summaryrefslogtreecommitdiff
path: root/doc/user/application_security/coverage_fuzzing/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/user/application_security/coverage_fuzzing/index.md')
-rw-r--r--doc/user/application_security/coverage_fuzzing/index.md10
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md
index b46547b6828..679d20a6394 100644
--- a/doc/user/application_security/coverage_fuzzing/index.md
+++ b/doc/user/application_security/coverage_fuzzing/index.md
@@ -13,7 +13,7 @@ random inputs to an instrumented version of your application in an effort to cau
behavior, such as a crash. Such behavior indicates a bug that you should address.
We recommend that you use fuzz testing in addition to the other security scanners in [GitLab Secure](../index.md)
-and your own test processes. If you're using [GitLab CI/CD](../../../ci/README.md),
+and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md),
you can run your coverage-guided fuzz tests as part your CI/CD workflow. You can take advantage of
coverage-guided fuzzing by including the CI job in your existing `.gitlab-ci.yml` file.
@@ -38,7 +38,7 @@ Docker image with the fuzz engine to run your app.
## Configuration
To enable fuzzing, you must
-[include](../../../ci/yaml/README.md#includetemplate)
+[include](../../../ci/yaml/index.md#includetemplate)
the [`Coverage-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.gitlab-ci.yml)
provided as part of your GitLab installation.
@@ -59,8 +59,8 @@ my_fuzz_target:
- ./gitlab-cov-fuzz run --regression=$REGRESSION -- <your fuzz target>
```
-The included template makes available the [hidden job](../../../ci/yaml/README.md#hide-jobs)
-`.fuzz_base`, which you must [extend](../../../ci/yaml/README.md#extends) for each of your fuzz
+The included template makes available the [hidden job](../../../ci/yaml/index.md#hide-jobs)
+`.fuzz_base`, which you must [extend](../../../ci/yaml/index.md#extends) for each of your fuzz
targets. Each fuzz target **must** have a separate job. For example, the
[go-fuzzing-example project](https://gitlab.com/gitlab-org/security-products/demos/go-fuzzing-example)
contains one job that extends `.fuzz_base` for its single fuzz target.
@@ -192,7 +192,7 @@ To use coverage fuzzing in an offline environment, follow these steps:
### Continuous fuzzing (long-running asynchronous fuzzing jobs)
It's also possible to run the fuzzing jobs longer and without blocking your main pipeline. This
-configuration uses the GitLab [parent-child pipelines](../../../ci/parent_child_pipelines.md).
+configuration uses the GitLab [parent-child pipelines](../../../ci/pipelines/parent_child_pipelines.md).
The full example is available in the [repository](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example/-/tree/continuous_fuzzing#running-go-fuzz-from-ci).
This example uses Go, but is applicable for any other supported languages.
View Lorry Controller Status