1024 PCs): 512 [0x55ca41bcb330,0x55ca41bcd330), 512 [0x55ca41bcd340,0x55ca41bcf340), 
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: A corpus is not provided, starting from an empty corpus

Tested

I build the image https://hub.docker.com/r/weldpua2008/atheris from the branch

$  docker run -ti --rm  -v ${PWD}:/app -w /app/example_fuzzers/json_fuzzer/ local/atheris bash
root@55f3f0c1f18f:/app/example_fuzzers/json_fuzzer# bash ./build_install_ujson.sh 
root@55f3f0c1f18f:/app/example_fuzzers/json_fuzzer# LD_PRELOAD="/usr/lib/llvm-12/lib/clang/12.0.0/lib/linux/libclang_rt.asan-x86_64.so $(python3 -c "import atheris; print(atheris.path())")" python3 ./ujson_fuzzer.py -detect_leaks=0 
WARNING: Coverage symbols are being provided by a library other than libFuzzer. This will result in broken Python code coverage and severely impacted native extension code coverage. Symbols are coming from this library: /usr/lib/llvm-12/lib/clang/12.0.0/lib/linux/libclang_rt.asan-x86_64.so
You can likely resolve this issue by linking libFuzzer into Python directly, and using `atheris_no_libfuzzer` instead of `atheris`. See using_sanitizers.md for details.INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 935762228
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: A corpus is not provided, starting from an empty corpus
#2  INITED ft: 1 corp: 1/1b exec/s: 0 rss: 41Mb

[google-cla[bot]]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

:memo: Please visit https://cla.developers.google.com/ to sign.

Once you've signed (or fixed any issues), please reply here with @googlebot I signed it! and we'll verify it.

---

What to do if you already signed the CLA

Individual signers

• It's possible we don't have your GitHub username or you're using a different email address on your commit. Check your existing CLA data and verify that your email is set on your git commits.

Corporate signers

• Your company has a Point of Contact who decides which employees are authorized to participate. Ask your POC to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the Google project maintainer to go/cla#troubleshoot (Public version).
• The email used to register you as an authorized contributor must be the email used for the Git commit. Check your existing CLA data and verify that your email is set on your git commits.
• The email used to register you as an authorized contributor must also be attached to your GitHub account.

ℹ️ Googlers: Go here for more info.

[weldpua2008]

@googlebot I signed it!

[weldpua2008]

@IanPudney Please let me know if I need to change something or you need help with build & release scripts.

[TheShiftedBit]

So, we don't (currently) have CI/CD set up for Atheris (tests are a little annoying for fuzzing engines), but it's definitely on the list of things to do. Once that's done, I think this PR will make more sense.

[weldpua2008]

So, we don't (currently) have CI/CD set up for Atheris (tests are a little annoying for fuzzing engines), but it's definitely on the list of things to do. Once that's done, I think this PR will make more sense.

If you will use any OSS solutions - just name it I can help. if no - can you please point me to a similar project so I will copy from there the Make-file/Bash builder?

[TheShiftedBit]

Github actions are a reasonable choice, I think. Currently, the only test we have is the test for the FuzzedDataProvider, since that's the only part of Atheris that fits the standard model of a unit test.

I just wrote a script that automates the process of pushing to PyPI, which will be pushed to the repo soon. A similar one for pushing a Docker image would be useful too.

This section updated:

I was reading up on Google's internal policies for Docker images; they do not want us to publish new packages to Docker Hub anymore.

[TheShiftedBit]

Because Google doesn't want new images for Google projects on Docker Hub, I'm closing this PR. Plus, pip3 install atheris is fairly easy. A Dockerfile that created an image with lots of different CPython versions, all with libFuzzer installed, would be really useful for a lot of people though.

We still definitely need automated testing, but that's a different issue.