chore(IDX): allow manual trigger for container autobuild #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Schedule Weekly | |
| on: | |
| schedule: | |
| - cron: "0 8 * * 3" | |
| workflow_dispatch: | |
| pull_request: | |
| paths: | |
| - '.github/workflows/schedule-weekly.yml' | |
| env: | |
| DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }} | |
| DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }} | |
| jobs: | |
| bazel-build-fuzzers-weekly: | |
| runs-on: | |
| group: dind-large | |
| container: | |
| image: ghcr.io/dfinity/ic-build@sha256:b7d870287df55b9972ed285fe1a9792cb81243523400d83d491f3ee149e8d47c | |
| timeout-minutes: 60 # 1 hour | |
| if: ${{ vars.RUN_CI == 'true' }} # needed to avoid running on public dfinity org until published | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Before script | |
| id: before-script | |
| shell: bash | |
| run: ./gitlab-ci/src/ci-scripts/before-script.sh | |
| - name: Load Service Account Key to file | |
| env: | |
| FUZZING_GCP_SERVICE_KEY: ${{ secrets.FUZZING_GCP_SERVICE_KEY }} | |
| run: | | |
| echo $FUZZING_GCP_SERVICE_KEY | base64 --decode > bin/fuzzing_service_account.json | |
| - name: Build and Push Fuzzers to GCP | |
| shell: bash | |
| run: | | |
| cd bin | |
| gcloud auth activate-service-account --key-file fuzzing_service_account.json | |
| ./build-all-fuzzers.sh --zip | |
| cd fuzzer_build | |
| gsutil -m cp libfuzzer_asan_linux_*.zip gs://ic_fuzzer_builds | |
| gsutil -m cp afl_asan_linux_*.zip gs://ic_fuzzer_builds |