mirror of
https://github.com/FuzzingLabs/fuzzforge_ai.git
synced 2026-02-13 00:32:47 +00:00
c1eee5d164
Implement platform-specific Dockerfile selection and graceful tool degradation to support both x86_64 and ARM64 (Apple Silicon) platforms.
**Backend Changes:**
- Add system info API endpoint (/system/info) exposing host filesystem paths
- Add FUZZFORGE_HOST_ROOT environment variable to backend service
- Add graceful degradation in MobSF activity for ARM64 platforms
**CLI Changes:**
- Implement multi-strategy path resolution (backend API, .fuzzforge marker, env var)
- Add platform detection (linux/amd64 vs linux/arm64)
- Add worker metadata.yaml reading for platform capabilities
- Auto-select appropriate Dockerfile based on detected platform
- Pass platform-specific env vars to docker-compose
**Worker Changes:**
- Create workers/android/metadata.yaml defining platform capabilities
- Rename Dockerfile -> Dockerfile.amd64 (full toolchain with MobSF)
- Create Dockerfile.arm64 (excludes MobSF due to Rosetta 2 incompatibility)
- Update docker-compose.yml to use ${ANDROID_DOCKERFILE} variable
**Workflow Changes:**
- Handle MobSF "skipped" status gracefully in workflow
- Log clear warnings when tools are unavailable on platform
**Key Features:**
- Automatic platform detection and Dockerfile selection
- Graceful degradation when tools unavailable (MobSF on ARM64)
- Works from any directory (backend API provides paths)
- Manual override via environment variables
- Clear user feedback about platform and selected Dockerfile
**Benefits:**
- Android workflow now works on Apple Silicon Macs
- No code changes needed for other workflows
- Convention established for future platform-specific workers
Closes: MobSF Rosetta 2 incompatibility issue
Implements: Platform-aware worker architecture (Option B)
43 lines
1.7 KiB
YAML
43 lines
1.7 KiB
YAML
# Android Worker Metadata
|
|
#
|
|
# Platform-specific configuration for Android security analysis worker.
|
|
# This file defines which Dockerfile to use for each platform and what tools
|
|
# are available on that platform.
|
|
|
|
name: android
|
|
version: "1.0.0"
|
|
description: "Android application security testing worker with Jadx, OpenGrep, and MobSF"
|
|
|
|
# Default platform when auto-detection fails or metadata is not platform-aware
|
|
default_platform: linux/amd64
|
|
|
|
# Platform-specific configurations
|
|
platforms:
|
|
# x86_64 / Intel / AMD platform (full toolchain including MobSF)
|
|
linux/amd64:
|
|
dockerfile: Dockerfile.amd64
|
|
description: "Full Android toolchain with MobSF support"
|
|
supported_tools:
|
|
- jadx # APK decompiler
|
|
- opengrep # Static analysis with custom Android rules
|
|
- mobsf # Mobile Security Framework
|
|
- frida # Dynamic instrumentation
|
|
- androguard # Python APK analysis
|
|
|
|
# ARM64 / Apple Silicon platform (MobSF excluded due to Rosetta limitations)
|
|
linux/arm64:
|
|
dockerfile: Dockerfile.arm64
|
|
description: "Android toolchain without MobSF (ARM64/Apple Silicon compatible)"
|
|
supported_tools:
|
|
- jadx # APK decompiler
|
|
- opengrep # Static analysis with custom Android rules
|
|
- frida # Dynamic instrumentation
|
|
- androguard # Python APK analysis
|
|
disabled_tools:
|
|
mobsf: "Incompatible with Rosetta 2 emulation (requires syscall 284: copy_file_range)"
|
|
notes: |
|
|
MobSF cannot run under Rosetta 2 on Apple Silicon Macs due to missing
|
|
syscall implementations. The workflow will gracefully skip MobSF analysis
|
|
on this platform while still providing comprehensive security testing via
|
|
Jadx decompilation and OpenGrep static analysis.
|