Schedule Hourly #5078
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Schedule Hourly | |
on: | |
schedule: | |
- cron: "0 7-23 * * *" | |
workflow_dispatch: | |
env: | |
BRANCH_NAME: ${{ github.head_ref || github.ref_name }} | |
CI_COMMIT_SHA: ${{ github.sha }} | |
CI_JOB_NAME: ${{ github.job }} | |
CI_PROJECT_DIR: ${{ github.workspace }} | |
CI_RUN_ID: ${{ github.run_id }} | |
RUSTFLAGS: "--remap-path-prefix=${CI_PROJECT_DIR}=/ic" | |
BUILDEVENT_DATASET: "github-ci-dfinity" | |
jobs: | |
bazel-build-all-no-cache: | |
name: Bazel Build All No Cache | |
runs-on: | |
labels: dind-large | |
container: | |
image: ghcr.io/dfinity/ic-build@sha256:4fd13b47285e783c3a6f35aadd9559d097c0de162a1cf221ead66ab1598d5d45 | |
options: >- | |
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | |
timeout-minutes: 120 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login to Dockerhub | |
shell: bash | |
run: ./ci/scripts/docker-login.sh | |
env: | |
DOCKER_HUB_USER: ${{ vars.DOCKER_HUB_USER }} | |
DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }} | |
- name: Run Bazel Build All No Cache | |
uses: ./.github/actions/bazel-test-all/ | |
env: | |
AWS_SHARED_CREDENTIALS_CONTENT: ${{ secrets.AWS_SHARED_CREDENTIALS_FILE }} | |
with: | |
BAZEL_CI_CONFIG: "--config=ci" | |
BAZEL_COMMAND: "build" | |
BAZEL_EXTRA_ARGS: "--repository_cache= --disk_cache= --noremote_accept_cached --remote_instance_name=${CI_COMMIT_SHA} --@rules_rust//rust/settings:pipelined_compilation=True" | |
- name: Upload bazel-bep | |
# runs only if previous step succeeded or failed; | |
# we avoid collecting artifacts of jobs that were cancelled | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ github.job }}-bep | |
retention-days: 14 | |
if-no-files-found: ignore | |
compression-level: 9 | |
path: | | |
bazel-bep.pb | |
profile.json | |
bazel-system-test-hourly: | |
name: Bazel System Tests Hourly | |
container: | |
image: ghcr.io/dfinity/ic-build@sha256:4fd13b47285e783c3a6f35aadd9559d097c0de162a1cf221ead66ab1598d5d45 | |
options: >- | |
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | |
timeout-minutes: 120 | |
runs-on: | |
group: zh1 | |
labels: dind-large | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login to Dockerhub | |
shell: bash | |
run: ./ci/scripts/docker-login.sh | |
env: | |
DOCKER_HUB_USER: ${{ vars.DOCKER_HUB_USER }} | |
DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }} | |
- name: Run Bazel System Test Hourly | |
id: bazel-test-all | |
uses: ./.github/actions/bazel-test-all/ | |
with: | |
BAZEL_COMMAND: "test" | |
BAZEL_TARGETS: "//rs/..." | |
BAZEL_CI_CONFIG: "--config=ci --repository_cache=/cache/bazel" | |
BAZEL_EXTRA_ARGS: "--keep_going --test_tag_filters=system_test_hourly" | |
BUILDEVENT_APIKEY: ${{ secrets.HONEYCOMB_API_TOKEN }} | |
- name: Upload bazel-bep | |
# runs only if previous step succeeded or failed; | |
# we avoid collecting artifacts of jobs that were cancelled | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ github.job }}-bep | |
retention-days: 14 | |
if-no-files-found: ignore | |
compression-level: 9 | |
path: | | |
bazel-bep.pb | |
profile.json | |
bazel-run-fuzzers-hourly: | |
name: Bazel Run Fuzzers Hourly | |
runs-on: | |
labels: dind-large | |
container: | |
image: ghcr.io/dfinity/ic-build@sha256:4fd13b47285e783c3a6f35aadd9559d097c0de162a1cf221ead66ab1598d5d45 | |
options: >- | |
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | |
timeout-minutes: 120 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Run Libfuzzer targets | |
shell: bash | |
run: ./bin/run-all-fuzzers.sh --libfuzzer 100 | |
- name: Run AFL targets | |
shell: bash | |
run: ./bin/run-all-fuzzers.sh --afl 100 | |
- name: Post Slack Notification | |
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 | |
if: failure() | |
with: | |
channel-id: prodsec-fuzzing | |
slack-message: "${{ github.job }} failed :disappointed: - <${{github.server_url}}/${{github.repository}}/actions/runs/${{github.run_id}}|Run#${{github.run_id}}>" | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_API_TOKEN }} |