cairn/actions/setup-afl/action.yml

name: 'Setup AFL++ with LLVM 20'
description: 'Installs LLVM 20 from apt.llvm.org and builds AFL++ from source, with caching'

runs:
  using: 'composite'
  steps:
    - name: Restore AFL++ cache
      id: afl-cache
      uses: actions/cache@v4
      with:
        path: /opt/afl
        key: afl-llvm20-${{ runner.os }}-${{ runner.arch }}

    - name: Restore LLVM 20 deb cache
      id: llvm-cache
      uses: actions/cache@v4
      with:
        path: /opt/llvm-20-debs
        key: llvm20-debs-${{ runner.os }}-${{ runner.arch }}

    - name: Install LLVM 20
      shell: bash
      run: |
        set -eu

        if [ -x /usr/bin/clang-20 ] && [ -x /usr/bin/llvm-config-20 ]; then
          echo "LLVM 20 already installed"
        elif [ -d /opt/llvm-20-debs ] && [ "$(ls /opt/llvm-20-debs/*.deb 2>/dev/null | wc -l)" -gt 0 ]; then
          echo "Installing LLVM 20 from cached debs..."
          dpkg -i /opt/llvm-20-debs/*.deb 2>/dev/null || apt-get install -f -y -qq >/dev/null 2>&1
        else
          echo "Installing LLVM 20 from apt.llvm.org..."
          apt-get update -qq
          apt-get install -y -qq wget gnupg lsb-release >/dev/null 2>&1
          wget -qO- https://apt.llvm.org/llvm-snapshot.gpg.key \
            | tee /etc/apt/trusted.gpg.d/apt.llvm.org.asc >/dev/null
          echo "deb http://apt.llvm.org/$(lsb_release -cs)/ llvm-toolchain-$(lsb_release -cs)-20 main" \
            > /etc/apt/sources.list.d/llvm-20.list
          apt-get update -qq
          apt-get install -y -qq clang-20 llvm-20-dev zlib1g-dev make git >/dev/null 2>&1

          # Cache the downloaded debs for next run
          mkdir -p /opt/llvm-20-debs
          cp /var/cache/apt/archives/*llvm*20* /var/cache/apt/archives/*clang*20* \
             /var/cache/apt/archives/*lib*20* /opt/llvm-20-debs/ 2>/dev/null || true
        fi

        # Ensure unversioned symlinks exist
        ln -sf /usr/bin/llvm-config-20 /usr/bin/llvm-config
        ln -sf /usr/bin/clang-20 /usr/bin/clang
        ln -sf /usr/bin/clang++-20 /usr/bin/clang++
        echo "LLVM $(llvm-config --version) ready"        

    - name: Install AFL++
      shell: bash
      run: |
        set -eu

        if [ "${{ steps.afl-cache.outputs.cache-hit }}" = "true" ]; then
          echo "Restoring AFL++ from cache..."
          cp -a /opt/afl/bin/* /usr/local/bin/
          cp -a /opt/afl/lib/* /usr/local/lib/ 2>/dev/null || true
          cp -a /opt/afl/share/* /usr/local/share/ 2>/dev/null || true
          echo "AFL++ restored from cache"
        else
          echo "Building AFL++ from source..."
          apt-get install -y -qq make git zlib1g-dev >/dev/null 2>&1

          cd /tmp
          git clone --depth 1 https://github.com/AFLplusplus/AFLplusplus.git
          cd AFLplusplus
          LLVM_CONFIG=llvm-config-20 CC=clang-20 CXX=clang++-20 \
            make -j"$(nproc)" source-only >/dev/null 2>&1
          make install PREFIX=/usr/local >/dev/null 2>&1

          # Cache the install for next run
          mkdir -p /opt/afl
          make install PREFIX=/opt/afl >/dev/null 2>&1

          rm -rf /tmp/AFLplusplus
        fi

        echo "AFL++ $(afl-fuzz --version 2>&1 | head -1) ready"