8fc08935ab
The forgejo-runner on srv-102v advertises labels `incus:host,self-hosted:host`, so jobs pinned to `ubuntu-latest` matched no runner and exited in 0s. - ci.yml / security-scan.yml / trivy-fs.yml: runs-on → [self-hosted, incus] - e2e.yml / go-fuzz.yml / loadtest.yml: same migration AND gate triggers to workflow_dispatch only (push/pull_request/schedule commented out) — single self-hosted runner, heavy suites would block the queue. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
43 lines
1.2 KiB
YAML
43 lines
1.2 KiB
YAML
name: Go Fuzz Tests
|
|
|
|
on:
|
|
# GATED — operator-triggered until extra runner capacity exists.
|
|
# schedule:
|
|
# - cron: "0 2 * * *" # Nightly at 2am UTC
|
|
workflow_dispatch:
|
|
|
|
env:
|
|
GIT_SSL_NO_VERIFY: "true"
|
|
NODE_TLS_REJECT_UNAUTHORIZED: "0"
|
|
|
|
jobs:
|
|
fuzz:
|
|
runs-on: [self-hosted, incus]
|
|
timeout-minutes: 15
|
|
|
|
defaults:
|
|
run:
|
|
working-directory: veza-backend-api
|
|
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
|
|
with:
|
|
go-version: "1.25"
|
|
cache: true
|
|
|
|
- name: Download deps
|
|
run: go mod download
|
|
|
|
- name: Run fuzz tests
|
|
run: go test -fuzz=Fuzz -fuzztime=60s ./internal/handlers/...
|
|
|
|
- name: Upload fuzz corpus
|
|
if: always()
|
|
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
|
|
with:
|
|
name: fuzz-corpus
|
|
path: veza-backend-api/testdata/fuzz/
|
|
retention-days: 30
|