google / fuzzbench

FuzzBench - Fuzzer benchmarking as a service.

Home Page:https://google.github.io/fuzzbench/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Cloud Config: Documentation says to make Docker registry public.

mvanotti opened this issue · comments

I am following the steps to set up a cloud project to run fuzzbench, and the docs say that I should make my docker registry public. Is that required? I would prefer to keep my docker images private and accessible only for the people from my organization.

I do not have any experience running FB on a private cloud project, but I presume that requirement is due to having to run the startup script on the cloud?
If you could pull that image from your cloud, then this should be OK?
@jonathanmetzman may have more insights.

BTW, I noticed that some places hard codes dispatcher image to FB, e.g. base-images.yaml, do we need to fix this?

Thanks for the answer, @alan32liu .

Indeed, this seems to be an issue. I am not sure how to make the VM access the private registry so it can download the Docker image. Any suggestions?

It seems like the documentation should include:

  • Grant access to the service account to the docker bucket (viewer? owner? lister?)
  • Grant access to the service account to the data and report buckets.
  • Grant access to the service account to be a Cloud SQL Client

Indeed, this seems to be an issue. I am not sure how to make the VM access the private registry so it can download the Docker image. Any suggestions?

I did not have experience with it either. Maybe including Docker's auth tokens in its config.json could help?